Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Enterasys 2B0-101 Exam - Cheat-Test.com

Free 2B0-101 Sample Questions:

Q: 1 The attack category is for events that
A. Attempt to discover weaknesses
B. Map the structure of the network
C. Have the potential to compromise the integrity of an end system.
D. Deny access to resources
Answer: C

Q: 2 Virtual Sensors can segregate traffic by?
A. IP Address, VLAN, Port
B. IP Address, VLAN, Port, Protocol
C. IP Address, VLAN, Port, Protocol, Application
D. IP Address, VLAN, Port, Application
Answer: B

Q: 3 In an Event Flow Processor (EFP) a consumer can be?
A. A Sensor or an Event Channel
B. An Event channel only
C. An Event channel or an Agent
D. An Agent only
Answer: C

Q: 4 Before the host Sensor can be deployed
A. It must be associated with a virtual sensor
B. It must be associated with a host policy
C. Its key must be added to the /usr/dragon/bin directory
D. Its address must be added to /etc/hosts
Answer: B

Q: 5 Which of the following Dragon Agents is used for detecting changes to host files?
A. Real Time Console
B. MD5 Sum
C. Alarm Tool
D. Database
Answer: B

Q: 6 In a standalone deployment the system will have?
A. A net-config-client.xml file
B. A net-config-server.xml file
C. A net-config-server.xml and a net-con fig-client.xml file
D. A net-config-server.xml, a net-con fig-client.xml and a net-config-reports.xml file
Answer: C

Q: 7 MD5 checksums are
A. Stored in a protected directory on the host
B. Appended to the protected file
C. Passed up the event channel to the MD5 Agent
D. Stored in the /usr/dragon/bin directory on the Enterprise Management Server (EMS)
Answer: C

Q: 8 Which of the following best describes the commit operation?
A. It uses the configuration channel to push a configuration to a device
B. It uses the event channel to push a configuration to a device
C. It writes a configuration change to the Enterprise Management Server (EMS) database
D. It writes a configuration change to the management clients database
Answer: C

Q: 9 Which of the following Dragon Agents sends notifications when the sensors detect an event that match a rule?
A. Real Time Console
B. MD5 Sum
C. Alarm Tool
D. Database
Answer: C

Q: 10 Signature OS
A. Applies signature to network traffic originating from the specified OS
B. Is used for writing Host signatures
C. Is optional on Network signatures
D. Is required on all signatures
Answer: B

Q: 11 Dragonctl is used to?
A. Start, stop and monitor the dragon processes on the remote node
B. Write log files
C. Monitor the Ring Buffer
D. Maintain configuration channel connections
Answer: A

Q: 12 Virtual sensor names?
A. Are included in events they generate
B. Must match the sensor key
C. Must include the device name
D. Require separate keys
Answer: A

Q: 13 Agents can be deployed?
A. Only on non-forwarding Event Flow Processor (EFPs)
B. Only on forwarding Event Flow Processor (EFPs)
C. Only on the Enterprise Management Server (EMS) station
D. On any Event Flow Processor (EFP)
Answer: D

Q: 14 The host policy MD5 detection module
A. Detects any changes in the contents of protected file
B. Detects file size increases
C. Detects file truncations
D. Detects ownership changes
Answer: A

Q: 15 Traffic direction refers to traffic flows in relation to the
A. Server
B. Protected network
C. Client
D. DMZ
Answer: B

Q: 16 The master Alarm Tool Default policy
A. Is write locked
B. Is writable
C. Cannot be copied
D. Cannot be associated with an Agent
Answer: A

Q: 17 Which alarm type is best described as: collects information for x period of time, then send event notifications
A. Real Time
B. Summary
C. Dynamic
D. Interval
Answer: B

Q: 18 Agent status will show as Not Available until?
A. The agent is committed
B. The agent is deployed
C. The agent is selected
D. The remote node is deployed
Answer: B

Q: 19 Agents can be deployed on?
A. Only the Enterprise Management Server (EMS)
B. Any managed node with a networked sensor deployed
C. Any managed node with host sensor deployed
D. Any managed node
Answer: D

Q: 20 If a packet matched the rules for two virtual sensors it will be evaluated by?
A. Both sensors
B. The first sensor it matches
C. The default sensor
D. Overlapping rules are not permitted
Answer: B

Q: 21 A Bare Bones Event Flow Processor (EFP) has?
A. Only event channels
B. Event channels and agents
C. Only Agents and Sensors
D. Event channels and sensors
Answer: A

Q: 22 Which alarm type is best described as: Sends event notifications as soon as the are triggered
A. Real Time
B. Summary
C. Dynamic
D. Interval
Answer: A

Q: 23 When a notification rule is created a __________ can be associated with it.
A. Sensor
B. User
C. Time Period
D. Score
Answer: C

Q: 24 Connection type Outbound in the net-config-client.xml file indicates?
A. The server will initiate configuration channel connections
B. The client will initiate configuration channel connections
C. The server will initiate event channel connections
D. The client will initiate event channel connections
Answer: B

Q: 25 The default configuration channel port is?
A. 9111
B. 9112
C. 9113
D. 9114
Answer: A

Q: 26 In an Event Flow Processor (EFP) the producer?
A. Writes events top memory
B. Takes events off the Ring Buffer
C. Puts events on the Ring Buffer
D. Passes events to Agents
Answer: C

Q: 27 Dynamic Collection controls
A. The number of packets to analyze
B. The number of times to execute the signature in a flow
C. The number of follow on packets to capture for forensics
D. The number of bytes to search for a match
Answer: C

Q: 28 Alarm Tool filters can filter traffic based on: time (after / before ), Direction, events, IP source or Destination, protocol and
A. Threat subnet
B. Policy
C. Sensor
D. VLAN
Answer: C

Q: 29 The net-config-client.xml file is associated with?
A. The Enterprise Management Server (EMS)
B. Managed node client
C. Enterprise Management Server (EMS) Management Client
D. Reporting server
Answer: B

Q: 30 Custom Signature libraries can contain
A. Copies of master signatures and libraries
B. Customized signatures
C. Copies of master signatures and libraries, customized signatures and customized policies
D. Copies of master signatures and libraries and customized signatures
Answer: D


© 2014 Cheat-Test.com, All Rights Reserved