Free Pass4sure Download: Leading the way in studying IT certifications

Securing Networks Using Intrusion Prevention Systems Exam : 642-532 Exam

Exam Number/Code: 642-532
Exam Name: Securing Networks Using Intrusion Prevention Systems Exam
VUE Code: 642-532
Questions Type: Single choice,
Real Exam Question Numbers: 60-70 questions
Exam Language(s): English

“Securing Networks Using Intrusion Prevention Systems Exam”, also known as 642-532 exam, is a Cisco certification.
Preparing for the 642-532 exam Searching 642-532 Test Questions, 642-532 Exam, 642-532 Dumps

With the complete collection of questions and answers Q&as with Expert Explanations, Pass4sure has assembled to take you through 63 questions to your 642-532 Exam preparation. In the 642-532 exam resources, you will cover every field and category in VPN and Security helping to ready you for your successful Cisco Certification.

The Securing Networks Using Intrusion Prevention Systems exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco IPS Specialist certifications. Candidates can prepare for this exam by taking the IPS v5.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify and manage the Cisco IPS appliance products.

QUESTION 21:
The signature files on a PassGuide sensor are being updated by the security
administrator. Which two statement are true about Cisco IPS signatures? (Choose
two)
A. A signature is a set of rules that pertain to typical intrusion activity.
B. When network traffic matches a signature, the signature must generate an alert, but
can also initiate a response action.
C. Some signatures can be triggered by the contents of a single packet.
D. Signatures trigger alerts only when they match a specific pattern of traffic.
E. You can disable signatures and later re-enable them; however, this process requires the
sensing engines to rebuild their configuration, which takes time and could delay the
processing of traffic.
F. You can enable and modify built-in signatures, but you cannot disable them.
Answer: A, C
Explanation:
Attacks or other misuses of network resources can be defined as network intrusions.
Network intrusions can be detected by sensors that use a signature-based technology. A
signature is a set of rules that your sensor uses to detect typical intrusive activity, such as
denial of service (DoS) attacks. As sensors scan network packets, they use signatures to
detect known attacks and respond with actions that you define. Signatures can be
triggered either by a series of packets, called compound attacks, or by a single packet.
Single packet attacks are called atomic attacks; an example of this is the ping of death
Reference:

http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_installation_and_configuration_guide_chap

QUESTION 22:
642-532
www.actualtest.org – The Power of Knowing
Which of the following represents basic types of Cisco IDS signature parameters?
(Choose all that apply.)
A. The Sub-signature parameter
B. The Local parameter
C. The Protected parameter
D. The Master parameter
E. The Required parameter
Answer: C E
Explanation:
Engine parameters have the following attributes:
1) Protected – If a parameter is protected, you cannot change if for the default signatures.
You can modify it for custom signatures.
2) Required – If a parameter is required, you must define it for all signatures, both default
signatures and custom signatures.
Reference: CCSP Self-study: CSIDS Second Edition, page 438
QUESTION 23:
SIMULATION
You are the network security administrator at PassGuide .com in charge of the IPS
sensors for a travel agency. Your sensors are currently deployed in promiscuous
mode, but you have upgraded to IPS software 5.0 and now want to deploy in inline
mode. You decide to return all signatures to heir default settings and re-tune them
to maximize the benefits of your new topology. After tuning the signatures, you back
up your configuration.
On the morning of May 12, 2005, your new assistant informs you that the network
appears to have been under attack since you left your office at 6:00 pm the previous
evening. Your assistant has tuned several signatures on the company IPS 4235
sensor in an effort to mitigate the attacks. From the assistant description of the
tuning he performed, you feel sure the IPS 4235 sensor will be less, rather than
more, effective in protecting your network. You decide to investigate the situation.
Your tasks are as follow:
Display all high-severity alerts that have been generated by the sensor since 6:00 pm
May 11, 2005.
Verify that the only events displayed are high-severity alerts and their time-stamps
are at or after 6:00 pm May 11, 2005.
Examine the tuned signature settings.
Restore the default settings to all signatures without affecting other sensor settings.
Verify that the signature settings were returned to the defaults. (While doing so, you
discover that your assistant modified your allowed hosts list as well as tuning some
signatures.)
Overwrite the current configuration with your backup configuration.
Display the sensor configuration again to verify the changes made by restoring from
642-532
www.actualtest.org – The Power of Knowing
backup.
Sensor administrator username/password: PassGuide / PassGuide 987
Answer:
Show only high events from May 11, 2005 from 6pm:
- “show events alert high 18:00 may 11 2005″
- “show config”
Reset signatures back to defaults:
- default service signature-definition sig0 (or name of signatures)
- verify with “show config”
Overwrite the current configuration with your backup config:
- “copy backup-config current-config”
QUESTION 24:
The PassGuide security policy states that network devices must be managed using
secure communication methods. Which Cisco IDS Sensor services must be disabled
to meet this requirement? (Choose two)
A. SSH
B. Telnet
C. TFTP
D. SNMP
E. FTP
F. RSH
Answer: B, E
Explanation:
The Sensor always provides secure shell services (including scp). Increase the security of
the Sensor by disabling two services that allow clear text password authentication: Telnet
and FTP. For maximum security disable both.
642-532
www.actualtest.org – The Power of Knowing
QUESTION 25:
The service pack file IDSk9-sp-3.1-2-S23.bin exists on the PassGuide Sensor.
Which command installs the service pack on the Sensor?
A. IDSk9-sp-3.1-2-S23 -install
B. IDSk9-sp-3.1-2-S23.bin -install
C. IDSk9-sp-3.1-2-S23.bin -i
D. IDSk9-sp-3.1-2-S23.bin -l
E. IDSk9-sp-3.1-2-S23-bin -apply
F. IDSk9-sp-3.1-2-S23 -apply
Answer: C

pass4sure 642-532 Questions and Answers : 63 Q&As
Updated: October 1st , 2008
Price: $129.99 $89.99

Free download:pass4sure 642-532
Free download:PassGuide 642-532

password:www.ciscoexams.org

Download Latest Passforsure P4S Rapidshare links

1. Free P4S Cisco CCSP Exam 642-532 v2.95 Download
2. Free Pass4sure Cisco CCSP Exam 642-542 v2.83 Download
3. Free pass4sure ccsp 642-551 v2.95 Download
4. Free Pass4sure cisco ccsp mars 642-545 2.95 Download
5. Free free latest PassGuide ccsp 642-552 exam Download
6. Free pass4sure ccsp 642-503 v2.93 Download
7. Free pass4sure CCSP 642-524 v2.83 Download
8. Free pass4sure ccsp 642-591 v2.93 Download
9. Free Cisco CCSP 642-524 SNAF Securing Networks with ASA Foundation Download
10. Free pass4sure ccsp 642-502 v2.93 Download
11. Free CCNA Security Quick Reference CHAPTER 5 Cisco IOS IPS Download
12. Free P4S Cisco CCSP Exam 642-552 v2.93 Download
13. Free Pass4sure Cisco CCSP Exam 642-504 2.77 Download
14. Free P4S Cisco CCSP Exam 642-551 v2.93 Download
15. Free pass4sure ccsp 642-533 v2.93 Download