The Cisco 642-531 questions and answers in .pdf from Flydumps is the most reliable guide for Microsoft exams.A large number of successful candidates have shown a lot of faith in our Cisco 642-531 question and answers in PDF.If you want pass the Microsoft certificate exam,please choose Flydumps.
Exam A
QUESTION 1
When using IDS MC, which four actions can you configure a Cisco IDS Sensor to take when a signature is fired? (Choose four.)
A. log
B. alarm
C. block host
D. reset
E. trigger
F. block connection
Correct Answer: ACDF Section: (none) Explanation
Explanation/Reference:
QUESTION 2
IDS MC version 2.0 communicates with a sensor using which two methods? Choose two.
A. HTTP
B. SSH
C. RDEP
D. Telnet
E. FTP
Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 3
What are the two basic types of Cisco IDS signature parameters? (Choose two.)
A. protected
B. master
C. sub-signature
D. local
E. required
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 4
What is the function of the mls ip ids command when used for traffic capture?
A. applies the IDS ACL to an interface
B. assigns a port to receive capture traffic
C. selects all IP traffic for IDS monitoring
D. processes capture in hardware versus software
E. used with keywords to define interesting traffic
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which two can a blocking Sensor use to manage a Cisco IOS router for shunning? (Choose two.)
A. SSL
B. SSH
C. RDEP
D. Telnet
E. serial console
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Which command initiates the IDSM2 system configuration dialog?
A. sysconfig-sensor
B. setup
C. configure terminal
D. session
E. initialize
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 7
When creating custom signatures with IDS MC, which two fields are you required to populate? (Choose two.)
A. engine description
B. engine name
C. SubSigID
D. signature name
E. signature string
Correct Answer: BD Section: (none) Explanation
Explanation/Reference: QUESTION 8
Which Cisco IOS command is used to enable the forwarding of packets from the router to the NM-CIDS?
A. ip cef
B. ip inspect
C. service-module
D. ip cef linecard ipc memory
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
What does an attacker require to perform a Denial of Service attack?
A. a means of network access
B. prior access to the target
C. previously installed root kit
D. username and password
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 10
What is the maximum number of command and control interfaces on an IDS Sensor appliance?
A. 1
B. 2
C. 3
D. 4
E. 5
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 11
LAB
A.
B.
C.
D.
Correct Answer:
Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 12
LAB
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 13
Refer to the exhibit. All switches are connected through Fast Ethernet connections. Server S2 and Sensor IDS2 are in the same VLAN.Which command represents a valid configuration step to permit Sensor IDS2 to monitor traffic sent from Server S2?
A. 3500xl(config)# monitor session 1 source interface fastEthernet 0/5 tx
B. 3500xl(config)# monitor session 1 source interface fastEthernet 0/5 rx
C. 3500xl(config-if)# port monitor fastEthernet 0/5
D. 3500xl>(enable) set span 0/5 0/24 both
E. 3500xl>(enable) set span 0/24 0/5 rx create
F. No SPAN configuration is required since both devices are in the same VLAN.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Select the true statement regarding Sensor groups.
A. The mandatory check box exists in the context of a Sensor object to identify required configuration settings.
B. The override check box exists in the context of a Sensor Group object to prevent configuration parameters from being inherited.
C. The override check box exists in the context of a Sensor object to override settings previously flagged as mandatory.
D. By default, all Sensor subgroups inherit the configuration settings of other Sensors in the same Sensor group.
E. The mandatory check box exists in the context of a Sensor Group object to indicate that all fields in the configuration window require values.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Under which tab on the IDM can you find the Signature Wizard?
A. Device
B. Configuration
C. Monitoring
D. Administration
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 16
What is the purpose of the NAT address field in the graphic?
A. informs Monitoring Center for Security which address to use in order to access an IDS device located behind a NAT device
B. informs the IDS device which address to use in order to send alarms to Monitoring Center for Security when separated by a NAT device
C. specifies to Monitoring Center for Security the true address of an IDS device located behind a NAT device
D. identifies the IP address of a NAT device that separates Monitoring Center for Security from the IDS device
E. informs the IDS device which address to use when sending TCP resets to offending traffic when a NAT device separates the IDS device from Internet traffic
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 17
When updating a Cisco IDS Sensor with IDS MC, where must the update file be located?
A. on a SCP or FTP server
B. on cisco.com
C. on the IDS MC server
D. on the secure Web server
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which three identify possible actions for an event rule in the Monitoring Center for Security? (Choose three.)
A. execute a Script
B. notify via Email
C. log to IP Logger
D. block IP Address
E. notify via Syslog
F. log a Console Notification Event
Correct Answer: ABF Section: (none) Explanation
Explanation/Reference:
QUESTION 19
When choosing an encrypted protocol with IDS Event Viewer, how is the certificate information obtained?
A. generated on the IEV host
B. obtained from the Certificate Authority
C. obtained from the Cisco IDS Sensor
D. HTTPS does not require a certificate
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Refer to the exhibit. All switches are connected through Fast Ethernet connections. The Catalyst 4000 is running Catalyst OS. Sensor IDS6 is configured to send TCP resets in response to specific signatures. Which command argument in the Catalyst 4000’s SPAN configuration permits the switch to receive the TCP resets sent from Sensor IDS6?
