CCNP Secure IPS FAQ: Alarm Monitoring and Management
Q1. What is the minimum recommended amount of RAM for the Security Monitor server?
A. 2 GB
B. 1 GB
C. 512 MB
D. 256 MB
E. 1.5 GB
Q2. What is the minimum recommended amount of RAM for the client systems that access Security Monitor?
A. 2 GB
B. 1 GB
C. 512 MB
D. 256 MB
E. 1.5 GB
Q3. What part of the Security Monitor interface provides a visual road map indicating where you are?
A. Path bar
B. Options bar
C. Instruction box
D. Content area
E. Road map
Q4. When you add a monitored device to Security Monitor, which of the following devices does not allow you to specify the protocol that the device uses to communicate with Security Monitor?
A. RDEP device
B. PostOffice device
C. IPS 5.0 sensor
D. PIX Firewall
E. IDS 4.0 sensor
Q5. Which of the following is not a characteristic that you can specify when configuring an event rule?
A. Originating device
B. Signature name
C. Attacker port
D. Severity
E. Victim address
Q6. Which of the following is not a category whose statistics you can view using Security Monitor?
A. Network Access Controller
B. Analysis Server
C. Transaction Server
D. Event Server
E. Analysis Engine
Q7. Which of the following items is not configurable when you change the Event Viewer display preferences?
A. Columns displayed
B. Event severity indicator type
C. Default expansion boundary
D. Time for Security Monitor-initiated blocks
E. Maximum events per grid
Q8. Which color is the background of the count field for medium-severity events?
A. Red
B. Orange
C. Yellow
D. Green
E. White
Q9. Which of the following is not a parameter that you can configure when customizing a report template?
A. Source IP address
B. Destination direction
C. IDS devices
D. IDS signatures
E. Risk Rating
Q10. Which of the following is not a parameter that you can configure when defining a database rule?
A. Total IDS events in database exceed
B. Total audit log events in database exceed
C. Total PIX events in database exceed
D. Database free space less than (megabytes)
E. Repeat every
Q11. What are the five CiscoWorks user roles that are relevant to IDS MC and Security Monitor operations?
Q12. What is the minimum amount of RAM and virtual memory recommended for a Windows server running Security Monitor?
Q13. What is the minimum amount of RAM and virtual memory recommended for a Windows client system used to connect to Security Monitor?
Q14. Which two browsers are supported for use by the Windows-based Security Monitor client systems?
Q15. What types of devices can you monitor with Security Monitor?
Q16. What are the two major protocols used to communicate between Security Monitor and IDS/IPS devices?
Q17. Which parameters can you use to configure event rules?
Q18. What actions can an event rule initiate?
Q19. What are the four tasks that you need to perform when adding an event rule?
Q20. What device statistical categories can you view using Security Monitor?
Q21. What are your two options when deleting rows from the Event Viewer, and how are they different?
Q22. What is the default expansion boundary?
Q23. Which report template would you use to find out which systems have launched the most attacks against your network in a specified time period?
Q24. What icons are used to indicate alarm severity?
Q25. What does the Blank Left check box do when configured as your cell preference?