Download Free Actualtests 642-533 Dumps | Latest Cisco Certification Exams

Actualtests 642-533

642-533 : Implementing Cisco Intrusion Prevention Systems Last Updated Thursday, July 03, 2008 with 180 Questions

Implementing Cisco Intrusion Prevention System (IPS)
Exam Number: 642-533 Exam
Associated Certifications: Implementing Cisco Intrusion Prevention System (IPS)
Duration: 63 Q&As

Free 642-533 Exams’s PDF Download
Free Actualtests offers free demo for 642-533 PDF(Implementing Cisco Intrusion Prevention System (IPS)). You can check out the interface, question quality and usability of our practice exams . We are the only one site can offer demo for almost all Implementing Cisco Intrusion Prevention System (IPS).

Recommended Training about 642-533 exam PDF
The following courses are the recommended training for 642-533 exam PDF.
642-533 Q & A with Explanations
642-533 Audio Exam
642-533 Study Guide
642-533 Preparation Lab
642-533 Exam Preparation from Actualtests with FULL explanations include:
Comprehensive questions with complete details
Detailed explanations of all the questions
Questions accompanied by exhibits
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Questions updated on regular basis
These questions and answers are backed by our GUARANTEE.
Like actual certification exams our product is in multiple-choice questions (MCQs).
642-533 Exam: Actualtests’s Implementing Cisco Intrusion Prevention System (IPS) PDF
The Implementing Cisco Intrusion Prevention System (IPS) PDF for preparing for the 642-533 exam – Actualtests ’s Implementing Cisco Intrusion Prevention System (IPS). Actualtests is your premier source for practice tests, and true testing environment. Nothing will prepare you for your next exam like a Actualtests. You find it all here at ciscoexams.org.

QUESTION 1
In which three ways does a Cisco IPS network sensor protect the network from attacks?
(Choose three.)
A. It can take variety of actions when it detects traffic that matches a set of rules that
pertain to typical intrusion activity
B. It permits or denies traffic into the protected network based on access lists that you
create on the sensor
C. It uses a blend of intrusion detection technologies to detect malicious network activity
D. It can generate an alert when it detects traffic that matches a set of rules that pertain to
typical intrusion activity
Answer: A,C,D
QUESTION 2
You would like to have your inline sensor deny attackers inline when events occur that
have risk ratings over 85. Which two actions, when taken in conjunction will accomplish
this? (Choose two.)
A. Assign the risk rating range of 85 to 100 to the Deny Attacker inline event action
B. Create target value ratings of 85 to 100
C. Create an event variable for the protected network
D. Create an Event Action Filter and assign the risk rating range of 85 to 100 to the filter
E. Enable Event Action overrides
F. Enable Event Action Filters
Answer: A,E
QUESTION 3
Which statement accurately describes Cisco IPS Sensor Automatic signature and service
pack updates?
A. If multiple signature or service pack updates are available when the sensor checks for
an update, the Cisco IPS Sensor installs the first update it detects
B. You must download service pack and signature updates form cisco.com to locally
accessible server before they can be automatically applied to your Cisco IPS Sensor
C. When you configure automatic updates, the Cisco IPS Sensor checks Cisco.com for
updates hourly.
D. The Cisco IPS Sensor can automatically download service pack and signature updates
form cisco.com
E. The Cisco IPS Sensor can download signature and service pack updates only from an
TFTP or HTTP server
Answer: B
642-533
Actualtests.com – The Power of Knowing
QUESTION 4
You think users on your corporate network are disguising the user of file-sharing
applications by tunneling the traffic through port 80. How can you configure your Cisco
IPS Sensor to identify and stop this activity?
A. Enable all signatures in the Service HTTP engine
B. Assign the Deny Packet inline action to all signatures in the service HTTP Engine
C. Enable the alarm for the non-HTTP traffic signature. Then create an Event Action
Override that adds the Deny Packet inline action to event triggered by the signature if the
traffic originates from your corporate network
D. Enable both the HTTP application policy and the alarm on non-HTTP traffic signature
E. Enable all signature in the Service HTTP engine. Then create an event action override
that adds the Deny packet inline action to events triggered by these signatures if the
traffic originates form your corporate network
Answer: D
QUESTION 5
With Cisco IPS 6.0, what is the maximum number of Virtual sensors that can be
configured on a single platform?
A. The number depends on the amount of device memory
B. Six
C. Four
D. Two
E. Two in promiscuous mode using VLAN groups, four in inline mode supporting all
interface type configurations
Answer: C
QUESTION 6
Which two management access methods are enabled by default on a Cisco IPS sensor?
(Choose two.)
A. HTTP
B. SSH
C. Telnet
D. IPSec
E. HTTPS
Answer: B,E
QUESTION 7
What is used to perform password recovery for the “cisco” admin account on a Cisco IPS
4200 Series Sensor?
642-533
Actualtests.com – The Power of Knowing
A. ROMMON CLI
B. Cisco IDM
C. Setup mode
D. Recovery Partition
E. GRUB menu
Answer: E
QUESTION 8
How should you create a custom signature that will fire when a series of pre-defined
signature occur and you want the Cisco IPS Sensor to generate alerts only for the new
custom signature, not for the individual signatures?
A. Use the Normalizer Engine and se the summary mode to Global Summarize
B. Use the Service Engine and Set the summary mode to global summarize
C. Use the Trojan Engine and remove the Produce Alert action from the component
signatures
D. Use the Normalizer engine and remove the Produce Alert action from the component
signatures
E. Use the ATOMIC Engine and set the summary mode to Global Summarize
F. Use the Meta engine and remove the produce alert action from the component
signatures
Answer: F
QUESTION 9
When configuring Passive OS Fingerprinting, what is the purpose of restricting operating
system mapping to specific addresses?
A. Limits the ARR to the defined IP Addresses
B. Specifies which IP Address range to import from EPI for OS fingerprinting
C. Excludes the defined IP Addresses from automatic risk rating calculations so that you
can specify the desired risk rating
D. Allows you to configure separate OS maps within that IP address range
Answer: A
QUESTION 10
You have been made aware of new and unwanted traffic on your network. You want to
create a signature to monitor and perform an action against that traffic when certain
thresholds are reached. What would be the best way to configure this new signature?
A. Use the Anomaly Detection functions to learn abut the unwanted traffic, then create a
new meta signature using Cisco IDM
B. Clone and edit an existing signature that closely matches the traffic you are trying to
prevent
642-533
Actualtests.com – The Power of Knowing
C. Create a new signature definition, edit it, and then enable it
D. Edit a built-in signature that closely matches the traffic you are trying to prevent
Answer: C