Exam Prep Questions

Which command replaces the application partition with a backup partition on IDSM2?

• A. replace application-partition

• B. update application-partition

• C. recover application-partition

• D. None of the above

Answer D is correct. The IDSM2 does not contain a backup (recovery) partition as do the IDS 4200 version 4 appliances. The commands in Answers A and B do not exist and are incorrect. Answer C is incorrect for IDSM2; however, it does replace the application partition with the recovery partition on the 4200 version 5 sensor appliance.

What command removes the most recent upgrade?

• A. upgrade -remove

• B. downgrade

• C. uninstall

• D. This is not supported.

Answer B is correct. You use the downgrade command to remove the most recent upgrade. If the downgrade command is not available on the sensor, no upgrade has ever been applied to the sensor and nothing can be downgraded. Answer A is incorrect; the upgrade command installs new updates but does not remove upgrades. In addition, the -remove switch is not a supported feature of this command. Answer C is incorrect because it is not an actual command. Answer D is an incorrect statement.

What source locations for the upgrade file does the upgrade command support? (Choose four.)

• A. FTP

• B. SSH

• C. WAP

• D. Telnet

• E. HTTP

• F. HTTPS

• G. Serial

• H. SCP

Answers A, E, F, and H are correct. The upgrade command supports FTP, HTTP, HTTPS, and SCP as source locations. HTTPS and SCP provide secure connections. Answers B, D, and G are connection types used to configure a sensor and are incorrect. Answer C is incorrect; WAP is a wireless application protocol and not an acceptable source location.

What is the service pack level of IDS -K9-sp-4.0-2-S42.rpm.pkg ?

• A. 2

• B. 4.0

• C. S42

• D. 42

Answer A is correct. The filename IDS-K9-sp-4.0-2-S42.rpm.pkg has several parts . The sp stands for software type, the 4.0 is the IDS version, the 2 is the service pack level, and finally the S42 is the signature version. Therefore, Answers B, C, and D are all incorrect.

Which two methods or engines can you use to update a sensor?

• A. CLI

• B. IEV

• C. IDS MC

• D. PuTTY

Answers A and C are correct. You can upgrade sensors by using the IDS MC or the upgrade command in the CLI. Answer B is incorrect because you do not use IEV for upgrading, but for monitoring events. Answer D is incorrect; PuTTY is a utility that you use to make a Telnet or SSH connection or for creating SSH keys.

To perform updates, what privilege level is required?

• A. Service

• B. Viewer

• C. Operator

• D. Administrator

Answer D is correct. To perform upgrades in the CLI or IDS MC, you need to have administrator privileges. Answer A is incorrect; the service account provides access to the operating system shell and is not primarily used for upgrades. Answers B and C are incorrect privilege levels to perform upgrades.

What should you do to the IDS MC before sending upgrades to the sensor?

• A. Reinstall IDS MC with the latest version.

• B. Upgrade IDS MC before upgrading the sensor.

• C. Upgrade IDS MC after upgrading the sensor.

• D. No action is required.

Answer B is correct. It is recommended that you upgrade the IDS MC before upgrading the sensor. This step helps prevent any possible incompatibility problems between the sensor and the management station. Answer A is incorrect. Most upgrades do not need the IDS MC reinstalled, and therefore, it is not the most correct answer. Answer C is incorrect because upgrading the sensor first might cause incompatibility problems with IDS MC. Answer D is incorrect; again, it is preferred to upgrade the IDS MC.

What is the directory location used by IDS MC for sensor updates?

• A. CSCOPX\MDC\etc\ids\Updates

• B. CSCOPX\ IDS \etc\ids\Updates

• C. CSCOPX\IDSMC\ids\Updates

• D. CSCOPX\ IDS \ids\Updates

Answer A is correct. IDS MC updates should be stored in the CSCOPX\MDC\etc\ids\Updates file path of the IDS MC host computer. Answers B, C, and D are invalid locations and are therefore incorrect.

Which command line syntax downloads and updates the sensor?

• A. sensor#upgrade ftp://cisco@192.168.1.1/ IDS -K9-sp-4.0-2-S29.bin

• B. sensor(config)#upgrade ftp://cisco@192.168.1.1/ IDS -K9-sp-4.0-2-S29.bin

• C. sensor(config)#update ftp://cisco@192.168.1.1/ IDS -K9-sp-4.0-2-S29.bin

• D. sensor#update ftp://cisco@192.168.1.1/ IDS -K9-sp-4.0-2-S29.bin

Answer B is correct. The proper location to execute the upgrade command is in the global configuration level, sensor(config)# . Answer A is incorrect because you must execute the upgrade command in the global configuration level and not the privilege level. Answers C and D are unsupported commands and are therefore incorrect.

What is the IDS MC location that you use to configure updates to sensors?

• A. Settings, Updates

• B. Configuration, Settings, Updates

• C. Configuration, Updates

• D. Updates, Settings

Answer C is correct. To configure updates on the IDS MC, you need to be at the Configuration, Updates location to configure the settings. Answers A, B, and D are invalid locations that are close but do not exist. Therefore, these answers are incorrect.