642-513 CCSP Braindump
ExamSoon 642-513 Exams
Cisco Securing Hosts Using Cisco Security Agent Exam (HIPS)
O rder : 642-513 Exam
Practice Exam: 642-513
Exam Number/Code: 642-513
Exam Name: Securing Hosts Using Cisco Security Agent Exam (HIPS)
Questions and Answers: 69 Q&As
Free 642-513 Braindumps
Exam : Cisco 642-513
Title : Securing Hosts Using Cisco Security Agent Exam (HIPS)
1. Which action must be taken before a host can enforce rules when it has been moved to a new group?
A. save
B. generate rules
C. deploy
D. clone
Answer: B
2. Which information is logged for file access control?
A. port and direction
B. registry key
C. process path
D. PROGID/CLSID
Answer: C
3. What is the purpose of the Compare tool?
A. to save data that has been configured
B. to compare individual rules
C. to compare individual rule modules
D. to compare and merge configurations
Answer: D
4. Which of these is a reason for using groups to administer Agents?
A. to link similar devices together
B. to complete configuration changes on groups instead of hosts
C. to complete the same configuration on like items
D. to apply the same policy to hosts with similar security requirements
Answer: D
5. Which one of the five phases of an attack attempts to become resident on a target?
A. probe phase
B. penetrate phase
C. persist phase
D. propagate phase
E. paralyze phase
Answer: C
6. In which type of rules are network address sets used?
A. COM component access control rules
B. connection rate limit rules
C. network access control rules
D. file control rules
E. file access control rules
Answer: C
7. Which three items make up rules? (Choose three.)
A. variables
B. applications
C. application classes
D. rule modules
E. policies
F. actions
Answer: ACF
8. What is the maximum number of characters that a policy name can contain?
A. 24
B. 32
C. 48
D. 64
Answer: D
9. Which three of these does the buffer overflow rule detect on a UNIX operating system, based on the type of memory
space involved? (Choose three.)
A. location space
B. stack space