Securing Networks Using Intrusion Prevention Systems Exam (IPS) : 642-532 Exam  The Securing Networks Using Intrusion Prevention Systems exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco IPS Specialist certifications. Candidates can prepare for this exam by taking the IPS v5.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify and manage the Cisco IPS appliance products.

Exam Number/Code: 642-532
Exam Name: Securing Networks Using Intrusion Prevention Systems Exam (IPS)
VUE Code: 642-532
Questions Type: Single choice,
Real Exam Question Numbers: 60-70 questions
Exam Language(s): English

“Securing Networks Using Intrusion Prevention Systems Exam (IPS)”, also known as 642-532 exam, is a Cisco certification.
Preparing for the 642-532 exam? Searching 642-532 Test Questions, 642-532 Practice Exam, 642-532 Dumps?

With the complete collection of questions and answers, Pass4sure has assembled to take you through 63 questions to your 642-532 Exam preparation. In the 642-532 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.
642-532 IPS
Securing Networks Using Intrusion Prevention Systems Exam
Retired January 16, 2008
Exam Number: 642-532
Associated Certifications: CCSP, Cisco IPS Specialist
Duration: 90 minutes (60-70 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description Exam Topics Recommended Training Additional Resources
Exam Description

The Securing Networks Using Intrusion Prevention Systems exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco IPS Specialist certifications. Candidates can prepare for this exam by taking the IPS v5.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify and manage the Cisco IPS appliance products.
Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Describe how Cisco IDS/IPS sensors are used to mitigate network security threats

* Select the best sensor platform to protect a given network
* Describe the features of the IDSM-2
* Describe the features of the NM-CIDS
* List sensor requirements for inline operations
* List platforms on which the 50 image will run
* Explain the difference between inline and promiscuous mode sensor operations
* Select the most effective location for the sensor and other defense-in-depth components
* Explain how Cisco IDS/IPS protects network devices from attacks (Describe signatures, alerts, and actions)
* Explain the similarities and differences among the various intrusion detection technologies
* Explain the evasive techniques used by hackers and how Cisco IDS defeats those techniques
* Explain the differences between HIPS and Network IPS
* Describe the network sensors that are currently available and their features
* Describe the considerations necessary for selection, placement, and deployment of a network intrusion prevention system
* Explain the features, benefits, and system requirements of the IDM
* Describe traffic that is not inspected by the NM-CIDS
* Define intrusion detection
* Define intrusion prevention
* Explain the Cisco IDS/IPS signature features

Install Cisco IDS/IPS sensors and configure essential system parameters

* Install a sensor appliance in the network
* Use the IDM to configure SSH and TLS communications
* Use the CLI to install the sensor’s software image
* Select the appropriate image file for a sensor
* Select a router to host the NM-CIDS
* Configure communications between the router and the NM-CIDS
* Describe the functions of the various IDSM-2 ports
* Describe the tasks for configuring the NM-CIDS
* Describe the interfaces and components of the NM-CIDS
* Explain how the NM-CIDS works
* Explain how the IDSM-2 obtains access to network traffic
* Explain the importance of accurate time on the NM-CIDS and how the NM-CIDS should obtain the accurate time
* Explain the importance of accurate time on the IDSM-2 and how the IDSM-2 should obtain the accurate time
* Install the IDSM-2 in a switch
* Install the NM-CIDS in a router
* Select a switch to host the IDSM-2
* Use the CLI to initialize the sensor
* Describe user accounts and how they provide sensor security
* Use the IDM to configure and manage user accounts
* Use the IDM to verify secure management access to the sensor
* Obtain management access to the sensor appliance
* Obtain management access to the NM-CIDS
* Obtain management access to the IDSM-2
* Describe allowed hosts
* Use the IDM to configure allowed hosts
* Describe sensor interfaces and interface pairs
* Use the IDM to configure the sensor’s interfaces (enable, create pairs, assign to virtual sensor)
* Describe software bypass mode
* Use the IDM to configure software bypass mode
* Use the IDM to configure the sensor’s network settings (IP address, netmask, default gateway, etc)
* Describe sensor communications with external management and monitoring systems
* Launch, navigate, and use the IDM to manage and monitor the sensor
* Use the IDM to set the sensor’s time
* Define traffic flow notification
* Use the IDM to configure traffic flow notification
* Describe the various CLI modes
* Navigate the sensor CLI
* List the tasks for installing and configuring the IDSM-2

Describe Cisco IDS/IPS sensor advanced system parameters

* Plan the mitigation of specific network vulnerabilities and exploits
* Describe sensor tuning
* Describe sensor tuning methods
* Explain IP fragment and TCP stream reassembly options
* Describe the IP logging capabilities of the sensor
* Explain how IP logging should be used
* Explain the use of Event Variables
* Determine the need for a custom signature
* Describe the signature engines and their functionality
* Describe the types of signatures supported by each engine
* Describe common engine parameters and their effects on signatures
* Describe engine-specific parameters and their effects on signatures
* Describe the device management capability of the sensor and how it is used to perform blocking with a Cisco device
* Determine which response actions need to be configured for a given scenario
* Determine the need for Event Action Filters in a given scenario
* Describe the purpose of the Meta Event Generator
* Explain Target Value Ratings and how they are used
* Determine the need for Event Action Rules in a given scenario
* Explain event Risk Ratings and how they are used
* Explain the sensor’s SNMP support
* Determine if the sensor’s application policy enforcement feature is needed in a given scenario

Tune Cisco IDS/IPS sensor advanced system parameters to optimize attack mitigation performance

Free PassGuide Practice Engine Demo Download Pass4sure offers free demos for each certification exam, including all IT vendors. You can check out the testing engine software, or pdf file question quality and usability of our practice exams before you decide to buy it. We are the only one site that offers demos for almost all IT certification exams.If you want to try p4s exam practice engine demo. http://demo.passguide.com/download

* Use the IDM to tune the sensor to work optimally in the network
* Use the IDM to tune signatures to provide maximum protection for a network
* Use the IDM to create custom signatures as needed
* Configure response actions for a signature
* Configure the sensor to take response actions based on a risk rating
* Configure the sensor to minimize false alerts
* Use the IDM to create a Meta signature and disable alert production for the component signatures
* Use the IDM to configure the sensor to support SNMP
* Configure Event Action Filters
* Configure Event Action Overrides
* Configure Target Value Ratings
* Configure general settings for Event Action Rules
* Use the IDM to configure IP logging
* Configure Event Variables
* Use the IDM to configure blocking for a given scenario
* Use the IDM to configure the sensor to use a Master Blocking Sensor
* Use the IDM to configure IP fragment and TCP stream reassembly options
* Use the sensor’s application policy enforcement feature

Analyze Cisco IDS/IPS sensor events to determine the appropriate response to network attacks

* Configure the IDM events display
* Analyze alerts and make configuration changes to respond to attacks
* Use the CLI and the IDM to monitor events
* Classify an alarm as true, false, positive or negative
* Explain the fields in a Cisco IDS/IPS alert
* Describe the various types of events generated by the sensor
* Explain the difference between true and false and positive and negative alarms

Upgrade and maintain Cisco IDS/IPS sensors

* Configure the sensor to allow an SNMP NMS to obtain its health and welfare information
* Use the CLI to recover the sensor’s software image
* Use the IDM to install signature updates and service packs
* Use the IDM to configure automatic signature and service pack updates
* Move software images/upgrades and configuration files via HTTP, HTTPS, SCP, and FTP
* Use the IDM to restore the default configuration to the sensor
* Select the correct software update file for a sensor
* Use the CLI to upgrade the software image
* Describe the various types of image files
* Apply the appropriate system image to the sensor
* Describe maintenance tasks specific to the NM-CIDS
* Use the CLI to obtain PEP information from the sensor
* Use the IDM to install a sensor license
* Describe PEP information and its purpose
* Explain the purpose of service packs and signature updates
* Describe service pack and signature update file names
* Explain why a sensor license is needed
* Obtain a license key

