Wednesday 28 December 2016

JN0-541 Juniper Networks IDP Certified Internet Associate (JNCIA-IDP)

Concepts of intrusion detection
Identify the features and functions of an IDP sensor
Identify the use of IDP interfaces
Identify the TCP ports used by IDP sensors and Security Manager
Understanding the IDP provisioning modes

Initial configuration of an IDP sensor
Identify the steps involved in implementing the IDP sensor
Describe the configuration of a new sensor via the console
Describe the communication setup between Security Manager and IDP sensor

Configure and fine-tune policies
Assign the IDP attack terminology to the corresponding definitions
Understand the components of an IDP rule
Choice of appropriate IDP actions and IP actions
Describe the algorithm of the IDP rule assignment
Explain the use of captured packages
Explain the fine-tuning of guidelines

Configuring Other Policies for IDP
Explain the function of a rule database for exceptions
Explain the function of a rule database for anomalies
Explain the function of a rule database for backdoors
Explain the function of a SYN Protector rule database
Explain the function of honeypots in the network

Configure and use the profiler
Describe the normal functioning of a profiler
Showing the steps to a working profiler
Describe the use of a profiler for network detection
Describe the use of a profiler to identify new devices and ports
Describe the use of a profiler to detect policy violations

Sensor operation and sensor command line utility
Describe the sensor components and processes
Use scio to manage policies and display sensor configurations
Use sctop to display sensor statistics

Manage attack objects and create custom signatures
Describe the use of static and dynamic groups
Explain how to update the attack object database
List the steps for obtaining information about an attack
Understanding the purpose and use of the sensor commands "scio ccap" and "scio pcap"
List the steps for creating a simple attack object
Describe the purpose of combined attack objects

Maintenance and troubleshooting
Use the Appliance Configuration Manager (ACM) to view and modify sensor configurations
Use sensor and unix commands to resolve IDP issues
Understand the operation of external HA and NIC bypass
QUESTION 1
Which statement is true about the attack object database update process?

A. Each sensor updates its own attack object database automatically; however they must be able
to access the Juniper site on TCP port 443.
B. The attack object database update must be manually performed by the administrator, and the
administrator must manually install it on each sensor.
C. The attack object database update can be initiated manually or automatically.
D. The attack object database update can be automatically scheduled to occur using the Security
Manager GUI.

Answer: C
QUESTION 2
On a sensor, which command will indicate if log messages are being sent to Security Manager?

A. scio vr list
B. serviceidp status
C. scio agentstats display
D. scio getsystem

Answer: C
QUESTION 3
After you enable alerts for new hosts that are detected by the Enterprise Security Profiler, where
do you look in Security Manager to see those alerts?

A. Security Monitor > Profiler > Application Profiler tab
B. Security Monitor > Profiler > Violation Viewer tab
C. Security Monitor > Profiler > Network Profiler tab
D. Log Viewer > Profiler Log

Answer: D
QUESTION 4
When connecting to a sensor using SSH, which account do you use to login?

A. admin
B. super
C. netscreen
D. root

Answer: A
QUESTION 5
Which OSI layer(s) of a packet does the IDP sensor examine?

A. layers 2-7
B. layers 2-4
C. layer 7 only
D. layers 4-7

Answer: A
Posted by at No comments:
Labels: , , , , , , ,

Thursday 8 December 2016

JN0-696 Security Support, Professional (JNCSP-SEC)

JNCSP-SEC Exam Objectives (Exam: JN0-696)

Security Policy Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot security policy evaluation issues on Junos devices
Transit traffic issues
To-the-device traffic issues
Default and global policy issues
Zone issues
Address book issues
Filter-based forwarding
NAT issues
Configuration issues

IPSec VPN Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot IPSec VPN issues on Junos device
Route-based VPN issues
Policy-based VPN issues
IKE phase 1 issues
IKE phase 2 issues
Configuration issues

Application-Aware Security Services Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Junos AppSecure issues
AppID issues
AppTrack issues
AppFW issues
AppDoS issues
AppQoS issues
Configuration issues

Intrusion Prevention Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Junos Intrusion Prevention System (IPS) issues
Licensing and platform issues
Signature database issues
IPS and security policy issues
Configuration issues

Unified Threat Management (UTM) Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot UTM issues on Junos devices
Licensing and platform issues
Antivirus issues
Antispam issues
Content-filtering issues
Web-filtering issues
UTM and security policy issues
Configuration issues

High Availability (HA) Clustering Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot chassis cluster issues on Junos devices
Cluster architecture issues
Cluster component issues
Cluster mode issues
Configuration issues

QUESTION 1
You are having problems establishing an IPsec tunnel between two SRX Series devices.
What are two explanations for this problem? (Choose two.)

A. proposal mismatch
B. antivirus configuration
C. preshared key mismatch
D. TCP MSS clamping is disabled

Answer: B,D

Explanation:
QUESTION 2
Two SRX Series devices are having problems establishing an IPsec VPN session. One of the
devices has a firewall filter applied to its gateway interface that rejects UDP traffic.
What would resolve the problem?

A. Disable the IKE Phase 1 part of the session establishment.
B. Disable the IKE Phase 2 part of the session establishment.
C. Change the configuration so that session establishment uses TCP.
D. Edit the firewall filter to allow UDP port 500.

Answer: A

Explanation:
QUESTION 3
Your SRX Series device has the following configuration:
user@host> show security policies
...
Policy: my-policy, State: enabled, Index: 5, Sequence number: 1
Source addresses: any
Destination addresses: any
Applications: snmp
Action: reject
From zone: trust, To zone: untrust
...
When traffic matches my-policy, you want the device to silently drop the traffic; however, you
notice that the device is replying with ICMP unreachable messages instead.
What is causing this behavior?

