You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Cisco</strong><br />
CODE: 500-280<br />
Exam Name: Securing <strong>Cisco</strong> Networks with Open<br />
Source Snort<br />
15% Discount Coupon Code: 52192S1005<br />
Click the link below to get full version<br />
http://www.testsexpert.com/500-280.html<br />
Type Demo<br />
Microsoft IBM HP <strong>Cisco</strong> Oracle Symantec<br />
Instant download after purchase<br />
1 http://www.testsexpert.com/500-280.html
Which protocol operates below the network layer?<br />
A. UDP<br />
B. ICMP<br />
C. ARP<br />
D. DNS<br />
Question: 1<br />
Answer: C<br />
Question: 2<br />
Which area is created between screening devices in an egress/ingress path for housing web, mail, or<br />
DNS servers?<br />
A. EMZ<br />
B. DMZ<br />
C. harbor<br />
D. inlet<br />
What does protocol normalization do?<br />
Answer: B<br />
Question: 3<br />
A. compares evaluated packets to normal, daily network-traffic patterns<br />
B. removes any protocol-induced or protocol-allowable ambiguities<br />
C. compares a packet to related traffic from the same session, to determine whether the packet is out of<br />
sequence<br />
D. removes application layer data, whether or not it carries protocol-induced anomalies, so that packet<br />
headers can be inspected more accurately for signs of abuse<br />
Answer: B<br />
Question: 4<br />
Microsoft IBM HP <strong>Cisco</strong> Oracle Symantec<br />
Instant download after purchase<br />
2 http://www.testsexpert.com/500-280.html
On which protocol does Snort focus to decode, process, and alert on suspicious network traffic?<br />
A. Apple talk<br />
B. TCP/IP<br />
C. IPX/SPX<br />
D. ICMP<br />
Answer: B<br />
Question: 5<br />
Which technique can an intruder use to try to evade detection by a Snort sensor?<br />
A. exceed the maximum number of fragments that a sensor can evaluate<br />
B. split the malicious payload over several fragments to mask the attack signature<br />
C. disable a sensor by exceeding the number of packets that it can fragment before forwarding<br />
D. send more packet fragments than the destination host can reassemble, to disable the host without<br />
regard to any intrusion-detection devices that might be on the network<br />
Answer: B<br />
Question: 6<br />
An IPS addresses evasion by implementing countermeasures. What is one such countermeasure?<br />
A. periodically reset statistical buckets to zero for memory utilization, maximization, and performance<br />
B. send packets to the origination host of a given communication session, to confirm or eliminate<br />
spoofing<br />
C. perform pattern and signature analysis against the entire packet, rather than against individual<br />
fragments<br />
D. automate scans of suspicious source IP addresses<br />
Answer: C<br />
Microsoft IBM HP <strong>Cisco</strong> Oracle Symantec<br />
Instant download after purchase<br />
3 http://www.testsexpert.com/500-280.html
<strong>Cisco</strong><br />
CODE: 500-280<br />
Exam Name: Securing <strong>Cisco</strong> Networks with Open<br />
Source Snort<br />
15% Discount Coupon Code: 52192S1005<br />
Click the link below to get full version<br />
http://www.testsexpert.com/500-280.html<br />
Microsoft <strong>Cisco</strong> IBM HP Others<br />
MB6-871 MB6-872<br />
MB6-884 MB6-886<br />
MB7-702 70-410<br />
70-413 70-417<br />
640-692 642-427<br />
642-584 642-637<br />
642-742 642-983<br />
642-993 642-999<br />
642-980 644-068<br />
00M-617 000-176<br />
LOT-440 000-283<br />
LOT-442 000-670<br />
000-N12 000-N19<br />
HP5-Z01D HP2-N43<br />
HP2-N28 HP5 K02D<br />
HP5-K01D HP5-H01D<br />
CMA CPIM<br />
E20-553 CFA-Level-III<br />
1Z0-460 IIA-CGAP<br />
M70-301 CHFP<br />
70-461 70-462<br />
70-463 70-464<br />
70-465 70-466<br />
70-481 70-482<br />
70-483 70-484<br />
70-485 70-486<br />
644-066 500-005<br />
646-206 646-580<br />
650-153 650-179<br />
650-196 650-292<br />
650-297 650-473<br />
650-474 500-254<br />
00M-513 00M-617<br />
00M-620 000-N40<br />
00M-667 00M-222<br />
LOT-929 00M-245<br />
00M-639 00M-643<br />
00M-645 00M-249<br />
HP0-D12<br />
HP0-M57<br />
HP0-Y43<br />
HP2-B87<br />
HP2-E43<br />
HP2-E46<br />
HP0-D15<br />
HP0-S35<br />
HP2-B82<br />
HP2-B91<br />
HP2-E45<br />
HP2-E47<br />
1Z0-466 CMQ-OE<br />
1Z0-593 IIA-CFSA<br />
CSSGB CTAL<br />
1Z0-465 CPFO<br />
PSP CFE CQIA<br />
70-497 70-498<br />
70-685 70-686<br />
70-687 70-688<br />
74-322 74-324<br />
77-881 77-885<br />
98-361 98-365<br />
700-101 640-803<br />
646-048 642-998<br />
640-722 500-254<br />
500-005 200-101<br />
646-365 648-266<br />
500-005 100-101<br />
000-N28 000-N31<br />
00M-512 00M-513<br />
00M-668 00M-638<br />
00M-646 00M-647<br />
00M-648 00M-662<br />
000-N23 000-N25<br />
HP2-E50 HP2-E51<br />
HP2-E53 HP2-H23<br />
HP2-H24 HP2-K23<br />
HP2-K24 HP2-K28<br />
HP2-K31 HP2-N31<br />
HP2-N33 HP2-Q06<br />
RHIA 00M-617 CTFA<br />
MSC-431 CFA-Level-I<br />
CPEA AFE CRCM<br />
1Z0-559 CTAL-TA<br />
002-<br />
ARXTROUBLESHOOT<br />
Microsoft IBM HP <strong>Cisco</strong> Oracle Symantec<br />
Instant download after purchase<br />
4 http://www.testsexpert.com/500-280.html