Pass4sure Cisco CCSP 642-533 Exam
Implementing Cisco Intrusion Prevention System (IPS) : 642-533 Exam
Exam Number/Code: 642-533
Exam Name: Implementing Cisco Intrusion Prevention System (IPS)
“Implementing Cisco Intrusion Prevention System (IPS)”, also known as 642-533 exam, is a Cisco certification.
Preparing for the 642-533 exam? Searching 642-533 Test Questions, 642-533 Practice Exam, 642-533 Dumps?
QUESTION: 1
You want to create multiple event filters that use the same parameter value. What would be the
most efficient way to accomplish this task?
A. create a global variable
B. create a target value rating
C. create an event variable
D. clone and edit an event filter
Answer: C
QUESTION: 2
You think users on your corporate network are disguising the use of file-sharing applications
by tunneling the traffic through port 80. How can you configure your Cisco IPS Sensor to
identify and stop this activity?
A. Enable all signatures in the Service HTTP engine.
B. Assign the Deny Packet Inline action to all signatures in the Service HTTP engine.
C. Enable all signatures in the Service HTTP engine. Then create an event action override that
adds the Deny Packet Inline action to events triggered by these signatures if the traffic
originates from your corporate network.
D. Enable the alarm for the non-HTTP traffic signature. Then create an Event Action Override
that adds the Deny Packet Inline action to events triggered by the signature if the traffic
originates from your corporate network.
E. Enable both the HTTP application policy and the alarm on non-HTTP traffic signature.
Answer: E
A user with which user account role on a Cisco IPS Sensor can log into the native operating
system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. administrator
B. operator
C. viewer
D. service
E. root
F. super
Answer: D
QUESTION: 4
Which character must precede a variable to indicate that you are using a variable rather than a
string?
A. percent sign
B. dollar sign
C. ampersand
D. pound sign
E. asterisk
Answer: B
QUESTION: 5
Which statement accurately describes Cisco IPS Sensor automatic signature and service pack
updates?
A. The Cisco IPS Sensor can automatically download service pack and signature updates from
Cisco.com.
B. The Cisco IPS Sensor can download signature and service pack updates only from an FTP
or HTTP server.
C. You must download service pack and signature updates from Cisco.com to a locally
accessible server before they can be automatically applied to your Cisco IPS Sensor.
D. When you configure automatic updates, the Cisco IPS Sensor checks Cisco.com for
updates hourly.
E. If multiple signature or service pack updates are available when the sensor checks for an
update, the Cisco IPS Sensor installs the first update it detects.
Answer: C
How can you clear events from the event store?
A. You do not need to clear the event store; it is a circular log file, so once it reaches the
maximum size it will be overwritten by new events.
B. You must use the CLI clear events command.
C. If you have Administrator privileges, you can do this by selecting Monitoring > Events >
Reset button in Cisco IDM.
D. You should select File > Clear IDM Cache in Cisco IDM.
E. You cannot clear events from the event store; they must be moved off the system using the
copy command.
Answer: B
Which action does the copy /erase ftp://172.26.26.1/sensor_config01 current-config command
perform?
A. erases the sensor_config01 file on the FTP server and replaces it with the current
configuration file from the Cisco IPS Sensor
B. copies and saves the running configuration to the FTP server and replaces it with the source
configuration file
C. overwrites the backup configuration and applies the source configuration file to the system
default configuration
D. merges the source configuration file with the current configuration
Answer: C
With Cisco IPS 6.0, what is the maximum number of virtual sensors that can be configured on
a single platform?
A. the number depends on the amount of device memory
B. two in promiscuous mode using VLAN groups, four in inline mode supporting all interface
type configurations
C. two
D. four
E. six
Answer: D
QUESTION: 17
In which three of these ways can you achieve better Cisco IPS Sensor performance? (Choose
three.)
A. enable all anti-evasive measures to reduce noise
B. place the Cisco IPS Sensor behind a firewall
C. always enable unidirectional capture
D. disable unneeded signatures
E. have multiple Cisco IPS Sensors in the path and configure them to detect different types of
events
F. enable selective packet capture using VLAN ACL on the Cisco IPS 4200 Series Sensors
Answer: B, D, E
QUESTION: 18
What is used to perform password recovery for the “cisco” admin account on a Cisco IPS 4200
Series Sensor?
A. setup mode
B. ROMMON CLI
C. GRUB menu
D. recovery partition
E. Cisco IDM
Answer: C
With the complete collection of questions and answers, Pass4sure has assembled to take you through 63 Q&As to your 642-533 Exam preparation. In the 642-533 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.
Questions and Answers : 63 Q&As
Updated: May 15th , 2008
Market Price: $125.99
Member Price: $99.99
Free Down: Pass4sure 642-533
Testking 642-533
password:www.certbible.org
Recent Comments