Manualshelf

Datasheet

ManualsBrandsCisco ManualsComputer equipmentIDS 4210 - Intrusion Detection Sys 4210 Sensor
31323334353637383940
9E0 - 100
Leading the way in IT testing and certification tools, www.testking.com
- 32 -
B. Telnet
C. TFTP
D. SNMP
E. FTP
F. RSH
Answer: B, E
Explanation: The Sensor always provides secure shell services (including scp). Increase the
security of the Sensor by disabling two services that allow clear text password authentication:
Telnet and FTP. For maximum security disable both.
Reference:
Cisco IDS Sensor Software - Cisco Intrusion Detection System Sensor Configuration Note Version
3.1
QUESTION NO: 61
A company policy states that IDS Sensors can be managed only by authorized
management workstations. The management workstations exist on the 192.168.21.0/24
network.
Which address must the network security administrator add to the Cisco IDS Sensor’s
network access control list?
A. 192.168.21.
B. 192.168.21
C. 192.168.
D. 192.168
E. 192.168.21.0.
F. 192.168.21.0
Answer: F
Explanation: I am not sure the difference between E and F except for an extra dot (which is
wrong)
Actually the original answer is A 192.168.21. which is wrong as far as version 4 of the course
manual is concerned. I think this answer was wrong. Acls you must put all aspects of the 4
octets in. I think the correct was the 192.168.21.0 the original had 192.168.21. - nothing in
the fourth octet
Sensor#config t
Sensor(config)# service host
Sensor(config-Host)#netwrokParams
Sensor(config-Host-net) accesslist ipAddress 10.0.2.0 netmask 255.255.255.0 - adds an entire
network to the access list.
Cisco Secure Intrusion Detection System 4 chap 13 page 41
QUESTION NO: 62
A Cisco IDS Sensor has been configured to perform IP Blocking.
Which Cisco IDS service must be running on the Sensor?