Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list stáhnout pdf (Strana 61)

642-531

A. String signatures

B. HTTP signatures

C. TCP connection signatures

D. FTP connection signatures

E. ICMP signatures

Answer: C

Explanation:

Connection signatures are user-configurable attack signatures based on the transport-layer protocol (TCP or

UDP) and port number of the packets being monitored

Reference: Sensor Signatures

QUESTION 143

A company has a custom client-server application that communicates on UDP ports 6000-7000.

Which Cisco IDS signature micro-engine can be used to detect attempts to locate the servers?

A. Atomic.IPOptions

B. Sweep.RPC

C. Sweep.Net.UDP

D. Sweep.Port.UDP

E. String.Net.UDP

F. String.Port.UDP

Answer: D

Explanation:

SWEEP.PORT.UDP - UDP connections to multiple destination ports between two nodes

Reference: Cisco Secure Intrusion Detection System Signature Engines Version 3.0

QUESTION 144

Match the Signature micro-engine usage description with the micro-engine name.

Answer:

Explanation:

1 2 ... 56 57 58 59 60 61 62 63 64 65 66 ... 122 123

Žádné komentáře

Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Datový list Strana 61