Study Guides and Actual Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA


Advertise

Submit Braindumps

Forum

Tell A Friend

    Contact Us

 Home

 Search

Latest Brain Dumps

 BrainDump List

 Certifications Dumps

 Microsoft

 CompTIA

 Oracle

  Cisco
  CIW
  Novell
  Linux
  Sun
  Certs Notes
  How-Tos & Practices 
  Free Online Demos
  Free Online Quizzes
  Free Study Guides
  Free Online Sims
  Material Submission
  Test Vouchers
  Users Submissions
  Site Links
  Submit Site

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Online Training Demos and Learning Tutorials for Windows XP, 2000, 2003.

 

 

 

 





Braindumps for "000-228" Exam

Best For You

 visit itcertkeys it is the best site for all users
thanks buddy


Google
 
Web www.certsbraindumps.com


Braindumps: Dumps for 642-544 Exam Brain Dump

Study Guides and Actual Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA


Advertise

Submit Braindumps

Forum

Tell A Friend

    Contact Us





Braindumps for "642-544" Exam

Implementing Cisco Security Monitoring, Analysis and Response

 Question 1.
The definitions on the left to the appropriate terms on the right
 
Answer:
 

Question 2.
What will happen if you try to run a Cisco Security MARS query that will take a long time to complete?

A. After submitting the query, the Cisco Security MARS GUI screen will be locked up until the 
    query is completed.
B. The query will be automatically saved as a rule.
C. The query will be automatically saved as a report.
D. You will be prompted to "Submit Batch" to run the query in batch mode.

Answer:  D

Question 3.
The Cisco Security MARS appliance supports which protocol for data archiving and restoring?

A. NFS
B. TFTP
C. FTP
D. Secure FTP
E. SSH

Answer:  A

Question 4.
What is a benefit of using the dollar variable (as in $TARGET01) when creating queries in Cisco Security MARS?

A. The dollar variable enables multiple queries to reference the same common 5-tuple information 
    using a variable.
B. The dollar variable ensures that the probes and attacks that are reported are happening to the 
    same host.
C. The dollar variable allows matching of any unknown reporting device.
D. The dollar variable allows matching of any event type groups.
E. The dollar variable enables the same query to be applied to different reports.
F. The dollar variable enables the same query to be applied to different cases.

Answer:  B

Question 5.
A Cisco Security MARS appliance cannot access certain devices through the default gateway. Troubleshooting has determined that this is a Cisco Security MARS configuration issue. 

Which additional Cisco Security MARS configuration will be required to correct this issue?

A. use the Cisco Security MARS GUI or CLI to enable a dynamic routing protocol
B. use the Cisco Security MARS CLI to add a static route
C. use the Cisco Security MARS GUI to configure multiple default gateways
D. use the Cisco Security MARS GUI or CLI to configure multiple default gateways

Answer:  B

Question 6.
What are three ways to add devices to the Cisco Security MARS appliance? (Choose three.)

A. import the devices from CiscoWorks
B. import the devices from Cisco Security Manager
C. load the devices from seed files
D. use SNMP auto discovery
E. use CDP to automatically discover the neighboring devices
F. manually add the devices, one at a time

Answer:  C, D, F

Question 7.
Which action enables the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely, or by just logging them to the database?

A. creating system inspection rules using the drop operation
B. creating drop rules
C. inactivating the rules
D. inactivating the events
E. deleting the false-positive events from the Incidents page
F. deleting the false-positive events from the Event Management page

Answer:  Pending

Question 8.
Which three statements are true about Cisco Security MARS rules? (Choose three.)

A. There are three types of rules.
B. Rules can be saved as reports.
C. Rules can be deleted.
D. Rules trigger incidents.
E. Rules can be defined using a seed file.
F. Rules can be created using a query.

Answer:  B

Question 9.
Which of the following alert actions can be transmitted to a user as notification that a Cisco Security MARS rule has fired, and that an incident has been logged? (Choose two.)

A. Distributed Threat Mitigation
B. Short Message Service
C. SNMP trap
D. XML notification
E. syslog
F. OPSEC-LEA (clear and encrypted)

Answer:  A, D, F

Question 10.
To configure a Microsoft Windows IIS server to publish logs to the Cisco Security MARS, which log agent is installed and configured on the Microsoft Windows IIS server?

A. pnLog agent
B. Cisco Security MARS agent
C. SNARE
D. None. Cisco Security MARS is an agentless device.

Answer:  B, D


Google
 
Web www.certsbraindumps.com


Study Guides and Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA





              Privacy Policy                   Disclaimer                    Feedback                    Term & Conditions

www.helpline4IT.com

ITCertKeys.com

Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.