ES Advanced Dragon IDS 2B0-023 study guides

Exam Number/Code: 2B0-023
Questions and Answers:50 Q&As

Updated: 2009-08-31
Register for Exam: Prometric/Pearson VUE
Exam Vendor: Enterasys Networks
Exam Name:ES Advanced Dragon IDS

2B0-023 dumps Description

Examsoon professional IT Q&As vendors, offer well after-sale service for 2B0-023 Exam. To all the customers buy the real 2B0-023 Exam questions and answers, examsoon provide track service for 2B0-023 study guides. when you buy the Q&As with in 3 months. you can enjoy the upgrade Q&As service for free with 2B0-023 practice exam. If in this period, the certified test center change the Enterasys Networks Certification 2B0-023 Exam Q&As, we will update the 2B0-023 simulations Q&A in the first time, and provide you the download update for free

Credit Toward CertificationWhen you pass Exam 2B0-023 trainning materials: ES Advanced Dragon IDS, you complete the requirements for the following certification(s):

Enterasys Networks Certified Technical Specialist: ES Advanced Dragon IDS Note This preparation guide is subject to change at any time without prior notice and at the sole discretion of Enterasys Networks. Enterasys Networks exams might include adaptive testing technology and simulation items. Enterasys Networks does not identify the format in which exams are presented. Please use this preparation guide to prepare for the exam, regardless of its format.

We have examsoon 2B0-023 trainning materials,examsoon 2B0-023 braindumps,examsoon 2B0-023 study guide,examsoon 2B0-023 dumps.and Pass4sure 2B0-023 exam,Pass4sure 2B0-023 trainning materials,pass4sure 2B0-023 study guide. and we have Testking 2B0-023 exam,Testking 2B0-023 study guide,Pass4side 2B0-023 braindumps.etc.

 
 
Exam : Enterasys Networks 2B0-023
Title : ES Advanced Dragon IDS

1. Which of the following best describe some scalability features of the Dragon Event Flow Processor (EFP)?
A. Consolidates events from multiple Dragon Policy Managers into one stream
B. Aggregated events from an EFP can be forwarded to other EFPs in a hierarchy
C. An EFP cannot simultaneously support Dragon Realtime Console, Forensics Console and Alarmtool
D. EFPs can be secured by a firewall and configured to initiate Sensor connections from inside the firewall
Answer: BD

2. What functions can Dragon accomplish as related to a corporate/network security policy?
A. Dragon agents can gather information about network security compromises and automatically produce corporate/network security policy documents
B. Dragon agents can detect and log security policy deviations
C. Dragon agents can assist with security policy enforcement via Active Responses
D. Dragon can evaluate a corporate/network policy to determine if it is complete and effective
Answer: BC

3. What are three primary common goals of a corporate/network security policy?
A. Authentication, Authorization and Accounting (AAA)
B. Security, Productivity and Adaptability (SPA)
C. Confidentiality, Integrity and Availability (CIA)
D. Authentication, Encryption and Compression (AEC)
Answer: C

4. Which vulnerability scanner and report format is required for use with the Dragon VCT?
A. MySQL; .msq formatted output
B. Nessis; .nfr formatted output
C. Nessus; .nes formatted output
D. Nessus; .nsr formatted output
E. NMAP; .nmp formatted output
Answer: D

5. Which of the following best describes the Host Sensor Event Detection Engine (EDE)?
A. Scrutinizes events, either altering the contents of the event or discarding it
B. Generates alerts or guarantees delivery of events to destinations
C. Analyzes events and produces categorized event forensics reports
D. Detects an event and forwards it to the Host Sensor framework for processing
Answer: D

6. Which of the following CONSUME event data from the Dragon Ring Buffer?
A. Alarmtool agent
B. Replication agent
C. Connection Manager
D. Consumer Agent
Answer: AB

7. Which of the following is NOT a recommended means of vulnerability response using Dragon?
A. Use the Dragon NMAP PERL scripts to tune the dragon.net file
B. Deploy Dragon Deceptive Services (Honeypot)
C. Deploy Dragon Vulnerability Correlation Tool
D. Enable SSL and AES on the Network Sensor to DPM communication channel
E. Correlate Dragon forensics reports with vulnerability scanner output, and create new signatures as necessary
Answer: D

8. Which of the following must an IDS administrator consider when deploying Dragon in accordance with a corporate security policy?
A. Must understand the purpose and scope of each aspect of the overall security policy
B. Must understand the security goals of each product in the organization (i.e., operating systems, routers, firewalls, NIDS, HIDS, VPN gateways)
C. Must understand the detailed configurations on each router within the security domain
D. Must understand how the security policy impacts the I.T. budget
Answer: AB

9. Which of the following best describes the function of CVE?
A. A database of known attacks that can be loaded into an IDS or similar system
B. A database of numerically cross-referenced IDS events that can help any IDS to correlate detected attacks
C. A dictionary of standardized names for vulnerabilities and other information security exposures
D. All of the above
Answer: C

10. Which of the following is NOT a function of a network vulnerability scanner?
A. Monitors health of software applications
B. Output is critical in helping an IDS administrator know the state of the network
C. Catalogs vulnerabilities
D. Shuts down vulnerable TCP/UPD ports to prevent intrusion
Answer: D

Free 2B0-023 Demo Download

Examsoon offers free demo for Enterasys Networks Certification 2B0-023 exam (ES Advanced Dragon IDS). You can check out the interface, question quality and usability of our practice exams before you decide to get it. We are the only one site can offer demo for almost all products.

Free Download 2B0-023 PDF Braindumps Trainning Materials

  • Share/Bookmark

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.