642-825 Implementing Secure Converged Wide Area Networks Brain Dump


Cisco ™

642-825 Implementing Secure Converged Wide Area Networks



Note 1: 642-825 Exhibit and all related diagrams are not shown in demo questions.
Note 2: 642-825 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.

Demo Question 5.


The EliteCertify security administrator is concerned about network based intrusions and wants to implement an IDS solution. Which statement is true about signature-based intrusion detection?

A. It performs analysis that is based on a predefined network security policy.
B. It performs analysis that is based on known intrusive activities by matching predefined patterns in network traffic.
C. It performs analysis by intercepting the procedural calls to the operating system kernel.
D. It performs analysis that is based on anomalies in packets or packet sequences. It also verifies anomalies in traffic behavior.
E. None of the above


Display Answer


Purchase Full Version:


642-825 Printable PDF Prep Guide $49.95 BUY NOW!

642-825 Test Simulation Engine $69.95 BUY NOW!

642-825 PDF & Test Simulation Engine $99.95 BUY NOW!




Answer: B

Explanation: Signature-based pattern matching refers to searching for a fixed sequence of bytes in a single packet, or predefined content. As its name suggests, it is an approach that is fairly rigid but simple to employ. In most cases, the signature pattern is matched only if the suspect packet is associated with a particular service or, more precisely, destined to or from a particular port. This method lessens the amount of inspection done on every packet. However, it tends to make it more difficult for systems to deal with protocols that do not reside on well-defined ports, and, in particular, Trojan horses and their associated traffic, which can usually be moved at will. Initially, there might be many alerts, but which are no threat for the network. After the system is tuned and adjusted to the specific network parameters, there will be fewer false alerts than with the policy-based approach.



  • Based on the latest 642-825 exam objectives!
  • Designed like actual 642-825 exam questions!
  • 100% Verified Realistic 642-825 Exam Questions and Answers!
  • Exhibits, Drag&Drop and Simulation 642-825 Questions Included!
  • Constantly Updated Guide to Reflect the Current 642-825 Exams!
  • Detailed Explanations for Most Guide Practice Exams!
 Sponsored Links
Japan Exam



SCA
310-019
$49.95 Get Detail

MCDST
70-271 70-272

$59 Get Detail

8i DBA
1Z0-001 1Z0-023
1Z0-024 1Z0-025
1Z0-026
$149 Get Detail

MCD
1D0-425 1D0-520
1D0-525
$89 Get Detail

CCDA
640-863
$49.95 Get Detail


Demark
Took my last CCNP test last Friday. EliteCertify tests really made the difference, I passed every one on the first ...


England
Many thanks to your complete solution in 3Com Test Simulation Engine, Study Guides and PDF practice exams which are very ...


NY, USA
I wanted to take a few minutes to thank EliteCertify for passing 3 exams towards my MCSE. ...





Keyword
View Cart      Check Out
This site is both PayPal and VeriSign Verified. 128-bit SSL Encryption!
More questions about Order Security?