kaoccna 的优势

642-533 试题的质量和价值
mcsepass 模拟测试题具有最高的专业技术含量，只供具有相关专业知识的专家和学者学习和研究之用。
100% 保证您通过 642-533 的考试
如果你使用 mcsepass 模拟测试，我们将保证你的第一次参加考试即取得成功，否则，我们将全额退款！
试用后再购买
mcsepass 提供每种产品免费测试。在您决定购买之前，请检测联接，可能存在的问题及试题质量和适用性。
kaoccna认证考试题库网专业提供 Cisco 642-533 最新题库下载，完全覆盖 mcsepass 考试原题。

部分考题展示

　
　
Exam : Cisco 642-533
Title : Implementing Cisco Intrusion Prevention System (IPS)


1. What are the three roles of the Cisco IPS Sensor interface? (Choose three.)
A. alternate TCP reset
B. blocking
C. command and control
D. sensing (monitoring)
E. logging
F. bypass
Answer: ACD

2. Which two statements correctly describe Cisco ASA AIP-SSM based on Cisco IPS 6.0 and the ASA 7.x software release? (Choose two.)
A. It supports up to four virtual sensors.
B. It supports inline VLAN pairs.
C. Its command and control interface is Gig0/0.
D. It requires two physical interfaces to operate in inline mode.
E. It does not have console port access.
F. It has two sensing interfaces.
Answer: CE

3. Which type of signature engine is best suited for creating custom signatures that inspect data at Layer 5 and above?
A. ATOMIC
B. String
C. Sweep
D. Service
E. AIC
F. Flood
Answer: D

4. In which three of these ways can you achieve better Cisco IPS Sensor performance? (Choose three.)
A. enable all anti-evasive measures to reduce noise
B. place the Cisco IPS Sensor behind a firewall
C. always enable unidirectional capture
D. disable unneeded signatures
E. have multiple Cisco IPS Sensors in the path and configure them to detect different types of events
F. enable selective packet capture using VLAN ACL on the Cisco IPS 4200 Series Sensors
Answer: BDE

5. Which three of these steps are used to initialize and verify the Cisco ASA AIP-SSM? (Choose three.)
A. connect a management station directly to the AIP-SSM console port via a serial cable
B. use the ASA#session 1 command to access the AIP-SSM CLI
C. use the ASA#show module command to verify the AIP-SSM status
D. access the Cisco IDM from a management station using http://sensor-ip-address
E. use the sensor#setup command to configure the basic sensor settings
F. use the ASA#telnet sensor-ip-address command to access the AIP-SSM to setup the basic configuration on the sensor
Answer: BCE

6. Which of the following statements best describes how IP logging should be used?
A. only be used temporarily for such purposes as attack confirmation, damage assessment, or the collection of forensic evidence, because of its impact on performance
B. be used sparingly because there is a 4-GB limit on the amount of data that can be logged
C. always be enabled since it uses a FIFO buffer on the Cisco IPS Sensor flash memory
D. be used to automatically correlate events with Cisco Security MARS for incident investigations
E. only be used when you are also using inline IPS mode
Answer: A

7. In Cisco IDM, the Configuration > Sensor Setup > SSH > Known Host Keys screen is used for what purpose?
A. to enable communications with the Master Blocking Sensor
B. to enable communications with a blocking device
C. to enable management hosts to access the Cisco IPS Sensor
D. to regenerate the Cisco IPS Sensor SSH host key
E. to regenerate the Cisco IPS Sensor SSL RSA key pair
Answer: B

8. Select the two correct general Cisco IPS Sensor tuning recommendations if the environment consists exclusively of Windows servers. (Choose two.)
A. use "NT" IP fragment reassembly mode
B. use "Windows" TCP stream reassembly mode
C. disable deobfuscation for all HTTP signatures
D. enable all IIS signatures
E. enable all NFS signatures
F. enable all RPC signatures
Answer: AD

9. A user with which user account role on a Cisco IPS Sensor can log into the native operating system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. administrator
B. operator
C. viewer
D. service
E. root
F. super
Answer: D

10. Refer to the exhibit. Which three statements correctly describe the configuration depicted in this Cisco IDM virtual sensors list? (Choose three.)
A. inline dropping of packets can occur on the Gig0/0.1 sub-interface
B. sub-interfaces Gig0/2.0 and Gig0/3.0 are operating in IPS mode
C. the Cisco IPS Sensor appliance is configured for promiscuous (IDS) and inline (IPS) mode simultaneously
D. the vs1 virtual sensor is misconfigured for inline operations since only one sub-interface is assigned to vs1
E. inline dropping of packets can occur on the Gig0/2.0 sub-interface or Gig0/3.0 sub-interface or both
F. the vs1 virtual sensor is operating inline between VLAN 102 and VLAN 201
Answer: ACF