Which of the following are transmitted by SDEE? (Select the best answer.)
A.
SDFs
B.
TFTP data
C.
IPS events
D.
SNMP traps
Explanation:
Intrusion Prevention System (IPS) events are transmitted by Security Device Event Exchange (SDEE) between
IPSenabled clients and a centralized IPS management server. SDEE uses Secure Sockets Layer (SSL), which
provides a secure communication channel between the devices, to send data. Because the channel between
the devices is secure, exchanging SDEE messages is more secure than exchanging syslog messages.
Signature definition files (SDFs) are not transmitted by SDEE. By default, a router will use the builtin SDF that is
hardcoded into the IOS. However, you can issue the ip ips sdf location command to specify an alternative SDF
for Cisco IOS IPS to use. The SDF files can be specified as a file name located in Flash memory, on a File
Transfer Protocol (FTP) server, on a Trivial FTP (TFTP) server, or on a Remote Copy Protocol (RCP) server. If
the specified SDF cannot be loaded, the builtin SDF is used.
Simple Network Management Protocol (SNMP) traps are not transmitted by SDEE. SNMP is used to monitor
and manage network devices by collecting statistical data about those devices. SNMP version 3 (SNMPv3)
provides encryption? SNMPv1 and SNMPv2 do not.
TFTP data is not transmitted by SDEE. TFTP is a management protocol that can be used to transfer
configuration files and SDFs between devices. When you use TFTP to send data, the data is sent as plain text?
TFTP does not provide encryption. In addition, TFTP does not provide message integrity or authentication.Cisco: Intrusion Prevention System Modules for Integrated Services Routers (PDF)