CCNA Security 17

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following are properties directly associated with a signature? (Choose all that apply.) A TVR B SFR C ASR D RR

SFR ASR

What is the name of Cisco cloud-based services for IPS correlation? A SIO B OSI C ISO D EBAY

SIO

Which of the following is not a Next-Generation IPS (NGIPS) solution? A FirePOWER 8000 series appliances B SIO IPS C ASA with FirePOWER D NGIPSv

SIO IPS

Which method of IPS uses a baseline of normal network behavior and looks for deviations from that baseline? A Anomaly-based IPS B Signature-based IPS C Policy-based IPS D Reputation-based IPS

Anomaly-based IPS

Which of the following is not a best practice? A Assign aggressive IPS responses to specific signatures B Use correlation within the enterprise and globally for an improved security posture C Tune the IPS and revisit the tuning process periodically D Assign aggressive IPS responses based on the resulting risk rating generated by the attack

Assign aggressive IPS responses to specific signatures

Which of the micro-engines contains signatures that can only match on a single packet, as opposed to a flow of packets? A Atomic B String C Flood D Other

Atomic

A company has hired you to determine whether attacks are happening against the server farm, and it does not want any additional delay added to the network. Which deployment method should be used? A Appliance-based IPS B IDS C Appliance-based inline D IOS software-based inline

IDS

Which method should you implement when it is not acceptable for an attack to reach its intended victim? A Hardware appliance B Out of band C IPS D IDS

IPS

Which type of implementation requires custom signatures to be created by the administrator? A Policy-based IPS B Reputation-based IPS C Anomaly-based IPS D Engine-based IPS

Policy-based IPS

Which method requires participation in global correlation involving groups outside your own enterprise? A Reputation-based IPS B Policy-based IPS C Signature-based IPS D Anomaly-based IPS

Reputation-based IPS

Why does IPS have the ability to prevent an ICMP-based attack from reaching the intended victim? A Policy-based routing. B The IPS is in promiscuous mode. C The IPS is inline with the traffic. D TCP resets are used.

The IPS is inline with the traffic.


Set pelajaran terkait

End of Chapter Quiz: Florida Statutes, Rules and Regulations Pertinent to Life Insurance

View Set

Chapter 16.2 Generic Approaches to Leadership

View Set

Chapter 2- Signs, Signals and Roadway Markings

View Set

Top 100 referenced books in NAQT question sets

View Set

2. Legal concepts of the Insurance contract

View Set

Chapter 17 Program Design, Ch 16: Exercise technique for alternative modes and nontraditional implement training, Ch.15 quiz, Ch.14 quiz

View Set

Ch 50: Nursing Care of a Family when a Child has a Vision or Hearing Disorder

View Set

Social Studies- American History 1127 Self Test Study

View Set

Chapter 27: Safety, Security, and Emergency Preparedness

View Set

BUS251: Chapter 42 Reading & Assessment Questions

View Set

Quiz (Lahh siguro meron na mas better saken na dumating🙁)

View Set