Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Ficha Técnica descarregar pdf (Página 81)

642-531

QUESTION 188

Which Cisco IDS service allows external management applications to control and configure sensors?

A. Transaction Server

B. Event Server

C. IPLog Server

D. Sensor Server

Answer: A

Explanation:

TransactionSource is an application that forwards locally initiated remote control transactions to their remote

destinations using the RDEP and HTTP protocols. TransactionSource initiates either TLS or non-TLS

connections and communicates remote control transactions to HTTP servers over these connections.

TransactionSource must establish sufficient credentials on the remote HTTP server to execute a remote control

transaction. TransactionSource establishes its credentials by presenting an identity to the HTTP server on the

remote node in the form of a username/password (basic authentication). Once authenticated, the requestor is

assigned a cookie containing a user authentication that must be presented with each request on that connection.

Cisco Courseware 6-3

QUESTION 189

Which statement describes the Sensor's CapturePacket feature?

A. It is used for TCP streams only. And contains only the Layer 5 data of the TCP stream and a limited number

of bytes.

B. It provides a snapshot of the TCP traffic that preceded the triggering of the signature.

C. It captures packets that follow the trigger packet.

D. It captures the actual packet that triggered a signature.

Answer: D

QUESTION 190

The Sensor has a CapturePacket feature which enables it to capture the packet that triggered a

signature. Which four statements are true about this feature? Choose four.

A. It captures a limited number of bytes

B. The captured packet can be viewed in the command line interface (CLI) as raw hexadecimal data.

C. The captured packet can be viewed in tIDS Event Viewer (IEV) if Ethereal is installed on the same system as

IEV.

D. It contains only Layer 5 data of a TCP stream.

E. It contains the entire frame.

F. It is enabled for each signature individually.

Answer: B, C, E, F

1 2 ... 76 77 78 79 80 81 82 83 84 85 86 ... 122 123

Sem comentários

Cisco IDS-4230-FE - Intrusion Detection Sys Fast Ethernet Sensor Ficha Técnica Página 81