642-545 Exam
Implementing Cisco Security Monitoring, Analysis and Response System
- Exam Number/Code : 642-545
- Exam Name : Implementing Cisco Security Monitoring, Analysis and Response System
- Questions and Answers : 42 Q&As
- Update Time: 2011-09-21
- Price:
$ 119.00$ 69.00
Free 642-545 Demo Download
Test4pass offers free demo for CCSP 642-545 exam (Implementing Cisco Security Monitoring, Analysis and Response System). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.
Exam Description
It is well known that 642-545 exam test is the hot exam of Cisco certification. Test4pass offer you all the Q&A of the 642-545 real test . It is the examination of the perfect combination and it will help you pass 642-545 exam at the first time!
Why choose Test4pass 642-545 braindumps
Quality and Value for the 642-545 Exam
100% Guarantee to Pass Your 642-545 Exam
Downloadable, Interactive 642-545 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.
Cisco CCSP 642-545 exam braindumps questions and answers
¡¡
Exam : Cisco 642-545
Title : Implementing Cisco Security Monitoring, Analysis and Response System
1. At what level of operation does the Cisco Security MARS appliance perform NAT and PAT resolution?
A. Local (Level 0)
B. Basic (Level 1)
C. Intermediate (Level 2)
D. Advanced (Level 3)
E. Global (Level 4)
Answer: C
2. Which two configuration options enable the Cisco Security MARS appliance to perform mitigation? (Choose two.)
A. SNMP RW community string
B. Cisco Security MARS integration with Cisco Security Manager
C. Telnet or SSH access type with SNMP RO community
D. a NetFlow device added in the Cisco Security MARS database
E. SSL communications with the network devices
Answer: AC
3. What is a supported mitigation feature on the Cisco Security MARS appliance?
A. generating and pushing configuration commands to Layer 3 devices
B. generating and pushing configuration commands to Layer 2 devices
C. automatically dropping all suspected traffic at the nearest IPS appliance
D. storing and identifying NetFlow data for attack mitigation
Answer: B
4. Which statement best describes the case management feature of Cisco Security MARS?
A. It is used to automatically collect and save information on incidents, sessions, queries, and reports dynamically without user interventions.
B. It is used to capture, combine, and preserve user-selected Cisco Security MARS data within a specialized report.
C. It is used to very quickly evaluate the state of the network.
D. It is used in conjunction with the Cisco Security MARS incident escalation feature for incident reporting.
Answer: B
5. Which attack can be detected by Cisco Security MARS using NetFlow data?
A. man-in-the middle attack
B. day-zero attack
C. spoof attack
D. Land attack
E. buffer overflow attack
Answer: B
6. What are the two options for handling false-positive events reported by the Cisco Security MARS appliance? (Choose two.)
A. archive to NFS only
B. save as a false-positive report
C. drop
D. mitigate at Layer 2
E. log to the database only
F. escalate to the Cisco Security MARS administrator
Answer: CE
7. What is used to publish events to Cisco Security MARS about Cisco IPS signatures that have fired?
A. SNMP
B. SSL
C. HTTPS
D. SDEE
E. syslog
F. Secure FTP
Answer: D
8. Which action enables the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely, or by just logging them to the database?
A. creating system inspection rules using the drop operation
B. creating drop rules
C. inactivating the rules
D. inactivating the events
E. deleting the false-positive events from the Incidents page
F. deleting the false-positive events from the Event Management page
Answer: B
9. Which statement is true about the case management feature of Cisco Security MARS?
A. Cases are created on a global controller, but they can be viewed and modified on a local controller.
B. The global controller has a Case bar and all cases are selected from the Query/Reports > Cases page.
C. Cases are created on a local controller, but they can be viewed and modified on a global controller.
D. The Cases page on a local controller has an additional drop-down filter to display cases per a global controller.
Answer: C
10. Which three statements are true about Cisco Security MARS rules? (Choose three.)
A. There are three types of rules.
B. Rules can be saved as reports.
C. Rules can be deleted.
D. Rules trigger incidents.
E. Rules can be defined using a seed file.
F. Rules can be created using a query.
Answer: ADF
Click Online chat to talk with us , get more informations about Cisco CCSP 642-545 practice exam study guides questions and answers
Test4pass 642-545 Exam Features
Quality and Value for the 642-545 Exam
Test4pass Practice Exams for Cisco 642-545 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.
100% Guarantee to Pass Your 642-545 Exam
If you prepare for the exam using our Test4pass testing engine, we guarantee your success in the first attempt. If you do not pass the CCSP 642-545 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.
Cisco 642-545 Downloadable, Printable Exams (in PDF format)
Our Exam 642-545 Preparation Material provides you everything you will need to take your 642-545 Exam. The 642-545 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.
642-545 Downloadable, Interactive Testing engines
We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Cisco 642-545 Exam will provide you with free 642-545 dumps questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 642-545 Exam:100% Guarantee to Pass Your CCSP exam and get your CCSP Certification.
Test4pass 642-545 examTest4pass 642-545 pdf exam
Test4pass 642-545 braindumps
Test4pass 642-545 study guides
Test4pass 642-545 trainning materials
Test4pass 642-545 simulations
Test4pass 642-545 testing engine
Test4pass 642-545 vce
Test4pass 642-545 torrent
Test4pass 642-545 dumps
free download 642-545
Test4pass 642-545 practice exam
Test4pass 642-545 preparation files
Test4pass 642-545 questions
Test4pass 642-545 answers
http://www.test4pass.com/642-545-exam.html The safer.easier way to get CCSP Certification
.
