[ LiB ] |
Question 1 | How do you enable TCP resets on the SPAN port of a Catalyst 4000 Switch?
|
A1: | Answer A is correct. You enable TCP resets with the inpkts enable keywords in the set span command. There is no tcpreset enable option in the set span command; therefore, Answer B is incorrect. The tcpreset command does not exist; therefore, Answer C is incorrect. TCP resets are supported through the proper use of the inpkts enable keywords in the set span command; therefore, Answer D is incorrect. |
Question 2 | What command would you use to capture ingress traffic from VLAN 125 on a Catalyst 4000 switch to an IDS Sensor?
|
A2: | Answer B is correct. Use the set span with the optional keyword create to capture VLAN traffic to a Catalyst 4000 switch. Answer A shows invalid syntax of the port monitor command, which is used for the 2900XL and 3500XL switches and is therefore incorrect. There is no optional keyword capture for the set span command, so Answer C is incorrect. Answer D shows incorrect use of the set security acl map command and is therefore incorrect. Finally, you use the monitor session command for the 2950 and 3550 switches but not the Catalyst 4000, so Answer E is also incorrect. |
Question 3 | How would you set the RSPAN destination for the destination session on a Catalyst 6500 switch using the IOS platform?
|
A3: | Answer B is correct. Use the monitor session command with the destination interface keywords to set the RSPAN destination port for the RSPAN destination session. Answer A sets the destination VLAN for the RSPAN source session and is therefore incorrect. Answer C is a valid command for the Catalyst OS but not the Catalyst IOS, so it is incorrect. Answer D shows invalid use of the switchport capture command, which is not used for RSPAN configuration, so Answer D is incorrect. You do not use the set security acl capture-ports command for RSPAN configuration, so Answer E is also incorrect. |
Question 4 | What commands would you use to designate which VLANs will be captured for monitoring by the IDSM2?
|
A4: | Answer C is correct. Use the clear trunk and set trunk commands to capture VLAN traffic for the IDSM2. Answer A shows two commands to create and save a VLAN ACL, but you do not use these commands to specify the VLANs to be monitored. Answer B shows two commands in the IOS VACL configuration that enable capturing on the destination port but do not specify which VLANs will be monitored . Answer D shows an invalid sequence for IOS VACL commands. Answers A, B, and D are therefore incorrect. |
Question 5 | What are two configuration tasks you perform when configuring VACLs on an IOS switch? (Choose two.)
|
A5: | Answers B and C are correct. Two of the tasks you need to perform when configuring VACLs on an IOS switch are creating an access map with the vlan access-map command and configuring the action clause using the action command. You use the set security acl map command in Answer A to map a VACL to VLANs in a Catalyst OS switch. You do not configure the action clause with the switchport capture command in Answer D. You use the commit security acl command for a Catalyst OS configuration; therefore, Answers A, D, and E are incorrect. |
Question 6 | Which command allows you to configure the destination SPAN port on a Catalyst 4000 switch?
|
A6: | Answer A is correct. You use set span from the switch>(enable) prompt to configure a destination SPAN port on a Catalyst 4000 switch. Answer B is a valid prompt and configuration for a 2900XL or 3500XL but not a Catalyst 4000. Answers C and D are invalid combinations of prompts and command usage. The Catalyst 4000 does support a destination SPAN port; therefore, Answers B through E are incorrect. |
Question 7 | What is true about the following commands? switch>(enable)set security acl map SMART_ACL 1969 switch>(enable)set security acl capture-ports 3/1
|
A7: | Answer A is correct. The set security acl map and set security acl capture-ports commands are part of the configuration to capture traffic using VACLs on a Catalyst OS 6500 switch. They are invalid commands for a Catalyst IOS 6500 switch, whether using a VACL or MLS IP IDS scenario. Therefore, Answers B and D are incorrect. Although the set security acl capture-ports command is a valid command in the MLS IP IDS configuration for a Catalyst OS 6500 switch, the set security acl map command is not; you use the mls ip ids command to apply the ACL to the interface. Therefore, Answer C is incorrect. The two commands are a valid part of the VACL configuration for a Catalyst OS 6500 switch; therefore, Answer E is incorrect. |
Question 8 | Which statement is true regarding the following two commands? Router(config-access-map)# match ip address 125 Router(config-access-map)# action forward capture
|
A8: | Answer B is correct. The two commands are part of the VACL configuration of a Catalyst IOS 6500 switch. The match and action clauses are invalid commands on a Catalyst OS 6500 switch, so Answers A and C are incorrect. The match and action clauses are not part of the MLS IP IDS configuration of a Catalyst IOS 6500 switch. Therefore, Answer D is incorrect. Answer E is incorrect because the switchport capture command follows the action clause, not the match clause, and does not use a hyphen. |
Question 9 | Select the command that creates a VLAN access map for Catalyst IOS 6500 switch using VACLs.
|
A9: | Answer B is correct. Use the vlan access-map command from global configuration mode to create a VLAN access map for a Catalyst IOS 6500 switch. The command is executed from global configuration to enter config-access-map mode; therefore, Answer A is incorrect. Answer C is a Catalyst OS command, whereas Answer D uses invalid syntax of the Catalyst OS command because there is no keyword vlan after the ACL name . Answers C and D are therefore incorrect. |
Question 10 | Which command do you use to create an access list on a Catalyst OS 6500 switch using the mls ip ids command for the MSFC?
|
A10: | Answer D is correct. You use the ip access-list extended command to create an access list for a Catalyst OS 6500 with IOS Firewall running on a MSFC. Answer A is the command to create an access list for a Catalyst OS VACL configuration but not for the MLS IP IDS configuration. Answer B is an invalid example of the set security acl command. Answer C is not the valid command to create an access list for the Catalyst OS MLS IP IDS configuration. You use Answer E to apply an access list to an interface, but it does not create the access list. Answers A, B, C, and E are therefore incorrect. |
[ LiB ] |