Download Securing Cisco Networks with Open Source Snort.actualtests.500-280.2019-01-11.1e.60q.vcex


Download Exam

File Info

Exam Securing Cisco Networks with Open Source Snort
Number 500-280
File Name Securing Cisco Networks with Open Source Snort.actualtests.500-280.2019-01-11.1e.60q.vcex
Size 27 Kb
Posted January 11, 2019
Downloads 20



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAMFILESCOM

Coupon: EXAMFILESCOM
With discount: 20%


 
 



Demo Questions

Question 1
Which protocol operates below the network layer?

  • A: UDP
  • B: ICMP
  • C: ARP
  • D: DNS



Question 2
Which area is created between screening devices in an egress/ingress path for housing web, mail, or DNS servers?

  • A: EMZ
  • B: DMZ
  • C: harbor
  • D: inlet



Question 3
What does protocol normalization do?

  • A: compares evaluated packets to normal, daily network-traffic patterns
  • B: removes any protocol-induced or protocol-allowable ambiguities
  • C: compares a packet to related traffic from the same session, to determine whether the packet is out of sequence
  • D: removes application layer data, whether or not it carries protocol-induced anomalies, so that packet headers can be inspected more accurately for signs of abuse



Question 4
On which protocol does Snort focus to decode, process, and alert on suspicious network traffic?

  • A: Apple talk
  • B: TCP/IP
  • C: IPX/SPX
  • D: ICMP



Question 5
Which technique can an intruder use to try to evade detection by a Snort sensor?

  • A: exceed the maximum number of fragments that a sensor can evaluate
  • B: split the malicious payload over several fragments to mask the attack signature
  • C: disable a sensor by exceeding the number of packets that it can fragment before forwarding
  • D: send more packet fragments than the destination host can reassemble, to disable the host without regard to any intrusion-detection devices that might be on the network



Question 6
An IPS addresses evasion by implementing countermeasures. What is one such countermeasure?

  • A: periodically reset statistical buckets to zero for memory utilization, maximization, and performance
  • B: send packets to the origination host of a given communication session, to confirm or eliminate spoofing
  • C: perform pattern and signature analysis against the entire packet, rather than against individual fragments
  • D: automate scans of suspicious source IP addresses



Question 7
Which IPS placement option is the noisiest?

  • A: inside the firewall
  • B: outside the firewall
  • C: inside the DMZ
  • D: inside general user segments



Question 8
What is the purpose of using a span or monitor port on a switch?

  • A: to aggregate traffic from multiple switch ports
  • B: to tap data off network media
  • C: to overcome problems that switches have in accurately reproducing desired traffic
  • D: to limit the amount of traffic that passes through the switch



Question 9
Which item examines packets for malformation, anomalies, and protocol compliance and gathers and presents packets in one consistent fashion?

  • A: Sniffer
  • B: preprocessors
  • C: detection engine
  • D: output and alerting module



Question 10
Which component is one of the four primary components of Snort?

  • A: ACL
  • B: postprocessor
  • C: iptables
  • D: output and alerting








ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset