Testking CCSP 642-513
Securing Hosts Using Cisco Security Agent Exam
Exam Number: 642-513
Associated Certifications: CCSP
Duration: 75 minutes (65-75 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
QUESTION 1:
Certkiller chose the Cisco CSA product to protect the network against the newest attacks. Cisco Security Agent provides Day Zero attack prevention by using which
of these methods?
A. Using signatures to enforce security policies
B. Using API control to enforce security policies
C. Using stateful packet filtering to enforce security policies
D. Using algorithms that compare application calls for system resources to the security policies
E. None of the above
Answer: D Explanation:
Because Cisco Security Agent analyzes behavior rather than relying on signature matching, it never needs updating to stop a new attack. This zero-update architecture
provides protection with reduced operational costs and can identify so-called “Day Zero”
threats.”
At a high level, Cisco(r) Security Agent is straightforward. It intercepts system calls between applications and the operating system, correlates them, compares the correlated system calls against a set of behavioral rules, and then makes an “allow” or”deny”
decision based on the results of its comparison. This process is called INCORE, which stands for intercept, correlate, rules engine.
Reference:
http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_white_paper0900aecd8020f448.shtml
QUESTION 2:
Certkiller has implemented the CSA product to provide security for all of their devices. For which layers of the OSI reference model does CSA enforce security?
A. Layer 1 through Layer 4
B. Layer 1 through Layer 7
C. Layer 2 through Layer 4
D. Layer 3 through Layer 7
Answer: D Explanation:
Cisco Security Agent provides threat protection for server and desktop computing systems, also known as endpoints. It helps to reduce operational costs by identifying, preventing, and eliminating known and unknown security threats. The Cisco Security Agent consolidates endpoint security functions in a single agent, providing:
TK
642-513
1. Host intrusion prevention
2. Spyware/adware protection
3. Protection against buffer overflow attacks
4. Distributed firewall capabilities
5. Malicious mobile code protection
6. Operating-system integrity assurance
7. Application inventory
8. Audit log-consolidation
This provides security for endpoints at the network layer (layer 3) through the application layer (layer 7).
QUESTION 3:
The CSA architecture model is made up of three major components. Which three are they? (Choose three)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. An administrative workstation
F. A syslog server
Answer: B, C, E Explanation:
The CSA MC architecture model consists of a central management center which maintains a database of policies and system nodes, all of which have Cisco Security Agent software installed on their desktops and servers. The agents themselves, and an
administrative workstations, combined with the Management Center, comprise the three aspects of the CSA architecture.
Agents register with CSA MC. CSA MC checks its configuration database for a record of the system. When the system is found and authenticated, CSA MC deploys a configured policy for that particular system or grouping of systems.
QUESTION 4:
DRAG DROP
As a Certkiller trainee you are required to matchthe Cisco Trust Agent posture state with its definition.
TK
642-513
Answer:
QUESTION 5:
DRAG DROP
As a Certkiller student you are required to match the CSA MC view with the corresponding definition.
Exam 642-513: Securing Hosts Using Cisco Security Agent Exam (HIPS)
Related Certifications: CCSP
Number of Questions: 65-75
Duration: 75 minutes
Exam Topics Include:
1. Describe and deploy the CSA and CSA Management Console (MC) products
2. Use CSA MC to configure groups, manage hosts, and build policies
3. Use CSA Management Console to configure rules
4. Define application classes and work with variables
5. Use CSA Analysis and define and generate reports and alerts
The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the optional exams associated with the Cisco Certified Security Professional certification. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.
Interactive Testing Engine Included!
69 Questions
Updated : 03/14/2008
Price : $87.99 $79.99
Free download?testking CCSP 642-513
Free download?pass4sure CCSP 642-513
| Cisco Braindumps Free Downloads |
|
Type |
Exam Bible | New Questions & Answers |
Latest Updated |
Download link |
 |
All Cisco 's Exam Pack |
589 |
1 days ago | Download |
