Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list stáhnout pdf (Strana 97)

642 -531

Leading the way in IT testing and certification tools, www.testking.com

- 97 -

Reference:

Working With Signature Engines

QUESTION NO: 4

An ACL policy violation signature has been created on a Cisco IDS Sensor. The Sensor

is configured to receive policy violations from a Cisco IOS router.

What configurations must exist on the router? (Choose two)

A. Logs permit ACL entries

B. Logs deny ACL entries

C. Sends SNMP traps to the Sensor

D. Sends Syslog messages to the Sensor

E. Sends SNMP traps to the Director

F. Sends syslog messages to the Director

Answer: B, F

Explanation:

The Sensor can be configured to create an alarm when it detects a policy violation from the

syslog generated by a Cisco router. A policy violation is generated by a Cisco router when a

packet fails to pass a designated Access Control List. Security data from Sensor and Cisco

routers, including policy violations, is monitored and maintained on the Director.

1 2 ... 92 93 94 95 96 97 98 99 100 101 102 ... 167 168

Žádné komentáře

Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list Strana 97