Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Enterasys 2B0-018 Exam - Cheat-Test.com

Free 2B0-018 Sample Questions:

Q: 1 Which of the following is NOT a typical function of an Intrusion Detection System?
A. Monitors segment traffic to detect suspicious activity
B. Monitors network traffic and corrects attacks
C. Monitors traffic patterns to report on malicious events
D. Monitors individual hosts (HIDS) or network segments (NIDS)
Answer: B

Q: 2 Which best describes a SYN Flood attack?
A. Attacker redirects unusually large number of SYN/ACK packets
B. Attacker sends relatively large number of altered SYN packets
C. Attacker floods a host with a relatively large number of unaltered SYN packets
D. Attacker floods a host with an unusually large number of legitimate ACK packets
Answer: B

Q: 3 Which best describes a type of attack that aims to prevent the use of a service or host?
A. Reconnaissance
B. Denial of Service
C. IP Spoofing
D. Exploit
Answer: B

Q: 4 Which of the following is NOT a valid detection method used by Dragon Network Sensor?
A. Signature detection
B. Protocol detection
C. Policy detection
D. Anomaly detection
Answer: C

Q: 5 Which of the following is NOT a function of Dragon Forensics Console?
A. Allows for central configuration of Active Response mechanisms to deter network attacks
B. Centrally analyzes activity as it is occurring or has occurred over time
C. Correlates events together across Network Sensor, Host Sensor, and any other infrastructure system (e.g., firewall, router) for which messages have been received (via Host Sensor log forwarding)
D. Provides the tools for performing a forensics level analysis and reconstructing an attackers session
Answer: A

Q: 6 Which of the following does NOT describe Dragon Host Sensors Multi-Detection methods?
A. Monitors output to a hosts system and audit logs
B. Monitors a hosts files via MD5 integrity-checking
C. Monitors a hosts specified network interface promiscuously for anomalous activity
D. Monitors a hosts specific file attributes for changes to owner, group, permissions and file size
E. Monitors a Windows hosts Registry for attributes that should not be accessed and/or modified
Answer: C

Q: 7 What is the method that Dragon uses to secure the communication between the remote management host and Dragon Policy Manager?
A. SSH
B. SSL
C. IPSec
D. MD5
Answer: B

Q: 8 What is the primary and default source of event data for Dragon RealTime Console?
A. dragon.log.xxx
B. dragon.db
C. Ring Buffer
D. Dragon Workbench
Answer: C

Q: 9 For what purpose can Dragon Workbench be used?
A. Read data from TCPDUMP trace/capture file and write to dragon.db for later analysis
B. Read data from dragon.db file and write to a TCPDUMP trace/capture file for later analysis
C. Read data from RealTime Console and write to a TCPDUMP trace/capture file for later analysis
D. This functionality is ONLY available on Dragon Appliances
Answer: A

Q: 10 What is one benefit of Dragon Network Sensors dual network interface capability as deployed on a non-Dragon Appliance system?
A. Secure management and reporting on one interface; Network Sensor invisible on other interface
B. Allows for collection of event data from both interfaces simultaneously
C. Allows for protocol detection from one interface, and anomaly detection from the other interface
D. This functionality is ONLY available on Dragon Appliances
Answer: A

Q: 11 Which component of Dragon is most responsible for enabling hierarchical deployments?
A. Dragon Network Sensor
B. Dragon Security Information Manager
C. Dragon Event Flow Processor
D. Dragon Hierarchy Agent
Answer: C

Q: 12 What might be one benefit of configuring a Dragon Host Sensor Server?
A. To provide IKE-level security for Host Sensors deployed in a corporate DMZ
B. To centrally collect NIDS-event data from Network Sensors
C. To collect HIDS-event data from systems on which it is not possible or practical to deploy a Dragon Host Sensor
Answer: C

Q: 13 How many Dragon Policy Managers can simultaneously manage a single Dragon Network/Host Sensor?
A. 1
B. 2
C. 10
D. Unlimited
Answer: A

Q: 14 Why might an IDS administrator configure Dragon Enterprise Management Server to INITIATE outbound connections to remote Network/Host Sensors?
A. To increase performance when traversing a corporate DMZ
B. To provide the additional security that is inherent in the Server-initiated communication
C. Dragon only allows server-initiated (outbound) connections
D. To integrate Dragon into MSSP or other environments where firewalls prohibit inbound connections from Network/Host Sensors
Answer: D

Q: 15 Which of the following best describes the relationship between policies and signatures on a Dragon Host Sensor?
A. Policies can contain O/S-specific signatures
B. Signatures can contain O/S-specific policies
C. Policies and signatures are combined in a single library
D. Policies and signatures are unrelated
Answer: A

Q: 16 What two modes are available when installing a Dragon Host Sensor?
A. Standalone and Enterprise
B. Local and Remote
C. Active and Standby
Answer: A

Q: 17 What is the recommended method to start all installed Dragon components in Enterprise mode?
A. ./dragon enterprise
B. ./driders enterprise
C. ./dragonctl start
D. ./dragonctl enterprise
Answer: C

Q: 18 Which of the following is NOT a recommended means for a Dragon Network Sensor to collect event data over multiple switched links?
A. Port Redirection
B. Network Tap(s)
C. Port Trunking
D. Strategic deployment of multiple Dragon Network Sensors
Answer: C

Q: 19 Which of the following is required in order for the Dragon installation script (install.pl) to be completed?
A. Dragon license key
B. Pre-configured user and group named dragon
C. Active link to the internet
Answer: B

Q: 20 What is one method of de-activating a Dragon Policy Manager on a Linux host?
A. ./dragonctl kill PolicyManager
B. ./dragonctl kill policy-manager
C. ./dragonctl stop PolicyManager
D. ./dragonctl stop policy-manager
Answer: C


© 2014 Cheat-Test.com, All Rights Reserved