Embed Size (px)
Citation preview
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
RECENTLY WRITTEN
Disable w3 TotalCache PluginCompletelyUnable to Connectto Internet EsetSmart SecurityAtheros AR5007EGWindows 7 DriverNetwork SecurityChapter 4 PacketTracer Activity AAnswerAnswer CCNASecurity Chapter 10Test – CCNAS v1.1
COFFEE FOR ME
SEARCH
Answer CCNA SecurityChapter 5 Test –CCNAS v1.1
In this post, I will share the questions and answers for CCNASecurity Chapter 5 Test. All the questions and answers are validand 100% correct. The questions shared in this post is based on
Posted on August 4, 2012
VMware Courses-Free ExamsVMware and Zimbra training courses Registertoday and become a VCPwww.alfavad.com
X.25 Network ConversionBest Value for X.25-TCP/IP Gateways SupportsXOT, SVC, PVC, SNMP & LAPBwww.microtronix.com
Contact Advisory ServicesLegal, Corporate Services, Tax, Remote Gaming,Fiduciary, Accounts.www.contact.com.mt
Free SSL Security GuidesRange of Free SSL Product and Technical guidesfrom Thawtewww.thawte.com
Home Category Search Sitemap Contact Us About
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
InvisibleAlgorithmonFacebook
105 peoplelike
Like
Facebook social plugin
+6
Follow
Find us on Google+
CCNA SECURITY
Chapter 1Chapter 2Chapter 3Chapter 4Chapter 5
CCNAS v1.1. I wish this post will be a good reference to all of us inanswering CCNA Security Chapter 5 Test.
Refer to the exhibit. When modifying an IPS signature action,which two check boxes should be selected to create an ACL thatdenies all traffic from the IP address that is considered thesource of the attack and drops the packet and all future packetsfrom the TCP flow? (Choose two.)
Deny Attacker Inline
Deny Connection Inline
Deny Packet Inline
Produce Alert
Reset TCP Connection
Why is a network that deploys only IDS particularly vulnerable toan atomic attack?
The IDS must track the three-way handshake of established TCPconnections.
The IDS must track the three-way handshake of established UDPconnections.
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
Chapter 6Chapter 7Chapter 8Chapter 9Chapter 10Final Exam
RANDOM TERMS
root android icecream sandwichsk17iccnas v1 1 answersvalid method ofsecuring the controlplane in the cisconfp frameworkccna answers referto the exhibit howcan a comment beadded to thebeginning of this acl
The IDS permits malicious single packets into the network.
The IDS requires significant router resources to maintain theevent horizon.
The stateful properties of atomic attacks usually require the IDSto have several pieces of data to match an attack signature.
Refer to the exhibit. What is the result of issuing the Cisco IOSIPS commands on router R1?
A named ACL determines the traffic to be inspected.
A numbered ACL is applied to S0/0/0 in the outbound direction.
All traffic that is denied by the ACL is subject to inspection bythe IPS.
All traffic that is permitted by the ACL is subject toinspection by the IPS.
Which two files could be used to implement Cisco IOS IPS withversion 5.x format signatures? (Choose two.)
IOS-Sxxx-CLI.bin
IOS-Sxxx-CLI.pkg
IOS-Sxxx-CLI.sdf
realm-cisco.priv.key.txt
realm-cisco.pub.key.txt
DownloadPasswordManagerRemembers Passwords.One-Click Form Filling,Seach, and More. 5Stars!
Cisco CCIESecurity LabCisco CCIE Security rackrental InternetworkExpert Security Labwww.GigaVelocity.com
Maritime SecurityREDfour MSS Ltd,Industry leader Higheststandards of compliancewww.redfour-mss.com
Cisco 2800Cisco 2801 2811 28212851 Routers 58%-98%Off, 8000+ BuyersWorldwideRouter-switch.com/_Cisco_…
Stocks TradingTrade Stocks Online atPlus500®. NoCommissions, Free 25€Bonus!www.Plus500.bg/Stocks
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
to identify itspurpose?cisco chapter 8answers
A network administrator tunes a signature to detect abnormalactivity that might be malicious and likely to be an immediatethreat. What is the perceived severity of the signature?
high
medium
low
informational
Which two benefits does the IPS version 5.x signature formatprovide over the version 4.x signature format? (Choose two.)
addition of signature micro engines
support for IPX and AppleTalk protocols
addition of a signature risk rating
support for comma-delimited data import
support for encrypted signature parameters
Which two Cisco IOS commands are required to enable IPS SDEEmessage logging? (Choose two.)
logging on
ip ips notify log
ip http server
ip ips notify sdee
ip sdee events 500
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
Refer to the exhibit. What is the significance of the number 10 inthe signature 6130 10 command?
It is the alert severity.
It is the signature number.
It is the signature version.
It is the subsignature ID.
It is the signature fidelity rating.
What is a disadvantage of network-based IPS as compared tohost-based IPS?
Network-based IPS is less cost-effective.
Network-based IPS cannot examine encrypted traffic.
