Testking Cisco CCSP 642-533 Exam
Exam 642-533: Implementing Cisco Intrusion Prevention Systems (IPS)
Related Certifications: CCSP
Number of Questions: 55-65
Duration: 90 minutes
Exam Topics Include:
1. Describe how Cisco IPS sensors are used to mitigate network security threats
2. Install Cisco IPS sensors/modules and configure essential system parameters
3. Describe Cisco IPS sensor advanced system parameters
4. Tune Cisco IPS sensor advanced system parameters to optimize attack mitigation performance
5. Analyze Cisco IPS sensor events to determine the appropriate response to network attacks
6. Upgrade and maintain Cisco IPS sensors
The 642-533 IPS Implementing Cisco Intrusion Prevention Systems exam is one of the core exams associated with the Cisco Certified Security Professional (CCSP) certification. In all, you will need to pass five separate exams to become CCSP certified. This exam tests a candidate’s knowledge of implementing the Cisco IPS product.
Let TestKing help you to become CCSP certified. The TestKing 642-533 exam products are designed to maximize your learning productivity and focus only on the important aspects that will help you to pass your exam, the first time. We will provide you with exam questions and verified answers, with detailed explanations, that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. Our exam guides are not just questions and answers. Our questions have detailed explanations provided by our certified industry experts, ensuring that you fully understand the questions and the concept behind the questions.
You think users on your corporate network are disguising the use of file-sharing applications by
tunneling the traffic through port 80. How can you configure your Cisco IPS Sensor to identify and
stop this activity?
A. Enable all signatures in the Service HTTP engine.
B. Assign the Deny Packet Inline action to all signatures in the Service HTTP engine.
C. Enable all signatures in the Service HTTP engine. Then create an event action override that
adds the Deny Packet Inline action to events triggered by these signatures if the traffic
originates from your corporate network.
D. Enable the alarm for the non-HTTP traffic signature. Then create an Event Action Override that
adds the Deny Packet Inline action to events triggered by the signature if the traffic originates
from your corporate network.
E. Enable both the HTTP application policy and the alarm on non-HTTP traffic signature.
Answer: E
QUESTION 2
A user with which user account role on a Cisco IPS Sensor can log into the native operating
system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. administrator
B. operator
C. viewer
D. service
E. root
F. super
Answer: D
QUESTION 3
Which character must precede a variable to indicate that you are using a variable rather than a
string?
A. percent sign
B. dollar sign
C. ampersand
D. pound sign
E. asterisk
Answer: B
QUESTION 4
Which statement accurately describes Cisco IPS Sensor automatic signature and service pack
updates?
3
A. The Cisco IPS Sensor can automatically download service pack and signature updates from
Cisco.com.
B. The Cisco IPS Sensor can download signature and service pack updates only from an FTP or
HTTP server.
C. You must download service pack and signature updates from Cisco.com to a locally
accessible server before they can be automatically applied to your Cisco IPS Sensor.
D. When you configure automatic updates, the Cisco IPS Sensor checks Cisco.com for updates
hourly.
E. If multiple signature or service pack updates are available when the sensor checks for an
update, the Cisco IPS Sensor installs the first update it detects.
Answer: C
How can you clear events from the event store?
A. You do not need to clear the event store; it is a circular log file, so once it reaches the
maximum size it will be overwritten by new events.
B. You must use the CLI clear events command.
C. If you have Administrator privileges, you can do this by selecting Monitoring > Events > Reset
button in Cisco IDM.
D. You should select File > Clear IDM Cache in Cisco IDM.
E. You cannot clear events from the event store; they must be moved off the system using the
copy command.
Answer: B
Which action does the copy /erase ftp://172.26.26.1/sensor_config01 current-config command
perform?
A. erases the sensor_config01 file on the FTP server and replaces it with the current
configuration file from the Cisco IPS Sensor
B. copies and saves the running configuration to the FTP server and replaces it with the source
configuration file
C. overwrites the backup configuration and applies the source configuration file to the system
default configuration
D. merges the source configuration file with the current configuration
Answer: C
Which of the following is a valid file name for a Cisco IPS 6.0 system image?
A. IPS-K9-pkg-6.0-sys_img.sys
B. IPS-4240-K9-img-6.0-sys.sys
C. IPS-K9-cd-11-a-6.0-1-E1.img
D. IPS-4240-K9-sys-1.1-a-6.0-1-E1.img
Answer: D
Testking cisco Interactive Testing Engine Included!
179 Questions
Updated : 03/13/2008
Price : $87.99 $79.99
Free Down: Pass4sure 642-533
Testking 642-533
password:www.certbible.org
Recent Comments