Flydumps.com guarantee your Cisco 642-533 exam success with our Exam Resources.Our Cisco 350-029 Flydumps.com are the latest and developed by experience’s IT certification Professionals working in today’s prospering companies and data centers.All our Cisco 642-533 Flydumps.com including Cisco 642-533 exam questions which guarantee you can 100% success Cisco https://www.pass4itsure.com/642-533.html exam in your first try exam.
QUESTION 136
What is the max number of open IP log files the Sensor will permit?
A. 1
B. 5
C. 15
D. 20
E. unlimited PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 137
Which three are parameter settings of signature 1204 for the default signature definition? (Choose three.)
A. Severity=Medium
B. Severity=Informational
C. Fidelity Rating=100
D. Fidelity Rating=85
E. Deny Packet Inline
F. Base RR=63
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 138
Scenario: You are the network administrator for a shoe manufacturer. The company has a DMZ network consisting of a mission-critical web server and a DNS server. You want to configure the inline 4240 sensor protecting these servers to place the highest possible value on the wed server and DNS server. This will increase the risk rating of attacks against these two servers on the DMZ. You want to then configure the sensor to deny all connections with a risk rating of 80 or above if the connection attempt triggers any signature. You want to exempt your management station from this policy so that traffic from the management station is not dropped. These configurations will be done on the rules0 instance. Complete the following tasks:
(1) Assign the highest rating to the DMZ Web and DNS server. (2)Deny all connections if Risk Rating is 80 or above and exempt the Management Station traffic from this policy.
IPS Sensor:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533 PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
A. 1. Choose Configuraton->Policies->Event Action Rules->rules0->Event Action Overrides
2.
Check Use Event Action Override box
3.
Choose Target Value Rating
4.
Delete whatever is there – since you cannot edit, only add and delete
5.
Add: there choose Mission Critical, range of IP addresses 172.16.1.3-172.16.1.4
6.
Click OK, then Apply
7.
Go to Event Action tab
8.
Delete whatever is there (Deny Packet Inline for RR >=90)
9.
Add Deny Packet Inline for the range of 80 to 100 (Minimum and Maximum fields). Enabled and Active should be true.
10.
OK and Apply
11.
Now go to rules0-> Event Action Filters and Add new one
12.
Enter filter name – for example, PermitMS
13.
Change Attacker Address field to 10.0.1.12
14.
Change attacked destionation adresses to 172.16.1.3-172.16.1.4
15.
Choose Deny Packet Inline from the actions to substract
16.
OK and Apply
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 139
A. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 140
A. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 141
A. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 142
A. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 143 Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
QUESTION 144
LAB You are the network administrator in charge of the IPS sensors for a travel agency. You have upgraded to IPS software version 6.0 On the morning of May 4 2008, your assistant notified you that he recently tried to tune some of the signatures for sig0 in an effort to mitigate attacks. From the assistant description of the tuning he performing, you decided that there is a need to return all signatures for sig0 to their default settings. After returning all the signatures for sig0 to the default setting, backing up of the current configuration is also needed. To investigate who have logged into the sensor recently, you also decided to display to display all the tatusecents since 7:00 am May 23 ,2007 Your tasks are as follow: Set the sig0 signature definition back to the default state Backup the current configuration Display all the status events since 7:00 am May 23, 2007 Sensor administrator username/password: cisco/ cisco123
A. configure terminal default service signature-definition sig0 end copy current-config backup-config show events status 07:00 May 23 2007 exit
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
QUESTION 145
SIMULATION You have recently been employed by PassGuide and have inspected the configuration of PassGuide ‘s IDS-4215 Sensor. You then decide to modify access on user accounts and return some of the system’s parameters to a known baseline through the following actions: 1) Create a backup of the running configuration to a remote FTP server. 2) Verify existing accounts and access privileges. 3) Delete the service account. 4) Reduce the access rights of your assistant, PassGuide, from administrative access to one that can only monitor IDS events and tune IDS signatures. 5) Return all SERVICE HTTP signatures to their default settings. Use the information in the following table to accomplish these tasks successfully. CISCO IDS Parameters Settings Sensor administrator username/password PassGuide / PassGuide 1636 FTP server address
172.16.16.100 FTP username/password admin/password2 FTP upload directory / PassGuide 5287 Backup file name /backup-cfg Assistant’s account user ID PassGuide
A. Click on the picture of the host connected to an IDS Sensor by a serial console cable. login: PassGuide password: PassGuide 1636 sensor# 1.sensor# copy current-config ftp://[email protected]/ PassGuide 5287/backup-cfg password: password2 PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
2.
