最新的思科 微软 IBM Oracle HP 题库免费共享 又一个 WordPress 博客

  • 2B0-018题库demo免费下载

    Filed under Enterasys Networks
    Aug 3

    Enterasys Networks认证2B0-018考试题库介绍

    考试代号: 2B0-018
    问题数量:50 Q&As

    更新时间: 2009-09-14
    注册地点: Prometric/Pearson VUE
    题库全称:ES Dragon IDS

    免费2B0-018题库Demo赏析

     
     
    Exam : Enterasys Networks 2B0-018
    Title : ES Dragon IDS

    1. Which best describes a type of attack that aims to prevent the use of a service or host?
    A. Reconnaissance
    B. Denial of Service
    C. IP Spoofing
    D. Exploit
    Answer: B

    2. Which of the following is required in order for the Dragon installation script (install.pl) to be completed?
    A. Dragon license key
    B. Pre-configured user and group named dragon
    C. Active link to the internet
    Answer: B

    3. How many Dragon Policy Managers can simultaneously manage a single Dragon Network/Host Sensor?
    A. 1
    B. 2
    C. 10
    D. Unlimited
    Answer: A

    4. For what purpose can Dragon Workbench be used?
    A. Read data from TCPDUMP trace/capture file and write to dragon.db for later analysis
    B. Read data from dragon.db file and write to a TCPDUMP trace/capture file for later analysis
    C. Read data from RealTime Console and write to a TCPDUMP trace/capture file for later analysis
    D. This functionality is ONLY available on Dragon Appliances
    Answer: A

    5. Which best describes a SYN Flood attack?
    A. Attacker redirects unusually large number of SYN/ACK packets
    B. Attacker sends relatively large number of altered SYN packets
    C. Attacker floods a host with a relatively large number of unaltered SYN packets
    D. Attacker floods a host with an unusually large number of legitimate ACK packets
    Answer: B

    6. Which of the following is NOT a function of Dragon Forensics Console?
    A. Allows for central configuration of Active Response mechanisms to deter network attacks
    B. Centrally analyzes activity as it is occurring or has occurred over time
    C. Correlates events together across Network Sensor, Host Sensor, and any other infrastructure system (e.g., firewall, router) for which messages have been received (via Host Sensor log forwarding)
    D. Provides the tools for performing a forensics level analysis and reconstructing an attackers session
    Answer: A

    7. What is one benefit of Dragon Network Sensors dual network interface capability as deployed on a non-Dragon Appliance system?
    A. Secure management and reporting on one interface; Network Sensor invisible on other interface
    B. Allows for collection of event data from both interfaces simultaneously
    C. Allows for protocol detection from one interface, and anomaly detection from the other interface
    D. This functionality is ONLY available on Dragon Appliances
    Answer: A

    8. Which of the following is NOT a recommended means for a Dragon Network Sensor to collect event data over multiple switched links?
    A. Port Redirection
    B. Network Tap(s)
    C. Port Trunking
    D. Strategic deployment of multiple Dragon Network Sensors
    Answer: C

    9. What is the method that Dragon uses to secure the communication between the remote management host and Dragon Policy Manager?
    A. SSH
    B. SSL
    C. IPSec
    D. MD5
    Answer: B

    10. Which of the following is NOT a valid detection method used by Dragon Network Sensor?
    A. Signature detection
    B. Protocol detection
    C. Policy detection
    D. Anomaly detection
    Answer: C

    11. Why might an IDS administrator configure Dragon Enterprise Management Server to INITIATE outbound connections to remote Network/Host Sensors?
    A. To increase performance when traversing a corporate DMZ
    B. To provide the additional security that is inherent in the Server-initiated communication
    C. Dragon only allows server-initiated (outbound) connections
    D. To integrate Dragon into MSSP or other environments where firewalls prohibit inbound connections from Network/Host Sensors
    Answer: D

    12. What is the recommended method to start all installed Dragon components in Enterprise mode?
    A. ./dragon enterprise
    B. ./driders enterprise
    C. ./dragonctl start
    D. ./dragonctl enterprise
    Answer: C

    13. Which of the following is NOT a typical function of an Intrusion Detection System?
    A. Monitors segment traffic to detect suspicious activity
    B. Monitors network traffic and corrects attacks
    C. Monitors traffic patterns to report on malicious events
    D. Monitors individual hosts (HIDS) or network segments (NIDS)
    Answer: B

    14. Which component of Dragon is most responsible for enabling hierarchical deployments?
    A. Dragon Network Sensor
    B. Dragon Security Information Manager
    C. Dragon Event Flow Processor
    D. Dragon Hierarchy Agent
    Answer: C

    15. What is one method of de-activating a Dragon Policy Manager on a Linux host?
    A. ./dragonctl kill PolicyManager
    B. ./dragonctl kill policy-manager
    C. ./dragonctl stop PolicyManager
    D. ./dragonctl stop policy-manager
    Answer: C

    16. What might be one benefit of configuring a Dragon Host Sensor Server?
    A. To provide IKE-level security for Host Sensors deployed in a corporate DMZ
    B. To centrally collect NIDS-event data from Network Sensors
    C. To collect HIDS-event data from systems on which it is not possible or practical to deploy a Dragon Host Sensor
    Answer: C

    17. Which of the following does NOT describe Dragon Host Sensors Multi-Detection methods?
    A. Monitors output to a hosts system and audit logs
    B. Monitors a hosts files via MD5 integrity-checking
    C. Monitors a hosts specified network interface promiscuously for anomalous activity
    D. Monitors a hosts specific file attributes for changes to owner, group, permissions and file size
    E. Monitors a Windows hosts Registry for attributes that should not be accessed and/or modified
    Answer: C

    18. What is the primary and default source of event data for Dragon RealTime Console?
    A. dragon.log.xxx
    B. dragon.db
    C. Ring Buffer
    D. Dragon Workbench
    Answer: C

    19. Which of the following best describes the relationship between policies and signatures on a Dragon Host Sensor?
    A. Policies can contain O/S-specific signatures
    B. Signatures can contain O/S-specific policies
    C. Policies and signatures are combined in a single library
    D. Policies and signatures are unrelated
    Answer: A

    20. What two modes are available when installing a Dragon Host Sensor?
    A. Standalone and Enterprise
    B. Local and Remote
    C. Active and Standby
    Answer: A

    免费下载2B0-018题库Demo

    Examsoon提供最新的Enterasys Networks Certification认证 2B0-018题库,其全名为:(ES Dragon IDS). 在您决定是否购买之前 可以先下载2B0-018题库的部分演示. Examsoon是全球唯一提供所有IT认证考试题库demo免费下载的厂商 ,以下为免费2B0-018模拟测试题的下载链接

    免费的2B0-018题库PDF下载链接

    Enterasys Networks 2B0-018学习指南

    Enterasys Networks Certification认证 2B0-018考试已经证明了它在全世界的广泛性和重要性,因此明白这项认证考试的世界各地的人必须具备与认证考试相关领域所需的技能和知识。Enterasys Networks认证 2B0-018学习指南的目的是检查考生的能力和他对概念的意识。很多时候练习测试2B0-018考试都已经被修改过了,删掉了许多过时的东西,而那些需求是在考试课程。当应用到时候你所学的知识的时候,就会鉴定出你所学到的东西以及对所学知识的应用是多么的恰到好处。Enterasys Networks认证 2B0-018是在IT行业的知名品牌,所以如果您通过了这样一个知名公司举行的一次考试,你可以想象你将来的事业会做的多么好。

    想要通过这个考试当然存在很多困难。你所要做的就是准备好充足的勇气和信心,而这些都来源与你平时训练的好坏.建议大家可以去Examsoon这个网站看一下,它的2B0-018考试是为了测试您在这方面的知识的掌握程度,最好的部分是它可以使你不断更新你所学的知识,不断进步。如果你知道所有的概念和如何使用他们的时候才是你真正掌握了Examsoon的用意。这门考试检查了您的能力和一旦你通过这次考验你将成为最优秀的人才,其他2B0-018考试的Examsoon结算值得注意的影响就是你的薪水将直线上升这大概也是每个人都希望获得的,所以要找一些好的资源才行。

    Examsoon考题大师2B0-018试题都是考试原题的完美组合,覆盖率95%以上,答案由多位专业资深讲师原版破解得出,正确率100%,只要您使用Examsoon的考试题库参加2B0-018考试,保证您一次轻松通过考试;

    售后服务第一!我们相信要想在当今时代取得成功,必须为广大用户提供全套的周到细致的全程优质售后服务,只有客户满意了,才能发展。客户至上是Examsoon考题大师的一贯宗旨;

    No Comments

Leave a Reply

You must be logged in to post a comment.

 
Powered by Testinside考题大师
IT认证题库专家 || IT认证考试资源网

友情链接 | Examsoon IT 认证考试网 思科认证资源网 思科微軟考古題 IT證照模擬試題 考古題考試模擬軟件 70-649 70-643 70-646 640-802 640-863 e20-340 HP0-085 HP0-A25