|
Get free 642-531, exam, test, cisco,
braindumps, cheat, sheet, braindumps, sheets,
brain dumps, cheet, cheetsheets, testking, cheetsheet, cheatsheet, test
questions, exam study guides. |
 |
|
Cisco Certified
Security
Professional |
Cisco Security Intrusion Detection
Systems Exam (CSIDS 642-531)
|
|
|
|
|
Exam Number: |
|
642-531 |
|
Associated
Certifications: |
CCSP,Cisco
IDS Specialist |
|
Duration: |
75
minutes(55-65 Questions) |
|
Available Languages: |
English |
|
| |
|
The Cisco Security Intrusion Detection Systems exam
(642-531) tests
the knowledge and skills needed to design, install, and
configure a Cisco Intrusion Protection solution for small,
medium, and enterprise
networks.
Top |
_files/spacer.gif) |
The following information provides general guidelines for
the content likely to be included on the exam. However, other
related topics may also appear on any specific delivery of the
exam.
Describe and explain the various intrusion detection
technologies and evasive techniques
-
| |
Define intrusion
detection |
-
| |
Explain the difference between true and
false, and positive and negative
alarms |
-
| |
Describe the relationship between
vulnerabilities and exploits |
-
| |
Explain the difference between HIP and
NIDS |
-
| |
Describe the various techniques used to
evade intrusion detection |
Design a Cisco IDS protection solution for small,
medium, and enterprise customers
-
| |
List the network devices involved in
capturing traffic for intrusion detection
analysis |
-
| |
Describe the traffic flows for each of
the network devices |
-
| |
Explain the features and benefits of
IDM |
-
| |
Identify the requirements for
IDM |
-
| |
Configure Cisco Catalyst switches to
capture network traffic for intrusion detection
analysis |
Identify the Cisco IDS Sensor platforms and describe
their features
| |
- Describe the features of the various
IDS Sensor appliance models
|
Install and configure a Cisco IDS Sensor including a
network appliance and IDS module Identify the interfaces and
ports on the various Sensors
-
| |
Distinguish between the functions of
the various Catalyst IDS Module
ports |
-
| |
Initialize a Catalyst IDS
Module |
-
| |
Verify the Catalyst 6500 switch and
Catalyst IDSM configurations |
-
| |
Install the Sensor software
image |
-
| |
Install the Sensor appliance on the
network |
-
| |
Obtain management access on the
Sensor |
-
-
| |
Describe the various command line
modes |
-
-
| |
Apply configuration changes made via
the CLI |
-
| |
Create user accounts via the
CLI |
-
| |
Configure Sensor communication
properties |
-
| |
Configure Sensor logging
properties |
-
| |
Perform a configuration backup via the
CLI |
-
| |
Setting up Sensors and Sensor
Groups |
-
| |
Sensor Communications Sensor
Logging |
Tune and customize Cisco IDS signatures to work
optimally in specific environments
-
| |
Configure the Sensor's sensing
parameters |
-
| |
Configure a signature's enable status,
severity level, and action |
-
| |
Create signature filters to exclude or
include a specific signature or list of
signatures |
-
| |
Tune a signature to perform optimally
based on a network's characteristics |
-
| |
Create a custom signature given an
attack scenario |
Configure a Cisco IDS Sensor to perform device
management of supported blocking devices
-
| |
Describe the device
management capability of the Sensor and how it is used to
perform blocking with a
Cisco device |
-
| |
Design a Cisco IDS solution using the
blocking feature, including the ACL placement considerations, when deciding where to apply
Sensor-generated ACLs |
-
| |
Configure a Sensor to perform blocking
with a Cisco IDS device |
-
| |
Configure a Sensor to perform blocking
through a Master Blocking Sensor |
Describe the Cisco IDS signatures and determine the
immediate threat posed to the network
-
| |
Explain the Cisco IDS signature
features |
-
| |
Select the Cisco IDS signature engine
to create a custom signature |
-
| |
Explain the global Cisco IDS signature
parameters |
-
| |
Explain the engine-specific signature
parameters |
Perform maintenance operations such as signature
updates, software upgrades, data archival and license
updates
-
| |
Identify the correct IDS software
update files for a Sensor and an
IDSM |
-
| |
Install IDS signature updates and
service packs |
-
| |
Upgrade a Sensor and an IDSM to an IDS
major release version |
Describe the Cisco IDS architecture including
supporting services and configuration files
-
| |
Explain the Cisco IDS directory
structure |
-
| |
Explain the communication
infrastructure of the Cisco IDS |
-
| |
Locate and identify the Cisco IDS log
and error files |
-
| |
List the Cisco IDS services and their
associated configuration files |
-
| |
Describe the Cisco IDS configuration
files and their function |
Monitor a Cisco IDS protection solution for small and
medium networks
-
| |
Explain the features and benefits of
IEV |
-
| |
Identify the requirements for
IEV |
-
| |
Install the IEV software and configure
it to monitor IDS devices |
-
| |
Create custom IEV views and
filters |
-
| |
Navigate IEV to view alarm
details |
-
| |
Perform IEV database administration
functions |
-
| |
Configure IEV application settings and
preferences |
Manage a large scale deployment of Cisco IDS Sensors
with Cisco IDS Management software
-
| |
Define features and key concepts of the
IDS MC |
-
-
| |
Generate, approve, and deploy sensor
configuration files |
-
| |
Administer the IDS MC
Server |
-
| |
Use the IDS MC to set up
Sensors |
-
| |
Use the IDS MC to configure Sensor
communication properties |
-
| |
Use the IDS MC to configure Sensor
logging properties |
Monitor a large scale deployment
of Cisco IDS Sensors with Cisco IDS Monitoring software
-
| |
Define features and key concepts of the
Security Monitor |
-
| |
Install and verify the Security Monitor
functionality |
-
| |
Monitor IDS devices with the Security
Monitor |
-
| |
Administer Security Monitor event
rules |
-
| |
Create alarm exceptions to reduce
alarms and possible false positives |
-
| |
Use the reporting features of the
Security Monitor |
| |
- Administer the Security
Monitor server
Top | |
| |
|
| |
|
|
Cisco Secure Virtual Private Networks (CSVPN)
v4.0 is the recommended training for the Cisco Secure Virtual
Private Networks Exam. |
|
| |
_files/HG.gif){kind=small}