Pass Cisco 642-533 Exam VCE And PDF With Flydumps All New Exam Questions

Flydumps Cisco 642-533 exam questions and answers in PDF are prepared by our expert, Moreover,they are based on the recommended syllabus covering all the Cisco 642-533 exam objectives.You will find them to be very helpful and precise in the subject matter since all the Cisco 642-533 exam content is regularly updated and has been checked for accuracy by our team of Microsoft expert professionals.

Exam A
QUESTION 1
In which three ways does a Cisco IPS network sensor protect the network from attacks? (Choose three.)
A. It can take variety of actions when it detects traffic that matches a set of rules that pertain to typical intrusion activity
B. It permits or denies traffic into the protected network based on access lists that you create on the sensor
C. It uses a blend of intrusion detection technologies to detect malicious network activity
D. It can generate an alert when it detects traffic that matches a set of rules that pertain to typical intrusion activity
Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 2
You would like to have your inline sensor deny attackers inline when events occur that have risk ratings over 85. Which two actions, when taken in conjunction will accomplish this? (Choose two.)
A. Assign the risk rating range of 85 to 100 to the Deny Attacker inline event action
B. Create target value ratings of 85 to 100
C. Create an event variable for the protected network
D. Create an Event Action Filter and assign the risk rating range of 85 to 100 to the filter
E. Enable Event Action overrides
F. Enable Event Action Filters
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which statement accurately describes Cisco IPS Sensor Automatic signature and service pack updates?
A. If multiple signature or service pack updates are available when the sensor checks for an update, the Cisco IPS Sensor installs the first update it detects
B. You must download service pack and signature updates form cisco.com to locally accessible server before they can be automatically applied to your Cisco IPS Sensor
C. When you configure automatic updates, the Cisco IPS Sensor checks Cisco.com for updates hourly.
D. The Cisco IPS Sensor can automatically download service pack and signature updates form cisco.com
E. The Cisco IPS Sensor can download signature and service pack updates only from an TFTP or HTTP server
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 4
You think users on your corporate network are disguising the user of file-sharing applications by tunneling the traffic through port 80. How can you configure your Cisco IPS Sensor to identify and stop this activity?
A. Enable all signatures in the Service HTTP engine
B. Assign the Deny Packet inline action to all signatures in the service HTTP Engine
C. Enable the alarm for the non-HTTP traffic signature. Then create an Event Action Override that adds the Deny Packet inline action to event triggered by the signature if the traffic originates from your corporate network
D. Enable both the HTTP application policy and the alarm on non-HTTP traffic signature
E. Enable all signature in the Service HTTP engine. Then create an event action override that adds the Deny packet inline action to events triggered by these signatures if the traffic originates form your corporate network

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 5
With Cisco IPS 6.0, what is the maximum number of Virtual sensors that can be configured on a single platform?
A. The number depends on the amount of device memory
B. Six
C. Four
D. Two
E. Two in promiscuous mode using VLAN groups, four in inline mode supporting all interface type configurations
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Which two management access methods are enabled by default on a Cisco IPS sensor? (Choose two.)
A. HTTP
B. SSH
C. Telnet
D. IPSec
E. HTTPS
Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 7
What is used to perform password recovery for the “cisco” admin account on a Cisco IPS 4200 Series Sensor?
A. ROMMON CLI
B. Cisco IDM
C. Setup mode
D. Recovery Partition
E. GRUB menu
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 8
How should you create a custom signature that will fire when a series of pre-defined signature occur and you want the Cisco IPS Sensor to generate alerts only for the new custom signature, not for the individual signatures?
A. Use the Normalizer Engine and se the summary mode to Global Summarize
B. Use the Service Engine and Set the summary mode to global summarize
C. Use the Trojan Engine and remove the Produce Alert action from the component signatures
D. Use the Normalizer engine and remove the Produce Alert action from the component signatures
E. Use the ATOMIC Engine and set the summary mode to Global Summarize
F. Use the Meta engine and remove the produce alert action from the component signatures
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 9
When configuring Passive OS Fingerprinting, what is the purpose of restricting operating system mapping to specific addresses?
A. Limits the ARR to the defined IP Addresses
B. Specifies which IP Address range to import from EPI for OS fingerprinting
C. Excludes the defined IP Addresses from automatic risk rating calculations so that you can specify the desired risk rating
D. Allows you to configure separate OS maps within that IP address range
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 10
You have been made aware of new and unwanted traffic on your network. You want to create a signature to monitor and perform an action against that traffic when certain thresholds are reached. What would be the best way to configure this new signature?
A. Use the Anomaly Detection functions to learn abut the unwanted traffic, then create a new meta signature using Cisco IDM
B. Clone and edit an existing signature that closely matches the traffic you are trying to prevent
C. Create a new signature definition, edit it, and then enable it
D. Edit a built-in signature that closely matches the traffic you are trying to prevent
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Exhibit:

