Question 3: Test for Cisco exam #642-502

Posted on
Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

3) Objective: Configure Cisco IOS-based IPS to identify and mitigate threats to network resources
SubObjective: Identify and describe the capabilities of the IOS-IPS feature set

 

Single Answer, Multiple Choice

 

Which Cisco IOS IPS feature is based on the use of a Single Micro-Engine?

A. extended ACL support
B. parallel signature scanning

C. expanded signature capability
D. MultiProtocol Layered Inspection(MPLI)

Answer:
B. parallel signature scanning

 

Tutorial:
Cisco IOS IPS supports parallel signature scanning. The signatures are scanned in parallel by a Single Micro-Engine (SME). This speeds up the detection and prevention of attacks. SME is one of the two main components of Cisco IOS IPS. The other component is the Signature Definition File (SDF) that contains the signatures. An SME loads the SDF file and scans traffic for signature pattern matching with the signatures in the SDF files.

 

Other Cisco IOS IPS features do not use an SME. Cisco IOS IPS supports both standard and named or numbered Access Control Lists (ACL). New signatures can be added to the existing Signature Definition File (SDF) without requiring upgrade of IOS image, thus expending the signature capability.

 

MultiProtocol Layered Inspection (MPLI) does not exist and is invalid.

 

Reference:
CCSP SNRS Exam Certification Guide, Chapter 13: Cisco IOS Intrusion Prevention System, Cisco IOS IPS Features, pp. 259-260.

 

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804453cf.html#wp1110311

Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: