REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Paul
 
 

Braindumps of 642-533
Implementing Cisco Intrusion Prevention Systems

 


Here is my contribution for this great site and its braindumps section.
Enjoy. Good luck.
 


QUESTION 1
In which three ways does a Cisco IPS network sensor protect the network from attacks? (Choose three.)
A. It can take variety of actions when it detects traffic that matches a set of rules that pertain to typical intrusion activity
B. It permits or denies traffic into the protected network based on access lists that you create on the sensor
C. It uses a blend of intrusion detection technologies to detect malicious network activity
D. It can generate an alert when it detects traffic that matches a set of rules that pertain to typical intrusion activity
Answer: A,C,D


QUESTION 2
You would like to have your inline sensor deny attackers inline when events occur that have risk ratings over 85. Which two actions, when taken in conjunction will accomplish this? (Choose two.)
A. Assign the risk rating range of 85 to 100 to the Deny Attacker inline event action
B. Create target value ratings of 85 to 100
C. Create an event variable for the protected network
D. Create an Event Action Filter and assign the risk rating range of 85 to 100 to the filter
E. Enable Event Action overrides
F. Enable Event Action Filters
Answer: A,E


QUESTION 3
Which statement accurately describes Cisco IPS Sensor Automatic signature and service pack updates?
A. If multiple signature or service pack updates are available when the sensor checks for an update, the Cisco IPS Sensor installs the first update it detects
B. You must download service pack and signature updates form cisco.com to locally accessible server before they can be automatically applied to your Cisco IPS Sensor
C. When you configure automatic updates, the Cisco IPS Sensor checks Cisco.com for updates hourly.
D. The Cisco IPS Sensor can automatically download service pack and signature updates form cisco.com
E. The Cisco IPS Sensor can download signature and service pack updates only from an TFTP or HTTP server
Answer: B


QUESTION 4
You think users on your corporate network are disguising the user of file-sharing applications by tunneling the traffic through port 80. How can you configure your Cisco IPS Sensor to identify and stop this activity?
A. Enable all signatures in the Service HTTP engine
B. Assign the Deny Packet inline action to all signatures in the service HTTP Engine
C. Enable the alarm for the non-HTTP traffic signature. Then create an Event Action Override that adds the Deny Packet inline action to event triggered by the signature if the traffic originates from your corporate network
D. Enable both the HTTP application policy and the alarm on non-HTTP traffic signature
E. Enable all signature in the Service HTTP engine. Then create an event action override that adds the Deny packet inline action to events triggered by these signatures if the traffic originates form your corporate network
Answer: D


QUESTION 5
With Cisco IPS 6.0, what is the maximum number of Virtual sensors that can be configured on a single platform?
A. The number depends on the amount of device memory
B. Six
C. Four
D. Two
E. Two in promiscuous mode using VLAN groups, four in inline mode supporting all interface type configurations
Answer: C


QUESTION 6
Which two management access methods are enabled by default on a Cisco IPS sensor? (Choose two.)
A. HTTP
B. SSH
C. Telnet
D. IPSec
E. HTTPS
Answer: B,E


QUESTION 7
What is used to perform password recovery for the "cisco" admin account on a Cisco IPS 4200 Series Sensor?
A. ROMMON CLI
B. Cisco IDM
C. Setup mode
D. Recovery Partition
E. GRUB menu
Answer: E


QUESTION 8
How should you create a custom signature that will fire when a series of pre-defined signature occur and you want the Cisco IPS Sensor to generate alerts only for the new custom signature, not for the individual signatures?
A. Use the Normalizer Engine and se the summary mode to Global Summarize
B. Use the Service Engine and Set the summary mode to global summarize
C. Use the Trojan Engine and remove the Produce Alert action from the component signatures
D. Use the Normalizer engine and remove the Produce Alert action from the component signatures
E. Use the ATOMIC Engine and set the summary mode to Global Summarize
F. Use the Meta engine and remove the produce alert action from the component signatures
Answer: F


QUESTION 9
When configuring Passive OS Fingerprinting, what is the purpose of restricting operating system mapping to specific addresses?
A. Limits the ARR to the defined IP Addresses
B. Specifies which IP Address range to import from EPI for OS fingerprinting
C. Excludes the defined IP Addresses from automatic risk rating calculations so that you can specify the desired risk rating
D. Allows you to configure separate OS maps within that IP address range
Answer: A


QUESTION 10
You have been made aware of new and unwanted traffic on your network. You want to create a signature to monitor and perform an action against that traffic when certain thresholds are reached. What would be the best way to configure this new signature?
A. Use the Anomaly Detection functions to learn abut the unwanted traffic, then create a new meta signature using Cisco IDM
B. Clone and edit an existing signature that closely matches the traffic you are trying to prevent
C. Create a new signature definition, edit it, and then enable it
D. Edit a built-in signature that closely matches the traffic you are trying to prevent
Answer: C


QUESTION 11
A user with which user account role on a Cisco IPS Sensor can log into the native operating system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. Viewer
B. Administrator
C. Super
D. Operator
E. Root
F. Service
Answer: F


642-533

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend