1.Drag Drop question

　　Drag and drop question. Drag the items to the proper locations.

　　Correct Answers:

　　2.Drag Drop question

　　Drag and drop question. Drag the items to the proper locations.

　　Correct Answers:

　　3.Which two items make up Agent kits? (Choose two.)

　　A:groups

　　B:hosts

　　C:policies

　　D:rules

　　E:network shim

　　Correct Answers:　A, E

　　4.If a Solaris or Windows system is not rebooted after CSA installation, which three rules are only enforced when new files are opened, new processes are invoked, or new socket connections are made? (Choose three.)

　　A:COM component access rules

　　B:network shield rules

　　C:buffer overflow rules

　　D:network access control rules

　　E:file access control rules

　　F:demand memory access rules

　　Correct Answers:　C, D, E

　　5.How can the Agent kit be sent out to host machines?

　　A: via a URL that is e-mailed to clients

　　B: via a TFTP server

　　C: via an FTP server

　　D: via a Telnet server

　　Correct Answers:　A

　　6.Cisco Security Agent provides Day Zero attack prevention by using which of these methods?

　　A: using signatures to enforce security policies

　　B: using API control to enforce security policies

　　C: using stateful packet filtering to enforce security policies

　　D: using algorithms that compare application calls for system resources to the security policies

　　Correct Answers:　D

　　7.What is the purpose of network access control rules?

　　A: to control access to network services

　　B: to control access to network addresses

　　C: to control access to both network services and network addresses

　　D: to control access to networks

　　Correct Answers:　C

　　8.Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)

　　A:install new code

　　B:modify configuration

　　C:ping scans

　　D:buffer overflow

　　E:erase files

　　F:e-mail attachment

　　Correct Answers:　D, F

　　9.When you choose the Log All Deny Actions option within a group, how are deny actions logged?

　　A: Deny actions are logged every 5 minutes.

　　B: Deny actions are logged every 10 minutes.

　　C: Every deny action is logged regardless of the specific rule settings.

　　D: Only those deny actions that are configured within specific rules are logged.

　　Correct Answers:　C

　　10.Which protocol should never be disabled on the CSA MC?

　　A: SSH

　　B: Telnet

　　C: IPSec

　　D: SSL

　　Correct Answers:　D