Académique Documents
Professionnel Documents
Culture Documents
3. Refer to the exhibit. What is the result of issuing the Cisco IOS IPS
commands on router R1?
4. Which two files could be used to implement Cisco IOS IPS with
version 5.x format signatures? (Choose two.)
(A)IOS-Sxxx-CLI.bin
(B)IOS-Sxxx-CLI.pkg
(C)IOS-Sxxx-CLI.sdf
(D) realm-cisco.priv.key.txt
(E)realm-cisco.pub.key.txt
5. What are two IPS configuration best practices that can help
improve IPS efficiency in a network? (Choose two.)
(A)Configure all sensors to check the server for new signature
packs at the same time to ensure that they are all
synchronized.
(B)Configure the sensors to simultaneously check the FTP server
for new signature packs.
(C)Ensure that signature levels that are supported on the
management console are synchronized with the signature
packs on the sensors.
(D) Update signature packs manually rather than automatically
to maintain close control when setting up a large deployment
of sensors.
(E)Place signature packs on a dedicated FTP server within the
management network.
8. When editing IPS signatures with SDM, which action drops all
future packets from a TCP flow?
(A)Deny Packet Inline
(B)Deny TCP Connection
(C)Deny Attacker Inline
(D) Deny Connection Inline
9. Which two benefits does the IPS version 5.x signature format
provide over the version 4.x signature format? (Choose two.)
(A)addition of signature micro engines
(B)support for IPX and AppleTalk protocols
(C)addition of a signature risk rating
(D) support for comma-delimited data import
(E)support for encrypted signature parameters
11. Refer to the exhibit. Which option tab on the SDM IPS screen is
used to view the Top Threats table and deploy signatures
associated with those threats?
(A)Create IPS
(B)Edit IPS
(C)Security Dashboard
(D) IPS Migration
15. Which two Cisco IOS commands are required to enable IPS SDEE
message logging? (Choose two.)
(A) logging on
(B) ip ips notify log
(C) ip http server
(D) ip ips notify sdee
(E) ip sdee events 500
18. Refer to the exhibit. What is the significance of the small red
flag waving in the Windows system tray?
19. Refer to the exhibit. A user was installing a Flash Player upgrade
when the CSA displayed the dialog box shown. Which default
action is taken by CSA if the user does not respond within 4
minutes and 20 seconds?
(A)The action is allowed, and a log entry is recorded.
(B)The action is allowed, and CSA does not prompt the user
again.
(C)The action is denied, and a log entry is recorded.
(D) The action is denied, and the FlashPlayerUpdate.exe
application is terminated.
21.
Refer to the exhibit. Based on the SDM screen shown, which two
actions will the signature take if an attack is detected? (Choose
two.)
(A) Reset the TCP connection to terminate the TCP flow.
(B) Drop the packet and all future packets from this TCP flow.
(C) Generate an alarm message that can be sent to a syslog
server.
(D) Drop the packet and permit remaining packets from this TCP
flow.
(E) Create an ACL that denies traffic from the attacker IP address.
22.
What information is provided by the show ip ips configuration
configuration command?
23.
What is a disadvantage of network-based IPS as compared to
host-based IPS?
events.
systems.