Describe and configure Cisco IOS IPS
These questions are derived from the Self Test Software Practice Test for Cisco exam #642-825 – Implementing Secure Converged Wide Area Networks.
Objective Sequence: Describe and configure Cisco IOS IPS
SubObjective Sequence: Configure Cisco IOS IPS using SD
Multiple Answer, Multiple Choice
What are the actions that can be configured for signature matches in the IPS while using the SDM? (Choose all that apply.)
- Alarm
- Drop
- Reset
- TCP_Spoof_Block
- TCP_Syn_Protect
Answer:
- Alarm
- Drop
- Reset
Tutorial:
There are three possible actions the IPS can perform as a result of a signature match. Alarm sends an alert message of the match. Drop causes the matching packets to be dropped. Reset causes the connection of the offending host to be dropped. The other options are not valid for IPS actions.