Chinese(T) | English
contact me
User Login
Username:
Password :

Most Popular Vendors
View All Vendors
search exam Search    Help

Securing Networks Using Intrusion Prevention Systems Exam (IPS)

Index >> Cisco >> CCSP >> "642-532"Exam

VUE/Prometric Code:642-532

Exam Name:Securing Networks Using Intrusion Prevention Systems Exam (IPS)
Questions and Answers:63 Q&As
Price:$69
Updated:2008-11-12
Securing Networks Using Intrusion Prevention Systems Exam (IPS)
Test Q&A Updated Price
642-532 63 Q&A 2008-11-12 $69

please download in PDF format Demo: 642-532

killtest 642-532 Exam Features

High quality and Value for the 642-532 Exam.
Killtest Practice Exams for Securing Networks Using Intrusion Prevention Systems Exam (IPS) 642-532 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.

100% Guarantee to Pass Your CCSP exam and get your CCSP Certification.
We guarantee your success in the first attempt. If you do not pass the 642-532 (Securing Networks Using Intrusion Prevention Systems Exam (IPS)) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.

killtest 642-532 Downloadable.
Printable Exams (in PDF format) Our Exam 642-532 Preparation Material provides you everything you will need to take your CCSP exam. The CCSP Certification details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get CCSP exam questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first CCSP exam try, but also save your valuable time .

  • Comprehensive questions with complete details about 642-532 exam.
  • 642-532 exam questions accompanied by exhibits.
  • Verified Answers Researched by Industry Experts and almost 100% correct.
  • Drag and Drop questions as experienced in the Real CCSP exam.
  • 642-532 exam questions updated on regular basis.
  • Like actual CCSP Certification exams, 642-532 exam preparation is in multiple-choice questions (MCQs).
  • Tested by many real CCSP exams before publishing.
  • Try free CCSP exam demo before you decide to buy it in http://www.Killtest.com.

High quality and Value for the 642-532 Exam:100% Guarantee to Pass Your CCSP exam and get your CCSP Certification.

http://www.Killtest.com The safer.easier way to get CCSP Certification.

We offer Demo version of Q&A, Q&A are as follows (not to provide picture):

642-532:please download 642-532 in PDF format Demo 642-532

1.Which three steps must you perform to prepare sensor interfaces for inline operations? (Choose three.)
A.Disable all interfaces except the inline pair.
B.Add the inline pair to the default virtual sensor.
C.Enable two interfaces for the pair.
D.Disable any interfaces that are operating in promiscuous mode.
E.Create the interface pair.
F.Configure an alternate TCP-reset interface
Correct:B C E
2.Your Cisco router is hosting an NM-CIDS. The router configuration contains an inbound ACL. Which action does the router take when it receives a packet that should be dropped, according to the inbound ACL?
A.The router forwards the packet to the NM-CIDS for inspection, then drops the packet.
B.The router drops the packet and does not forward it to the NM-CIDS for inspection.
C.The router filters the packet through the inbound ACL, tags it for drop action, and forwards the packet to the NM-CIDS. Then the router drops it if it triggers any signature, even a signature with no action configured.
D.The router filters the packet through the inbound ACL, forwards the packet to the NM-CIDS for inspection only if it is an ICMP packet, and then drops the packet.
Correct:B
3.Which action is available only to signatures supported by the Normalizer engine
A.Produce Verbose Alert
B.Modify Packet Inline
C.Deny Packet Inline
D.Log Pair Packets
E.Request SNMP Trap
F.Reset TCP Connection
Correct:B
4.You would like to have your inline sensor deny attackers inline when events occur that have Risk Ratings over 85. Which two actions will accomplish this? (Choose two.)
A.Create Target Value Ratings of 85 to 100.
B.Create an Event Variable for the protected network.
C.Enable Event Action Overrides.
D.Create an Event Action Filter, and assign the Risk Rating range of 85 to 100 to the filter.
E.Enable Event Action Filters.
F.Assign the Risk Rating range of 85 to 100 to the Deny Attacker Inline event action.
Correct:C F
5.Which two are appropriate installation points for a Cisco IPS sensor? (Choose two.)
A.on publicly accessible servers
B.on critical network servers
C.at network entry points
D.on user desktops
E.on corporate mail servers
F.on critical network segments
Correct:C F
6.In which three ways does a Cisco network sensor protect network devices from attacks? (Choose three.)
A.It uses a blend of intrusion detection technologies to detect malicious network activity.
B.It can generate an alert when it detects traffic that matches a set of rules that pertain to typical intrusion activity.
C.It permits or denies traffic into the protected network that is based on access lists that you create on the sensor.
D.It can take a variety of actions when it detects traffic that matches a set of rules that pertain to typical intrusion activity.
E.It uses behavior-based technology that focuses on the behavior of applications to protect network devices from known attacks and from new attacks for which there is no known signature.
Correct:A B D
7.Which command displays the statistics for Fast Ethernet interface 0/1?
A.show interfaces FastEthernet0/1
B.show interface int1
C.show statistics FastEthernet0/1
D.show statistics virtual-sensor
E.packet capture FastEthernet0/1
F.show statistics event-store
Correct:A
8.Drag Drop question
 
Correct:
9.What is a configurable weight that is associated with the perceived importance of a network asset?
A.Risk Rating
B.parameter value
C.Target Value Rating
D.severity level
E.storage key
F.rate parameter
Correct:C
10.You are using multiple monitoring interfaces on a sensor appliance running software version 5.0. Which statement is true?
A.You can have the simultaneous protection of multiple network subnets, which is like having multiple sensors in a single appliance.
B.You can use different sensing configurations for each monitoring interface.
C.You can enable an interface only if the interface belongs to an interface group.
D.Multiple monitoring interfaces can be assigned to Group 0 at any given time.
E.All interfaces must operate in a single mode; you cannot mix inline- and promiscuous-mode operations.
Correct:A

Vendors: Cisco, Oracle, IBM, SUN, HP, Citrix, CIW
NS0-102, 1Y0-456, VCP-310, HP0-S14, A00-211, RF0-001, 1Z0-007,
If you have any questions or comments you can email us at support@killtest.com.
Payment and shipping | Guarantee | FAQs | About Us | Links
Copyright © 2002-2008 KillTest Information Co.,Ltd. All Rights Reserved.
KillTest materials do not contain actual questions and answers from Microsoft's Certification Exams.