Manualshelf

Datasheet

ManualsBrandsCisco ManualsComputer equipmentIDS 4210 - Intrusion Detection Sys 4210 Sensor
11121314151617181920
9E0 - 100
Leading the way in IT testing and certification tools, www.testking.com
- 11 -
QUESTION NO: 16
Exhibit:
In the Cisco IDS Event Viewer, how do you display the context data associated with an
event?
A. Choose View>Context Data from the main menu.
B. Right-click the event and choose Show Data.
C. Choose View>Show data from the main menu.
D. Right-click the event and choose Show Context.
E. Choose View>Show Context from the main menu.
F. Double-click the event.
Answer: D
Explanation:
Certain alarms may have context data associated with them. Context data provides a snapshot
of the incoming and outgoing binary TCP traffic (up to a maximum of 256-bytes in both
directions) that preceded the triggering of the signature. To view the context for an alarm,
follow these steps:
Step 1 From the Alarm Information Dialog, right-click a cell in the Context column, and
then select Show Context.
Step 2 Scroll to view the context associated with this alarm.
Reference: Cisco Intrusion Detection System Event Viewer Version 3.1
Also see Cisco Secure Intrusion Detection System 4 chap 10 page 20
QUESTION NO: 17
When designing IP blocking, why should you consider entry points?
A. They provide different avenues for the attacker to attack your networks.
B. They prevent all denial of service attacks.
C. They are considered critical hosts and should not be blocked.
D. They provide a method for the Sensor to route through the subnet to the managed
router.
Answer: A
Explanation: