Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list stáhnout pdf (Strana 64)

642 -531

Leading the way in IT testing and certification tools, www.testking.com

- 64 -

Section 16: Sensor Communications Sensor Logging (2 questions)

QUESTION NO: 1

You need to retrieve Sensor IP logs for analysis. Which of the following methods are

available to you to accomplish this task? (Choose all that apply.)

A. Download via IDM

B. Archive using SCP

C. Copy using FTP

D. Import to IDS MC

E. Upload using Security Monitor

Answer: A, C

Explanation:

Page 12-19 CSIDS Courseware under Automatic Logging

IP Log Files can be retrieved by the following methods

1) Use the CLI copy command to copy the IP log files to another host system using FTP or

SCP.

2) Download the IP log files via IDM.

After retrieving the IP log files, you can use a network protocol analyzer to examine the data.

Not B: Archive

using SCP is false, although

Copy

using SCP would be true.

QUESTION NO: 2

The new TestKing trainee technician wants to know how automatic IP logging is enabled

on Sensor. What would your reply be?

A. It is enabled by default for all high-severity signature alarms.

B. It is enabled by default for all signatures.

C. It is enabled by default for all master signatures only.

D. It must be manually configured for individual signatures.

Answer: D

Explanation:

Attacks or other misuses of network resources can be defined as network intrusions. Network

intrusions can be detected by sensors that use a signature-based technology. A signature is a

set of rules that your sensor uses to detect typical intrusive activity, such as denial of service

(DoS) attacks. As sensors scan network packets, they use signatures to detect known attacks

and respond with actions that you define.

1 2 ... 59 60 61 62 63 64 65 66 67 68 69 ... 167 168

Žádné komentáře

Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list Strana 64