Cisco 642-513 Prep Guide, Easily To Pass Cisco 642-513 Exam Test Questions Are Based On The Real ExamCisco 642-513 Prep Guide, Easily To Pass Cisco 642-513 Exam Test Questions Are Based On The Real Exam
The 100% valid Flydumps latest Cisco 642-513 question answers ensure you 100% pass! And now we are offering the free new version along with the VCE format Cisco 642-513 practice test. Free download Cisco 642-513 more new PDF and VCE on Flydumps.com.
QUESTION 50
Which protocol is required for the administrative workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. SSL
D. IPSec
Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 51
How can the Agent kit be sent out to host machines?
A. via a URL that is e-mailed to clients
B. via a TFTP server
C. via an FTP server
D. via a Telnet server
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 52
What is the purpose of the sniffer and protocol detection rule?
A. to stop sniffers from running on a network
B. to allow sniffers to run on a network
C. to cause an event to be logged when non-IP protocols and sniffer programs are detected running on systems
D. to deny non-IP protocols and sniffer programs from running on systems
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 53
What are three types of variables used for CSA? (Choose three.)
A. global sets
B. file sets
C. API sets
D. data sets
E. network address sets
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 54
What is the purpose of connection rate limit rules?
A. to limit the number of connections to an application
B. to limit the number of calls to the kernel in a specified time frame
C. to limit the number of network connections within a specified time frame
D. to limit the number of malformed connection requests to a web server
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which port is used to access the CSA MC from the administrative workstation?
A. 21
B. 23
C. 1741
D. 1802
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which two of the following file access rule criteria can you use to allow or deny the operations that the selected applications can perform on files? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications
E. the address with which a system is attempting to communicate
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 57
What action is taken on user query windows when the Agent UI is not present on a system?
A. The default action is always taken.
B. All actions are denied.
C. All actions are allowed.
D. All actions are allowed and logged.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which three make up the CSA architecture model? (Choose three.)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. an administrative workstation
F. a syslog server
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which two of the following network access rules can you use to control access to specified network services? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 60
What is the purpose of the rootkit/kernel protection rule?
A. to restrict access to the operating system
B. to log access to the operating system
C. to restrict user access to the operating system
D. to restrict administrator access to the operating system
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Drag Drop question A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 62
Which definitions can be used to allow consistent configuration of policies across multiple systems and can also be used for event reporting purposes?
A. hosts
B. software updates
C. Agent kits
D. registration control
E. groups
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Which two items make up Agent kits? (Choose two.)
A. groups
B. hosts
C. policies
D. rules
E. network shim
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Which two types of rules apply to Windows systems only? (Choose two.)
A. Agent service control rules
B. clipboard access control rules
C. Agent UI control rules
D. COM component access control rules
E. data access control rules
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which portion of an HTTP request is examined by data access control rules?
A. the TCP header
B. the UDP header
C. the URI portion of the request
D. the URL portion of the request
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which two types of rules are UNIX-only rules?
A. network interface control rules
B. COM component access control rules
C. connection rate limit rules
D. file access control rules
E. rootkit/kernel protection rules
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 67
Choose three types of rules that apply to both Windows and UNIX systems.
(Choose three.)
A. Agent service control rules
B. Agent UI control rules
C. application control rules
D. COM component access control rules
E. file version control rules
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 68
What application is installed on the server after the CSA MC is installed?
A. Cisco Trust Agent
B. ACS
C. SQL
D. CSA
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)
A. install new code
B. modify configuration
C. ping scans
D. buffer overflow
E. erase files
F. e-mail attachment
Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
Cisco 642-513 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of Cisco 642-513. We provide our customers with the excellent 7×24 hours customer service.We have the most professional Cisco 642-513 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our Cisco 642-513 free pdf