Free pass4sure ccsp 642-513 v2.95 Download

Securing Hosts Using Cisco Security Agent Exam (HIPS) : 642-513 Exam

Exam Number/Code: 642-513
Exam Name: Securing Hosts Using Cisco Security Agent Exam (HIPS)
VUE Code: 642-513
Questions Type: Single choice, Multiple choice, Simulate,
Real Exam Question Numbers: 65-75 questions
Exam Language(s): English

Exam Description Introduction
The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the HIPS v3.0 course. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.

Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Describe and deploy the CSA and CSA MC products
Explain the concept of network defense in depth
Describe Cisco Security Agent architecture
Describe the life cycle of an attack
Explain how Cisco Security Agent protects against attacks
Identify the CSA MC and CSA system requirements
Identify the administration workstation requirements
Install the CSA MC
Configure basic settings on the CSA MC
Install the CSA using a default group

Use CSA MC to configure groups, manage hosts, and build policies
Describe various components of the menu bar and its function in the CSA MC interface
Create, save, and delete data on the CSA MC
Create groups to ease host management and security policy deployment
Build Agent kits for the newly created groups
View host status and modify host configuration
Distribute software updates to hosts
Discuss components of a policy
Configure policies and rule modules

Use CSA MC to configure rules
Describe the basics of rule construction and functionality
Configure rules common to Windows and UNIX systems
Configure Windows-Only rules
Configure UNIX-Only rules
Describe the individual rules you can add to your policies that allow CSA MC to categorize processes and correlate events across multiple systems
Describe and configure the system API Control Rule
Describe and configure the Network Shield Rule
Describe and configure the Buffer Overflow Control Rule
Describe and configure the Email Worm Protection Rule module
Describe and configure the Installation Applications Policy
Describe and configure Global Event Correlation

Define application classes and work with variables
Explain the use of application classes in creating security policies
Discuss the preconfigured application classes included in the CS AMC
Configure a static application class
Create a dynamic application class and an application-builder rule
Discuss how events sets are used to ease administration of security policies
Configure data, file and network address sets
Create registry, COM component and network services sets
Use the COM extraction utility to gather PROGIDs and CLSIDs for the software installed on a system
Configure Query Settings variables to be used with Query rules

Use CSA Analysis and define and generate reports
Understand and configure application deployment investigation
Understand and configure product associations for application deployment investigation
Configure and run application deployment reports
Understand and configure application behavior investigation
Understand and use behavior analysis reports
Import and use behavior analysis rule modules
Explain the features of the Event Log and Event Monitor
Configure filtering of events for logging, reports, and alerts
Create event-based alerts
Generate reports on events selected by sorting criteria

“Securing Hosts Using Cisco Security Agent Exam (HIPS)”, also known as 642-513 exam, is a Cisco certification.
Preparing for the 642-513 exam Searching 642-513 Test Questions, 642-513 Exam, 642-513 Dumps

With the complete collection of questions and answers Q&as with Expert Explanations, Pass4sure has assembled to take you through 69 questions to your 642-513 Exam preparation. In the 642-513 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.

The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the HIPS v2.0 course. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.

QUESTION 21:
The PassGuide security administrator needs to configure a new policy. Which view
would you use to create a new policy within the CSA MC?
A. Configuration> Rules> Policies
B. Configuration> Policies
C. Systems> Policies
D. Systems> Rules> Policies
E. None of the above
642-513
www.actualtest.org – The Power of Knowing
Answer: B
Explanation:
Generally, when you configure a policy, you are combining multiple rule modules under
a common name. That policy name is then attached to a group of hosts and it uses the
rules that comprise the policy to control the actions that are allowed and denied on those
hosts. You can have several different types of rules in a rule module and consequently
within one policy.
The policy level is the common ground by which host groups acquire the rules that make
up their security policy. You can attach rule modules of differing architectures to the
same policy. This way, you can configure task-specific, self-contained, inclusive policies
across all supported architectures (Windows, Solaris, Linux) for software that is
supported on all platforms.
To configure a policy, do the following:
Step1
Move the mouse over Configuration in the menu bar of CSA MC and select Policies from
the drop-down menu that appears. The policy list view appears.
Step2
Click the New button to create a new policy entry. This takes you to the policy
configuration page.
Step3
In the available policy configuration fields, enter the following information:
Name-This is a unique name for this policy grouping of rule modules. Names are case
insensitive, must start with an alphabetic character, can be up to 64 characters long and
can include alphanumeric characters, spaces, and underscores.
Description Introduction-This is an optional line of text that is displayed in the list view and helps
you to identify this particular policy.
Step4
Select one or more Target architecture types for the policy. You can have one policy, for
example – an Apache Web Server policy, and have all three architecture checkboxes
selected. This way, each architecture specific rule module for Apache can be attached
and deployed through one single Apache policy.
Step5
Click the Save button.
Reference:

