JN0-541 IDP, Associate(JNCIA-IDP)
Question: 1 In order to obtain attack information so that you can create a new attack object definition, you must follow certain steps. Given the following steps, assume you have acquired the attack source code. a. On target machine, start capturing packets with a protocol analyzer. b. On sensor, examine scio ccap output. c. Compile attack code on attacker machine. d. On sensor, run scio ccap all. e. On attacker machine, run attack code against target. What is the correct order for these steps? A. e, c, d, b, a B. c, d, a, e, b C. c, e, b, d, a D. c, d, e, a, b
Answer: B Question: 2 Which three devices support clustering? (Choose three.) A. IDP 10 B. IDP 50 C. IDP 200 D. IDP 600 E. IDP 1100
Answer: C, D, E Question: 3 Which sensor utility is used to decode the contexts of a sequence of packets? A. netstat B. scio pcap C. tcpreplay D. scio ccap
Question: 4 Which sensor command will capture packets on a particular interface? A. sctop B. tcpdump C. netstat D. tcpreplay
Answer: B Question: 5 Which two statements are true? (Choose two.) A. A virtual circuit is not a forwarding interface. B. A virtual circuit is a communications path in and out of the sensor. C. Virtual circuits on a sensor can be listed using the command sctop vc list. D. In transparent mode, a virtual circuit maps one-to-one with a physical interface.
Answer: B, D Question: 6 What does the action "drop packet" instruct the sensor to do? A. Drop all packets from the attacker's IP address. B. Drop the specific session containing the attack pattern. C. Drop only the specific packet matching the attack object. D. Drop any packet matching this source IP, destination IP, and service.
Answer: C Question: 7 On a sensor in transparent mode, how many virtual circuits are assigned to a virtual router? A. 1 B. 1 or 2 C. 2 D. 3 or more
Question: 8 In IDP Sensor clustering, which port is used to send state synchronization information to other devices in the cluster? A. eth0 B. eth1 C. eth2 D. console port
Answer: B Question: 9 Which statement is true regarding IDP rule matching on a sensor? A. Each rule in the IDP rule base that matches on the source IP, destination IP, and service will be processed further. B. Each rule in the IDP rule base that matches on the source IP, destination IP, service, and attack object will be processed further. C. Each rule in the IDP rule base that matches on the source IP, destination IP, and service will be processed further, unless the particular rule is terminal. D. Each rule in the IDP rule base that matches on the source IP, destination IP, service, and attack object will be processed further, unless the particular rule is terminal.
Answer: C Question: 10 Exhibit: In the exhibit, which SYN protector mode is the IDP using?
A. relay B. passive C. protective D. handshake
You will not find better practice material than testsexpert PDf questions with answers on the web because it provides real exams preparation environment. Our practice tests and PDF question, answers are developed by industry leading experts according to the real exam scenario. At the moment we provides only question with detailed answers at affordable cost. You will not find comparative material elsewhere on the web at this price. We offer Cisco, Microsoft, HP, IBM, Adobe, Comptia, Oracle exams training material and many more.
We also provide PDF Training Material for: Cisco CCNA CCNP CCIP CCIE CCVP CCSP CXFF CCENT CCDE
Microsoft MCTS MCSE MCITP MBS MCPD MCAD MCAS MCSA MCDBA
HP AIS APC APS ASE CSA MASE APP CSD CSE
IBM Adobe Comptia Oracle Lotus CS4 A+ 11g DBA WebSphere CS3 Security+ 10g DBA Mastery ACE Server+ OSA 10g SOA CS5 Network+ OCA 9i Storage CS2 Linux+ 11i Rational Captivate iNet+ 9i Forms Tivoli Flex Project+ Weblogic IBM DB2 CSM RFID+ Oracle 8i IBM XML MX7 HTI+ PTADCE
We provide latest exams preparation material only. Contact US at: firstname.lastname@example.org Join Us at Twitter: www.twitter.com/testsexpert FaceBook: www.facebook.com/testsexpert