[Free] 2018(Mar) EnsurePass Braindumps Cisco 500-280 Dumps with VCE and PDF 31-40

Posted on April 24, 2018 by

Ensurepass.com : Ensure you pass the IT Exams
2018 Mar Cisco Official New Released 500-280
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/500-280.html

Securing Cisco Networks with Open Source Snort

Question No: 31

How is the basic construct of a port variable formatted in the Snort.conf file?

  1. variable

  2. var arguments

  3. portvar value

  4. port variable

Answer: C

Question No: 32

Which action should you perform to enable or disable entire classes of rules through the snort.conf file?

  1. Specify the -e or :-d command-line argument.

  2. Comment or uncomment the rule class.

  3. Build and reference a separate rules-configuration file.

  4. Specify the enable or the disable argument.

Answer: B

Question No: 33

Which statement about the detection engine configuration settings in snort.conf is true?

  1. All the decoder alerts are on by default.

  2. All the decoder settings are off by default.

  3. Some decoder settings are on and others must be uncommented.

  4. The decoder is no longer in use.

Answer: B

Question No: 34

What is the minimum action that you should take when configuring a new Snort installation?

  1. Turn on all the rules.

  2. Inform your users that you have deployed an IDS/IPS.

  3. Provision more network bandwidth in case your installation causes latency.

  4. Configure your HOME_NET to include the networks that you want the sensor to protect.

Answer: D

Question No: 35

Which syntax correctly expresses a port variable?

  1. portvar HTTP_PORTS [80,1080,8080]

  2. ports: HTTP_PORTS (80,1080,8080)

C. var: ports = 80,1080,8080

D. ipportvar /HTTP_PORTS: 80,1080,8080

Answer: A

Question No: 36

Which statement about the FTPTelnet preprocessor is true?

  1. It can check for correctness of Telnet commands.

  2. It can normalize FTP network traffic.

  3. It can limit how much server-side traffic to process.

  4. It can reassemble FTP fragments.

Answer: B

Question No: 37

Which preprocessor can normalize the IIS %u encoding scheme?

  1. SMTP

  2. ftp_telnet

  3. http_inspect

  4. sfPortscan

Answer: C

Question No: 38

When Snort receives packets, in which order are they placed into the preprocessors?

  1. flow, frag3, stream5, application preprocessors, detection engine

  2. detection engine, frag3, stream5, flow, application preprocessors

  3. frag3, stream5, application preprocessors, detection engine

  4. flow, stream5, frag3, application preprocessors, detection engine

Answer: C

Question No: 39

Which configuration is optimal for the frag3 engine?

  1. Bind target IP addresses to policies that represent operating systems, so that the IPS engine can process traffic the same way that target hosts do.

  2. Bind client IP addresses to policies that represent operating systems, so that clients can process traffic the same way that the IPS engine does.

  3. Keep the configuration as simple as possible, for better performance.

  4. Deploy the engine only in passive mode, for better performance.

Answer: A

Question No: 40

Which preprocessor maintains connection state so that attacks that manifest over multiple packets in a session can be detected?

  1. stream5

  2. frag3

  3. flow tracking module

  4. detection engine

Answer: A

100% Ensurepass Free Download!
Download Free Demo:500-280 Demo PDF
100% Ensurepass Free Guaranteed!
500-280 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

This entry was posted in 500-280 Latest Exam (Mar 2018) and tagged , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.