Chapter 3. Cisco IPS Device Manager (IDM)


This chapter covers the following subjects:

  • Cisco IPS Device Manager

  • System Requirements for IDM

  • Navigating IDM

  • Configuring Communication Parameters by Using IDM

The Cisco IPS Device Manager (IDM) is a tool that enables you to configure and manage a single Cisco network sensor. This Java-based web tool provides you with a graphical interface to manipulate the operation of your sensor. Each IPS appliance running on your network has its own web server that provides access to the IDM application on the sensor.

Accurately configuring your Cisco IPS devices is vital to efficiently protecting your network. This chapter explains how to navigate the graphical configuration tool that comes with each sensor. Beginning with Cisco IPS version 5.0, the IDM interface has been completely revamped. Reviewing this chapter will provide you with information on how the new interface is structured. This information will be important for you to follow the configuration examples used throughout the rest of the book.

"Do I Know This Already?" Quiz

The purpose of the "Do I Know This Already?" quiz is to help you decide if you really need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.

The 10-question quiz, derived from the major sections in the "Foundation and Supplemental Topics" portion of the chapter, helps you determine how to spend your limited study time.

Table 3-1 outlines the major topics discussed in this chapter and the "Do I Know This Already?" quiz questions that correspond to those topics.

Table 3-1. "Do I Know This Already?" Foundation and Supplemental Topics Mapping

Foundation or Supplemental Topic

Questions Covering This Topic

System Requirements for IDM

1, 4, 5

Navigating IDM

3, 6, 8, 10

Configuring Communication Parameters by using IDM

2, 7, 9


Caution

The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark this question wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.


1.

Which version of Linux is supported for use with IDM?

  1. Red Hat

  2. Debian

  3. Slackware

  4. Mandrake

  5. SUSE

2.

Which of the following is a configurable sensor communication parameter?

  1. Changing the TLS/SSL port

  2. Changing the Telnet port

  3. Changing SSH port

  4. Changing the TLS/SSL port and the Telnet port

  5. None of these

3.

Which of the following is not a configuration category in IDM?

  1. Sensor Setup

  2. Analysis Engine

  3. SNMP

  4. IP Logging

  5. Event Action Rules

4.

Which of the following Solaris versions is supported for use with IDM?

  1. Version 2.6

  2. Version 2.7

  3. Version 2.9

  4. Version 2.5

5.

Which web browser is supported on Microsoft Windows 2000 for access to IDM?

  1. Opera 7.54u1

  2. Internet Explorer 5.5

  3. Netscape 7.1

  4. Netscape 6.0

  5. Firefox 1.0

6.

Which of the following is not a monitoring category in IDM?

  1. Blocking

  2. Denied Attackers

  3. IP Logging

  4. Events

  5. Network Blocks

7.

Which of the following is not a configurable sensor communication parameter?

  1. Telnet port

  2. TLS/SSL port

  3. Default route

  4. IP address

  5. Host name

8.

Where are the configuration options on the IDM screen?

  1. The location of the options is configurable.

  2. The options are listed on the right side of the screen.

  3. The options are accessed via pull-down menus.

  4. The options are listed across the top of the screen.

  5. The options are listed on the left of the screen.

9.

Where should you configure the sensor communication parameters?

  1. Sensor Setup>Network

  2. Interface Configuration>Interfaces

  3. Sensor Setup>Allowed Hosts

  4. Analysis Engine>Virtual Sensor

  5. Analysis Engine>Global Variables

10.

Which Simple Network Management Protocol (SNMP) operations are supported by Cisco IPS version 5.0?

  1. Get only

  2. Set only

  3. Trap only

  4. Get, Set, and Trap

  5. SNMP is not supported

The answers to the "Do I Know This Already?" quiz are found in the appendix. The suggested choices for your next step are as follows:

  • 8 or less overall score Read the entire chapter. This includes the "Foundation and Supplemental Topics," "Foundation Summary," and Q&A sections.

  • 9 or 10 overall score If you want more review on these topics, skip to the "Foundation Summary" section and then go to the Q&A section. Otherwise, move to the next chapter.



CCSP IPS Exam Certification Guide
CCSP IPS Exam Certification Guide
ISBN: 1587201461
EAN: 2147483647
Year: 2004
Pages: 119
Authors: Earl Carter

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net