[Free] 2018(Aug) Dumps4cert Cisco 500-280 Dumps with VCE and PDF Download 1-10

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug Cisco Official New Released 500-280
100% Free Download! 100% Pass Guaranteed!

Securing Cisco Networks with Open Source Snort

Question No: 1

Which protocol operates below the network layer?

  1. UDP

  2. ICMP

  3. ARP

  4. DNS

Answer: C

Question No: 2

Which area is created between screening devices in an egress/ingress path for housing web, mail, or DNS servers?

  1. EMZ

  2. DMZ

  3. harbor

  4. inlet

Answer: B

Question No: 3

What does protocol normalization do?

  1. compares evaluated packets to normal, daily network-traffic patterns

  2. removes any protocol-induced or protocol-allowable ambiguities

  3. compares a packet to related traffic from the same session, to determine whether the packet is out of sequence

  4. removes application layer data, whether or not it carries protocol-induced anomalies, so that packet headers can be inspected more accurately for signs of abuse

Answer: B

Question No: 4

On which protocol does Snort focus to decode, process, and alert on suspicious network traffic?

  1. Apple talk

  2. TCP/IP

  3. IPX/SPX

  4. ICMP

Answer: B

Question No: 5

Which technique can an intruder use to try to evade detection by a Snort sensor?

  1. exceed the maximum number of fragments that a sensor can evaluate

  2. split the malicious payload over several fragments to mask the attack signature

  3. disable a sensor by exceeding the number of packets that it can fragment before forwarding

  4. send more packet fragments than the destination host can reassemble, to disable the host without regard to any intrusion-detection devices that might be on the network

Answer: B

Question No: 6

An IPS addresses evasion by implementing countermeasures. What is one such countermeasure?

  1. periodically reset statistical buckets to zero for memory utilization, maximization, and performance

  2. send packets to the origination host of a given communication session, to confirm or eliminate spoofing

  3. perform pattern and signature analysis against the entire packet, rather than against individual fragments

  4. automate scans of suspicious source IP addresses

Answer: C

Question No: 7

Which IPS placement option is the noisiest?

  1. inside the firewall

  2. outside the firewall

  3. inside the DMZ

  4. inside general user segments

Answer: B

Question No: 8

What is the purpose of using a span or monitor port on a switch?

  1. to aggregate traffic from multiple switch ports

  2. to tap data off network media

  3. to overcome problems that switches have in accurately reproducing desired traffic

  4. to limit the amount of traffic that passes through the switch

Answer: A

Question No: 9

Which item examines packets for malformation, anomalies, and protocol compliance and gathers and presents packets in one consistent fashion?

  1. Sniffer

  2. preprocessors

  3. detection engine

  4. output and alerting module

Answer: B

Question No: 10

Which component is one of the four primary components of Snort?

  1. ACL

  2. postprocessor

  3. iptables

  4. output and alerting

Answer: D

100% Dumps4cert Free Download!
Download Free Demo:500-280 Demo PDF
100% Dumps4cert Pass Guaranteed!
500-280 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.