Free 642-513 download :cisco CCSP Securing Hosts Using Cisco Security Agent Exam (HIPS) exam
Certification Provider: cisco
Exam Name: 642-513 – Securing Hosts Using Cisco Security Agent Exam (HIPS)
Related Certifications: CCSP
Language: English
Latest update:2010-05-01
Free 642-513 PDF Demo
Download Demo of cisco 642-513 PDF exam for free (in PDF format ) before you decide to purchase it. Thus,you can know better about the quality of our practice exam and then make your right decision.
Free Download:Free 642-513 PDF
642-513 QUESTIONS ANSWERS WITH EXPLANATIONS
Interactive Testing Engine
PREPARATION LABS:20 labs
Duration: 270 Questions
cheap Price : 69.99
Guaranteed pass of CCSP 642-513 exam
What does PassGuide have for you to offer, for cisco 642-513 ?
Practically everything that you will ever need cisco 642-513 is indeed a highly qualified examination, and adequate preparation has to be made too in order to pass the exam. Vigilant exams practice is needed before a professional is qualified to appear in the certification exams. Only with heavy preparation and proper cisco guide certification exams can be attempted and passed.
Choose the CCSP 642-513 program that’s right for you.
you can feel safe with our question and answers that will help you in obtaining your successful completion of your 642-513 exam.
Investing in CCSP certification will help you to head for success
cisco 642-513 SEARCH HELP
Feel free to use search terms below while searching the Net for 642-513 Securing Hosts Using Cisco Security Agent Exam (HIPS) exam:
cisco 642-513 sample questions
cisco 642-513 test answers
cisco 642-513 practice questions
cisco 642-513 vce download
cisco 642-513 discount code
cisco 642-513 guaranteed pass
PassGuide 642-513 exam like testking 642-513 exam pass4sure 642-513 exam transcender 642-513 exam Testinside 642-513 exam and it downlaods from the test center.If you will take 642-513 exam,I suggest you choose PassGuide 642-513.We guarantee that you can pass 642-513 exam at your first try.
Free Download:PassGuide 642-513
IT Certification and Career Paths
642-513 HIPS
Securing Hosts Using Cisco Security Agent Exam
Exam Number: 642-513
Associated Certifications: CCSP
Duration: 75 minutes (65-75 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Exam Description Exam Topics Recommended Training Additional Resources
Exam Description
The Securing Hosts Using Cisco Security Agent exam 642-513 HIPS is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the HIPS v3.0 course. This exam tests a candidate’s knowledge and ability to describe, configure, and verify the Cisco Security Agent product.
Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Describe and deploy the CSA and CSA MC products
Explain the concept of network defense in depth
Describe Cisco Security Agent architecture
Describe the life cycle of an attack
Explain how Cisco Security Agent protects against attacks
Identify the CSA MC and CSA system requirements
Identify the administration workstation requirements
Install the CSA MC
Configure basic settings on the CSA MC
Install the CSA using a default group
Use CSA MC to configure groups, manage hosts, and build policies
Describe various components of the menu bar and its function in the CSA MC interface
Create, save, and delete data on the CSA MC
Create groups to ease host management and security policy deployment
Build Agent kits for the newly created groups
View host status and modify host configuration
Distribute software updates to hosts
Discuss components of a policy
Configure policies and rule modules
Use CSA MC to configure rules
Describe the basics of rule construction and functionality
Configure rules common to Windows and UNIX systems
Configure Windows-Only rules
Configure UNIX-Only rules
Describe the individual rules you can add to your policies that allow CSA MC to categorize processes and correlate events across multiple systems
Describe and configure the system API Control Rule
Describe and configure the Network Shield Rule
Describe and configure the Buffer Overflow Control Rule
Describe and configure the Email Worm Protection Rule module
Describe and configure the Installation Applications Policy
Describe and configure Global Event Correlation
Define application classes and work with variables
Explain the use of application classes in creating security policies
Discuss the preconfigured application classes included in the CS AMC
Configure a static application class
Create a dynamic application class and an application-builder rule
Discuss how events sets are used to ease administration of security policies
Configure data, file and network address sets
Create registry, COM component and network services sets
Use the COM extraction utility to gather PROGIDs and CLSIDs for the software installed on a system
Configure Query Settings variables to be used with Query rules
Use CSA Analysis and define and generate reports
Understand and configure application deployment investigation
Understand and configure product associations for application deployment investigation
Configure and run application deployment reports
Understand and configure application behavior investigation
Understand and use behavior analysis reports
Import and use behavior analysis rule modules
Explain the features of the Event Log and Event Monitor
Configure filtering of events for logging, reports, and alerts
Create event-based alerts
Generate reports on events selected by sorting criteria
CISCO 642-513
Securing Hosts Using Cisco Security Agent Exam (HIPS)
Q&A Demo
www.PassGuide.com
(C) Copyright 2006-2009 CertBible Tech LTD,All Rights Reserved.
Important Note
Please Read Carefully
Study Tips
This product will provide you questions and answers carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions.
Go through the entire document at least twice so that you make sure that you are not
missing anything.
Latest Version
We are constantly reviewing our products. New material is added and old material is
revised. Free updates are available for 120 days after the purchase. You should check your
member zone at PassGuide an update 3-4 days before the scheduled exam date.
Feedback
If you spot a possible improvement then please let us know. We always interested in
improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.
Be Prepared. Be Confident. Get Certified.
————————————————————————————————————————-
Sales and Support Manager
Sales Team: sales@passguide.com Support Team: support@passguide.com
———————————————————————————————————————
Copyright
Each pdf file contains a unique serial number associated with your particular name and
contact information for security purposes. So if we find out that a particular pdf file is
being distributed by you, CertBible reserves the right to take legal action against you
according to the International Copyright Laws.
Question:1
Which two items make up Agent kits? (Choose two.)
A:groups
B:hosts
C:policies
D:rules
E:network shim
Correct Answers: A, E
Question:2
If a Solaris or Windows system is not rebooted after CSA installation, which three rules are only enforced when
new files are opened, new processes are invoked, or new socket connections are made? (Choose three.) A:COM component access rules
B:network shield rules
C:buffer overflow rules
D:network access control rules
E:file access control rules
F:demand memory access rules
Correct Answers: C, D, E
Question:3
How can the Agent kit be sent out to host machines?
A: via a URL that is e-mailed to clients
B: via a TFTP server
C: via an FTP server
D: via a Telnet server
Correct Answers: A
Question:4
Cisco Security Agent provides Day Zero attack prevention by using which of these methods?
A: using signatures to enforce security policies
B: using API control to enforce security policies
C: using stateful packet filtering to enforce security policies
D: using algorithms that compare application calls for system resources to the security policies
Correct Answers: D
Question:5
What is the purpose of network access control rules?
A: to control access to network services
B: to control access to network addresses
C: to control access to both network services and network addresses
D: to control access to networks
Correct Answers: C
Question:6
Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)
A:install new code
B:modify configuration
C:ping scans
D:buffer overflow
E:erase files
F:e-mail attachment
Correct Answers: D, F
Question:7
When you choose the Log All Deny Actions option within a group, how are deny actions logged?
A: Deny actions are logged every 5 minutes.
B: Deny actions are logged every 10 minutes.
C: Every deny action is logged regardless of the specific rule settings.
D: Only those deny actions that are configured within specific rules are logged.
Correct Answers: C
Question:8
Which protocol should never be disabled on the CSA MC?
A: SSH
B: Telnet
C: IPSec
D: SSL
Correct Answers: D