642-825 Implementing Secure Converged Wide Area Networks Testking Exam

Cisco ™

642-825 Implementing Secure Converged Wide Area Networks

Note 1: 642-825 Exhibit and all related diagrams are not shown in demo questions.
Note 2: 642-825 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.

Demo Question 6.

A new Cisco IDS was installed in the EliteCertify network. Which two statements about an Intrusion Detection System are true? (Select two)

A. The IDS can send TCP resets to the source device.
B. Default operation is for the IDS to discard malicious traffic.
C. The IDS can send TCP resets to the destination device.
D. The IDS is in the traffic path.
E. The IDS listens promiscuously to all traffic on the network.

Display Answer

Purchase Full Version:

642-825 Printable PDF Prep Guide $49.95 BUY NOW!

642-825 Test Simulation Engine $69.95 BUY NOW!

642-825 PDF & Test Simulation Engine $99.95 BUY NOW!

Answer: A, E

Explanation: The IDS is a software- or hardware-based solution that passively listens to network traffic. The IDS is not in the traffic path, but listens promiscuously to all traffic on the network. Typically, only one promiscuous interface is required for network monitoring. Additional promiscuous interfaces can be used to monitor multiple networks. When the IDS detects malicious traffic, it sends an alert to the management station. The IDS has limited active response capabilities. When configured, the IDS can block further malicious traffic by actively configuring network devices (for example, security appliances or routers) in response to malicious traffic detection. However, the original malicious traffic has already passed through the network to its destination and cannot be blocked. Only subsequent traffic will be blocked. The IDS also has the capability of sending a TCP reset to the end host to terminate any malicious TCP connections.