Ensurepass

Juniper Enterprise Content Management Sales Mastery Test v3

 

QUESTION 61

Which problem is introduced by setting the terminal parameter on an IPS rule?

 

A.

The SRX device will stop IDP processing for future sessions.

B.

The SRX device might detect more false positives.

C.

The SRX device will terminate the session in which the terminal rule detected the attack.

D.

The SRX device might miss attacks.

 

Correct Answer: D

Explanation:

http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-security/topic-42464.html

 

 

QUESTION 62

You have installed a new IPS license on your SRX device and successfully downloaded the attack signature database. However, when you run the command to install the database, the database fails to install. What are two reasons for the failure? (Choose two.)

 

A.

The file system on the SRX device has insufficient free space to install the database.

B.

The downloaded signature database is corrupt.

C.

The previous version of the database must be uninstalled first.

D.

The SRX device does not have the high memory option installed.

 

Correct Answer: AB

Explanation:

We don’t need to uninstall the previous version to install a new license, as we can update the same.

Reference: http://kb.juniper.net/InfoCenter/index?page=content&id=KB16491

 

Also high memory option is licensed feature.

The only reason for failure is either there is no space left or downloaded file is corrupted due to incomplete download because of internet termination in between.

Reference: http://kb.juniper.net/InfoCenter/index?page=content&id=KB23359

 

 

QUESTION 63

You want to create a custom IDP signature for a new HTTP attack on your SRX device. You have the exact string that identifies the attack. Which two additional elements do you need to define your custom signature? (Choose two.)

 

A.

service context

B.

protocol number

C.

direction

D.

source IP address of the attacker

 

Correct Answer: AC

Explanation:

http://rtoodtoo.net/2011/09/22/how-to-write-srx-idp-custom-attacksignature/

 

 

QUESTION 64

An external host is attacking your network. The host sends an HTTP request to a Web server, but does not include the version of HTTP in the request. Which type of attack is being performed?

 

A.

signature-based attack

B.

application identification

C.

anomaly

D.

fingerprinting

 

Correct Answer: C

Explanation:

https://services.netscreen.com/restricted/sigupdates/nsm-updates/HTML/HTTP%3AINVALID%3AMSNG-HTTP-VER.html

 

 

QUESTION 65

You configured a custom signature attack object to match specific components of an attack:

 

HTTP-request

 

Pattern .*\x90 90 90 … 90

 

Direction: client-to-server

 

Which client traffic would be identified as an attack?

 

A.

HTTP GET .*\x90 90 90 … 90

B.

HTTP POST .*\x90 90 90 … 90

C.

HTTP GET .*x909090 … 90

D.

HTTP POST .*x909090 … 90

 

Correct Answer: A

Explanation:

http://www.juniper.net/techpubs/en_US//idp/topics/task/configuration/intrusion-detection-prevention-signature-attack-object-creating-nsm.html

 

 

QUESTION 66

You are deploying a standalone SRX650 in transparent mode for evaluation purposes in a potential client’s network. The client will need to access the device to modify security policies and perform other various configurations. Where would you configure a Layer 3 interface to meet this requirement?

 

A.

fxp0.0

B.

vlan.1

C.

irb.1

D.

ge-0/0/0.0

 

Correct Answer: C

Explanation:

http://safetynet.trapezenetworks.com/techpubs/en_US/junos12.1/information-products/topic-collections/security/software-all/layer-2/index.html?topic-52755.html

 

 

QUESTION 67

Which two configuration components are required for enabling transparent mode on an SRX device? (Choose two.)

 

A.

IRB

B.

bridge domain

C.

interface family bridge

D.

interface family ethernet-switching

 

Correct Answer: BC

Explanation:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB21421

 

 

QUESTION 68

You want to configure in-band management of an SRX device in transparent mode. Which command is required to enable this functionality?

 

A.

set interfaces irb unit 1 family inet address

B.

set interfaces vlan unit 1 family inet address

C.

set interfaces ge-0/0/0 unit 0 family inet address

D.

set interfaces ge-0/0/0 unit 0 family bridge address

 

Correct Answer: A

Explanation:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB23823

 

 

QUESTION 69

For an SRX chassis cluster in transparent mode, which action occurs to signal a high availability failover to neighboring switches?

 

A.

the SRX chassis cluster generates Spanning Tree messages

B.

the SRX chassis cluster generates gratuitous ARPs

C.

the SRX chassis cluster flaps the former active interfaces

D.

the SRX chassis cluster uses IP address monitoring

 

Correct Answer: C

Explanation:

http://books.google.co.in/books?id=2HSLsTJIgEQC&pg=PA246&lpg=PA246&dq=the+SRX+chassis+cluster+flaps+the+former+active+interfaces&source=bl&ots=_eDe_vRMyw&sig=x-Px98kZEi4hZvGflcoybABdMRQ&hl=en&sa=X&ei=iMLzUcDSLcfRrQeQw4CYCA&ved=0CEAQ6A EwBA#v=onepage&q=flap&f=false

 

 

QUESTION 70

What is the default action for an SRX device in transparent mode to determine the outgoing interface for an unknown destination MAC address?

 

A.

Perform packet flooding.

B.

Send an ARP query.

C.

Send an ICMP packet with a TTL of 1.

D.

Perform a traceroute request.

 

Correct Answer: A

Explanation:

http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos-security-swconfig-interfaces-and-routing/understand-l2-forwarding-tables-section.html

 

Free VCE & PDF File for Juniper JN0-633 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.