Filters
Question type
Study Flashcards

Which policy is assigned to a child domain by default?


A) The default IDS policy
B) The default IPS policy
C) No default policy
D) The policy of the parent domain

E) A) and C)
F) C) and D)

Correct Answer

verifed

verified

A Sensor allows the option of Layer2 forwarding for which of the following?


A) TCP and UDP ports only
B) UDP ports and VLAN interfaces only
C) TCP ports and VLAN interfaces only
D) TCP ports, UDP ports and VLAN interfaces

E) A) and C)
F) None of the above

Correct Answer

verifed

verified

Which attack cannot be blocked when the sensor has been set for in-line mode?


A) TCP Control Anomaly
B) ICMP Echo Anomaly
C) Too Many Inbound Syn
D) SCADA Attacks

E) B) and D)
F) All of the above

Correct Answer

verifed

verified

Which is the correct syntax for the 'set dosprevenbonseverity' command?


A) Set dospreventionseveriry tcp-rst 150
B) Set dospreventionseverity icmp-echo-reply enable 150
C) Set dospreventionseverity tcp-syn inbound 150
D) Set dosprevenbonseverity ip-fragment inbound

E) None of the above
F) B) and D)

Correct Answer

verifed

verified

Which CLI command is used to copy sensor SSL certificates from external flash when replacing a failed sensor?


A) Exportsensorcerts
B) Importsensorcerts
C) Exportcerts
D) Importcerts

E) A) and D)
F) A) and C)

Correct Answer

verifed

verified

Which port needs to be opened for install Channel communication between Sensor and Manager through a firewall?


A) 8501
B) 8502
C) 8503
D) 8555

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

Which of the following are the methods used by NSP to recognize and react to Denial-of-Service (DoS) attacks? (Choose three)


A) Blocking
B) Shutting down the sensor
C) Thresholds
D) Self-learning
E) Logging
F) DDoS attack tool with exploit signatures

G) D) and E)
H) A) and F)

Correct Answer

verifed

verified

Which of the following activities require a reboot of a sensor? (Choose three)


A) Enabling/Disabling SSL
B) Enabling/Disabling parsing and detection of attacks in IPv4 traffic
C) Enabling/Disabling parsing and detection of attacks in IPv6 traffic
D) Sensor software upgrade
E) Signature update

F) C) and D)
G) B) and C)

Correct Answer

verifed

verified

A Reconnaissance Policy can be applied to which of the following?


A) Sensors
B) Sensor Ports
C) Sensors and sensor ports
D) Specific Hosts

E) A) and D)
F) A) and C)

Correct Answer

verifed

verified

A sensor is placed in-line and is dropping traffic. This situation demands an immediate removal of the sensor from the network to let traffic flow uninterrupted. Which option will you use to verify whether the issue is due to sensor configuration or network congestion?


A) Layer2modeon
B) Layer2 mode assert
C) Layer2 mode deassert
D) Layer2 mode off

E) C) and D)
F) A) and D)

Correct Answer

verifed

verified

________________allows a host to be subjected to both DHCP based NAC and Identity Based Access Control when configured on different ports.


A) Integrated NAC
B) DHCP based NAC
C) Hybrid NAC
D) Health based NAC

E) C) and D)
F) B) and D)

Correct Answer

verifed

verified

Setting a threshold on a sensor to react if traffic volume exceeds the threshold limit is an example of what specific detection method?


A) Signature based
B) DHCP based
C) Pattern matching
D) Denial of Service (DoS)

E) C) and D)
F) B) and C)

Correct Answer

verifed

verified

Which command can be issued on a Sensor to check the health of the Sensor?


A) show
B) show settings
C) status
D) check health

E) None of the above
F) A) and B)

Correct Answer

verifed

verified

Which domains does a Super User have full rights to access?


A) Super Users have full rights to all domains
B) Super Users have full rights to only the domains in which they reside
C) Super Users have full rights to only sensor configuration
D) Super Users have full rights to only Parent domains

E) B) and D)
F) A) and C)

Correct Answer

verifed

verified

Why is the DBAdmin tool considered a preferred method of performing system maintenance tasks that could be performed within the Manager?


A) Saves additional workload on the Manager
B) Reliability
C) Speed
D) Ease of use

E) None of the above
F) A) and B)

Correct Answer

verifed

verified

Which of the following modes can be used to implement DoS detection? (Choose two)


A) Learning Mode
B) Threshold Mode
C) Configuration Mode
D) Adaptive Mode
E) Transition Mode

F) A) and C)
G) A) and E)

Correct Answer

verifed

verified

_____________________are a set of Access Control List (ACL) rules that define network access provided to a host, subject to Network Access Control.


A) Network Access Lists
B) Network Access Objects
C) Network Access Zones
D) Network Access Policy

E) None of the above
F) C) and D)

Correct Answer

verifed

verified

Reconnaissance Policies can be applied to which of the following sensor nodes?


A) Sensor name node only
B) Sensor interface node only
C) Sensor sub-interface node only
D) Sensor name, interface and sub-interface node

E) None of the above
F) A) and D)

Correct Answer

verifed

verified

Which logs are used to determine who was logged into the Manager the last time a signature set update was pushed from the Manager to the Sensor?


A) Trace log
B) Fault log
C) Manager ems log
D) User Activity Audit log

E) All of the above
F) C) and D)

Correct Answer

verifed

verified

How are packet logs viewed from within the Manager?


A) Push the packet log to the Sensor and open it from there
B) Packet logs cannot be viewed from within the Manager
C) Save and export the Packet log in order to open it
D) Set the log to be viewable with Wireshark/Ethereal

E) A) and D)
F) All of the above

Correct Answer

verifed

verified

Showing 21 - 40 of 54

Related Exams

Exam 1

Certified McAfee Security Specialist - Epo

188 Questions

Exam 3

Intel Security Certified Product Specialist

85 Questions

Show Answer