sensor# show user all
3.
sensor# config terminal sensor(config)#no username service (service is the username for service account) 4.sensor(config)# privilege user PassGuide operator
5.
sensor(config)#service virtual-sensor-configuration virtualSensor
6.
sensor(config-vsc)#reset-signatures service-http
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 146
SIMULATION You are a network security at PassGuide Inc. PassGuide is installing new Cisco IDS Sensors. You have to configure the new Sensors to permit remote access from trusted hosts exclusively. Perform this task on one of the Sensors using the command line interface (CLI). Refer to the following information and network topology graphic to permit access from the IDS MC management station only to the Sensor. Due to this being a new installation, you must remove the default allowed network address. Note: Verify your configuration setting prior to saving, and then save your configuration when finished. Cisco IDS Parameters Settings Sensor operator username/password operator/ PassGuide 1636 Sensor administrator username/password admin/ PassGuide 1636 Sensor IP address: 10.10.10.200/24 Default allowed network address: 10.0.0.0/8 Click on the picture of the host connected to an IDS Sensor by a serial console cable.
A. a. Enter configure terminal mode: PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533 sensor# configure terminal
B. Enter host configuration mode: sensor(config)# service host
C. Enter network parameters configuration mode: sensor(config-Host)# networkParams
D. View the current settings: sensor(config-Host-net)# show settings networkParams
ipAddress: 10.10.10.200
netmask: 255.255.255.0 default: 255.255.255.0
defaultGateway: 10.10.10.1
hostname: sensor
telnetOption: disabled default: disabled
accessList (min: 0, max: 512, current: 1)
ipAddress: 10.0.0.0
netmask: 255.0.0.0 default: 255.255.255.255
E. Remove the 10.0.0.0 network from the access list: sensor(config-Host-net)# no accessList ipAddress 10.0.0.0 netmask 255.0.0.0 f)Add ony the IDS MC to access-list (as per question) sensor(config-Host-net)# accessList ipAddress 10.10.10.100 g)Verify the change sensor(config-Host-net)# show settings networkParams ipaddress: 10.10.10.200 netmask: 255.255.255.0 default: 255.255.255.0 defaultGateway: 10.10.10.1 hostname: sensor telnetOption: disabled default:disabled accessList (min: 0, max:512, current: 1) ipAddress: 10.10.10.100 netmask: 255.255.255.255 <defaulted>
F. Exit network parameters configuration mode sensor(config-Host-net)# exit sensor(config-Host)#
G. Exit configure host mode sensor(config-Host)#exit Apply Changes:?[yes] Press Enter to apply the changes
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
QUESTION 147
SIMULATION You work as a security technician at PassGuide .com. You have reviewed the configuration of PassGuide ‘s Cisco IDS-4235 Sensor. You have decided to modify access on user accounts and return some of the system’s parameters to a known baseline by performing the following actions: 1) Create a backup of the running configuration to a remote FTP server. 2) Verify existing account and access privileges 3) Delete the service account 4) Reduce the access rights of your assistant, PassGuide, from operator access to one that can only monitor IDS events. 5) Return all STRING TCP signatures to their default settings Use the Information in the following table to complete these tasks Cisco IDS Parameters Settings Sensor administrator username/password PassGuide / PassGuide 1914 FTP server address 192.168.1.15 FTP username/password ckoperator/ PassGuide FTP upload directory /ids4235 Backup file name backup-config Assistant’s account user ID PassGuide
Assignment: Click on the picture of the host connected to an IDS Sensor by a serial console cable shown in the diagram as a dotted line. Select the Cisco Terminal Option and make the
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
appropriate configuration tasks.
