CCNA Security 17

Ace your homework & exams now with Quizwiz!

Which of the following are properties directly associated with a signature? (Choose all that apply.) A TVR B SFR C ASR D RR

SFR ASR

What is the name of Cisco cloud-based services for IPS correlation? A SIO B OSI C ISO D EBAY

SIO

Which of the following is not a Next-Generation IPS (NGIPS) solution? A FirePOWER 8000 series appliances B SIO IPS C ASA with FirePOWER D NGIPSv

SIO IPS

Which method of IPS uses a baseline of normal network behavior and looks for deviations from that baseline? A Anomaly-based IPS B Signature-based IPS C Policy-based IPS D Reputation-based IPS

Anomaly-based IPS

Which of the following is not a best practice? A Assign aggressive IPS responses to specific signatures B Use correlation within the enterprise and globally for an improved security posture C Tune the IPS and revisit the tuning process periodically D Assign aggressive IPS responses based on the resulting risk rating generated by the attack

Assign aggressive IPS responses to specific signatures

Which of the micro-engines contains signatures that can only match on a single packet, as opposed to a flow of packets? A Atomic B String C Flood D Other

Atomic

A company has hired you to determine whether attacks are happening against the server farm, and it does not want any additional delay added to the network. Which deployment method should be used? A Appliance-based IPS B IDS C Appliance-based inline D IOS software-based inline

IDS

Which method should you implement when it is not acceptable for an attack to reach its intended victim? A Hardware appliance B Out of band C IPS D IDS

IPS

Which type of implementation requires custom signatures to be created by the administrator? A Policy-based IPS B Reputation-based IPS C Anomaly-based IPS D Engine-based IPS

Policy-based IPS

Which method requires participation in global correlation involving groups outside your own enterprise? A Reputation-based IPS B Policy-based IPS C Signature-based IPS D Anomaly-based IPS

Reputation-based IPS

Why does IPS have the ability to prevent an ICMP-based attack from reaching the intended victim? A Policy-based routing. B The IPS is in promiscuous mode. C The IPS is inline with the traffic. D TCP resets are used.

The IPS is inline with the traffic.

See all study sets

CCNA Security 17

Related study sets

Exercise Program

End of Chapter Quiz: Florida Statutes, Rules and Regulations Pertinent to Life Insurance

MATERIALS

DMS physics Attenuation

Logical Fallacy

Chapter 16.2 Generic Approaches to Leadership

Chapter 2- Signs, Signals and Roadway Markings

Top 100 referenced books in NAQT question sets

2. Legal concepts of the Insurance contract

Chapter 8

Chapter 17 Program Design, Ch 16: Exercise technique for alternative modes and nontraditional implement training, Ch.15 quiz, Ch.14 quiz

Econ Chapter 14

Sociology Exam 2 Key Concepts

Ch 50: Nursing Care of a Family when a Child has a Vision or Hearing Disorder

Social Studies- American History 1127 Self Test Study

MKTG EXAM 2 REVIEW

Chapter 27: Safety, Security, and Emergency Preparedness

BUS251: Chapter 42 Reading & Assessment Questions

Quiz (Lahh siguro meron na mas better saken na dumating🙁)

ACCT - exam 2