Use CSA Analysis and define and generate reports

Posted on
Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

Questions derived from the Cisco Security Agent Guide, Chapter 4: Understanding CSA Policies, Modules, and Rules, CSA Rules, pp. 94-96. 642-513 – Securing Hosts Using Cisco Security Agent.

 

Objective: Use CSA Analysis and define and generate reports
SubObjective: Explain the features of the Event Log and Event Monitor

 

Item Number: 642-513.5.7.8
Multiple Answer, Multiple Choice

 

Which information is logged for Network access control rules? (Choose two.)

 

 

  1. Direction
  2. File operation
  3. Port
  4. Registry key
  5. COM component PROGID/CLSID

 

Answer:
A. Direction
C. Port

 

Tutorial:
The following information is logged for Network access control rules:

 

 

  • Direction
  • Port
  • Process path
  • Network address

 

The option file operation is incorrect. The information regarding file operation is logged for File access control rule.

 

The option registry key is incorrect. The information regarding registry key is logged for Registry access control rule.

 

The option COM component PROGID/CLSID is incorrect. The information regarding COM component PROGID/CLSID is logged for COM component access control rule.

 

Reference:
For more information, see Event Logging and Alerts
http://cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a008066e84a.html#wp952212

Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: