EnsurepassQUESTION 141 What is the maximum number of virtual sensors that can be configured on a Cisco IPS 4260 Sensor appliance?   A.      2 B.      4 C.      6 D.      8 E.       16 F.       There is no fixed limit.   Answer: B     QUESTION 142 Which Cisco IPS appliance feature has the following three potential Read more [...]
EnsurepassQUESTION 131 Refer to the exhibit. What does an action of Rotate indicate?   A.      A new knowledge base is created, but is not loaded. You can view it to decide if you want to load it. B.      A new knowledge base is created and loaded. C.      The knowledge base is rolled back to the previous version. D.      The knowledge base is rotated on a periodic schedule using the different Read more [...]
EnsurepassQUESTION 121 Referring to the monitor session 1 destination GigabitEthernet0/47 ingress Cisco Catalyst switch command, what does the "ingress" command option enable?   A.      Allow the capture of bidirectional traffic on the GigabitEthernet0/47 switch port. B.      Add .1Q headers on the SPAN port (GigabitEthernet0/47) to indicate the source VLAN to the Cisco IPS appliance in promiscuous mode. C.      Allow Read more [...]
EnsurepassQUESTION 111 Refer to the exhibit. When viewing the All Signatures pane, clicking on the Advanced option can be used to enable which two IPS configurations? (Choose two.)   A.      normalizer mode B.      signature variables C.      HTTP and FTP AIC D.      network participation mode E.       event action overrides F.       Read more [...]
EnsurepassQUESTION 101 Refer to the exhibit. Which three statements are true? (Choose three.)   A.      Triggered inline blocks will last for 1 hour while triggered requests for external systems to block will last for 30 minutes. B.      Triggered inline blocks will last for 30 minutes while triggered requests for external systems to block will last for 1 hour. C.      TCP Resets will only be sent to the victim IP Read more [...]
EnsurepassQUESTION 91 You are tasked to create a custom IPS signature using the IDM Custom Signature Wizard to detect a network reconnaissance attack in which one system makes connections to multiple hosts on multiple TCP ports. Which Cisco IPS signature engine should be selected to configure this custom IPS signature?   A.      Atomic IP B.      Atomic IP Advanced C.      String TCP D.      Read more [...]
EnsurepassQUESTION 81 When setting up a Cisco IPS appliance in promiscuous mode, which Cisco Catalyst switch CLI command is used to configure SPAN on the switch?   A.      span source in interface configuration mode B.      span session in global configuration mode C.      monitor destination in interface configuration mode D.      monitor session in global configuration mode E.       Read more [...]
EnsurepassQUESTION 71 You want your inline Cisco IPS appliance to drop packets that pose the most severe risk to your network, especially to the servers on your DMZ. Which two parameters should you set to protect your DMZ servers in the most-time-efficient manner? (Choose two.)   A.      event action filter B.      reputation filter C.      target value rating D.      signature fidelity rating Read more [...]
EnsurepassQUESTION 61 Which signature engine is recommended for creating a custom signature for packet header matching?   A.      MULTI-STRING B.      FLOOD.HOST C.      ATOMIC.IP D.      SERVICE E.       SWEEP F.       META   Answer: C     QUESTION 62 On the Cisco IPS appliance, the anomaly detection knowledge Read more [...]
EnsurepassQUESTION 51 Which three statements about the Cisco IntelliShield Alert Manager are true? (Choose three.)   A.      Alert information is analyzed and validated by Cisco security analysts. B.      Alert analysis is vendor-neutral. C.      The built-in workflow system provides a mechanism for tracking vulnerability remediation and integration with Cisco Security Manager and Cisco Security MARS. D.      Read more [...]
EnsurepassQUESTION 41 DRAG DROP Answer:     QUESTION 42 On the Cisco IPS appliance, each virtual sensor can have its own instance of which three parameters? (Choose three.)   A.      signature-definition B.      event-action-rules C.      global-correlation-rules D.      anomaly-detection E.       reputation-filters F.       Read more [...]