Академический Документы
Профессиональный Документы
Культура Документы
In this post, I will share the questions and answers for CCNA Security
Chapter 5 Test. All the questions and answers are valid and 100% correct.
The questions shared in this post is based on CCNAS v1.1. I wish this post
Test.
Refer to the exhibit. When modifying an IPS signature action, which two
check boxes should be selected to create an ACL that denies all traffic
from the IP address that is considered the source of the attack and
drops the packet and all future packets from the TCP flow? (Choose two.)
Produce Alert
atomic attack?
The IDS must track the three-way handshake of established TCP connections.
connections.
The IDS requires significant router resources to maintain the event horizon.
The stateful properties of atomic attacks usually require the IDS to have
Refer to the exhibit. What is the result of issuing the Cisco IOS IPS
All traffic that is denied by the ACL is subject to inspection by the IPS.
All traffic that is permitted by the ACL is subject to inspection by the IPS.
Which two files could be used to implement Cisco IOS IPS with version
IOS-Sxxx-CLI.bin
IOS-Sxxx-CLI.pkg
IOS-Sxxx-CLI.sdf
realm-cisco.priv.key.txt
realm-cisco.pub.key.txt
high
medium
2017-12-06 Huawei Proprietary - Restricted Distribution Page3, Total12
Document Title Security Level
low
informational
Which two benefits does the IPS version 5.x signature format provide
Which two Cisco IOS commands are required to enable IPS SDEE message
logging on
ip http server
ip ips notify sdee
ip sdee events 500
IPS?
command?
It is an alert that is generated every time a specific signature has been found.
It is both a normal alarm and a summary alarm being sent simultaneously at set
intervals.
Which Cisco IPS feature allows for regular threat updates from the Cisco
event correlation
global correlation
honeypot-based detection
security-independent operation
FTP
SDEE
SIO
SNMP
Only signatures in the ios_ips basic category will be compiled into memory for scanning.
Only signatures in the ios_ips advanced category will be compiled into memory
for scanning.
All signature categories will be compiled into memory for scanning, but only
those signatures in the ios_ips basic category will be used for scanning
purposes.
All signatures categories will be compiled into memory for scanning, but only
those signatures within the ios_ips advanced category will be used for
scanning purposes.
that have been audited by the IPS. What command should the administrator
use?
Refer to the exhibit. Based on the configuration commands that are shown,
HTTP format
SDEE format
syslog format
TFTP format
Refer to the exhibit. What action will be taken if a signature match occurs?
An ACL will be created that denies all traffic from the IP address that is
This packet and all future packets from this TCP flow will be dropped, and an
occurs, the packet and all future packets from the TCP flow are dropped.
deny-attacker-inline
deny-connection-inline
deny-packet-inline
produce-alert
reset-tcp-connection
the IPS?
only traffic traveling from the s0/0/1 interface to the fa0/1 interface
all traffic entering the s0/0/1 interface and all traffic leaving the fa0/1
interface
all traffic entering the s0/0/1 interface and all traffic entering and leaving the fa0/1 interface
message that is shown appears. What does this error message indicate?
nonexistent.