Dumps Questions
Dumps Questions
Latest 642-564 - Security Solutions for Systems Engineers Dumps
1. By providing a detailed inspection of traffic in Layers 2 through 7, the Cisco IPS appliance offers which benefit to the customers?
a.Full network access control
b.Detection of Internet access misuse by employees
c.Effective prevention of distributed denial of service attacks
d.Prevention of protocol misuse (for example, tunneling through port 80)
e.None of the above.
Answer :D
Explanation :A Cisco reference to "port 80 misuse" is addressing the problem that many applications/protocols are being tunneled over port 80 that are not strictly Web traffic-instant messaging, peer-to-peer, file-sharing (kazaa, gnutella), etc. Most corporate edge devices allow port 80 traffic to flow inorder not to obstruct Web commerce; however, this openness is also a vector of attack. Cisco IPS now allows tight policy control over instant messaging (IM), point-to-point (P2P), Multipurpose Internet Mail Extensions (MIME) type filtering, as well as command/method control over HTTP(allow http get, but not set or put), preventing the misuse of protocols by corporate employees.
2. In which two ways do Cisco ASA 5500 Series Adaptive Security Appliances achieve containment and control? (Choose two)
a.By enabling businesses to create secure connections ss
b.By preventing unauthorized network acce
c.By probing end systems for compliance
d.By tracking the state of all network communications
e.By performing traffic anomaly detection
Show the answer with explanation
3. What are three functions of the Cisco Security Agent? (Choose three)
a.Spyware and adware protection
b.Device-based registry scans
c.Malicious mobile code protection
d.Local shunning
e.Protection against buffer overflows
f.Flexibility against new attacks through customizable signatures "on the fly"
Show the answer with explanation
4. What could be a reason to implement Cisco Security Agent?
a.To prevent Day Zero attacks
b.To communicate the host posture validation to a policy server
c.To track the Internet usage of employees
d.To validate policy compliance
Show the answer with explanation
5. Which three are included with the Cisco Security Agent? (Choose three)
a.Buffer overflow protection
b.Day Zero virus and worm protection
c.Cisco Easy VPN Client
d.Host-based intrusion prevention
e.Plug-in interface to query posture providers
f.Packet sniffer
Show the answer with explanation
www.dumpsquestions.com © 2009