Cisco Exam

high quality IT certification exam practice questions and answers .

Welcome To cisco exam

cisco exam provides high quality IT exam practice questions and answers. Especially,Cisco CCNA CCDA CCNP CCIE CCSE CompTIA A+ Network+ certification practice Exams and so on.We promise that you can pass any IT exam at the first try using cisco exam Testing Engine, or else give you a FULL REFUND.

>> Home > Cisco > CCSP >642-545

Cisco Certified Network Associate : 642-545 Exam

certinside


Exam Number/Code: 642-545
Exam Name:Implementing Cisco Security Monitoring, Analysis and Response System
Questions and Answers: 42 Q&As
Price: $ 122.00
Update Time: 2009-12-24




  Download Free : Cisco 642-545 pdf

 
 
Exam : Cisco 642-545
Title : Implementing Cisco Security Monitoring, Analysis and Response System


1. Which attack can be detected by Cisco Security MARS using NetFlow data?
A. man-in-the middle attack
B. day-zero attack
C. spoof attack
D. Land attack
E. buffer overflow attack
Answer: B

2. At what level of operation does the Cisco Security MARS appliance perform NAT and PAT resolution?
A. Local (Level 0)
B. Basic (Level 1)
C. Intermediate (Level 2)
D. Advanced (Level 3)
E. Global (Level 4)
Answer: C

3. What is used to publish events to Cisco Security MARS about Cisco IPS signatures that have fired?
A. SNMP
B. SSL
C. HTTPS
D. SDEE
E. syslog
F. Secure FTP
Answer: D

4. Which statement is true about the case management feature of Cisco Security MARS?
A. Cases are created on a global controller, but they can be viewed and modified on a local controller.
B. The global controller has a Case bar and all cases are selected from the Query/Reports > Cases page.
C. Cases are created on a local controller, but they can be viewed and modified on a global controller.
D. The Cases page on a local controller has an additional drop-down filter to display cases per a global controller.
Answer: C

5. Which three statements are true about Cisco Security MARS rules? (Choose three.)
A. There are three types of rules.
B. Rules can be saved as reports.
C. Rules can be deleted.
D. Rules trigger incidents.
E. Rules can be defined using a seed file.
F. Rules can be created using a query.
Answer: ADF

6. Which statement best describes the case management feature of Cisco Security MARS?
A. It is used to automatically collect and save information on incidents, sessions, queries, and reports dynamically without user interventions.
B. It is used to capture, combine, and preserve user-selected Cisco Security MARS data within a specialized report.
C. It is used to very quickly evaluate the state of the network.
D. It is used in conjunction with the Cisco Security MARS incident escalation feature for incident reporting.
Answer: B

7. Which action enables the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely, or by just logging them to the database?
A. creating system inspection rules using the drop operation
B. creating drop rules
C. inactivating the rules
D. inactivating the events
E. deleting the false-positive events from the Incidents page
F. deleting the false-positive events from the Event Management page
Answer: B

8. Which two configuration options enable the Cisco Security MARS appliance to perform mitigation? (Choose two.)
A. SNMP RW community string
B. Cisco Security MARS integration with Cisco Security Manager
C. Telnet or SSH access type with SNMP RO community
D. a NetFlow device added in the Cisco Security MARS database
E. SSL communications with the network devices
Answer: AC

It is well known that 642-545 exam test is the hot exam of Cisco certification. CertInside offer you all the Q&A of the 642-545 real test . It is the examination of the perfect combination and it will help you pass 642-545 exam at the first time!

CertInside 642-545 Exam Features

+ Quality and Value for the 642-545 Exam

CertInside Practice Exams for Cisco 642-545 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.

+ 100% Guarantee to Pass Your 642-545 Exam

If you prepare for the exam using our CertInside testing engine, we guarantee your success in the first attempt. If you do not pass the CCSP 642-545 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.

+ Cisco 642-545 Downloadable, Printable Exams (in PDF format)

Our Exam 642-545 Preparation Material provides you everything you will need to take your 642-545 Exam. The 642-545 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.

+ 642-545 Downloadable, Interactive Testing engines

We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Cisco 642-545 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 642-545 Exam:100% Guarantee to Pass Your CCSP exam and get your CCSP Certification.

http://www.CertInside.com The safer.easier way to get CCSP Certification.

Cisco News