Network-based IPS does not detect lower level network events.
Network-based IPS should not be used with multiple operatingsystems.
What information is provided by the show ip ips configurationconfiguration command?
detailed IPS signatures
alarms that were sent since the last reset
the number of packets that are audited
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
the default actions for attack signatures
Which statement is true about an atomic alert that is generatedby an IPS?
It is an alert that is generated every time a specificsignature has been found.
It is a single alert sent for multiple occurrences of the samesignature.
It is both a normal alarm and a summary alarm being sentsimultaneously at set intervals.
It is an alert that is used only when a logging attack has begun.
Which Cisco IPS feature allows for regular threat updates fromthe Cisco SensorBase Network database?
event correlation
global correlation
IPS Manager Express
honeypot-based detection
security-independent operation
Which protocol is used when an IPS sends signature alarmmessages?
FTP
SDEE
SIO
SNMP
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
Refer to the exhibit. Based on the configuration that is shown,which statement is true about the IPS signature category?
Only signatures in the ios_ips basic category will be compiledinto memory for scanning.
Only signatures in the ios_ips advanced category will be compiledinto memory for scanning.
All signature categories will be compiled into memory for scanning,but only those signatures in the ios_ips basic category will be usedfor scanning purposes.
All signatures categories will be compiled into memory forscanning, but only those signatures within the ios_ips advancedcategory will be used for scanning purposes.
A network security administrator would like to check the numberof packets that have been audited by the IPS. What commandshould the administrator use?
show ip ips signatures
show ip ips interfaces
show ip ips statistics
show ip ips configuration
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
Refer to the exhibit. Based on the configuration commands thatare shown, how will IPS event notifications be sent?
HTTP format
SDEE format
syslog format
TFTP format
Refer to the exhibit. What action will be taken if a signaturematch occurs?
An ACL will be created that denies all traffic from the IP addressthat is considered the source of the attack, and an alert will begenerated.
This packet and all future packets from this TCP flow will bedropped, and an alert will be generated.
Only this packet will be dropped, and an alert will be generated.
The packet will be allowed, and an alert will be generated.
The packet will be allowed, and no alert will be generated.
An administrator is using CCP to modify a signature action so thatif a match occurs, the packet and all future packets from the TCPflow are dropped. What action should the administrator select?
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
deny-attacker-inline
deny-connection-inline
deny-packet-inline
produce-alert
reset-tcp-connection
Refer to the exhibit. Based on the configuration, what traffic isinspected by the IPS?
only traffic entering the s0/0/1 interface
all traffic entering or leaving the fa0/1 interface
only traffic traveling from the s0/0/1 interface to the fa0/1interface
all traffic entering the s0/0/1 interface and all traffic leaving thefa0/1 interface
all traffic entering the s0/0/1 interface and all trafficentering and leaving the fa0/1 interface
Refer to the exhibit. As an administrator is configuring an IPS, theerror message that is shown appears. What does this errormessage indicate?
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
The signature definition file is invalid or outdated.
The public crypto key is invalid or entered incorrectly.
The flash directory where the IPS signatures should be stored iscorrupt or nonexistent.
SDEE notification is disabled and must be explicitly enabled.
All the answers should be 100% correct. If you unable to achieve100% score following all the questions and answers provided above,and you have the correct answer, please comment below so thatother people able to get benefits from your experience andknowledge. We do appreciate any correction, new questions orlatest version of any test that you might know. Sharing is caring.
Credit: This Chapter 5 CCNA Security Test contribute by Xase. Allcredits goes to him.
This entry was posted in Data Network, Network Security and tagged 2012,Answer, CCNA Security, CCNA Security Chapter 5 Answer, CCNASecurity Chapter 5 Test, CCNAS Chapter 5 Test, CCNAS v1.1, Chapter5 Test, Solution, Solution CCNA Security Chapter 5 by InviAlgo. Bookmarkthe permalink.
Cisco Ccna Web hosting servers Subjects
Leave a ReplyYour email address will not be published. Requiredfields are marked *
Name *
Email *
Website
Answer CCNA Security Chapter 5 Test – CCNAS v1.1 | Invisible Algorithm
http://www.invialgo.com/2012/answer-ccna-security-chapter-5-test-ccnas-v1-1/[11/1/2012 1:18:06 AM]
Search Invisible Algorithm:ccna security chapter 5 exam answers, How can a comment be addedto the beginning of this ACL to identify its purpose?, Which protocol isused when an IPS sends signature alarm messages?, ccna securitychapter 5, ccna security chapter 5 test answers, a network securityadministrator would like to check the number of packets that havebeen audited by the ips what command should the administrator use?,An administrator is using CCP to modify a signature action so that if amatch occurs the packet and all future packets from the TCP flow aredropped What action should the administrator select?, refer to theexhibit based on the configuration what traffic is inspected by the ips?,Which statement is true about an atomic alert that is generated by anIPS?, ccnas chapter 5
All
Notify me of followup
comments via e-mail. You
can also subscribe without commenting.
Comment
