[ Free Actualtest Braindumps- IT certification training&Study Guide,Guarantee to PASS! ]
» PassGuide.com-Provides Actualtest Questions And Answers,Successful for IT Certification or Full Refund for you Tue 09 Feb 2010 - 00:16:47 *
Welcome, Guest. Please Lost your Pass? or register.

Login with username, password
Search  
Archives


passguide

Recent Posts


Top Posts of the Day

  • No posts viewed yet.

Tags


Blogroll
« »
Actualtests CCSP 642-533

Implementing Cisco Intrusion Prevention System (IPS) : 642-533 Exam
642-533 IPS
Implementing Cisco Intrusion Prevention Systems

Exam Number: 642-533
Associated Certifications: CCSP
Duration: 90 minutes (55 – 65 Questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description Exam Topics Recommended Training Additional Resources
Exam Description
The 642-533 IPS Implementing Cisco Intrusion Prevention Systems exam is associated with the Cisco Certified Security Professional certification. This exam tests a candidate’s knowledge of implementing the Cisco IPS product. Candidates can prepare for this exam by taking the IPS Implementing Cisco Intrusion Prevention Systems v6.0 course.

Exam Topics
The following topics are general guidelines for the content likely to be included on the Remote Access exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Describe how Cisco IPS sensors are used to mitigate network security threats
List sensor requirements for inline operations
Explain the difference between inline and promiscuous mode sensor operations
Explain how Cisco IPS protects network devices from attacks (Describe signatures, alerts, and actions)
Explain the evasive techniques used by hackers and how Cisco IPS defeats those techniques
Describe the considerations necessary for selection, placement, and deployment of a network intrusion prevention system
Explain the Cisco IPS signature features

Install Cisco IPS sensors/modules and configure essential system parameters
Explain AIP-SSM functionalities
Use the CLI to initialize the sensor
Configure user accounts and explain the different user roles
Configure management access to the sensor appliance
Explain how allowed hosts are used and how they are configured
Describe sensor interfaces, interface pairs, VLAN-pairs, and VLAN-groups
Use the Cisco IDM to configure sensor interfaces (enable, create pairs, assign to virtual sensors)
Describe and configure software bypass
Describe sensor communications with external management and monitoring systems
Launch, navigate, and use the Cisco IDM to manage and monitor the sensor
Describe the various CLI configuration modes and sub modes and navigate between them
List the tasks for installing and configuring the IDSM-2 and AIP-SSM

Describe Cisco IPS sensor advanced system parameters
Plan the mitigation of specific network vulnerabilities and exploits
Describe sensor tuning
Explain IP fragment and TCP stream reassembly options
Explain how IP logging should be used and how it is configured
Explain the use of Event Variables
Describe signature engines and their functionality
Determine which response actions need to be configured for a given scenario
Describe the purpose of the Meta Event Generator
Explain Target Value Ratings and how they are used
Determine the need for Event Action Rules in a given scenario
Explain event Risk Ratings and how they are used

Tune Cisco IPS sensor advanced system parameters to optimize attack mitigation performance
Use the IDM to tune the sensor to work optimally in the network
Use the IDM to tune signatures to provide maximum protection for a network
Given a scenario, use the IDM to create custom signature to meet the requirements
Configure response actions for a signature
Configure the sensor to take response actions based on a risk rating
Use the Cisco IDM to create a Meta signature and disable alert production for the component signatures
Configure Event Action Filters
Configure Target Value Ratings
Configure general settings for Event Action Rules
Configure Event Variables
Use the sensor application policy enforcement feature
Configure passive OS fingerprinting (POSFP)
Explain the External Product Interface, its benefits, and specifications
Configure a virtual sensor
Configure anomaly detection
Use IDM/CLI to monitor advanced features such as POSFP and AD

Analyze Cisco IPS sensor events to determine the appropriate response to network attacks
Use the CLI and the Cisco IDM and IEV to monitor events

Upgrade and maintain Cisco IPS sensors
Move software images/upgrades and configuration files via HTTP, HTTPS, SCP, and FTP
Apply the appropriate system image to the sensor
Perform sensor password recovery
Explain sensor licensing and how to install a license
Describe service pack and signature update file names and how to install them

Exam Number/Code: 642-533
Exam Name:Implementing Cisco Intrusion Prevention System (IPS)

Free Sample :PassGuide-it certification Printable PDF Or software Download: Actualtest offers free demo for IT certification Exams You can check out the interface, question quality and usability of our IT Simulation exams before you decide to buy it. We are the only one site can offer demo for almost all products http://demo.passguide.com/download passguide braindumps

“Implementing Cisco Intrusion Prevention System (IPS)”, also known as 642-533 exam, is a Cisco certification. With the complete collection of questions and answers, Actualtests has assembled to take you through 118 Q&As to your 642-533 Exam preparation. In the 642-533 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.
Free Demo DownloadActualtests offers free demo for 642-533 exam (Implementing Cisco Intrusion Prevention System (IPS)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.

