Datasheet
9E0 - 100
Leading the way in IT testing and certification tools, www.testking.com
- 44 -
Section B Practice Questions
QUESTION NO: 1
What is a set of rules that pertain to typical intrusion activity?
Answer: signature
Also known as Misuse Detection or Pattern Matching – Matches pattern of malicious activity
Requires creation of signatures
Less prone to false positives-based on the signature’s ability to match malicious activity
Cisco Secure Intrusion Detection System 4 chap 3 page 15
QUESTION NO: 2
By default, the event viewer consolidates alarms based on the first two field columns.
How do you view the details of collapsed fields?
A. Click Set Current Column.
B. Expand the branch to see your field.
C. Close the event Viewer and reopen it.
D. Click Expand This Branch One Column to the left.
Answer: B
QUESTION NO: 3
What is NSDB?
A. TCP based signatures
B. context buffer data for TCP based signatures.
C. HTML based encyclopedia of network vulnerability information.
D. UDP based exploit signature with information about the signature that triggered the
alarm.
Answer: C
The NSDB is the Cisco HTML-based encyclopedia of network vulnerability information.
Cisco Secure Intrusion Detection System 4 chap 10 page 27
QUESTION NO: 4
What is the policy of the Policy server feature set in CSPM?
A. Facilities remote administration of the system.
B. Deletes all the feature sets operating on a single computer.