Pass4sure Cisco CCSP 642-513 Exam
Securing Hosts Using Cisco Security Agent Exam (HIPS) : 642-513 Exam
Exam Number/Code: 642-513
Exam Name: Securing Hosts Using Cisco Security Agent Exam (HIPS)
VUE Code: 642-513
Questions Type: Single choice, Multiple choice, Simulate,
Question Numbers of Real-exam: 65-75 questions
“Securing Hosts Using Cisco Security Agent Exam (HIPS)”, also known as 642-513 exam, is a Cisco certification.
Preparing for the 642-513 exam? Searching 642-513 Test Questions, 642-513 Practice Exam, 642-513 Dumps?
The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the HIPS v2.0 course. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.
QUESTION: 1
Which of these is a reason for using groups to administer Agents?
A. to link similar devices together
B. to complete configuration changes on groups instead of hosts
C. to complete the same configuration on like items
D. to apply the same policy to hosts with similar security requirements
Answer: D
QUESTION: 2
Which three items make up rules? (Choose three.)
A. variables
B. applications
C. application classes
D. rule modules
E. policies
F. actions
Answer: A, C, F
QUESTION: 3
Which action do you take when you are ready to deploy your CSA configuration to
systems?
A. select
B. clone
C. deploy
D. generate rules
Answer: D
QUESTION: 4
Which one of the five phases of an attack attempts to become resident on a target?
A. probe phase
B. penetrate phase
C. persist phase
D. propagate phase
E. paralyze phase
Answer: C
QUESTION: 5
What is the purpose of the Audit Trail function?
A. to generate a report listing events matching certain criteria, sorted by event
severity
B. to generate a report listing events matching certain criteria, sorted by group
C. to generate a report showing detailed information for selected groups
D. to display a detailed history of configuration changes
Answer: D
QUESTION: 6
In which type of rules are network address sets used?
A. COM component access control rules
B. connection rate limit rules
C. network access control rules
D. file control rules
E. file access control rules
Answer: C
QUESTION: 7
Which three of these does the buffer overflow rule detect on a UNIX operating
system, based on the type of memory space involved? (Choose three.)
A. location space
B. stack space
C. slot space
D. data space
E. heap space
F. file space
Answer: B, D, E
QUESTION: 8
When should you use preconfigured application classes for application deployment
investigation?
A. never
B. always
C. only for specific applications
D. only when applications require detailed analysis
Answer: A
Which systems with specific operating systems are automatically placed into
mandatory groups containing rules for that operating system? (Choose three.)
A. OS2
B. HPUX
C. Solaris
D. Mac OS
E. Linux
F. Windows
Answer: C, E, F
QUESTION: 11
What is the purpose of network access control rules?
A. to control access to network services
B. to control access to network addresses
C. to control access to both network services and network addresses
D. to control access to networks
Answer: C
QUESTION: 12
What is the purpose of the Compare tool?
A. to save data that has been configured
B. to compare individual rules
C. to compare individual rule modules
D. to compare and merge configurations
Answer: D
QUESTION: 13
If a Solaris or Windows system is not rebooted after CSA installation, which three
rules are only enforced when new files are opened, new processes are invoked, or
new socket connections are made? (Choose three.)
A. COM component access rules
B. network shield rules
C. buffer overflow rules
D. network access control rules
E. file access control rules
F. demand memory access rules
Answer: C, D, E
QUESTION: 14
For which operating system is the network shield rule available?
A. OS2
B. Windows
C. Linux
D. Solaris
Answer: D
QUESTION: 15
What is the maximum number of characters that a policy name can contain?
A. 24
B. 32
C. 48
D. 64
Answer: D
QUESTION: 16
What information is logged for registry access control?
A. port and direction
B. registry key
C. registry access events
D. PROGID/CLSID
Answer: B
QUESTION: 17
Which protocol should never be disabled on the CSA MC?
A. SSH
B. Telnet
C. IPSec
D. SSL
Answer: D
QUESTION: 18
Which information is logged for file access control?
A. port and direction
B. registry key
C. process path
D. PROGID/CLSID
Answer: C
QUESTION: 19
Which action must be taken before a host can enforce rules when it has been moved
to a new group?
A. save
B. generate rules
C. deploy
D. clone
Answer: B
QUESTION: 20
What is a benefit of putting hosts into groups?
A. There is no need to configure rules.
B. There is no need to configure rule modules.
C. The administrator can deploy rules in test mode.
D. The administrator does not have to deploy rules in test mode.
Answer: C
With the complete collection of questions and answers, Pass4sure has assembled to take you through 69 Q&As to your 642-513 Exam preparation. In the 642-513 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.
Questions and Answers : 69 Q&As
Updated: March 27th , 2008
Market Price: $129.99
Member Price: $89.99
Free Down:Pass4sure Cisco CCSP 642-513 v2.93
Testking 642-513
password:www.certbible.net
Recent Comments