Categories
Microsoft Exam Dumps
microsoft azure exam dumps
- az-104 dumps (pdf + vce)
- az-120 dumps (pdf + vce)
- az-140 dumps (pdf + vce)
- az-204 dumps (pdf + vce)
- az-220 dumps (pdf + vce)
- az-303 dumps (pdf + vce)
- az-304 dumps (pdf + vce)
- az-400 dumps (pdf + vce)
- az-500 dumps (pdf + vce)
- az-600 dumps (pdf + vce)
microsoft data exam dumps
- ai-100 dumps (pdf + vce)
- ai-102 dumps (pdf + vce)
- da-100 dumps (pdf + vce)
- dp-100 dumps (pdf + vce)
- dp-200 dumps (pdf + vce)
- dp-201 dumps (pdf + vce)
- dp-203 dumps (pdf + vce)
- dp-300 dumps (pdf + vce)
microsoft dynamics 365 exam dumps
- mb-200 dumps (pdf + vce)
- mb-210 dumps (pdf + vce)
- mb-220 dumps (pdf + vce)
- mb-230 dumps (pdf + vce)
- mb-240 dumps (pdf + vce)
- mb-300 dumps (pdf + vce)
- mb-310 dumps (pdf + vce)
- mb-320 dumps (pdf + vce)
- mb-330 dumps (pdf + vce)
- mb-400 dumps (pdf + vce)
- mb-500 dumps (pdf + vce)
- mb-600 dumps (pdf + vce)
- mb-700 dumps (pdf + vce)
- mb-800 dumps (pdf + vce)
- pl-100 dumps (pdf + vce)
- pl-200 dumps (pdf + vce)
- pl-400 dumps (pdf + vce)
- pl-600 dumps (pdf + vce)
microsoft 365 exam dumps
- md-100 dumps (pdf + vce)
- md-101 dumps (pdf + vce)
- ms-100 dumps (pdf + vce)
- ms-101 dumps (pdf + vce)
- ms-200 dumps (pdf + vce)
- ms-201 dumps (pdf + vce)
- ms-203 dumps (pdf + vce)
- ms-300 dumps (pdf + vce)
- ms-301 dumps (pdf + vce)
- ms-500 dumps (pdf + vce)
- ms-600 dumps (pdf + vce)
- ms-700 dumps (pdf + vce)
microsoft fundamentals exam dumps
- 62-193 dumps (pdf + vce)
- az-900 dumps (pdf + vce)
- ai-900 dumps (pdf + vce)
- dp-900 dumps (pdf + vce)
- mb-901 dumps (pdf + vce)
- mb-910 dumps (pdf + vce)
- mb-920 dumps (pdf + vce)
- pl-900 dumps (pdf + vce)
- ms-900 dumps (pdf + vce)
- sc-900 dumps (pdf + vce)
microsoft certified exam dumps
microsoft mta exam dumps
- 98-349 dumps (pdf + vce)
- 98-361 dumps (pdf + vce)
- 98-362 dumps (pdf + vce)
- 98-363 dumps (pdf + vce)
- 98-364 dumps (pdf + vce)
- 98-365 dumps (pdf + vce)
- 98-366 dumps (pdf + vce)
- 98-367 dumps (pdf + vce)
- 98-368 dumps (pdf + vce)
- 98-372 dumps (pdf + vce)
- 98-375 dumps (pdf + vce)
- 98-381 dumps (pdf + vce)
- 98-383 dumps (pdf + vce)
- 98-388 dumps (pdf + vce)
Fortinet Exam Dumps
fortinet nse4_fgt-6.4 dumps (pdf + vce)
fortinet nse4_fgt-6.2 dumps (pdf + vce)
fortinet nse5_faz-6.4 dumps (pdf + vce)
fortinet nse5_faz-6.2 dumps (pdf + vce)
fortinet nse5_fct-6.2 dumps (pdf + vce)
fortinet nse5_fmg-6.4 dumps (pdf + vce)
fortinet nse5_fmg-6.2 dumps (pdf + vce)
fortinet nse6_fml-6.2 dumps (pdf + vce)
fortinet nse6_fnc-8.5 dumps (pdf + vce)
fortinet nse7_efw-6.4 dumps (pdf + vce)
fortinet nse7_efw-6.2 dumps (pdf + vce)
fortinet nse7_sac-6.2 dumps (pdf + vce)
fortinet nse7_sdw-6.4 dumps (pdf + vce)
fortinet nse8_811 dumps (pdf + vce)
Flydumps Cisco 642-544 exam questions and answers in PDF are prepared by our expert, Moreover,they are based on the recommended syllabus covering all the Cisco 642-544 exam objectives.You will find them to be very helpful and precise in the subject matter since all the Microsoft Cisco 642-544 exam content is regularly updated and has been checked for accuracy by our team of Microsoft expert professionals.
Exam A
QUESTION 1
What will happen if you try to run a Cisco Security MARS query that will take a long time to complete?
A. After submitting the query, the Cisco Security MARS GUI screen will be locked up until the query is completed.
B. The query will be automatically saved as a rule.
C. The query will be automatically saved as a report.
D. You will be prompted to “Submit Batch” to run the query in batch mode.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 2
The Cisco Security MARS appliance supports which protocol for data archiving and restoring?
A. NFS
B. TFTP
C. FTP
D. Secure FTP
E. SSH
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 3
What is a benefit of using the dollar variable (as in $TARGET01) when creating queries in Cisco Security MARS?
A. The dollar variable enables multiple queries to reference the same common 5-tuple information using a variable.
B. The dollar variable ensures that the probes and attacks that are reported are happening to the same host.
C. The dollar variable allows matching of any unknown reporting device.
D. The dollar variable allows matching of any event type groups.
E. The dollar variable enables the same query to be applied to different reports.
F. The dollar variable enables the same query to be applied to different cases.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 4
A Cisco Security MARS appliance cannot access certain devices through the default gateway. Troubleshooting has determined that this is a Cisco Security MARS configuration issue.
Which additional Cisco Security MARS configuration will be required to correct this issue?
A. use the Cisco Security MARS GUI or CLI to enable a dynamic routing protocol
B. use the Cisco Security MARS CLI to add a static route
C. use the Cisco Security MARS GUI to configure multiple default gateways
D. use the Cisco Security MARS GUI or CLI to configure multiple default gateways
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 5
What are three ways to add devices to the Cisco Security MARS appliance? (Choose three.)
A. import the devices from CiscoWorks
B. import the devices from Cisco Security Manager
C. load the devices from seed files
D. use SNMP auto discovery
E. use CDP to automatically discover the neighboring devices
F. manually add the devices, one at a time
Correct Answer: CDF Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Which action enables the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely, or by just logging them to the database?
A. creating system inspection rules using the drop operation
B. creating drop rules
C. inactivating the rules
D. inactivating the events
E. deleting the false-positive events from the Incidents page
F. deleting the false-positive events from the Event Management page
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Drop A. Interface Setting
B. Access IP
C. Reporting IP
D. Access Type
Correct Answer: ABCD Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which three statements are true about Cisco Security MARS rules? (Choose three.)
A. There are three types of rules.
B. Rules can be saved as reports.
C. Rules can be deleted.
D. Rules trigger incidents.
E. Rules can be defined using a seed file.
F. Rules can be created using a query.
Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which of the following alert actions can be transmitted to a user as notification that a Cisco Security MARS rule has fired, and that an incident has been logged? (Choose two.)
A. Distributed Threat Mitigation
B. Short Message Service
C. SNMP trap
D. XML notification
E. syslog
F. OPSEC-LEA (clear and encrypted)
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 10
To configure a Microsoft Windows IIS server to publish logs to the Cisco Security MARS, which log agent is installed and configured on the Microsoft Windows IIS server?
A. pnLog agent
B. Cisco Security MARS agent
C. SNARE
D. None. Cisco Security MARS is an agentless device.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What three data points are used to correlate reports in the Cisco Security MARS? (Choose three.)
A. Maximum Rank Returned
B. Query Criteria
C. View Type
D. Order/Rank By
E. Incident Type
F. Period of Time
Correct Answer: BCF Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Refer to the exhibit.
The Service variables defined are used for what purpose?
A. for Event Groups creation
B. for Query/Reports and Rules creation
C. for IP Management Groups creation
D. for NetFlow Events Management
E. for Data Reduction
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Refer to the Cisco Security MARS Event Management partial screen shown above. Which two statements are correct? (Choose two) A. Event ID 1104001 is a low-severity event.
B. Event ID 1104001 is triggered if ALL of the syslog messages under the Device Event ID column are received by the Cisco Security MARS within a predefined time frame.
C. Event ID 1104001 belongs in an event group that includes generic informational events from firewalls.
D. PIX and FWSM syslog messages (104001) are normalized into a single event (Event ID 1104001).
E. Info/Misc/FW is a user-defined rule that normalizes events into a single event.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 14
When adding a device to the Cisco Security MARS appliance, what is the reporting IP address of the device?
A. the source IP address that sends syslog information to the Cisco Security MARS appliance
B. the IP address that Cisco Security MARS uses to access the device via SNMP
C. the IP address that Cisco Security MARS uses to access the device via Telnet or SSH
D. the pre-NAT IP address of the device
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which statement is true about the case management feature of Cisco Security MARS?
A. Cases are created on a global controller, but they can be viewed and modified on a local controller.
B. The global controller has a Case bar and all cases are selected from the Query/Reports > Cases page.
C. Cases are created on a local controller, but they can be viewed and modified on a global controller.
D. The Cases page on a local controller has an additional drop-down filter to display cases per a global controller.
Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 16
What is a zone?
A. A zone represents all the local controllers each global controller is monitoring.
B. A zone is a logical partition within a local controller. Configuring zones allows the local controller to scale to cover large networks.
C. A zone is an area of a customer network related to one local controller. Each local controller represents a specific zone.
D. Each zone within the global controller is configured and managed independently.
E. Each zone within the local controller is configured and managed independently.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
What protocol does Juniper NetScreen IDP use to exchange IPS events with the Cisco Security MARS?
A. SDEE
B. SNMP
C. RDEP
D. syslog
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 18
In what two ways can the Cisco Security MARS present the incident data to the user graphically from the Summary Dashboard? (Select two)
A. event type group matrix
B. incident firing information
C. path information
D. compromised topology information
E. incident vector information
F. system-confirmed true positive information
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which attack can be detected by Cisco Security MARS using NetFlow data?
A. man-in-the middle attack
B. day-zero attack
C. spoof attack
D. Land attack
E. buffer overflow attack
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Which two of the following statements are TRUE when you configure the pnreset command on the Cisco Security MARS? (Choose two.)
A. erases the license file
B. sends Cisco IOS data from the Cisco Security MARS database to a network file server
C. enables you to view the status of the Cisco Security MARS processes and how long the processes have been active
D. sets the debug level that is reported in the logs
E. lets you add or delete disks in the Cisco Security MARS devices that support RAID configurations without powering down the devices
F. clears, sets, and initializes database structures
Correct Answer: AF Section: (none) Explanation
Explanation/Reference:
Cisco 642-544 Questions & Answers with explanations is all what you surely want to have before taking Cisco 642-544 exam.Cisco 642-544 Interactive Testing Engine is ready to help you to get your Cisco 642-544 by saving your time by preparing you quickly for the Cisco exam. If you are worried about getting your Cisco 642-544 certification passed and are in search of some best and useful material,Cisco 642-544 Q&A will surely serve you to enhance your Interconnecting Cisco Networking Devices Part 1 stydy.
Written by accuntdest
Recent Posts
- 200-201 Dumps 2024 | Cisco 200-201 CBROPS Exam Strategy
- CCNA 200-301 Dumps 2024 New Exam Practice Questions
- Pass4itsure 350-401 dumps complete rollout of latest exam material updates
- [Update July 2023] CCNP Security 350-701 dumps exam material
- Cisco 500-442 Dumps Update| Quite A Few Chances Of Success
2023 Pass4itsure Cisco dumps
Cisco CCDA Dumps
- 200-901 dumps (PDF+VCE)
Cisco CCDE Dumps
- 400-007 dumps (PDF+VCE)
Cisco CCDP Dumps
- 300-910 Dumps (PDF+VCE)
- 300-915 Dumps (PDF+VCE)
- 300-920 Dumps (PDF+VCE)
- 350-901 Dumps (PDF+VCE)
Cisco CCIT Dumps
- 100-490 Dumps (PDF+VCE)
Cisco CCNA Dumps
- 200-301 Dumps (PDF+VCE)
Cisco CCNP Dumps
- 350-401 Dumps (PDF+VCE)
- 300-410 Dumps (PDF+VCE)
- 300-415 Dumps (PDF+VCE)
- 300-420 Dumps (PDF+VCE)
- 300-425 Dumps (PDF+VCE)
- 300-430 Dumps (PDF+VCE)
- 300-435 Dumps (PDF+VCE)
- 350-501 Dumps (PDF+VCE)
- 300-510 Dumps (PDF+VCE)
- 300-515 Dumps (PDF+VCE)
- 300-535 Dumps (PDF+VCE)
- 350-601 Dumps (PDF+VCE)
- 300-610 Dumps (PDF+VCE)
- 300-615 Dumps (PDF+VCE)
- 300-620 Dumps (PDF+VCE)
- 300-625 Dumps (PDF+VCE)
- 300-630 Dumps (PDF+VCE)
- 300-635 Dumps (PDF+VCE)
- 350-701 Dumps (PDF+VCE)
- 300-710 Dumps (PDF+VCE)
- 300-715 Dumps (PDF+VCE)
- 300-720 Dumps (PDF+VCE)
- 300-725 Dumps (PDF+VCE)
- 300-730 Dumps (PDF+VCE)
- 300-735 Dumps (PDF+VCE)
- 350-801 Dumps (PDF+VCE)
- 300-810 Dumps (PDF+VCE)
- 300-815 Dumps (PDF+VCE)
- 300-820 Dumps (PDF+VCE)
- 300-825 Dumps (PDF+VCE)
- 300-835 Dumps (PDF+VCE)
Cisco CCT Dumps
- 010-151 Dumps (PDF+VCE)
Cisco CyberOps Associate dumps
- 200-201 Dumps (PDF+VCE)
Cisco CyberOps Professional dumps
- 300-215 Dumps (PDF+VCE)
- 350-201 Dumps (PDF+VCE)
CompTIA Exam Dumps
comptia a+ exam dumps
- 220-801 dumps (pdf + vce)
- 220-802 dumps (pdf + vce)
- 220-902 dumps (pdf + vce)
- 220-1001 dumps (pdf + vce)
- 220-1002 dumps (pdf + vce)
- jk0-801 dumps (pdf + vce)
- jk0-802 dumps (pdf + vce)
comptia advanced security practitioner exam dumps
comptia cdia+ exam dumps
comptia cloud essentials exam dumps
comptia ctt+ exam dumps
comptia cysa+ exam dumps
comptia cloud+ exam dumps
- cv0-001 dumps (pdf + vce)
- cv0-002 dumps (pdf + vce)
- cv0-003 dumps (pdf + vce)
- cv1-003 dumps (pdf + vce)
comptia it fundamentals+ exam dumps
comptia healthcare it technician exam dumps
comptia intel server specialist exam dumps
comptia project+ exam dumps
- jk0-017 dumps (pdf + vce)
- pk0-003 dumps (pdf + vce)
- pk0-004 dumps (pdf + vce)
- pk1-003 dumps (pdf + vce)
comptia security+ exam dumps
- jk0-022 dumps (pdf + vce)
- rc0-501 dumps (pdf + vce)
- sy0-501 dumps (pdf + vce)
- sy0-601 dumps (pdf + vce)
comptia mobility+ exam dumps
comptia linux+ exam dumps
- lx0-101 dumps (pdf + vce)
- lx0-102 dumps (pdf + vce)
- lx0-103 dumps (pdf + vce)
- lx0-104 dumps (pdf + vce)
- xk0-004 dumps (pdf + vce)
comptia network+ exam dumps
comptia pentest+ exam dumps
comptia storage+ exam dumps
comptia server+ exam dumps