Cisco 642-533 Exam Guide, Helpful Cisco 642-533 Practice Test With The Knowledge And Skills

No doubt,Cisco 642-533 exam is worth challenging task but you should not feel hesitant against the confronting difficulties.Get a complete hold on pass4itsure Cisco 642-533 exam syllabus through Flydumps training and boost up your skills.What’s more,all the brain dumps are the latest.

QUESTION 45 

Refer to the exhibit. Based on this partial CLI output, what can be determined about anomaly detection?

A. Learning mode has expired and the sensor is running normally.
B. Learning mode has been manually disabled.
C. An attack is in progress and learning mode has been automatically disabled.
D. The virtual sensor vs1 has learned normal traffic patterns and is currently in detection mode.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 46
Which CLI mode allows you to tune signatures?
A. global configuration
B. service signature-definition
C. service analysis-engine
D. privileged exec
E. setup
F. virtual-sensor-configuration

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 47
Which of the following statements best describes how IP logging should be used?
A. only be used temporarily for such purposes as attack confirmation, damage assessment, or the collection of forensic evidence, because of its impact on performance
B. be used sparingly because there is a 4-GB limit on the amount of data that can be logged
C. always be enabled since it uses a FIFO buffer on the Cisco IPS Sensor flash memory
D. be used to automatically correlate events with Cisco Security MARS for incident investigations
E. only be used when you are also using inline IPS mode

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Which signature action or actions should be selected to cause the attacker’s traffic flow to terminate when the Cisco IPS Sensor is operating in promiscuous mode?
A. deny attacker
B. deny connection
C. deny packet
D. reset tcp connection
E. deny packet, reset tcp connection
F. deny connection, reset tcp connection
Correct Answer: D Section: (none) Explanation

Explanation/Reference:
QUESTION 49
Which type of signature engine is best suited for creating custom signatures that inspect data at Layer 5 and above?
A. ATOMIC
B. String
C. Sweep
D. Service
E. AIC
F. Flood

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 50
Which two statements accurately describe virtual sensor configuration? (Choose two.)
A. You must create a new instance of a signature set, such as sig1, and assign it to vs1.
B. The packet processing policy is virtualized.
C. Creating a new virtual sensor creates a “virtual” machine.
D. The sensor’s interfaces are virtualized.
E. You cannot delete vs0.

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Which two management access methods are enabled by default on a Cisco IPS Sensor? (Choose two.)
A. HTTP
B. HTTPS
C. IPsec
D. SSH
E. Telnet

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 52
Refer to the exhibit. Which of these statements is true concerning VLAN Pairs and the GigabitEthernet0/0 interface?

A. To add another VLAN pair to interface GigabitEthernet0/0, you would need to edit the current configuration.
B. To add another VLAN pair to interface GigabitEthernet0/0, you would need to click the Add button and enter the appropriate information into the current configuration.
C. You cannot delete the default VLAN pair on interface GigabitEthernet0/0 subinterface 1.
D. You cannot add another VLAN pair to interface GigabitEthernet0/0 because it already has a pair assigned to it.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Refer to the exhibit. As a network administrator, you want to assign a target value rating to your network assets. Which menu tree path would you need to follow to reach a location from which you can configure the Target Value Rating parameter?

A. Analysis Engine > Virtual Sensors
B. Analysis Engine > Global Variables
C. Policies > Signature Definitions
D. Policies > Event Action Rules
E. Policies > Anomaly Detections

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 54
You would like to have your inline sensor deny attackers inline when events occur that have risk ratings over 85. Which two actions, when taken in conjunction, will accomplish this? (Choose two.)
A. create target value ratings of 85 to 100
B. create an Event Action Filter, and assign the risk rating range of 85 to 100 to the filter
C. assign the risk rating range of 85 to 100 to the Deny Attacker Inline event action
D. enable event action overrides
E. create an event variable for the protected network
F. enable Event Action Filters

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which two statements correctly describe Cisco ASA AIP-SSM based on Cisco IPS 6.0 and the ASA 7.x software release? (Choose two.)
A. It supports up to four virtual sensors.
B. It supports inline VLAN pairs.
C. Its command and control interface is Gig0/0.
D. It requires two physical interfaces to operate in inline mode.
E. It does not have console port access.
F. It has two sensing interfaces.

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which three of the following are tuning parameters that affect the Cisco IPS Sensor globally? (Choose three.)
A. IP logging
B. alert summarization
C. IP fragment reassembly
D. TCP stream reassembly
E. meta reset interval
F. alert frequency

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 57
Drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which statement is correct if “Use Threat Rating Adjustment” is enabled from the Event Action Rules > rules0 > General Settings menu?
A. The threat rating adjustment will be subtracted from the risk rating based on the action taken by the IPS sensor to produce the threat rating.
B. The risk rating will be adjusted by the addition of the threat rating adjustment based on the action taken by the Cisco IPS Sensor.
C. The threat rating adjustment will enable a fast way to add event actions based on the risk rating.
D. The threat rating adjustment will enable the Cisco IPS Sensor to adjust the risk rating based on the attack relevancy rating.
E. The threat rating adjustment will enable the Cisco IPS Sensor to adjust the risk rating based on the target value rating.
F. The threat rating adjustment will enable the Cisco IPS Sensor to adjust the risk rating based on the signature fidelity.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which two communication protocols does Cisco IEV support for communications with Cisco IPS Sensors? (Choose two.)
A. SSH
B. HTTP
C. HTTPS
D. IPsec
E. SCP

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 60
You are configuring Cisco IPS Sensor Anomaly Detection and have just set the scanner threshold to 48. What will this accomplish?
A. If there are more than 48 unestablished connections from a single source to different destination IP addresses, an Anomaly Detection signature will be triggered.
B. If there are more than 48 sources generating at least one unestablished connection to different destination IP addresses, an Anomaly Detection signature will be triggered.
C. A maximum of 48 scanners can be present on the network before an Anomaly Detection signature will be triggered.
D. The scheduler will replace the knowledge base every 48 hours.
E. The histogram high threshold will be set to 48 destination IP addresses.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 61
You have been made aware of new and unwanted traffic on your network.
You want to create a signature to monitor and perform an action against that traffic when certain thresholds are reached. What would be the best way to configure this new signature?
A. Edit a built-in signature that closely matches the traffic you are trying to prevent.
B. Clone and edit an existing signature that closely matches the traffic you are trying to prevent.
C. Use the Custom Signature Wizard.
D. Create a new signature definition, edit it, and then enable it.
E. Use the Anomaly Detection functions to learn about the unwanted traffic, then create a new Meta signature using Cisco IDM.
Correct Answer: C Section: (none) Explanation

Explanation/Reference:
QUESTION 62
You want to create multiple event filters that use the same parameter value. What would be the most efficient way to accomplish this task?
A. create a global variable
B. create a target value rating
C. create an event variable
D. clone and edit an event filter

Correct Answer: C Section: (none) Explanation
Explanation/Reference

Cisco 642-533 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism.The main purpose of Cisco 642-533 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification

Author: markrandom