Which of the following are transmitted by SDEE? (Select the best answer.)
A.
SDFs
B.
TFTP data
C.
IPS events
D.
SNMP traps
Explanation:
Intrusion Prevention System (IPS) events are transmitted by Security Device Event Exchange (SDEE) between
IPSenabled clients and a centralized IPS management server. SDEE uses Secure Sockets Layer (SSL), which
provides a secure communication channel between the devices, to send data. Because the channel between
the devices is secure, exchanging SDEE messages is more secure than exchanging syslog messages.
Signature definition files (SDFs) are not transmitted by SDEE. By default, a router will use the builtin SDF that is
hardcoded into the IOS. However, you can issue the ip ips sdf location command to specify an alternative SDF
for Cisco IOS IPS to use. The SDF files can be specified as a file name located in Flash memory, on a File
Transfer Protocol (FTP) server, on a Trivial FTP (TFTP) server, or on a Remote Copy Protocol (RCP) server. If
the specified SDF cannot be loaded, the builtin SDF is used.
Simple Network Management Protocol (SNMP) traps are not transmitted by SDEE. SNMP is used to monitor
and manage network devices by collecting statistical data about those devices. SNMP version 3 (SNMPv3)
provides encryption? SNMPv1 and SNMPv2 do not.
TFTP data is not transmitted by SDEE. TFTP is a management protocol that can be used to transfer
configuration files and SDFs between devices. When you use TFTP to send data, the data is sent as plain text?
TFTP does not provide encryption. In addition, TFTP does not provide message integrity or authentication.Cisco: Intrusion Prevention System Modules for Integrated Services Routers (PDF)
New 210-260 Exam Questions:
QUESTION
What are the three layers of a hierarchical network design? (Choose three.)
A. core
B. access
C. server
D. user
E. internet
F. distribution
Answer: ABF
QUESTION
In which type of attack does the attacker attempt to overload the CAM table on a switch so that the switch acts as a hub?
A. gratuitous ARP
B. MAC flooding
C. MAC spoofing
D. DoS
Answer: B
Explanation:
Switch goes into fail-open mode, becomes a hub.
QUESTION
Refer to the exhibit. With which NTP server has the router synchronized?
A. 192.168.10.7
B. 108.61.73.243
C. 209.114.111.1
D. 204.2.134.164
E. 132.163.4.103
F. 241.199.164.101
Answer: A
Explanation:
Because you have to refer to our_master , which is only showing on 192.168.10.07. on the rest of them you nothing showing.
“our_master” term lists selected synchronization server at the beginning of the line.
QUESTION
What are two ways to protect eavesdropping when you perform device-management task? (Choose two)
A. use SNMPv2
B. use SSH connection
C. use SNMPv3
D. use in-band management
E. use out-band management
Answer: BC
Explanation:
These management plane protocols are encrypted.
QUESTION
Which firewall configuration must you perform to allow traffic to flow in both directions between two zones?
A. You can configure a single zone pair that allows bidirectional traffic flows from for any zone except the self-zone
B. You must configure two zone pairs, one for each direction
C. You can configure a single zone pair that allows bidirectional traffic flows for any zone
D. You can configure a single zone pair that allows bidirectional traffic flows only if the source zone is the less secure zone.
Answer: B
Explanation:
A single zone pair is NOT bidirectional, so you must have two pairs to cover both directions.
QUESTION
Which three ways does the RADIUS protocol differ from TACACS?? (Choose three)
A. RADIUS authenticates and authorizes simultaneously. Causing fewer packets to be transmitted
B. RADIUS encrypts only the password field in an authentication packets
C. RADIUS can encrypt the entire packet that is sent to the NAS
D. RADIUS uses UDP to communicate with the NAS
E. RADIUS uses TCP to communicate with the NAS
F. RADIUS support per-command authentication
Answer: ABD
Explanation:
TACACS+ encypts the entire body of the packet and supports per-command-authentication for greater granularity.
QUESTION
A data breach has occurred and your company database has been copied. Which security principle has been violated?
A. Confidentiality
B. Access
C. Control
D. Availability
Answer: A
QUESTION
If a switch receives a superior BPDU and goes directly into a blocked state, what mechanism must be in use?
A. BPDU guard
B. portfast
C. EherCahannel guard
D. loop guard
Answer: A
Explanation:
The key here is the word ‘switch’. The entire switch goes into a blocked state, meaning that it can’t participate in STP, it is blocked. Root guard basically puts the port in a listening state rather than forwarding, still allowing the device to participate in STP.
QUESTION
What is the primary purposed of a defined rule in an IPS?
A. to detect internal attacks
B. to define a set of actions that occur when a specific user logs in to the system
C. to configure an event action that is pre-defined by the system administrator
D. to configure an event action that takes place when a signature is triggered.
Answer: C
Explanation:
Defined rules are defined by the sysadmin, Event Action Rules take place when an event triggers an action.
QUESTION
How does PEAP protect EAP exchange?
A. it encrypts the exchange using the client certificate.
B. it validates the server-supplied certificate and then encrypts the exchange using the client certificate
C. it encrypts the exchange using the server certificate
D. it validates the client-supplied certificate and then encrypts the exchange using the server certificate.
Answer: C
Explanation:
The client certificate is not used for encryption with PEAP.
QUESTION
How can firepower block malicious email attachments?
A. It forwards email requests to an external signature engine
B. It sends the traffic through a file policy
C. It scans inbound email messages for known bad URLs
D. It sends an alert to the administrator to verify suspicious email messages
Answer: B
QUESTION
A proxy firewall protects against which type of attacks?
A. DDoS
B. port scanning
C. worm traffic
D. cross-site scripting attacks
Answer:
Full Version: https://www.braindump2go.com/210-260.html
0
0