IPS v7 Test C assesses knowledge on configuring Cisco IPS appliances for reputation filtering, signature tuning, and understanding IntelliShield Alert Manager. It evaluates skills necessary for secure network management and threat mitigation.
Disable all the alert actions on the signature to be tuned.
Disable the signature to be tuned.
Create a clone of the signature to be tuned.
Increase the number of events required to trigger the signature to be tuned.
Decrease the attention span (maximum inter-event interval) of the signature to be tuned
Rate this question:
Alert information is analyzed and validated by Cisco security analysts.
Alert analysis is vendor-neutral.
The built-in workflow system provides a mechanism for tracking vulnerability remediation and integration with Cisco Security Manager and Cisco Security MARS.
Users can customize the notification to deliver tailored information relevant to the needs of the organization
Customers are automatically subscribed to use Cisco SecurityIntelliShield Alert Manager Service with the Cisco IPS license.
More than 10 report types are available within the Cisco SecurityIntelliShield Alert Manager Service.
Rate this question:
Enable SNMPv2.
Enable SSH access.
Enable TLS/SSL to allow HTTPS access.
Enable NTP.
Enable Telnet access.
Enable the IP address of the Cisco Security Manager server as an allowed host.
Rate this question:
The three types of blocks are: host, connection, and network.
Host and connection blocks can be initiated manually or automatically when a signature is triggered.
Network blocks can only be initiated manually.
The Device Login Profiles pane is used to configure the profiles that the network devices use when logging into the Cisco IPS appliance
Multiple Cisco IPS appliances can forward their blocking requests to the master blocking sensor.
Pre-Block and Post-Block ACLs are applicable for blocking or rate limiting.
Rate this question:
TVR
SFR
ARR
PD
ASR
Rate this question:
MULTI-STRING
FLOOD.HOST
ATOMIC.IP
SERVICE
SWEEP
META
Rate this question:
Scanner threshold
Packet per second rate limit
Anomaly detection mode
Histogram
Total bytes transferred
Rate this question:
Multiple virtual sensors
Anomaly detection
Promiscuous mode
Custom signatures
Fail open
Global correlation
Rate this question:
Interface and VLAN
Virtual sensor
VLAN only
Promiscuous
Normalizer
Rate this question:
Global correlation
Anomaly detection
Reputation filters
Botnet traffic filters
OS fingerprinting
Threat detection
Rate this question:
Interfaces or VLAN pairs
IPS reputation filters
Signature set definition
Global correlation rules
Event action rules (filters and overrides)
Anomaly detection policy
Rate this question:
Attack severity rating
Target value rating
Signature fidelity rating
Promiscuous delta
Threat rating adjustment
Watch list rating
Rate this question:
Use Summarizer
Use Meta Event Generator
Use Threat Rating Adjustment
Use Event Action Filters
Enable One Way TCP Reset
Rate this question:
IPS promiscuous mode operations
In-line IPS operations
RSPAN
SPAN
HSRP
SLB
Rate this question:
Selecting the signature engine to use or not to use any signature engine
Selecting the Layer 3 or Layer 4 protocol that the sensor will use to match malicious traffic
Selecting the attack relevancy rating
Selecting the signature threat rating
Selecting the scope of matching (for example, single packet)
Rate this question:
Event action filter
Reputation filter
Target value rating
Signature fidelity rating
Global correlation
Event action override
Rate this question:
Global correlation
Anomaly detection
Reputation filtering
Custom signature
Meta signature
Threat detection
Rate this question:
The GRUB menu will be disabled.
The ROM monitor command to reset the password will be disabled.
The password recovery process will proceed with no errors or warnings; however, the password is not reset.
The Cisco IPS appliance will reboot immediately.
Rate this question:
Ping
Traceroute
Packet tracer
Nslookup
Whois
Nmap
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.