Exam : Cisco 642-513
Title : Securing Hosts Using Cisco Security Agent Exam (HIPS)
Version : Demo
1. What is the purpose of the Compare tool?
A. to save data that has been configured
B. to compare individual rules
C. to compare individual rule modules
D. to compare and merge configurations
Answer: D
2. If a Solaris or Windows system is not rebooted after CSA installation, which three rules are only enforced when new files are opened, new processes are invoked, or new socket connections are made?(Choose three.)
A. COM component access rules
B. network shield rules
C. buffer overflow rules
D. network access control rules
E. file access control rules
F. demand memory access rules
Answer: CDE
3. For which operating system is the network shield rule available?
A. OS2
B. Windows
C. Linux
D. Solaris
Answer: D
4. What is the maximum number of characters that a policy name can contain?
A. 24
B. 32
C. 48
D. 64
Answer: D
5. What information is logged for registry access control?
A. port and direction
B. registry key
C. registry access events
D. PROGID/CLSID
Answer: B
http://www.test4actual.com/642-513.html
6. Which protocol should never be disabled on the CSA MC?
A. SSH
B. Telnet
C. IPSec
D. SSL
Answer: D
7. Which information is logged for file access control?
A. port and direction
B. registry key
C. process path
D. PROGID/CLSID
Answer: C
8. Which action must be taken before a host can enforce rules when it has been moved to a new group?
A. save
B. generate rules
C. deploy
D. clone
Answer: B
9. What is a benefit of putting hosts into groups?
A. There is no need to configure rules.
B. There is no need to configure rule modules.
C. The administrator can deploy rules in test mode.
D. The administrator does not have to deploy rules in test mode.
Answer: C
10.Which three of these does the buffer overflow rule detect on a UNIX operating system, based on the type of memory space involved? (Choose three.)
A. location space
B. stack space
C. slot space
D. data space
E. heap space
F. file space
Answer: BDE
Tags: 642-513 exam
