Exam Number/Code: 642-533
Exam Name:Implementing Cisco Intrusion Prevention System (IPS)
Questions and Answers: 136 Q&As
Price: $ 85.00
Update Time: 2009-12-29
Download PDF Demo : 642-533 demo
>> Home > Cisco > VPN and Security >642-533
Cisco Certified Network Associate : 642-533 Exam
Exam Number/Code: 642-533
Exam Name:Implementing Cisco Intrusion Prevention System (IPS)
Questions and Answers: 136 Q&As
Price: $ 85.00
Update Time: 2009-12-29
Download PDF Demo : 642-533 demo
It is well known that 642-533 exam test is the hot exam of Cisco certification. CertInside offer you all the Q&A of the 642-533 real test . It is the examination of the perfect combination and it will help you pass 642-533 exam at the first time!
Exam : Cisco 642-533
Title : Implementing Cisco Intrusion Prevention System (IPS)
1. Which two statements correctly describe Cisco ASA AIP-SSM based on Cisco IPS 6.0 and the ASA 7.x software release? (Choose two.)
A. It supports up to four virtual sensors.
B. It supports inline VLAN pairs.
C. Its command and control interface is Gig0/0.
D. It requires two physical interfaces to operate in inline mode.
E. It does not have console port access.
F. It has two sensing interfaces.
Answer: CE
2. Which type of signature engine is best suited for creating custom signatures that inspect data at Layer 5 and above?
A. ATOMIC
B. String
C. Sweep
D. Service
E. AIC
F. Flood
Answer: D
3. A user with which user account role on a Cisco IPS Sensor can log into the native operating system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. administrator
B. operator
C. viewer
D. service
E. root
F. super
Answer: D
4. Refer to the exhibit. Which three statements correctly describe the configuration depicted in this Cisco IDM virtual sensors list? (Choose three.)
A. inline dropping of packets can occur on the Gig0/0.1 sub-interface
B. sub-interfaces Gig0/2.0 and Gig0/3.0 are operating in IPS mode
C. the Cisco IPS Sensor appliance is configured for promiscuous (IDS) and inline (IPS) mode simultaneously
D. the vs1 virtual sensor is misconfigured for inline operations since only one sub-interface is assigned to vs1
E. inline dropping of packets can occur on the Gig0/2.0 sub-interface or Gig0/3.0 sub-interface or both
F. the vs1 virtual sensor is operating inline between VLAN 102 and VLAN 201
Answer: ACF
5. Which three of these steps are used to initialize and verify the Cisco ASA AIP-SSM? (Choose three.)
A. connect a management station directly to the AIP-SSM console port via a serial cable
B. use the ASA#session 1 command to access the AIP-SSM CLI
C. use the ASA#show module command to verify the AIP-SSM status
D. access the Cisco IDM from a management station using http://sensor-ip-address
E. use the sensor#setup command to configure the basic sensor settings
F. use the ASA#telnet sensor-ip-address command to access the AIP-SSM to setup the basic configuration on the sensor
Answer: BCE
6. Which of the following statements best describes how IP logging should be used?
A. only be used temporarily for such purposes as attack confirmation, damage assessment, or the collection of forensic evidence, because of its impact on performance
B. be used sparingly because there is a 4-GB limit on the amount of data that can be logged
C. always be enabled since it uses a FIFO buffer on the Cisco IPS Sensor flash memory
D. be used to automatically correlate events with Cisco Security MARS for incident investigations
E. only be used when you are also using inline IPS mode
Answer: A
7. In Cisco IDM, the Configuration > Sensor Setup > SSH > Known Host Keys screen is used for what purpose?
A. to enable communications with the Master Blocking Sensor
B. to enable communications with a blocking device
C. to enable management hosts to access the Cisco IPS Sensor
D. to regenerate the Cisco IPS Sensor SSH host key
E. to regenerate the Cisco IPS Sensor SSL RSA key pair
Answer: B
8. In which three of these ways can you achieve better Cisco IPS Sensor performance? (Choose three.)
A. enable all anti-evasive measures to reduce noise
B. place the Cisco IPS Sensor behind a firewall
C. always enable unidirectional capture
D. disable unneeded signatures
E. have multiple Cisco IPS Sensors in the path and configure them to detect different types of events
F. enable selective packet capture using VLAN ACL on the Cisco IPS 4200 Series Sensors
Answer: BDE
9. Select the two correct general Cisco IPS Sensor tuning recommendations if the environment consists exclusively of Windows servers. (Choose two.)
A. use "NT" IP fragment reassembly mode
B. use "Windows" TCP stream reassembly mode
C. disable deobfuscation for all HTTP signatures
D. enable all IIS signatures
E. enable all NFS signatures
F. enable all RPC signatures
Answer: AD
10. What are the three roles of the Cisco IPS Sensor interface? (Choose three.)
A. alternate TCP reset
B. blocking
C. command and control
D. sensing (monitoring)
E. logging
F. bypass
Answer: ACD
CertInside 642-533 Exam Features
+ Quality and Value for the 642-533 Exam
CertInside Practice Exams for Cisco 642-533 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.
+ 100% Guarantee to Pass Your 642-533 Exam
If you prepare for the exam using our CertInside testing engine, we guarantee your success in the first attempt. If you do not pass the VPN and Security 642-533 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.
+ Cisco 642-533 Downloadable, Printable Exams (in PDF format)
Our Exam 642-533 Preparation Material provides you everything you will need to take your 642-533 Exam. The 642-533 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.
+ 642-533 Downloadable, Interactive Testing engines
We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Cisco 642-533 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 642-533 Exam:100% Guarantee to Pass Your VPN and Security exam and get your VPN and Security Certification.
http://www.CertInside.com The safer.easier way to get VPN and Security Certification.
Cisco News
Popular Exams
- 156-315.65
- 156-215.65
- 143-060
- 70-431
- 70-443
- 70-441
- 70-235
- 70-271
- 70-272
- 70-640
- 70-642
- 70-643
- 70-646
- 70-647
- 70-290
- 70-291
- 70-315
- 70-316
- 70-320
- 70-300
- 70-293
- 70-294
- 70-298
- 70-350
- 70-299
- 70-620
- 9A0-082
- 9A0-094
- 9A0-066
- 9A0-086
- 9A0-054
- 9A0-094
- 9A0-080
- 9A0-088
- 9A0-090
- 9A0-084
- E20-001
- E20-322
- E20-501
- E20-361
- E20-340
- E20-120
- 642-356
- 050-V37-ENVCSE01