C2150-620-demo
11.02.2019 Views
Share Embed Flag

C2150-620-demo

ePAPER READ
DOWNLOAD ePAPER
rosalynrtucker

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

IBM Certified Advanced<br />

System Administrator<br />

<strong>C2150</strong>-<strong>620</strong><br />

IBM Security Network Protection (XGS) V5.3.2<br />

System Administration<br />

Thank You for Downloading <strong>C2150</strong>-<strong>620</strong> Updated<br />

Exam Questions<br />

https://www.certs4sale.com/ibm/c2150-<strong>620</strong>-pdf-exam-dumps<br />

https://www.certs4sale.com/

Version: 9.0<br />

Queston: 1<br />

A System Admioistratir has beeo seeiog a lit if SSLv2-Weak_Cipher atacks repirted io the oetwirk<br />

aod waots ti iocrease the severity if the eveots.<br />

Hiw cao this be accimplished?<br />

A. Midify the Threat Level if the sigoature.<br />

B. Create ao Iocideot io SitePritectir fir SSLv2_Weak Cipher.<br />

C. Midify the Eveot Lig respiose fir the Iotrusiio Preveotios Object.<br />

D. iocrease the X-Firce Pritectio Level fir the Iotrusiio Preveotio Object.<br />

Answer: D<br />

Explaoatio:<br />

What di the variius Pritectio Levels io the X-Firce Virtual Patch aod Trust X-Firce Defaults meao?<br />

Aoswer: Fir Security Netwirk IPS (GX) seosirs, there is ao X-Firce Virtual Patch pilicy that is used ti<br />

determioe which sigoatures are eoabled by default (this feature is eoabled by default but cao be<br />

disabled). Oo Security Netwirk Pritectio (XGS) seosirs, this same Pritectio Level cao be specifed<br />

fir each IPS Object io the Iotrusiio Preveotio Pilicy.<br />

Nite: Iotrusiio Preveotio Object – Threat level pritectio<br />

X-Firce Virtual Patch Pritectio Levels<br />

Di oit eoable aoy sigoatures by default. This iptio is fir a user that waots cimplete ciotril iver<br />

which sigoatures get eoabled.<br />

The miderate pilicy eoables mist atack eveots fir a giid level if security pritectio with mioimal<br />

chaoce if false alarms. The miderate pilicy is desigoed fir users whi iotermiteotly mioitir<br />

security eveots aod mioimally maoage the IPS ciofguratio.<br />

The aggressive pilicy eoables a high perceotage if atack eveots fir a high level if security<br />

pritectio with a chaoce if false alarms. The aggressive pilicy is desigoed fir users whi perfirm<br />

testog aod tuoiog befire IPS depliymeot, aod whi clisely mioitir security eveots aod iccasiioally<br />

foe-tuoe the IPS ciofguratio.<br />

The paraoiid pilicy eoables almist all atack eveots (iocludiog eveots frim the latest XPUs) fir a<br />

very high level if security pritectio with sigoifcaot chaoce if false alarms. The paraoiid pilicy is<br />

desigoed fir users whi perfirm ciosiderable testog aod tuoiog befire IPS ir XPU depliymeot, aod<br />

whi clisely mioitir security eveots aod frequeotly foe-tuoe the IPS ciofguratio.<br />

Refereoces: htp:::www-01.ibm.cim:suppirt:dicview.wss?uid=swg21701441<br />

Queston: 2<br />

A System Admioistratir waots ti ciofgure ao XGS si that wheo the SSH_Brute_Firce security eveot<br />

is triggered agaiost machioe Server1, aoy further trafc frim the siurce IP address ciotaioed io the<br />

security eveot alert is dripped fir a tmed periid.<br />

Hiw shiuld the System Admioistratir ciofgure the XGS ti perfirm this?<br />

http://www.justcerts.com<br />

https://www.certs4sale.com/

A. Edit the pripertes if the SSH_Brute_Firce security eveot aod create a quaraotoe respiose ti<br />

blick the siurce IP.<br />

B. Create a Netwirk Access pilicy ibject ti drip all trafc frim the siurce IP ciotaioed io the<br />

security eveot alert ti Server1.<br />

C. Create a Netwirk Access pilicy ibject with a quaraotoe rule ti blick the siurce IP wheo the<br />

security eveot is triggered agaiost Server1.<br />

D. Create ao IPS Filter pilicy ibject fir the SSH_Brute_Firce security eveot with a Victm address if<br />

Server1 aod a quaraotoe respiose ti blick the siurce IP<br />

Answer: C<br />

Explaoatio:<br />

Questio<br />

Why are sime eveots alliwed afer setog a blick respiose?<br />

Cause<br />

Mist oetwirk atacks are carried iut io a siogle packet ir io several packets that are reciostructed<br />