: Your work as a network technician at Certkiller .com. Study the exhibit carefully. Which interfaces are assigned to an inline VLAN pair?
A. GigabitEthernet0/1 with GigbitEthernet0/3
B. GigabitEthernet0/2 with GigabitEthernet0/3
C. GigabitEthernet0/1 with GigabitEthernet0/2
D. None in this Virtual Sensor
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 12
A user with which user account role on a Cisco IPS Sensor can log into the native operating system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. Viewer
B. Administrator
C. Super
D. Operator
E. Root
F. Service
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which action does the copy /erase ftp://172.26.26.1/sensor_config01 current_config command perform?
A. Copies and saves the running configuration to the FTP server and replaces it with the source configuration file
B. Merges the source configuration file with the current configuration
C. Erase the sensor_config01 file the FTP server and replaces it with the current configuration file from the Cisco IPS Sensor
D. Overwrites the backup configuration and applies the source configuration file to the system default configuration
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
You are using Cisco IDM. What precaution must you keep in mind when adding, editing or deleting allowed hosts on a Cisco IPS Sensor?
A. You must not delete the IP Address used for remote management
B. When using access lists to permit remote access, you must specify the direction of allowed communications
C. You must use an inverse mask, such as 10.0.2.0 0.0.0.255 for the specified network mask for the IP Address
D. You can only configure the allowed hosts using the CLI
E. You must not allow entire subnets to access the Cisco IPS Sensor
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which signature action or actions should be selected to cause the attacker’s traffic flow to terminate when the Cisco IPS Sensor is operating in promiscuous mode?
A. Deny connection, reset tcp connection
B. Deny Packet, reset tcp connection
C. Deny Packet
D. Reset tcp connection
E. Deny Connection F. Deny Attacker
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 16
Which character must precede a variable to indicate that you are using a variable rather than a string?
A. Dollar Sign
B. Asterisk
C. Percent sign
D. Ampersand
E. Pound Sign
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which three values are used to calculate the risk rating for an event? (Choose three.)
A. Target fidelity rating
B. Signature fidelity rating
C. Signature attack rating
D. Target value rating
E. Attack severity rating
F. Fidelity severity rating
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which two statements accurately describe virtual sensor configuration? ( Choose two.)
A. You can’t delete vs0
B. The packet processing policy is virtualized
C. Creating a new virtual sensor creates a “virtual” machine
D. The sensor’s interfaces are virtualized
E. You must create a new instance of a signature set, such as sig1 and assign it to vs1
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which three of these steps are used to initialize and verify the Cisco ASA AIP-SSM? (Choose three.)
A. Connect a management station directly to the AIP-SSM console port via a serial cable
B. Use the ASA#session 1 command to access the AIP-SSM CLI
C. Use the ASA#show module command to verify the AIP-SSM status
D. Access the Cisco IDM from a management station using http://sensor-ip-address
E. Use the Sensor# setup command to configure the basic sensor settings

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 20
You have been made aware of new and unwanted traffic on your network. You want to create a signature to monitor and perform an action against that traffic when certain thresholds are reached. What would be the best way to configure this new signature?
A. Create a new signature definition, edit it, and then enable it
B. Use the Anomaly Detection functions to learn abut the unwanted traffic, then create a new meta signature using Cisco IDM
C. Edit a built-in signature that closely matches the traffic you are trying to prevent
D. Clone and edit an existing signature that closely matches the traffic you are trying to prevent
E. Use the Custom Signature Wizard to create a new signature

