Implement the Cisco IOS IPS feature set using SDM

Posted on by
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

Questions derived from the 642-552 – Securing Cisco Network Devices Exam Cisco Self-Test Software Practice Test.

 

Objective: Implement the Cisco IOS IPS feature set using SDM
SubObjective: Explain IPS technologies, attack responses and monitoring options

 

Item Number: 642-552.8.2.15
Single Answer, Multiple Choice

 

Which type of attack can be detected by using the Sweep Signature engine?

 

 

  1. Denial-of-Service (DoS) attack
  2. Access attack
  3. Reconnaissance attack
  4. Distributed denial-of-service (DDoS) attack

 

Answer:
C. Reconnaissance attack

 

Tutorial:
Reconnaissance attacks can be detected by using the Sweep Signature engine.

 

The Sweep Signature engine is used to analyze traffic when a host is making connections to one or many different hosts. This can be used to locate an attacker who is trying to probe for services on a specific host or in other words to detect a reconnaissance attack.

 

All the other options are incorrect because DoS, Access and DDoS types of attacks cannot be detected by using Sweep Signature engine.

 

Reference:
http://www.ciscopress.com/articles/article.asp?p=25330&rl=1

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: