After you enable alerts for new hosts that are detected by the Enterprise Security Profiler, where do you look in Security Manager to see those alerts?

A. Security Monitor > Profiler > Application Profiler tab

B. Security Monitor > Profiler > Violation Viewer tab

C. Security Monitor > Profiler > Network Profiler tab

D. Log Viewer > Profiler Log

You update your attack object database on Security Manager. What must you do before the new attack objects become active on the IDP sensors?

A. You install the updated security policy on the IDP sensor.

B. No changes are required.

C. You must restart the IDP sensor.

D. You must restart the IDP processes on the IDP sensors.

Given the following steps:

a.

Attach the sensor to the management network.

b.

Place the sensor inline in network.

c.

Create and install a policy on the sensor.

d.

Establish communication between Security Manager and the IDP sensor.

e.

Configure the sensor deployment mode and management interface IP.

f.

Test connectivity through the sensor.

Which order is correct when initially deploying a sensor in a network?

A. b, f, e, a, d, c

B. e, a, d, c, b, f

C. e, a, d, b, f, c

D. a, e, d, c, f, b

Exhibit:

You work as an administrator at Certkiller .com. Study the exhibit carefully. In the exhibit both firewalls are active/active, which two statements are true for this scenario? (Choose two.)

A. Only one firewall is actively passing traffic.

B. Upon failure of a sensor, user traffic will be sent over the IDP HA link.

C. Routers are running a redundancy protocol.

D. Firewalls are running a redundancy protocol.

Which interface does IDP use to communicate with Security Manager?

A. eth0

B. console port

C. eth1

D. HA port

Which three actions should be taken on a rule in the IDP rule base when the sensor is in transparent mode? (Choose three.)

A. Drop packet.

B. Close client and server.

C. Drop connection.

D. Drop stream.

Which two statements about disk management on the IDP Sensor are true?

A. IDP Management Server can be configured to send disk space alerts.

B. If the IDP Sensor disk is full, the IDP Sensor will not store any additional logs or packet captures.

C. If the IDP Sensor disk is full IDPSensore starts oldest log entries first, and packet captures second.

D. If the IDP Management Server disk is full, the oldest packet captures are purged first, and the log messages are purged second.

Which two statements are true about quick reports? (Choose two.)

A. Maximum duration is restricted to 12 hours.

B. Quick reports are ideal for zero day investigation.

C. Quick reports can be created only from the Log Viewer.

D. Once a quick report is created, the report options cannot be modified.

What is the function of the Log Packets notification action?

A. logs all packets the IDP Sensor sees

B. logs the packets containing the attack only

C. logs the packets used to give notification about a specific event (e.g.Syslog Traffic)

D. logs a specific number of packets before, after and during an attack

How much RAM is recommended for the IDP Management Server?

A. 512 MB

B. 128 MB

C. 256 MB

D. 1024 MB