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 21
Which one of the following statements is true regarding tuned signatures?
A. Require that you create subsignatures that can then be tuned to your needs
B. Begin with signature number 60000
C. Contain modified parameters of built-in signatures
D. Are tuned using the Cisco IDM custom Signature Wizard
E. Require that you create custom signatures that can then be tuned to your needs

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Which two statements correctly describe Cisco ASA AIP-SSM based on Cisco IPS 6.0 the ASA 7.x software release? (Choose two.)
A. It does not have console port access
B. Its command and control interfaces is Gig0/0
C. It supports up to four virtual sensors
D. It has two sensing interfaces
E. It supports inline VLAN pairs
F. It requires two physical interfaces to operate in inline mode

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 23
DRAG DROP You work as a network technician at Certkiller .com. Your boss, Mrs. Certkiller, is interested in inline interface and inline VLAN Pair. Match the appropriate description with proper categories. Use only options that apply.

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 24

Which of the following statements best describes how IP logging should be used?
A. Be used to automatically correlate events with Cisco Security MARS for incident investigations
B. Only be used when you are also using inline IPS mode
C. Be used sparingly because there is a 4-GB limit on the amount of data that can be logged
D. Always be enabled since it uses a FIFO buffer on the Cisco IPS Sensor flash memory
E. Only be used temporarily for such purposes as attack confirmation, damange assessment or the collection of forensic evidence because of its impact on performance

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Which two of the following parameters affect the risk rating of an event? (Choose two.)
A. Engine type
B. Scanner threshold
C. Signature fidelity rating
D. Global summary threshold
E. Alert severity
F. Event count key

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 26
What is the best way to mitigate the risk that executable-code exploits will perform malicious acts such as erasing your hard drive?
A. Assign the TCP reset action to signatures that are controlled by the Normalizer engine
B. Enable blocking
C. Assign blocking actions to signatures that are controlled by the state engine
D. Enable application policy enforcement
E. Assign deny actions to signatures that are controlled by the Trojan engines

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 27
In Which three of these ways can you achieve better Cisco IPS Sensor Performance? (Choose three.)
A. Disable unneeded signatures
B. Enable selective packet capture using VLAN ACL on the Cisco IPS 4200 Series Sensors
C. Always enable Unidirectional capture
D. Place the Cisco IPS Sensor behind a firewall
E. Have multiple Cisco IPS Sensors in the path and configure them to detect different types of events
F. Enable all anti-evasive measures to reduce noise

Correct Answer: ADE Section: (none) Explanation
Explanation/Reference:
QUESTION 28
Which two communication protocols does Cisco IEV support for communications with Cisco IPS Sensors? (Choose two.)
A. HTTPS
B. IPSec
C. HTTP
D. SSH
E. SCP

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 29
What two steps must you perform to initialize a Cisco IPS Sensor Appliance? (Choose two.)
A. Connect a serial cable to the console port of the sensor
B. Enable telnet and then configure basic sensor parameters
C. Connect to the sensor via SSH
D. Issue the setup command via the CLI
E. Use the Cisco IDM Setup Wizard

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Exhibit

Your work as a network technician at Certkiller .com. Study the exhibit carefully. You are the security administrator for the network in the exhibit. You want your inline Cisco IPS sensor to drop packets that pose the most severe risk to your network, especially to the servers on your DMZ. Which two of the following parameters should you set to protect your DMZ servers in the most time-efficient manner? ( Choose two.)
A. Application policy
B. Target value rating
C. Signature fidelity rating
D. Event action filter
E. Alert severity
F. Event action override

Correct Answer: BF Section: (none) Explanation
Explanation/Reference:

If you fail in Cisco 642-533 exam test with Cisco 642-533 exam dumps, we promise to give you full refund! You only need to scan your Cisco 642-533 test score report to us together with your receipt ID. After our confirmation, we will give you full refund in time. Or you can choose to charge another IT exam Q&As instead of Cisco 642-533 exam dumps. Useful Cisco certifications exam dumps are assured with us. If our Cisco 642-533 exam dumps can’t help you pass Cisco 642-533 exam, details will be sent before we send the exam to you.We don’t waste our customers’ time and money! Trusting Passtcert is your best choice!