2B0-018 Dumps

2B0-018 Braindumps 2B0-018 Real Questions 2B0-018 Practice Test

2B0-018 Actual Questions

killexams.com Enterasys 2B0-018

ES Dragon IDS

https://killexams.com/pass4sure/exam-detail/2B0-018

Answer: C

QUESTION: 45

Which Dragon analysis and reporting tool is recommended as the first tool to use for quickly viewing recent event data?

1. Dragon Forensics Console

2. Dragon Executive Level Reporting

3. Dragon Trending Console

4. Dragon RealTime Console

Answer: D

QUESTION: 46

By default, the Alarmtool application reads event data from what source?

1. dragon.db

2. Ring Buffer

3. driders.cfg

4. SNMP E. SMTP

Answer: B

QUESTION: 47

Which analysis tool allows for the reconstruction of the TCP or UDP datagrams associated with a specified event?

1. sum_event

2. mkalarm

3. mklog

4. mktime

5. mksession

Answer: E

QUESTION: 48

Which of the following Dragon analysis and reporting tools allows for event correlation over more than one day?

1. CLI Analysis Tools

2. Forensics Console

3. Alarmtool

4. Executive Level Reporting

Answer: D

QUESTION: 49

The Dragon CLI Analysis Tools analyze events:

1. for a user-defined date range

2. for a single dragon.db file

3. for Dragon Host Sensors only

4. for Dragon Network Sensors only

Answer: B

QUESTION: 50

Which of the following is NOT configurable through Alarmtool?

1. SNMP trap notification

2. SMTP emailing

3. Invoking commands with arguments based on parameters of the IDS event

4. Syslog notification

5. RMON notification

Answer: E