CCNP Practice Exam For ISCW Study:
The IPS And IDS
Vital Reading And Watching For All Cisco Certification Candidates:
The July 2010 CCNP Changes (And How To Beat Them!)
To help you beat the July 31, 2010 deadline for the ISCW exam, here's a complimentary CCNP Practice Exam on the operation and configuration of IPS And IDS!
There will be four new CCNP practice exams posted every day in February - head to our CCNP Practice Exam page for more free practice questions!
Join our Twitter conversation on the left side of this page for immediate notification on the posting of new answers and questions, additions to our YouTube Cisco Certification Channel, and more!
Be sure to check out our CCNP Guaranteed Pass offer!
Enjoy the questions!
Chris Bryant
CCIE #12999
"The Computer Certification Bulldog"
chris@thebryantadvantage.com
 
Question 1:
What IPS feature should be enabled to drop packets while a new signature is being compiled, rather than letting them through?
A. use built-in signatures as backup
B. fail closed
C. crypto ACL
D. deny action
Question 2:
Identify the signature types.
A. exploit
B. connections
C. string
D. DOS
E. access
F. recon
G. perseverant
Question 3:
Identify the actions the IPS can take when it detects a signature match.
A. Reset (TCP Reset)
B. Block Address
C. Alarm
D. Drop
E. Block Session
F. Shutdown Interface
Question 4:
When you enter the SDM IPS Rule Wizard for the first time, what protocol will you be prompted to enable?
A. ARP
B. SNMP
C. IP
D. SDEE
Question 5:
Short answer: What protocol allows communication between IPS server and clients?
Question 6:
Short answer: What global configuration command enables the protocol referenced in Question 5?
Question 7:
In the "Edit IPS" section, which tab should you click to enable Syslog notifications?
A. Global Settings
B. IPS Policies
C. Signatures
D. SDEE Messages
Answers just a bit further down the page!
Earn Your CCNP With The Personal Guarantee Of Chris Bryant, CCIE #12933:
“I GUARANTEE You'll Pass The Current CCNP Exams - BSCI, ONT, ISCW, and BCMSN - Before The July 31, 2010 Cutoff Date With My CCNP Study Packages ...
... And If You Don't Pass FOR ANY REASON Before That Time, I'll Give You a 100% Free CCNP Study Package Download For The New Exam Track!"
You Also Get A FREE CCNA Security Study Package, Valued at $67, With The Purchase Of Any CCNP Study Package!
 
Answers:
1. B. Fail Closed is disabled by default, but should be enabled if you don't want packets to pass through without scanning during a signature compilation.
2. A, B, C, and D.
3. A - E. The only thing the IPS can't do in that list is shut down the interface.
4. D. You'll be prompted to allow the IPS to enable SDEE if it isn't already enabled.
5. That's the Security Device Event Exchange protocol - SDEE.
6. ip ips notify SDEE
7. Yeah, I hate "which tab" questions, too. This one's Global Settings.
That's it for this IPS/IDS exam! I'll have some more of them on our CCNP Practice Exams page soon, so bookmark that page - a new set of four CCNP exams will be on that page every day in February!
|