QUESTION 11
Exhibit:
:
Your work as a network technician at Certkiller .com. Study the exhibit carefully. Which
interfaces are assigned to an inline VLAN pair?
A. GigabitEthernet0/1 with GigbitEthernet0/3
B. GigabitEthernet0/2 with GigabitEthernet0/3
C. GigabitEthernet0/1 with GigabitEthernet0/2
D. None in this Virtual Sensor
Answer: D
QUESTION 12
A user with which user account role on a Cisco IPS Sensor can log into the native
operating system shell for advanced troubleshooting purposes when directed to do so by
Cisco TAC?
A. Viewer
B. Administrator
C. Super
D. Operator
E. Root
F. Service
642-533
Actualtests.com – The Power of Knowing
Answer: F
QUESTION 13
Which action does the copy /erase ftp://172.26.26.1/sensor_config01 current_config
command perform?
A. Copies and saves the running configuration to the FTP server and replaces it with the
source configuration file
B. Merges the source configuration file with the current configuration
C. Erase the sensor_config01 file the FTP server and replaces it with the current
configuration file from the Cisco IPS Sensor
D. Overwrites the backup configuration and applies the source configuration file to the
system default configuration
Answer: D
QUESTION 14
You are using Cisco IDM. What precaution must you keep in mind when adding, editing
or deleting allowed hosts on a Cisco IPS Sensor?
A. You must not delete the IP Address used for remote management
B. When using access lists to permit remote access, you must specify the direction of
allowed communications
C. You must use an inverse mask, such as 10.0.2.0 0.0.0.255 for the specified network
mask for the IP Address
D. You can only configure the allowed hosts using the CLI
E. You must not allow entire subnets to access the Cisco IPS Sensor
Answer: A
QUESTION 15
Which signature action or actions should be selected to cause the attacker’s traffic flow to
terminate when the Cisco IPS Sensor is operating in promiscuous mode?
A. Deny connection, reset tcp connection
B. Deny Packet, reset tcp connection
C. Deny Packet
D. Reset tcp connection
E. Deny Connection
F. Deny Attacker
Answer: D
QUESTION 16
Which character must precede a variable to indicate that you are using a variable rather
642-533
Actualtests.com – The Power of Knowing
than a string?
A. Dollar Sign
B. Asterisk
C. Percent sign
D. Ampersand
E. Pound Sign
Answer: A
QUESTION 17
Which three values are used to calculate the risk rating for an event? (Choose three.)
A. Target fidelity rating
B. Signature fidelity rating
C. Signature attack rating
D. Target value rating
E. Attack severity rating
F. Fidelity severity rating
Answer: B,D,E
QUESTION 18
Which two statements accurately describe virtual sensor configuration? ( Choose two.)
A. You can’t delete vs0
B. The packet processing policy is virtualized
C. Creating a new virtual sensor creates a “virtual” machine
D. The sensor’s interfaces are virtualized
E. You must create a new instance of a signature set, such as sig1 and assign it to vs1
Answer: A,B
QUESTION 19
Which three of these steps are used to initialize and verify the Cisco ASA AIP-SSM?
(Choose three.)
A. Connect a management station directly to the AIP-SSM console port via a serial cable
B. Use the ASA#session 1 command to access the AIP-SSM CLI
C. Use the ASA#show module command to verify the AIP-SSM status
D. Access the Cisco IDM from a management station using http://sensor-ip-address
E. Use the Sensor# setup command to configure the basic sensor settings
Answer: B,C,E
642-533
Actualtests.com – The Power of Knowing
QUESTION 20
You have been made aware of new and unwanted traffic on your network. You want to
create a signature to monitor and perform an action against that traffic when certain
thresholds are reached. What would be the best way to configure this new signature?
A. Create a new signature definition, edit it, and then enable it
B. Use the Anomaly Detection functions to learn abut the unwanted traffic, then create a
new meta signature using Cisco IDM
C. Edit a built-in signature that closely matches the traffic you are trying to prevent
D. Clone and edit an existing signature that closely matches the traffic you are trying to
prevent
E. Use the Custom Signature Wizard to create a new signature
Answer: E
Free download:pass4sure CCSP 642-533
Free download?testking CCSP 642-533

Download Free PassGuide Product, Help you pass any it Exams,Click Me
Actualtests Free Downloads

Type

 Exam Bible NEW Questions & Answers

Latest Updated

 Download link
Testking torrent All Actual-Test 's Exam Pack

858

 1 days ago Full Download
passguide dumps

Download Free Latest Actualtests Certification Braindumps

  1. Free Actualtest Actualtests CCSP 642-524
  2. Free Actualtest Actualtests CCSP 642-544
  3. Free Actualtest Actualtests CCSP 642-591
  4. Free Actualtest Actualtests CCSP 642-523
  5. Free Actualtest Actualtests CCSP 642-551
  6. Free Actualtest Actualtests CCSP 642-515
  7. Free Actualtest Actualtests CCSP 642-522
  8. Free Actualtest IPS 6.0 Student Guide
  9. Free Actualtest Actualtests CCSP 642-513
  10. Free Actualtest Actualtests CCSP 642-532

Viewed 140 times
By [ Download Free Actualtests Dumps ] On [ October 6th, 2008 - 10:39 pm ] in [ Cisco ] -
Tags: [ ]

Comment

Leave a Reply
Categories


Top Posts Overall


Meta
Any charges made through this site will appear as Pass Guide Certification LTD. PassGuide Materials do not contain actual questions and answers from Microsoft's Certification Exams