Datasheet
9E0 - 100
Leading the way in IT testing and certification tools, www.testking.com
- 9 -
Reference: Cisco Secure Intrusion Detection System (Ciscopress) page 499
QUESTION NO: 12
Which network services are enabled by default on a Cisco IDS Sensor for remote
management? (Choose three)
A. SSH
B. TFTP
C. SNMP
D. Telnet
E. RSH
F. FTP
Answer: A, D, F
Explanation:
Enter or delete the IP addresses of hosts and networks that can access the sensor via Telnet,
FTP, SSH, and scp.
Reference:
Cisco Intrusion Detection System Sensor Getting Started Version 3.1
Note by 2
nd
TestKing writer: I think the answers don’t conform to the latest course manual.
Telnet – requires an IP address that has been assigned to the command and control interface
via the CLI setup command. Must be enabled to allow telnet access. Telnet is DISABLED
by default.
SSH – Requires an IP address that has been assigned to the command and control interface via
the CLI setup command and uses a supported SSH client. The SSH server in the sensor is
ENABLED by default.
HTTPS – Requires an IP address that has been assigned to the command and control interface
via the CLI setup command and uses a supported web browser. HTTPS is ENABLED by
default but can be disabled.
Cisco Secure Intrusion Detection System 4 chap 7 page 23
QUESTION NO: 13
When does the Sensor create a new log file?
A. Only when the Sensor is initially installed.
B. Only when the Sensor requests it.
C. Every time its services are restarted.
D. Every time a local log file is used.
Answer: C
Explanation:
The sensor creates new log file every time its services are restarted. This means that every
time a new configuration is pushed to the sensor, a new configuration file is created
And the old file is closed and transferred to a temporary directory.