Securing Hosts Using Cisco Security Agent Exam (HIPS) : 642-513 Exam

Exam Number/Code: 642-513
Exam Name: Securing Hosts Using Cisco Security Agent Exam (HIPS)
VUE Code: 642-513
Questions Type: Single choice, Multiple choice, Simulate,
Real Exam Question Numbers: 65-75 questions
Exam Language(s): English

“Securing Hosts Using Cisco Security Agent Exam (HIPS)”, also known as 642-513 exam, is a Cisco certification.
Preparing for the 642-513 exam? Searching 642-513 Test Questions, 642-513 Practice Exam, 642-513 Dumps?

With the complete collection of questions and answers, Pass4sure has assembled to take you through 69 questions to your 642-513 Exam preparation. In the 642-513 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.

The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the HIPS v2.0 course. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.

642-513 HIPS
Securing Hosts Using Cisco Security Agent Exam
Exam Number: 642-513
Associated Certifications: CCSP
Duration: 75 minutes (65-75 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description Exam Topics Recommended Training Additional Resources
Exam Description

The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the HIPS v3.0 course. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.
Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Describe and deploy the CSA and CSA MC products

* Explain the concept of network defense in depth
* Describe Cisco Security Agent architecture
* Describe the life cycle of an attack
* Explain how Cisco Security Agent protects against attacks
* Identify the CSA MC and CSA system requirements
* Identify the administration workstation requirements
* Install the CSA MC
* Configure basic settings on the CSA MC
* Install the CSA using a default group

Use CSA MC to configure groups, manage hosts, and build policies

* Describe various components of the menu bar and its function in the CSA MC interface
* Create, save, and delete data on the CSA MC
* Create groups to ease host management and security policy deployment
* Build Agent kits for the newly created groups
* View host status and modify host configuration
* Distribute software updates to hosts
* Discuss components of a policy
* Configure policies and rule modules

Use CSA MC to configure rules

* Describe the basics of rule construction and functionality
* Configure rules common to Windows and UNIX systems
* Configure Windows-Only rules
* Configure UNIX-Only rules
* Describe the individual rules you can add to your policies that allow CSA MC to categorize processes and correlate events across multiple systems
* Describe and configure the system API Control Rule
* Describe and configure the Network Shield Rule
* Describe and configure the Buffer Overflow Control Rule
* Describe and configure the Email Worm Protection Rule module
* Describe and configure the Installation Applications Policy
* Describe and configure Global Event Correlation

Define application classes and work with variables

Free PassGuide Practice Engine Demo Download Pass4sure offers free demos for each certification exam, including all IT vendors. You can check out the testing engine software, or pdf file question quality and usability of our practice exams before you decide to buy it. We are the only one site that offers demos for almost all IT certification exams.If you want to try p4s exam practice engine demo. http://demo.passguide.com/download

* Explain the use of application classes in creating security policies
* Discuss the preconfigured application classes included in the CS AMC
* Configure a static application class
* Create a dynamic application class and an application-builder rule
* Discuss how events sets are used to ease administration of security policies
* Configure data, file and network address sets
* Create registry, COM component and network services sets
* Use the COM extraction utility to gather PROGIDs and CLSIDs for the software installed on a system
* Configure Query Settings variables to be used with Query rules

Use CSA Analysis and define and generate reports

* Understand and configure application deployment investigation
* Understand and configure product associations for application deployment investigation
* Configure and run application deployment reports
* Understand and configure application behavior investigation
* Understand and use behavior analysis reports
* Import and use behavior analysis rule modules
* Explain the features of the Event Log and Event Monitor
* Configure filtering of events for logging, reports, and alerts
* Create event-based alerts
* Generate reports on events selected by sorting criteria

3.Which two items make up Agent kits? (Choose two.)
A:groups
B:hosts
C:policies
D:rules
E:network shim
Correct Answers: A, E
TestInside 642-513
4.If a Solaris or Windows system is not rebooted after CSA installation, which three rules are only enforced when
new files are opened, new processes are invoked, or new socket connections are made? (Choose three.)
A:COM component access rules
B:network shield rules
C:buffer overflow rules
D:network access control rules
E:file access control rules
F:demand memory access rules
Correct Answers: C, D, E
5.How can the Agent kit be sent out to host machines?
A: via a URL that is e-mailed to clients
B: via a TFTP server
C: via an FTP server
D: via a Telnet server
Correct Answers: A

6.Cisco Security Agent provides Day Zero attack prevention by using which of these methods?
A: using signatures to enforce security policies
B: using API control to enforce security policies
C: using stateful packet filtering to enforce security policies
D: using algorithms that compare application calls for system resources to the security policies
Correct Answers: D

7.What is the purpose of network access control rules?
A: to control access to network services
B: to control access to network addresses
C: to control access to both network services and network addresses
D: to control access to networks
Correct Answers: C

8.Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)
A:install new code
B:modify configuration
C:ping scans
D:buffer overflow
E:erase files
F:e-mail attachment
Correct Answers: D, F

9.When you choose the Log All Deny Actions option within a group, how are deny actions logged?
A: Deny actions are logged every 5 minutes.
B: Deny actions are logged every 10 minutes.
C: Every deny action is logged regardless of the specific rule settings.
D: Only those deny actions that are configured within specific rules are logged.
Correct Answers: C
10.Which protocol should never be disabled on the CSA MC?
A: SSH
B: Telnet
C: IPSec
D: SSL
Correct Answers: D

Free download:pass4sure CCSP 642-513
Free download:testking CCSP 642-513
more info:www.ciscoexams.org

PassGuide provides high-quality test materials, for example, Cisco CCNA CCNP CCIE, Comptia A + NETWORK + Security +, Juniper jncia, jncis, Vmware VCP-410,certification practice exams and so on.We are committed to give full refund to candidates if they fail the exam with use of our products.And we are confident to make such a guarantee. Buy Best Practice Exam,high-quality ,100% Guarantee ,Pls contact me,Mail:Sales@passguide.com

P4S Free Downloads

Type	Exam Braindumps	New Questions & Answers	Latest Updated	Available link
	All Pass4sure's Exam Pack	858	1 days ago	Download Free Testing Engines

PassGuide Braindumps-Free Test king Help You Quick Pass Any it Certifications Exams

Click links: www.testking.la/braindumps/free/down/crack/all/testking