A. rx
B. both
C. ingress
D. tcp-rst accept
E. inpkts enable
F. This feature is not supported in this configuration.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 21
When configuring IP logging using IDS MC, what does a value of zero (0) in the parameter field “maximum number of bytes in a log event” imply?
A. no packets will be logged
B. disables the automatic logging feature
C. no limit of packets logged
D. zero is an invalid setting
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Which signature description best describes a string signature engine?
A. network reconnaissance detection
B. regular expression-based pattern inspection for multiple transport protocols
C. layer 5, 6, and 7 services that require protocol analysis
D. state-based, regular expression-based, pattern inspection and alarm functionality for TCP streams
Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 23
Where is the Intrusion Detection System Device Manager installed?
A. on a web server with supported operating systems
B. on a Cisco IOS router with IOS version 12.2.(2)T and higher running IDS software
C. on a Cisco PIX Firewall version 6.3 and higher running IDS software
D. on a Cisco IDS Sensor running version 3.1 and higher
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 24
How many sensing interfaces are supported on the NM-CIDS?
A. 1
B. 2
C. 4
D. 6
E. all router interfaces
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 25
What is the recommended procedure for upgrading a Cisco IDS appliance which is prior to version 4.x?
A. Install the image from the network connection.
B. Install the image from the recovery or upgrade CD.
C. Install the image from the BIOS boot diskette.
D. Install the image from the IDS Management Center.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 26
What binds the input and output of a source RSPAN session on a Catalyst 6500 switch running IOS?
A. RSPAN vlan-id
B. session number
C. SNMP ifIndex
D. single command implicitly maps inputs and outputs
E. interface number
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 27
How many sensing interfaces does the IDS-4215 support?
A. 6
B. 5
C. 4
D. 1
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 28
Which IDS components require regular signature updates?
A. IDS MC only
B. IDS Sensor devices only
C. IDS MC and Monitoring Center for Security only
D. IDS Sensor devices and IDS MC only
E. IEV, IDS Sensor devices, IDS MC, and Monitoring Center for Security
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Select the true statement regarding SERVICE engine signatures on a Cisco IDS Sensor.
A. They include all general signatures.
B. They are operating system independent.
C. They include signatures based on network attacks.
D. They are categorized and tuned by operating system.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Refer to the exhibit. All switches are connected through Fast Ethernet connections. The RSPAN VLAN is
99. Both the Catalyst 4000 and Catalyst 6500 are running Catalyst OS. Which command represents a valid configuration step to permit Sensor IDS6 to monitor traffic sent to Server S7?
A. 6500(config)# remote-span 99
B. 6500>(enable) set rspan source 3/5 99 tx create
C. 4000>(enable) set rspan source vlan 99 destination interface fastEthernet 3/24
D. 4000>(enable) set rspan destination 99 3/24
E. 4000(config)# monitor session 2 destination interface fastEthernet 3/24
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 31
Which IDS MC utility is used to create the IDS MC public key for SSH communications to the Sensor?
A. ssh
B. putty
C. sshgen
D. keygen
E. puttygen
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 32
Which two statements are true regarding installation prerequisites for the IDS MC and Monitoring Center for Security? (Choose two.)
A. The Monitoring Center for Security can be installed without the IDS MC.
B. The IDS MC can be installed without the Monitoring Center for Security.
C. The Monitoring Center for Security must be installed before the IDS MC.
D. The IDS MC must be installed before the Monitoring Center for Security.
E. The Monitoring Center for Security and the IDS MC must be installed at the same time.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 33
Which three main categories of information can be monitored using Monitoring Center for Security? (Choose three.)
A. events
B. sensors
C. statistics
D. signatures
E. connections
F. notifications
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 34
How many megabits per second can the NM-CIDS monitor?
A. 10mbps
B. 100mbps
C. 45mbps
D. 80mbps
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 35
What is a false negative alarm situation?
A. normal traffic does not cause a signature to fire
B. a signature is fired when offending traffic is not detected
C. normal traffic or a benign action causes the signature to fire
D. a signature is not fired when offending traffic is present
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 36
Refer to the exhibit. All switches are connected through Fast Ethernet connections. Server S6 is in VLAN
8. The Catalyst 4000 is running IOS. Which command represents a valid configuration step to permit Sensor IDS6 to monitor traffic sent to and from Server S6?
A. 4000(config)# monitor session 1 source vlan 8 both
B. 4000(config)# monitor session 1 destination interface fastEthernet 3/24
C. 4000(config)# monitor session 1 source fastEthernet 3 /5 destination fastEthernet 3/24
D. 4000(config-if)# port monitor fastEthernet 3/5
E. 4000>(enable) set span 3/5 3/24 both create
F. This feature is not supported in this configuration.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 37
What is one task that can be performed while in the interface sensing configuration mode from the Sensor CLI?
A. configure the interface’s IP information
B. add a sensing interface to the group
C. disable the sensing interface
D. configure alarm setting
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Cisco 642-531 Questions & Answers with explanations is all what you surely want to have before taking Cisco 642-531 exam.Cisco 642-531 Interactive Testing Engine is ready to help you to get your Cisco 642-531 by saving your time by preparing you quickly for the Cisco exam. If you are worried about getting your Cisco 642-531 certification passed and are in search of some best and useful material,Cisco 642-531 Q&A will surely serve you to enhance your Interconnecting Cisco Networking Devices Part 1 stydy.