CCNP Secure IPS FAQ: Sensor Tuning Q1. Which of the following is not an example of an IDS evasion technique? A. Sending overlapping fragments B. Generating a flood of alarms C. Manipulating packet TTL values D. Sending attack traffic in an SSH session E. Sending attack traffic in a Telnet session Answer: E Q2. Which of the following is not an obfuscation method? A. … [Read more...]
CCNP Secure IPS FAQ: Advanced Signature Configuration
CCNP Secure IPS FAQ: Advanced Signature Configuration Q1. Which signature field indicates the likelihood that the signature will trigger on attack traffic? A. Alert Severity B. Signature Fidelity Rating C. Target Value Rating D. Event Action Override E. Alert Notes Answer: B Q2. Which of the following is not a valid value for the Event Count Key field? A. Attacker … [Read more...]
CCNP Secure IPS FAQ: Cisco IPS Signature Engines
CCNP Secure IPS FAQ: Cisco IPS Signature Engines Q1. Which signature engine would you use to create a signature that searches for the pattern "Confidential" in a single packet? A. Atomic IP B. String TCP C. Meta D. AIC FTP E. Service Generic Answer: A Q2. Which signature engine would you use to create a signature that will trigger when the following three HTTP … [Read more...]
CCNP Secure IPS FAQ: Basic Cisco IPS Signature Configuration
CCNP Secure IPS FAQ: Basic Cisco IPS Signature Configuration Q1. Which of the following is not a valid IDM signature group? A. Attack B. Operating System C. Service D. Signature Release E. Policy Violation Answer: E Q2. Which of the following is not a valid signature response option? A. Deny Victim Inline B. Deny Attacker Inline C. Produce Alert D. Request SNMP … [Read more...]
CCNP Secure IPS FAQ: Basic Sensor Configuration
CCNP Secure IPS FAQ: Basic Sensor Configuration Q1. Which of the following is a valid user role on the sensor? A. Operator B. Analyst C. Guest D. System E. Manager Answer: A Q2. Which of the following parameters cannot be configured when you are editing a monitoring interface via IDM? A. Interface Duplex B. Interface Speed C. Alternate TCP Reset Interface D. … [Read more...]
CCNP Secure IPS FAQ: Cisco IPS Device Manager (IDM)
CCNP Secure IPS FAQ: Cisco IPS Device Manager (IDM) Q1. Which version of Linux is supported for use with IDM? A. Red Hat B. Debian C. Slackware D. Mandrake E. SUSE Answer: A Q2. Which of the following is a configurable sensor communication parameter? A. Changing the TLS/SSL port B. Changing the Telnet port C. Changing SSH port D. Changing the TLS/SSL port and the … [Read more...]
CCNP Secure IPS FAQ: IPS Command-Line Interface
CCNP Secure IPS FAQ: IPS Command-Line Interface Q1. Which sensor CLI command should you use to update the sensor software from version 4.1 to 5.0 via the network? A. migrate B. update C. upgrade D. copy E. None of these Answer: C Q2. Which command should you use to initialize a new sensor that you install on your network? A. setup B. initialize C. update D. … [Read more...]
CCNP Secure IPS FAQ: Sensor Maintenance
CCNP Secure IPS FAQ: Sensor Maintenance Q1. Which of the following is not a component of the Cisco IPS software filename? A. IPS version B. Service pack level C. Update type D. Signature version E. Software type Answer: C Q2. Which command enables you to fix a corrupted image on your sensor? A. repair B. downgrade C. restore D. recover E. update Answer: D Q3. … [Read more...]
CCNP Secure IPS FAQ: Cisco Intrusion Prevention System (IPS) Overview
CCNP Secure IPS FAQ: Cisco Intrusion Prevention System (IPS) Overview Q1. What do you call a signature that does not fire after observing normal user traffic? A. False positive B. True negative C. False negative D. True positive Answer: B Q2. Which of the following is a valid risk rating? A. High B. Severe C. 80 D. Critical E. Catastrophic Answer: C Q3. Which … [Read more...]
CCNP Secure IPS FAQ: Alarm Monitoring and Management
CCNP Secure IPS FAQ: Alarm Monitoring and Management Q1. What is the minimum recommended amount of RAM for the Security Monitor server? A. 2 GB B. 1 GB C. 512 MB D. 256 MB E. 1.5 GB Answer: B Q2. What is the minimum recommended amount of RAM for the client systems that access Security Monitor? A. 2 GB B. 1 GB C. 512 MB D. 256 MB E. 1.5 GB Answer: D Q3. What … [Read more...]