MA0-101 Online Practice Questions and Answers

Which port needs to be opened for Alert Channel communication between Sensor and Manager through a firewall?

A. 8501

B. 8502

C. 8503

D. 8555

Setting a threshold to allow an IPS to react when traffic volume exceeds the set limit is an example of what type of detection method?

A. Signature based

B. Pattern matching

C. Denial of Service

D. Remediation

When the buffer on the alert cache has been filled, what happens to current incoming alerts?

A. Incoming alerts are added to the cache and the oldest alerts are dropped

B. Incoming alerts are not added to the cache and are dropped

C. Incoming alerts are held in queue until cache space is cleared

D. Incoming alerts are added to the database directly

Which of the following commands will reestablish the Alert and packet log channel connection between the sensor and manager?

A. Connectalertandpktlogchannels

B. Disconnectalertandptologchannels

C. reconnectalertandpktlogchannets

D. deinstall

Which port needs to be opened for Alert Viewer communication between Client and Manager through a firewall?

A. 8501

B. 8502

C. 8503

D. 8555

Setting a threshold limit in order for the IPS to react if traffic volume exceeds this limit is an example of which type of detection method?

A. Statistical anomaly

B. Protocol anomaly

C. Pattern matching

D. Application anomaly

What type of encryption is used for alert channel (control channel) communication between the Sensor and the Manager?

A. SSL with RC4

B. SSL with MD5

C. SSL with RC4 and MD5

D. DES

What is the command to force the sensor out of Layer 2 Passthru mode?

A. Layer2 mode off

B. Layer2 mode on

C. Layer2 mode assert

D. Layer2 mode deassert