그렇게 많은 IT인증덤프공부자료를 제공하는 사이트중 Pass4Test의 인지도가 제일 높은 원인은 무엇일가요?그건 Pass4Test의 제품이 가장 좋다는 것을 의미합니다. Pass4Test에서 제공해드리는 JNCIP JN0-633 (Security, Professional (JNCIP-SEC) Exam)덤프공부자료는 JNCIP JN0-633 (Security, Professional (JNCIP-SEC) Exam)실제시험문제에 초점을 맞추어 시험커버율이 거의 100%입니다. 이 덤프만 공부하시면 JNCIP JN0-633 (Security, Professional (JNCIP-SEC) Exam)시험패스에 자신을 느끼게 됩니다.
NO.1 You are asked to establish a baseline for your company's network traffic to determine the
bandwidth usage per application. You want to undertake this task on the central SRX device that
connects all segments together. What are two ways to accomplish this goal? (Choose two.)
A. Configure a mirror port on the SRX device to capture all traffic on a data collection server for
further investigation.
B. Use interface packet counters for all permitted and denied traffic and calculate the values using
Junos scripts.
C. Send SNMP traps with bandwidth usage to a central SNMP server.
D. Enable AppTrack on the SRX device and configure a remote syslog server to receive AppTrack
messages.
Answer: A,D
NO.2 HostA (1.1.1.1) is sending TCP traffic to HostB (2.2.2.2). You need to capture the TCP packets
locally on the SRX240. Which configuration would you use to enable this capture?
A. [edit security flow]
user@srx# show
traceoptions {
file dump;
flag basic-datapath;
}
B. [edit security]
user@srx# show
application-tracking {
enable;
}
flow {
traceoptions {
file dump;
flag basic-datapath;
}
}
C. [edit firewall filter capture term one]
user@srx# show
from {
source-address {
1.1.1.1;
}
destination-address {
2.2.2.2;
}
protocol tcp;
}
then {
port-mirror;
accept;
}
D. [edit firewall filter capture term one]
user@srx# show
from {
source-address {
1.1.1.1;
}
destination-address {
2.2.2.2;
}
protocol tcp;
}
then {
sample;
accept;
}
Answer: D
NO.3 You are troubleshooting an SRX240 acting as a NAT translator for transit traffic. Traffic is
dropping
at the SRX240 in your network. Which three tools would you use to troubleshoot the issue?
(Choose three.)
A. security flow traceoptions
B. monitor interface traffic
C. show security flow session
D. monitor traffic interface
E. debug flow basic
Answer: A,B,C
NO.4 Somebody has inadvertently configured several security policies with application firewall rule
sets
on an SRX device. These security policies are now dropping traffic that should be allowed. You
must find and remove the application firewall rule sets that are associated with these policies.
Which two commands allow you to view these associations? (Choose two.)
A. show security policies
B. show services application-identification application-system-cache
C. show security application-firewall rule-set all
D. show security policies application-firewall
Answer: A,D
NO.5 Which problem is introduced by setting the terminal parameter on an IPS rule?
A. The SRX device will stop IDP processing for future sessions.
B. The SRX device might detect more false positives.
C. The SRX device will terminate the session in which the terminal rule detected the attack.
D. The SRX device might miss attacks.
Answer: D
NO.6 What is the default action for an SRX device in transparent mode to determine the outgoing
interface for an unknown destination MAC address?
A. Perform packet flooding.
B. Send an ARP query.
C. Send an ICMP packet with a TTL of 1.
D. Perform a traceroute request.
Answer: A
JNCIP JN0-633 (Security, Professional (JNCIP-SEC) 덤프
Posted 2013/12/11 4:04:43 | Category: 미분류 | Tag: