Tag: Cisco 642-513

Cisco 642-513 Prep Guide, Easily To Pass Cisco 642-513 Exam Test Questions Are Based On The Real ExamCisco 642-513 Prep Guide, Easily To Pass Cisco 642-513 Exam Test Questions Are Based On The Real Exam

The 100% valid Flydumps latest Cisco 642-513 question answers ensure you 100% pass! And now we are offering the free new version along with the VCE format Cisco 642-513 practice test. Free download Cisco 642-513 more new PDF and VCE on Flydumps.com.

QUESTION 50
Which protocol is required for the administrative workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. SSL
D. IPSec

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 51
How can the Agent kit be sent out to host machines?
A. via a URL that is e-mailed to clients
B. via a TFTP server
C. via an FTP server
D. via a Telnet server

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 52
What is the purpose of the sniffer and protocol detection rule?
A. to stop sniffers from running on a network
B. to allow sniffers to run on a network
C. to cause an event to be logged when non-IP protocols and sniffer programs are detected running on systems
D. to deny non-IP protocols and sniffer programs from running on systems

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 53
What are three types of variables used for CSA? (Choose three.)
A. global sets
B. file sets
C. API sets
D. data sets
E. network address sets

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 54
What is the purpose of connection rate limit rules?
A. to limit the number of connections to an application
B. to limit the number of calls to the kernel in a specified time frame
C. to limit the number of network connections within a specified time frame
D. to limit the number of malformed connection requests to a web server
Correct Answer: C Section: (none) Explanation

Explanation/Reference:
QUESTION 55
Which port is used to access the CSA MC from the administrative workstation?
A. 21
B. 23
C. 1741
D. 1802

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which two of the following file access rule criteria can you use to allow or deny the operations that the selected applications can perform on files? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications
E. the address with which a system is attempting to communicate

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 57
What action is taken on user query windows when the Agent UI is not present on a system?
A. The default action is always taken.
B. All actions are denied.
C. All actions are allowed.
D. All actions are allowed and logged.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which three make up the CSA architecture model? (Choose three.)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. an administrative workstation
F. a syslog server

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which two of the following network access rules can you use to control access to specified network services? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 60
What is the purpose of the rootkit/kernel protection rule?
A. to restrict access to the operating system
B. to log access to the operating system
C. to restrict user access to the operating system
D. to restrict administrator access to the operating system

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Drag Drop question A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 62
Which definitions can be used to allow consistent configuration of policies across multiple systems and can also be used for event reporting purposes?
A. hosts
B. software updates
C. Agent kits
D. registration control
E. groups
Correct Answer: E Section: (none) Explanation

Explanation/Reference:
QUESTION 63
Which two items make up Agent kits? (Choose two.)
A. groups
B. hosts
C. policies
D. rules
E. network shim

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Which two types of rules apply to Windows systems only? (Choose two.)
A. Agent service control rules
B. clipboard access control rules
C. Agent UI control rules
D. COM component access control rules
E. data access control rules

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which portion of an HTTP request is examined by data access control rules?
A. the TCP header
B. the UDP header
C. the URI portion of the request
D. the URL portion of the request

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which two types of rules are UNIX-only rules?
A. network interface control rules
B. COM component access control rules
C. connection rate limit rules
D. file access control rules
E. rootkit/kernel protection rules

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 67
Choose three types of rules that apply to both Windows and UNIX systems.
(Choose three.)
A. Agent service control rules
B. Agent UI control rules
C. application control rules
D. COM component access control rules
E. file version control rules

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 68
What application is installed on the server after the CSA MC is installed?
A. Cisco Trust Agent
B. ACS
C. SQL
D. CSA

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)
A. install new code
B. modify configuration
C. ping scans
D. buffer overflow
E. erase files
F. e-mail attachment

Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
Cisco 642-513 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of Cisco 642-513. We provide our customers with the excellent 7×24 hours customer service.We have the most professional Cisco 642-513 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our Cisco 642-513 free pdf

New Questions-100% Valid Cisco 642-513 New Questions for Cisco 642-513 ExamNew Questions-100% Valid Cisco 642-513 New Questions for Cisco 642-513 Exam

100% Valid And Newest–Do not worry about your Cisco 642-513 exam! Just try Flydumps the latest Cisco 642-513 exam dumps.The latest new version with all the official new added Cisco 642-513 questions and answers.High pass rate and money back

Exam A
QUESTION 1
Which of these is a reason for using groups to administer Agents?
A. to link similar devices together
B. to complete configuration changes on groups instead of hosts
C. to complete the same configuration on like items
D. to apply the same policy to hosts with similar security requirements

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Which three items make up rules? (Choose three.)
A. variables
B. applications
C. application classes
D. rule modules
E. policies
F. actions

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which action do you take when you are ready to deploy your CSA configuration to systems?
A. select
B. clone
C. deploy
D. generate rules

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

QUESTION 4
Which one of the five phases of an attack attempts to become resident on a target?
A. probe phase
B. penetrate phase
C. persist phase
D. propagate phase
E. paralyze phase

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 5
What is the purpose of the Audit Trail function?
A. to generate a report listing events matching certain criteria, sorted by event severity
B. to generate a report listing events matching certain criteria, sorted by group
C. to generate a report showing detailed information for selected groups
D. to display a detailed history of configuration changes

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In which type of rules are network address sets used?
A. COM component access control rules
B. connection rate limit rules
C. network access control rules
D. file control rules
E. file access control rules

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which three of these does the buffer overflow rule detect on a UNIX operating system, based on the type of memory space involved? (Choose three.)
A. location space
B. stack space
C. slot space
D. data space
E. heap space
F. file space

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
When should you use preconfigured application classes for application deployment investigation?
A. never
B. always
C. only for specific applications
D. only when applications require detailed analysis

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 10
Which systems with specific operating systems are automatically placed into mandatory groups containing rules for that operating system? (Choose three.)
A. OS2
B. HPUX
C. Solaris
D. Mac OS
E. Linux
F. Windows

Correct Answer: CEF Section: (none) Explanation Explanation/Reference:
We provide Cisco 642-513 help and information on a wide range of issues.Cisco 642-513 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-513 free to send us any questions and we always try our best to keeping our Customers Satisfied.

Cisco 642-513 New Questions:Just Updated Cisco 642-513 Exam with All New Questions from FlydumpsCisco 642-513 New Questions:Just Updated Cisco 642-513 Exam with All New Questions from Flydumps

Flydumps offers the first-hand Cisco 642-513 exam real questions and answers, by train the latest Cisco 642-513 PDF and VCE dumps, you will well prepare for the Cisco 642-513 exam. Visit Flydumps.com to get free new version for training.

Exam A
QUESTION 1
Certkiller chose the Cisco CSA product to protect the network against the newest attacks. Cisco Security Agent provides Day Zero attack prevention by using which of these methods?
A. Using signatures to enforce security policies
B. Using API control to enforce security policies
C. Using stateful packet filtering to enforce security policies
D. Using algorithms that compare application calls for system resources to the security policies
E. None of the above

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Because Cisco Security Agent analyzes behavior rather than relying on signature matching, it never needs updating to stop a new attack. This zero-update architecture provides protection with reduced operational costs and can identify so-called “Day Zero” threats.” At a high level, Cisco(r) Security Agent is straightforward. It intercepts system calls between applications and the operating system, correlates them, compares the correlated system calls against a set of behavioral rules, and then makes an “allow” or”deny” decision based on the results of its comparison. This process is called INCORE, which stands for intercept, correlate, rules engine. Reference: http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_white_paper0900aecd8020f448.shtml

QUESTION 2
Certkiller has implemented the CSA product to provide security for all of their devices. For which layers of the OSI reference model does CSA enforce security?
A. Layer 1 through Layer 4
B. Layer 1 through Layer 7
C. Layer 2 through Layer 4
D. Layer 3 through Layer 7

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco Security Agent provides threat protection for server and desktop computing systems, also known as endpoints. It helps to reduce operational costs by identifying, preventing, and eliminating known and unknown security threats. The Cisco Security Agent consolidates endpoint security functions in a single agent, providing:
1.
Host intrusion prevention
2.
Spyware/adware protection
3.
Protection against buffer overflow attacks
4.
Distributed firewall capabilities
5.
Malicious mobile code protection
6.
Operating-system integrity assurance
7.
Application inventory
8.
Audit log-consolidation
This provides security for endpoints at the network layer (layer 3) through the application layer (layer 7).
QUESTION 3
The CSA architecture model is made up of three major components. Which three are they? (Choose three)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. An administrative workstation
F. A syslog server

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
Explanation: The CSA MC architecture model consists of a central management center which maintains a database of policies and system nodes, all of which have Cisco Security Agent software installed on their desktops and servers. The agents themselves, and an administrative workstations, combined with the Management Center, comprise the three aspects of the CSA architecture. Agents register with CSA MC. CSA MC checks its configuration database for a record of the system. When the system is found and authenticated, CSA MC deploys a configured policy for that particular system or grouping of systems.

 

Preparing Cisco 642-513 exam is not difficult now.You can prepare from Cisco 642-513 Certification or Cisco 642-513 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-513 study material notes for test preparation.Latest Cisco 642-513 study material available.