A. the snmp application
B. the reject action
C. the trust zone
D. the untrust zone

Answer: C

Explanation:
QUESTION 4
You want to allow remote users using PCs running Windows 7 to access the network using an
IPsec VPN. You implement a route-based hub-and-spoke VPN; however, users report that they
are not able to access the network.
What is causing this problem?

A. The remote clients do not have proper licensing.
B. Hub-and-spoke VPNs cannot be route-based; they must be policy-based.
C. The remote clients' OS is not supported.
D. Hub-and-spoke VPNs do not support remote client access; a dynamic VPN must be
implemented instead.

Answer: B

Explanation:
Posted by at No comments:
Labels: , , , , , , ,

Monday 5 December 2016

JN0-355 Junos Pulse Secure Access, Specialist (JNCIS-SA)

JNCIS-SA Exam Objectives (Exam: JN0-355)

Overview
Components and elements
Component functions, interaction and relationships
Junos Pulse Gateway and Virtual Appliance product lines
Licensing
Deployment considerations and integration options
SSL, TLS and digital certificates overview
Access methods

Initial Configuration
Configure the basic elements of a Junos Pulse Secure Access Service environment
Initial configuration via CLI
Initial configuration via admin UI

Roles
Describe the concepts, operation and functionality of roles
Purpose of roles
Role mapping and merging
Customization of the end-user experience
Configure roles
Roles and role options

Policies and Profiles
Describe the concepts, operation and functionality of policies and profiles
Purpose of policies; policy types and elements
Purpose of profiles and profile types
Interrelationship and usage guidelines
Configure policies and profiles
Policies and policy options
Profiles and profile options

Authentication
Describe the authentication process for the Junos Pulse Secure Access Service
Authentication elements
Sign-in process
Digital certificates
Certificate validation process
Advanced authentication options
Configure authentication
Authentication servers
Authentication realms
Role mapping
Sign-in policies
Certificates
Advanced options

Client/Server Communications
Identify and describe client/server applications
WSAM
JSAM
VPN tunneling
Configure client/server applications
SAM
VPN tunneling

Junos Pulse Client
Describe the features, benefits and functionality of the Junos Pulse client
Components and features
Configure the Junos Pulse client
WSAM application access
VPN tunneling

Junos Pulse Collaboration
Describe the features, benefits and functionality of Junos Pulse Collaboration
Components and features
Deployment
Collaboration client
Scheduling meetings
Monitoring meetings
Configure Junos Pulse Collaboration
Collaboration configuration
Meeting options
Pulse Connection

Endpoint Security
Describe the concepts, operation and functionality of endpoint security
TNC architecture
Host Checker
Enhanced Endpoint Security (EES)
Secure Virtual Workspace (SVW)
Cache Cleaner
Enforcement
Configure endpoint security
Host Checker
Enhanced Endpoint Security (EES)
Secure Virtual Workspace (SVW)
Cache Cleaner

Virtualization
Describe the concepts, operation and functionality of virtualization in a Junos Pulse Secure Access Service environment
Concepts and components
Virtual appliances
Virtual Desktop Infrastructure
Configure virtualization
Licensing
Virtual desktops

High Availability
Describe the concepts and requirements for high availability in a Junos Pulse Secure Access Service environment
Clustering
Deployment options and considerations
Licensing
Configure high availability
Clustering configuration
Upgrades

Administration, Management and Troubleshooting
Demonstrate knowledge of how to manage and troubleshoot a Junos Pulse Secure Access Service environment
Configuration file management
Backup and archiving
Logging
System monitoring
Statistics
Policy tracing
Packet capture tools
Connectivity testing tools
Session recording
System snapshot
Client connectivity

QUESTION 1
Which two statements are correct regarding the MAG6611 Junos Pulse Gateway in an
active/active cluster configuration? (Choose two.)

A. Virtual IP (VIP) is available.
B. It supports up to two devices.
C. It supports up to four devices.
D. External load balancing is preferred.

Answer: C,D

Explanation:
QUESTION 2
What is the function of the smart caching setting within a Web caching policy?

A. to send the cache control compress header to the client
B. to remove the cache control headers from the origin server
C. to not modify the cache control header from the origin server
D. to send the appropriate cache control header based on Web content.

Answer: D

Explanation:
QUESTION 3
You have configured RADIUS authentication on the Junos Pulse Secure Access Service. Users
report that their authentication is rejected. The RADIUS administrator reports that the RADIUS
server requires a specific attribute that identifies the Junos Pulse Secure Access Service on the
RADIUS server.
In the Admin UI, which configuration parameter will address this issue?

A. Name
B. NAS-Identifier
C. RADIUS Server
D. Shared Secret

Answer: B

Explanation:
QUESTION 4
What are three benefits that resource profiles provide over resource policies? (Choose three.)

A. Resource profiles provide automatic mapping of users to roles.
B. Resource profiles provide a simplified process for creating bookmarks and resource policies.
C. One profile can be assigned to multiple roles.
D. Resource options can be customized for each profile.
E. Resource profiles provide a simplified process for configuring applications such as VPN
tunneling.

Answer: B,C,D

Explanation:
QUESTION 5
You must deploy VPN tunneling using Network Connect to multiple Microsoft Windows devices.
Due to access restrictions, the users do not have permission to install WSAM.
Which component resolves this issue?

A. Juniper Installer Service
B. Host Checker
C. third-party integrity measurement verifier
D. Windows Secure Application Manager scriptable launcher

Answer: A

Explanation:
Posted by at 1 comment:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)