[The Newest Dumps] Real Cisco 642-513 exam dumps revised by experts, they were updated with the change of the Cisco 642-513,covering all the whole aspects of Cisco 642-513 exam. Just have a training of Flydumps Cisco 642-513 exam questions to guarantee your 100% pass
QUESTION 5
What is the purpose of the Audit Trail function?
A. to generate a report listing events matching certain criteria, sorted by event severity
B. to generate a report listing events matching certain criteria, sorted by group
C. to generate a report showing detailed information for selected groups
D. to display a detailed history of configuration changes
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In which type of rules are network address sets used?
A. COM component access control rules
B. connection rate limit rules
C. network access control rules
D. file control rules
E. file access control rules
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which three of these does the buffer overflow rule detect on a UNIX operating system, based on the type of memory space involved? (Choose three.)
A. location space
B. stack space
C. slot space
D. data space
E. heap space
F. file space
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
When should you use preconfigured application classes for application deployment investigation?
A. never
B. always
C. only for specific applications
D. only when applications require detailed analysis
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Drag Drop question
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 10
Which systems with specific operating systems are automatically placed into mandatory groups containing rules for that operating system? (Choose three.)
A. OS2
B. HPUX
C. Solaris
D. Mac OS
E. Linux
F. Windows
Correct Answer: CEF Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What is the purpose of network access control rules?
A. to control access to network services
B. to control access to network addresses
C. to control access to both network services and network addresses
D. to control access to networks
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 12
What is the purpose of the Compare tool?
A. to save data that has been configured
B. to compare individual rules
C. to compare individual rule modules
D. to compare and merge configurations
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 13
If a Solaris or Windows system is not rebooted after CSA installation, which three rules are only enforced when new files are opened, new processes are invoked, or new socket connections are made? (Choose three.)
A. COM component access rules
B. network shield rules
C. buffer overflow rules
D. network access control rules
E. file access control rules F. demand memory access rules
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 14
For which operating system is the network shield rule available?
A. OS2
B. Windows
C. Linux
D. Solaris
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 15
What is the maximum number of characters that a policy name can contain?
A. 24
B. 32
C. 48
D. 64
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 16
What information is logged for registry access control?
A. port and direction
B. registry key
C. registry access events
D. PROGID/CLSID
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which protocol should never be disabled on the CSA MC?
A. SSH
B. Telnet
C. IPSec
D. SSL
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which information is logged for file access control?
A. port and direction
B. registry key
C. process path
D. PROGID/CLSID
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which action must be taken before a host can enforce rules when it has been moved to a new group?
A. save
B. generate rules
C. deploy
D. clone
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 20
What is a benefit of putting hosts into groups?
A. There is no need to configure rules.
B. There is no need to configure rule modules.
C. The administrator can deploy rules in test mode.
D. The administrator does not have to deploy rules in test mode.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 21
Drag Drop question A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Which two attacks could an attacker use during the probe phase of an attack? (Choose two.)
A. buffer overflow
B. install new code
C. ping scans
D. erase files
E. port scans
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 23
Which operating system does not receive a notification window when a software update is available from the CSA MC?
A. Linux
B. Windows
C. HPUX
D. Solaris
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 24
Which view would you use to create a new policy within the CSA MC?
A. Configuration > Rules > Policies
B. Configuration > Policies
C. Systems > Policies
D. Systems > Rules > Policies
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Cisco Security Agent provides Day Zero attack prevention by using which of these methods?
A. using signatures to enforce security policies
B. using API control to enforce security policies
C. using stateful packet filtering to enforce security policies
D. using algorithms that compare application calls for system resources to the security policies
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 26
Which application loads when installing the CSA MC to run the local database?
A. Microsoft Access
B. Microsoft SQL Server Desktop Engine
C. Microsoft SQL Server
D. Oracle
Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 27
Which type of privileges must you have on a host system to install CSA?
A. superuser
B. administrator
C. user
D. viewer
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 28
Which Agent kit should be installed on the CSA MC?
A. the default Windows Agent kit
B. the default UNIX Agent kit
C. the default CSA Agent kit
D. the Agent kit that is automatically installed
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Which attack could an attacker use during the propagate phase of an attack?
A. ping scans
B. crash systems
C. attack other targets
D. erase files
E. steal data
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Which three operating systems are supported for deployment of CSA? (Choose three.)
A. OS2
B. HPUX
C. Linux
D. Solaris
E. AIX
F. Windows
Correct Answer: CDF Section: (none) Explanation
Explanation/Reference:
QUESTION 31
What happens if the Agent UI control rule is not present in any active rule modules?
A. The Agent UI becomes present on the system.
B. The Agent UI is not present on the system.
C. The Agent UI is visible on the system.
D. The Agent UI is not visible on the system.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 32
What are the three options that can be given to a user when a Query User window appears? (Choose three.)
A. allow
B. accept
C. deny
D. kill
E. terminate
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 33
Which view within the CSA MC allows users to see a view of event records based on filtering criteria such as time and severity?
A. Event Summary
B. Event Log
C. Event Monitor
D. Event Sets
E. Event Alerts
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 34
When a rule is cloned, which part of the rule is not cloned?
A. sets
B. rule modules
C. hosts
D. variables
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 35
What is the purpose of the network interface control rule?
A. to prevent applications from opening devices and acting as a sniffer
B. to provide protocol stack hardening rules
C. to prevent users from opening devices that can act as a sniffer
D. to provide filtering of undesired traffic at the network interface level
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 36
What action must happen before a system that has CSA can download policies configured for it?
A. The system must be rebooted.
B. The system must install Agent kits.
C. The system must be polled by the CSA MC.
D. The system must register with the CSA MC.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 37
Which rules will not be enforced if you fail to reboot a Windows system following installation of the CSA?
A. network access control rules
B. buffer overflow rules
C. COM component access control rules
D. network shield rules
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 38
Which view within the CSA MC allows users to see overall system status information, including a summary of recorded events, agent configuration, and activity?
A. Status Summary
B. Event Log
C. Event Monitor
D. Event Sets
E. Alerts
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 39
Which operating system does not allow Query User options?
A. OS2
B. Windows
C. Linux
D. Solaris
E. HPUX
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
The Cisco contains more than 400 practice questions for the Cisco 642-513 exams,including simulation-based questions. Also contains hands-on exercises and a customized copy of the Cisco 642-513 exams network simulation software.
