Download Free Testking CCSP 642-533 Dumps | Latest Cisco Certification Exams

Testking CCSP 642-533

Implementing Cisco Intrusion Prevention Systems

Exam Number: 642-533
Associated Certifications: CCSP
Duration: 90 minutes (55 – 65 Questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Question: 1
You think users on your corporate network are disguising the use of file-sharing applications by tunneling the traffic through port 80. How can you configure your Cisco IPS Sensor to identify and
stop this activity?

A. Enable all signatures in the Service HTTP engine.
B. Assign the Deny Packet Inline action to all signatures in the Service HTTP engine.
C. Enable all signatures in the Service HTTP engine. Then create an event action override that adds the Deny Packet Inline action to events triggered by these signatures if the traffic originates from your corporate network.
D. Enable the alarm for the non-HTTP traffic signature. Then create an Event Action Override that adds the Deny Packet Inline action to events triggered by the signature if the traffic originates from your corporate network.
E. Enable both the HTTP application policy and the alarm on non-HTTP traffic signature.
Answer: E Question: 2
A user with which user account role on a Cisco IPS Sensor can log into the native operating system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?

A. administrator
B. operator C. viewer D. service
E. root
F. super
Answer: D Question: 3
Which character must precede a variable to indicate that you are using a variable rather than a string?

A. percent sign
B. dollar sign C. ampersand D. pound sign E. asterisk
Answer: B Question: 4
Which statement accurately describes Cisco IPS Sensor automatic signature and service pack updates?

A. The Cisco IPS Sensor can automatically download service pack and signature updates from
Cisco.com.
B. The Cisco IPS Sensor can download signature and service pack updates only from an FTP or
HTTP server.
C. You must download service pack and signature updates from Cisco.com to a locally accessible server before they can be automatically applied to your Cisco IPS Sensor.
D. When you configure automatic updates, the Cisco IPS Sensor checks Cisco.com for updates hourly.

Exam Name: Implementing Cisco Intrusion Prevention System (IPS)
Exam Type: Cisco Case Studies: 1
Exam Code: 642-533 Total Questions: 66

E. If multiple signature or service pack updates are available when the sensor checks for an
update, the Cisco IPS Sensor installs the first update it detects.
Answer: C Question: 5
How can you clear events from the event store?

A. You do not need to clear the event store; it is a circular log file, so once it reaches the maximum size it will be overwritten by new events.
B. You must use the CLI clear events command.
C. If you have Administrator privileges, you can do this by selecting Monitoring > Events > Reset button in Cisco IDM.
D. You should select File > Clear IDM Cache in Cisco IDM.
E. You cannot clear events from the event store; they must be moved off the system using the copy command.
Answer: B Question: 6
Refer to the exhibit.

Based on the partial output shown, which of these statements is true?

A. The module installed in slot 1 needs to be a type 5540 module to be compatible with the ASA
5540 Adaptive Security Appliance module type.
B. The module installed in slot 1 needs to be upgraded to the same software revision as module 0
or it will not be recognized.
C. Module 0 system services are not running.
D. There is a Cisco IPS security services module installed.
Answer: D Question: 7
Which action does the copy /erase ftp://172.26.26.1/sensor_config01 current-config command perform?

Exam Name: Implementing Cisco Intrusion Prevention System (IPS)
Exam Type: Cisco Case Studies: 1
Exam Code: 642-533 Total Questions: 66

A. erases the sensor_config01 file on the FTP server and replaces it with the current
configuration file from the Cisco IPS Sensor
B. copies and saves the running configuration to the FTP server and replaces it with the source configuration file
C. overwrites the backup configuration and applies the source configuration file to the system default configuration
D. merges the source configuration file with the current configuration
Answer: C Question: 8
Match each evasive technique on the left to the proper description on the right.

Answer:

Exam Name: Implementing Cisco Intrusion Prevention System (IPS)
Exam Type: Cisco Case Studies: 1
Exam Code: 642-533 Total Questions: 66

Question: 9
Which of the following is a valid file name for a Cisco IPS 6.0 system image?

A. IPS-K9-pkg-6.0-sys_img.sys B. IPS-4240-K9-img-6.0-sys.sys C. IPS-K9-cd-11-a-6.0-1-E1.img
D. IPS-4240-K9-sys-1.1-a-6.0-1-E1.img
Answer: D Question: 10
Drag the IPS appliance software bypass mode description on the left to match the correct mode on the right.

Answer:

Exam 642-533: Implementing Cisco Intrusion Prevention Systems (IPS)

Related Certifications: CCSP

Number of Questions: 55-65

Duration: 90 minutes

Exam Topics Include:

1. Describe how Cisco IPS sensors are used to mitigate network security threats

2. Install Cisco IPS sensors/modules and configure essential system parameters

3. Describe Cisco IPS sensor advanced system parameters

4. Tune Cisco IPS sensor advanced system parameters to optimize attack mitigation performance

5. Analyze Cisco IPS sensor events to determine the appropriate response to network attacks

6. Upgrade and maintain Cisco IPS sensors

The 642-533 IPS Implementing Cisco Intrusion Prevention Systems exam is one of the core exams associated with the Cisco Certified Security Professional (CCSP) certification. In all, you will need to pass five separate exams to become CCSP certified. This exam tests a candidate’s knowledge of implementing the Cisco IPS product.
Interactive Testing Engine Included!
179 Questions
Updated : 03/13/2008
Price : $87.99 $79.99
Free download?testking CCSP 642-533

Free download?pass4sure CCSP 642-533