http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a00804

2
QUESTION 22:
DRAG DROP
You are a student at the PassGuide University. Your instructor asks you to match the
CSA MC view on the left with its purpose on the right below:
642-513
www.actualtest.org – The Power of Knowing
Answer:
QUESTION 23:
One of the tools available on the PassGuide Management Center for Cisco Security
Agents is the Compare Tool. What is the purpose of this tool?
A. To save data that has been configured
B. To compare individual rules
C. To compare individual rule modules
642-513
www.actualtest.org – The Power of Knowing
D. To compare and merge configurations
E. None of the above
Answer: D
Explanation:
When you select the checkbox next to 2 items (you cannot compare more than 2
configurations at a time) and click the Compare button, CSA MC displays the
configurations side by side and highlights the differences in red. Once you’ve examined
how the configurations compare, you can select to merge specific rules, to copy rules to
another module, or to copy rules to a new module. Additionally, you can attach and
detach groups and policies. (You can compare application classes and variables, but you
can only copy and merge rules from the compare page.)
The purpose of this compare tool is to assist you after you’ve imported configurations or
upgraded CSA MC. These processes can cause you to have duplicate or very similar
configuration items. Comparing and merging configurations can help you to more easily
consolidate duplicate items. This Compare utility is also available for Groups, Policies,
Application Classes, and Variables.
Feature notes:
When you compare rule modules, the similar rules within those modules are displayed
side by side with the differences highlighted in red. If there are no differences, rule
description text appears in black.
If there is a rule in one modules and no corresponding similar rule in the second modules,
there is nothing displayed beside that rule in the comparison.
If you have rules in your modules comparison that have the same description, application
class and other configuration items, they will not appear side by side if they have
different logging options selected or different Allow/Deny actions. Logging and
allow/deny actions change the priority of the rule within the policy. If the priority is not
the same for each rule, they are not displayed side by side.
Reference:

http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a00804

2
QUESTION 24:
The PassGuide security administrator is cloning configurations in the CSA MC.
When a rule is cloned, which part of the rule is not cloned?
A. Sets
B. Rule modules
C. Hosts
D. Variables
E. None of the above
Answer: D
642-513
www.actualtest.org – The Power of Knowing
Explanation:
In the CSA MC, Use the Clone button in conjunction with the checkboxes beside each
list view item. To clone a particular configuration, select its checkbox and click the Clone
button. You can clone one item at a time. New links to the cloned configurations appear
in the list view.
Note:
When you clone an item that contains variable items like file sets or network services, the
cloned rule uses the same variables used in the original rule. The variables themselves are
not cloned.
Reference:

http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a00805

a
QUESTION 25:
A new CSA is being installed on the PassGuide network. Which Agent kit should be
installed on the PassGuide CSA MC?
A. The default Windows Agent kit
B. The default UNIX Agent kit
C. The default CSA Agent kit
D. The Agent kit that is automatically installed
E. None of the above
Answer: D

pass4sure 642-513 Questions and Answers : 99 Q&As
Updated: October 3rd , 2008
Price: $129.99 $89.99

Free download:pass4sure 642-513
Free download:PassGuide 642-513

password:www.ciscoexams.org