Troubleshoot Cisco IDS/IPS sensor operation and configuration errors

* Use the packet command to display and capture packets from the data interfaces
* Copy (to a location off the sensor) packets that have been captured from the data interfaces
* Use the IDM to verify the sensor’s configuration
* Use the CLI to back up the sensor configuration
* View IP logs for troubleshooting purposes
* Troubleshoot communications between the NM-CIDS and its host router
* Reset and power down the sensor
* Determine when resetting or powering down the sensor is necessary
* Describe the main components of the IPS 50 software architecture
* Verify functionality of the NM-CIDS
* Verify the Catalyst 6500 switch and Catalyst IDSM-2 functionality
* Use the IDM and the CLI to obtain sensor statistics
* Use the IDM to obtain a sensor diagnostic report
* Use the IDM to obtain sensor system information
* Use general troubleshooting commands
* Use the IDM to shut down and reboot the sensor
* Describe Cisco IDS/IPS configuration file format

QUESTION 24:
The Certkiller security policy states that network devices must be managed using
secure communication methods. Which Cisco IDS Sensor services must be disabled
to meet this requirement? (Choose two)
A. SSH
B. Telnet
C. TFTP
D. SNMP
E. FTP
F. RSH
Answer: B, E
Explanation:
The Sensor always provides secure shell services (including scp). Increase the security of
the Sensor by disabling two services that allow clear text password authentication: Telnet
and FTP. For maximum security disable both.
QUESTION 25:
The service pack file IDSk9-sp-3.1-2-S23.bin exists on the Certkiller Sensor.
Which command installs the service pack on the Sensor?
A. IDSk9-sp-3.1-2-S23 -install
B. IDSk9-sp-3.1-2-S23.bin -install
C. IDSk9-sp-3.1-2-S23.bin -i
D. IDSk9-sp-3.1-2-S23.bin -l
E. IDSk9-sp-3.1-2-S23-bin -apply
F. IDSk9-sp-3.1-2-S23 -apply
Answer: C
Explanation:
To install the version 3.1(5)S58 service pack, follow these steps:
1. Download the self-extracting binary file IDSk9-sp-3.1-5-S58.bin
to a directory on the target Sensor from the following website:

http://www.cisco.com/cgi-bin/tablebuild.pl/ids3-app

CAUTION: You must preserve the original file name.
2. Log in as root on the Sensor.
3. Change directories to the location of the downloaded binary.
4. Change the binary file’s attributes to an executable by typing the
following:
chmod +x IDSk9-sp-3.1-5-S58.bin
5. Execute the binary file with the -l option by typing the following:
./IDSk9-sp-3.1-5-S58.bin -l
6. Review the file output.log in /usr/nr/sp-update for any error
messages.
7. Do not remove the /usr/nr/sp-update directory. This directory is
required for uninstallation and contains backups of files replaced by
the update.
QUESTION 26:
A Certkiller router is hosting an NM-CIDS. The router’s configuration contains an
output ACL. Which of the following best describes the action the router takes when
it receives a packet that should be dripped according to the output ACL?
A. The router drops the packet and does not forward it to the NM-CIDS.
B. The router sends the packet to the NM-CIDS for inspection, then performs
output-ACL check and drops the packet.
C. If the packet is an ICMP packet, the router sends it to the NM-CIDS for inspection,
then performs output ACL check and drops the packet. If the packet is not an ICMP
packet, the router performs output ACL check and drops the packet.
D. The router sends the packet to the NM-CIDS check and drops the packet.
Answer: B

Questions and Answers : 63 questions
Updated: 2008-2-22
Market Price: $129.99
Member Price: $79.99

Free download:pass4sure CCSP 642-532
Free download:testking CCSP 642-532
more info:www.ciscoexams.org

PassGuide provides high-quality test materials, for example, Cisco CCNA CCNP CCIE, Comptia A + NETWORK + Security +, Juniper jncia, jncis, Vmware VCP-410,certification practice exams and so on.We are committed to give full refund to candidates if they fail the exam with use of our products.And we are confident to make such a guarantee. Buy Best Practice Exam,high-quality ,100% Guarantee ,Pls contact me,Mail:Sales@passguide.com

P4S Free Downloads

Type	Exam Braindumps	New Questions & Answers	Latest Updated	Available link
	All Pass4sure's Exam Pack	858	1 days ago	Download Free Testing Engines

PassGuide Braindumps-Free Test king Help You Quick Pass Any it Certifications Exams

Click links: www.testking.la/braindumps/free/down/crack/all/testking