A. login: PassGuide password: PassGuide 1914 sensor#
1.
sensor# copy current-config ftp://[email protected]/ids4235/backup-config password: PassGuide
2.
sensor# show user all
3.
sensor# config terminal
sensor(config)#nousername service
4.
sensor(config)#privilege user PassGuide viewer
5.
sensor(config)#service virtual-sensor-configuration virtualSensor sensor(config-vsc)#reset-signatures
string.tcp
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 148
SIMULATION You work as network security administrator at the PassGuide .com office in Washington DC. PassGuide is now installing new Cisco IDS Sensors and you are responsible to configure them to permit remote access only from trusted hosts. Perform this task on one of the Sensors using the CLI (Command Line Interface). Refer to the following information and network topology exhibit to permit access from the IDS MC management station only to the Sensor. Note: Since this is a new installation, you will also need to remove the default allowed network address. Verify your configuration settings prior to saving, and the save your configuration when finished. Cisco IDS Paramaters Settings Sensor operator username/password PassGuide op/ PassGuide 1918 Sensor administrator username/ password PassGuide admin/ PassGuide 1918 Sensor IP address: 192.168.1.50/24 Default allowed network address: 10.0.0.0/8
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533 Task: Click on the picture of the host connected to an IDS Sensor by a serial console cable shown in the diagram as a dotted line. Select the Cisco Terminal Option and make the appropriate configuration tasks.
A. sensor#configure terminal sensor(config)#service host (Enters Host Configuration mode) sensor(config-Host)#networkParams (Enter Network Parameters Configuration mode) sensor(config-Host-net)# no accessList ipAddress 10.0.0.0 netmask 255.0.0.0 (Removes the default allowed network address) sensor(config-Host-net)# accessList ipAddress192.168.1.51 (Allows only the IDS MC to access the Sensor) sensor(config-Host-net)# show settings (Verify changes) sensor(config-Host-net)# exit (Exits Network Parameters Configuration mode) sensor(config-Host)# exit (Exits Configure Host mode) Apply Changes:?[yes]: (Press Enter to apply the changes)
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 149
SIMULATION
The PassGuide network is displayed below:
PassGuide.com-Make You Succeed To Pass IT Exams
PassGuide 642-533
PassGuide .com has recently hired you as a security administrator at their Toronto office. You are required to increase the security on one of PassGuide ‘s Cisco IDS-4250 Sensors. After examining the current configuration you intend to modify access on user accounts and return some of the system’s parameters to a known baseline by performing the following steps:
(1) Use a remote FTP server to create a backup of the running configuration B) Confirm existing accounts and access privileges C) Delete the service account (2) Give your trainee PassGuide, the daughter of the PassGuide CEO, increased access rights. Jack’s access rights should be increased from viewer access to one that can monitor and tune IDS, however Jack should not be granted excessive access. E) To default settings returned to all ATOMIC L3 IP signatures.
The information in the following table should be used: Cisco IDS Parameters Settings Sensor administrator username/password PassGuide / PassGuide abc FTP server address 10.1.1.10 FTP username/password PassGuide admin/PassGuide Assignment: Click on the picture of the host connected to an IDS Sensor by a serial console cable shown in the diagram as a dotted line. Select the Cisco Terminal Option and make the appropriate configuration tasks.
