Which two statements are true about applying a system image file to a Cisco IPS 4240 sensor?
Which two statements are true about applying a system image file to a Cisco IPS 4240 sensor?
(Choose two.)
Which two statements are true about Cisco IPS signatures?
Which two statements are true about Cisco IPS signatures? (Choose two.)
Which command displays live traffic traversing interface FastEthernet0/1?
Which command displays live traffic traversing interface FastEthernet0/1?
Which command can be used to retrieve Cisco Product Evolution Program (PEP) unique device identifier …?
Which command can be used to retrieve Cisco Product Evolution Program (PEP) unique device
identifier (UDI) information to help you manage certified hardware versions within your network?
Which two are appropriate installation points for a Cisco IPS sensor?
Which two are appropriate installation points for a Cisco IPS sensor? (Choose two.)
Which two statements accurately describe the software bypass mode?
Which two statements accurately describe the software bypass mode? (Choose two.)
Click and drag the security technology on the left to its corresponding description on the right.
DRAG DROP
Click and drag the security technology on the left to its corresponding description on the right.
Which signature description best describes a String signature engine?
Which signature description best describes a String signature engine?
How could this be done?
By manipulating the TTL on a TCP packet, an attacker could desynchronize inspection. Signature
1308 (TTL evasion) fires when the TTL for any packet in a TCP session is higher than the lowestobserved TTL for that session. Signature 1308 rewrites all TTLs to the lowest-observed TTL, and
produces an alert. You would like to have the signature continue to modify packets inline but avoid
generating alerts.
How could this be done?
Which command should you use?
You would like to examine all high-severity alert events generated by your sensor since 1:00 a.m.
January 1, 2005. Which command should you use?