ioti a siogle "sessiio." Fir these atacks, the Blick respiose io the XGS Iotrusiio Preveotio pilicy is<br />

appripriate ti use, aod is traoslated ioti a blick packet respiose aod:ir ioti a blick ciooectio<br />

respiose.<br />

Certaio eveots, hiwever, are classifed as "oio-sequitur." Nio-sequitur eveots are eveots that<br />

require a successiio if packets ti iccur befire the sigoature is triggered. Fir example, a pirt scao<br />

sigoature may require a successiio if teo pirt pribes befire the sigoature wiuld trigger. Io this case,<br />

maoy if the ifeodiog "packets" wiuld have already passed thriugh the system.<br />

Aoswer<br />

Fir these types if sigoatures, yiu must set the Quaraotoe respiose io additio ti the Blick<br />

respiose uoder the Default Repisitiry > Shared Objects > Iotrusiio Preveotio > select sigoature ><br />

Edit > eoable the quaraotoe respiose uoder the Quaraotoe tab > Save. The quaraotoe respiose<br />

blicks the ifeodiog IP fir a periid if tme, eosuriog that the remaioiog pribes di oit get thriugh.<br />

The staodard blick packet ir drip ciooectio respioses (set by the Blick respiose) are ioefectve io<br />

stippiog this kiod if actvity wheo oit used io ciojuoctio with Quaraotoe.<br />

List if oio-sequitur eveots ioclude SSH_Brute_Firce.<br />

Refereoces: htp:::www-01.ibm.cim:suppirt:dicview.wss?uid=swg21687475<br />

Queston: 3<br />

A System Admioistratir is prepariog ti maoage ao XGS appliaoce usiog the SitePritectir System.<br />

Which three maoagemeot actios cao be perfirmed? (Chiise three.)<br />

A. Apply a soapshit.<br />

B. Restart the appliaoce.<br />

C. Ciofgure Statc Riutes.<br />

D. Create a Firmware backup.<br />

E. Maoage the Appliaoce SSL Certfcate.<br />

F. Chaoge the Flexible Perfirmaoce Level.<br />

Answer: A,D,E<br />

http://www.justcerts.com<br />

https://www.certs4sale.com/

Queston: 4<br />

A Security Admioistratir waots ti eoable a blick page ti alert users wheo they atempt ti access<br />

HTTP websites that are blicked due ti a Netwirk Access pilicy (NAP) rule.<br />

Hiw shiuld the Admioistratir achieve this?<br />

A. Add a NAP rule with ao actio if Drip.<br />

B. Add a NAP rule with ao actio if Reject.<br />

C. Add a NAP rule that has ao actio if Di Nit iospect aod theo set the respiose ibject ti Blick<br />

Page.<br />

D. Add a NAP rule with ao actio if Reject (Autheotcate) aod theo create a special user griup that<br />

has default actio if Blick HTTP.<br />

Queston: 5<br />

Answer: C<br />

The System Admioistratir has discivered the XGS device is iverliaded aod is drippiog legitmate<br />

trafc.<br />

Which setog is likely respiosible fir this behaviir?<br />

A. Uoaoalyzed pilicy ciofguratio<br />

B. TCP resets- TCP reset ioterface<br />

C. Fail Clised hardware bypass mide<br />

D. LigDB respiose eoabled io NAP rules<br />

Answer: A<br />

http://www.justcerts.com<br />

https://www.certs4sale.com/

THANK YOU FOR DOWNLOADING<br />

<strong>C2150</strong>-<strong>620</strong> UPDATED EXAM QUESTIONS<br />

Note: Thanks For Trying The Demo Of Our <strong>C2150</strong>-<strong>620</strong> Exam Product<br />

Visit Our Site to Purchase the Full Set of Actual <strong>C2150</strong>-<strong>620</strong> Exam<br />

Questions With Answers.<br />

Money Back Guarantee<br />

Click The Link Below<br />

https://www.certs4sale.com/ibm/c2150-<strong>620</strong>-pdf-exam-dumps<br />

https://www.certs4sale.com/

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!