Cisco 642-531 Exam, Latest Updated Cisco 642-531 Study Guides Online Sale

Welcome to download the newest Dumpsoon MB2-700 VCE dumps: http://www.dumpsoon.com/MB2-700.html

Flydumps bring you the best Cisco 642-531 Certification exam preparation materials which will make you pass in the first attempt.And we also provide you all the Cisco 642-531 exam updates as Microsoft announces a change in its Cisco 642-531 exam syllabus,we inform you about it without delay.

QUESTION 46
What version of Cisco IDS software is required prior to upgrading to 4.1?
A. 4.0(2)S37
B. 4.0(3)S41
C. 4.0(1)S37
D. 4.0(1)S24

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 47
What should you do to properly add a Sensor to the IDS MC if the Sensor software version is not displayed in the drop-down list of available versions during the add process?
A. update IDS MC with the latest IDS signatures
B. update the Sensor’s software version to a version matching one in the IDS MC list
C. select the Discover Settings check box to automatically discover the unlisted version
D. manually enter the correct software version in the version field under the Sensor’s Identification window
E. use the Query Sensor option next to the version field under the Sensor’s identification window to automatically discover the unlisted version

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Which two Cisco IDS platforms can respond to active attacks by initiating shunning or blocking? (Choose two.)
A. IOS-IDS
B. Switch IDS module
C. PIX-IDS
D. Network appliance IDS
E. Host IDS

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 49
Identify two basic steps in the configuration of VACLs for traffic capture on a Catalyst 4000 switch running Catalyst OS. (Choose two.)
A. define an access-group for interesting traffic
B. commit the VACL to memory
C. map the VACL to the capture port
D. assign ports to receive capture traffic
E. create action clause to capture traffic

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 50
When creating custom signatures using the TROJAN engines, which parameter values are required?
A. protocol
B. source/destination IP addresses
C. regular expression strings
D. these signatures cannot be created

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Which feature is true of the IDSM2?
A. limited to 62 signatures
B. requires a separate management package
C. can drop offending packets
D. uses the same code as the network appliance

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 52
Which type of signature can be configured to alarm only on specific source or destination IP addresses?
A. atomic signatures
B. flood signatures
C. service signatures
D. state signatures

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Which types of packets are not forwarded to the NM-CIDS? Choose two.
A. GRE encapsulated packets
B. TCP packets
C. UDP packets
D. ARP packets

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 54
Which routers allow online insertion and removal (OIR) of the NM-CIDS? Choose three.
A. 3660
B. 3725
C. 3745
D. 2600XM
E. 2691

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which is a characteristic of profile-based, or anomaly-based, intrusion detection?
A. prone to a high number of false positive alarms
B. normal network activity is easily defined
C. most applicable to environments with unpredictable traffic patterns
D. signatures match patterns of malicious activity

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which CLI command is used to configure the IDS MC public key on the Sensor?
A. copy
B. putty
C. puttygen
D. ssh generate-key
E. ssh authorized-key

Correct Answer: E Section: (none) Explanation Explanation/Reference:
QUESTION 57
What are the two type of requests that can be made with a client initiated RDEP event request? (Choose two.)
A. transaction log
B. queries
C. IP log
D. subscriptions
E. configuration

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 58
What is the default duration for an automatic block on an IDS blocking device?
A. 1 minute
B. 10 minutes
C. 30 minutes
D. default time period is unlimited (permanent block)
E. there is no default block period; it must be configured

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which two options are available to add a new Sensor group? (Choose two.)
A. inherit settings from the subgroup
B. copy settings from another group
C. inherit settings from the parent group
D. import group from the Monitoring Center for Security
E. copy settings from the Monitoring Center for Security group

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 60
The Sensor has a CapturePacket feature which enables it to capture the packet that triggered a signature. Which four statements are true about this feature? Choose four.
A. It captures a limited number of bytes.
B. The captured packet can be viewed in the command line interface (CLI) as raw hexadecimal data.
C. The captured packet can be viewed in IDS Event Viewer (IEV) if Ethereal is installed on the same system as IEV.
D. It contains only Layer 5 data of a TCP stream.
E. It contains the entire frame
F. It is enabled for each signature individually.

Correct Answer: BCEF Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Which is one method of communication between IDS Event Viewer and the IDS device?
A. HTTPS
B. SSH
C. IPSec
D. PostOffice

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 62
LAB

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 63
Which feature is true of the IDSM2?
A. suppports subset of signatures available in appliance
B. supports ISL trunking
C. parallels attacks and signature capabilities of the 4200 series appliances
D. is capable of tracking VLAN identification numbers

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

All the Flydumps.com Cisco 642-531 questions & answers in this product are designed by Cisco certified experts and were given utmost attention to guarantee that it is 100% factual and not fabricated. Pass Cisco 642-531 exam in first attempt !

Dumpsoon MB2-703 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/MB2-703.html