A. login: PassGuide password: PassGuide abc PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533 sensor# 1.sensor# copy current-config ftp:// PassGuide [email protected]/ PassGuide 5287/backup-cfg password: PassGuide
2.
sensor# show user all
3.
sensor# config terminal sensor(config)#no username service (service is the username for service account) 4.sensor(config)# privilege user PassGuide operator
5.
sensor(config)#service virtual-sensor-configuration virtualSensor
6.
sensor(config-vsc)#reset-signatures ATOMIC.L3.TCP
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 150
SIMULATION PassGuide International has decided to deploy a Cisco IDS solution. They have purchased a Cisco IOS 4235 Sensor which has never been configured. You will have to configure and initialize the Sensor to communicate with the Cisco IDS Director using the information listed in the following table: Cisco IDS Paramaters Settings Sensor Host ID 4 Sensor Organization ID 27 Sensor Host Name sensor27 Sensor Organization Name HQ
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Assignment: Click on the picture of the host connected to an IDS Sensor by a serial console cable shown in the diagram as a dotted line. Select the Cisco Terminal Option and make the appropriate configuration tasks. Sensor IP address 192.168.1.4/24 IDS Manager Host ID 4 IDS Manager Host Organization ID 27 IDS Manager Host Name sensor 27 IDS Manager Organizaiton Name HQ IDS Manager IP Address 192.168.1.12/24 Note: The rout account password is ” PassGuide ”
A. (Click on the host connected to the IDS Sensor) Type: sysconfig-sensor Select option 6 to access the Communications Infrastructure screen, type “y” to enter in the information. Enter information for A, B, C, D, and E
B. Sensor host ID – 4
C. Sensor Organization ID – 27
D. Sensor host name – sensor 27
E. Sensor organization name – HQ
F. Sensor IP address – 192.168.1.4/24 Type “y” to use the IDS Device Manager. Note: Use the sensor settings, not the director settings. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 151
Given the following signature engines, which would represent the most appropriate choice when creating an intruder detecting signature that scans for open port number 80 using stealth scanning techniques?
A. ATOMIC.TCP
B. SERVICE.TCP.HTTP
C. ATOMIC.IPORTIONS
D. SERVICE.HTTP
E. None of the above
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 152
A new log file was created on a PassGuide sensor. When does a Sensor create a new log file?
A. Only when the Sensor is initially installed.
B. Only when the Sensor requests it.
C. Every time its services are restarted.
D. Every time a local log file is used.
E. All of the above.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 153
A PassGuide Cisco IDS Sensor is capturing large volumes of network traffic. Which Cisco IDS Sensor status alarm is an indication that the Sensor is being overwhelmed?
A. Daemon down
B. Route down
C. No traffic
D. Captured packet count
E. Missed packet count F. Network saturated
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 154
The PassGuide security administrator wants to view live traffic going through a specific interface on a
sensor.
Which command displays live traffic traversing interface FastEthernet0/0?
A. show interfaces FatEthernet0/0 | include real-time
B. show traffic FastEthernet0/0
C. packet capture FastEthernet0/0
D. packet display FastEthernet0/0 PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
E. physical-interface FastEthernet0/0
F. traffic display FastEthernet0/0
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 155
A license for a PassGuide sensor running 5.0 is needed. For which purpose is a sensor license needed?
A. For Cisco IDM functionality
B. For signature updates
C. To enable all sensor operations
D. For service pack updates
E. For failover configurations
F. For remote management
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 156
What can be determined about a Cisco IDS update file named IDS-K9-sp-4.1-2-S40.zip?
A. It is a Sensor software patch: signature version is 4.1; IDS version is 4.0.
B. It is a Sensor service pack: signature version is 40; IDS version is 4.1.2.
C. It is an IDS MC service pack; signature version is 40; IDS version is 4.1.
D. It is a Sensor signature patch; signature version is 4.0; IDS version is 4.1.
E. It is an IDS MC software patch; signature version is 4.1; IDS version is 4.0.
Correct Answer: C Section: (none)
Explanation Explanation/Reference:
Cisco 642-533 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of Cisco https://www.pass4itsure.com/642-533.html exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification