2B0-023 Dumps 2B0-023 Braindumps 2B0-023 Real Questions 2B0-023 Practice Test 2B0-023 Actual Questions Enterasys 2B0-023 ES Advanced Dragon IDS https://killexams.com/pass4sure/exam-detail/2B0-023 Console to work properly? A. MySQL B. DBI C. Nessus D. DataShowTable Answer: C QUESTION: 42 From where does Dragon Trending Console import event data? A. Dragon Ring Buffer B. Dragon DB Agent C. Dragon Export Log Agent D. Dragon Trending Console Agent Answer: C QUESTION: 43 Which Dragon configuration file allows you to modify Dragon Ring Buffer parameters? A. /usr/dragon/dragon.cfg B. /usr/dragon/tools/displayringstats C. /usr/dragon/policymgr/driders.cfg D. /usr/dragon/sensor/conf/dragon.net Answer: A QUESTION: 44 Given a scenario where an SSH session is already established between Host_A and Server_B, what is the effect on the established session if you PUSH a SNIPER ACL to a Network Sensor that is configured to block all SSH communication from Host_A? 15 A. The established session is immediately terminated, and all subsequent SSH attempts from Host_A are denied B. The established session is immediately terminated, and all subsequent SSH attempts from Host_A are allowed C. The established session remains active until the user terminates it, and all subsequent SSH attempts from Host_A are denied D. Host Sensor immediately logs an event and initiates strong monitoring on Host_A, but allows all SSH to/from Host_A until an actual attack is detected Answer: A QUESTION: 45 What is the purpose of the rtu-mysql.pl script? A. Tails the Dragon Export Log, parses the data, then imports the data into an SQL database B. Starts the MySQL programs and connects the Dragon DB Agent to the Dragon Realtime Console Agent C. Writes detected event data to a dragon.log file in ASCII format D. Exports data from a MySQL database to a dragon.log file in ASCII format Answer: A QUESTION: 46 How can Dragon Workbench be configured to read a 'snoop' capture file on a Solaris host? A. No configuration necessary; Workbench will read a 'snoop' file natively B. Add the SNOOP keyword to the dragon.net file C. Add a 'SNOOP=1' entry to the dragon.cfg file D. Run the /usr/dragon/install/config script and select the Workbench snoop option Answer: B QUESTION: 47 16 Which of the following are true with regard to the catchTrap utility? A. Will conflict with Host Sensor if run concurrently B. Is located in the /usr/dragon/policymgr/tools directory C. Monitors SNMP Traps during the phase of defining a Host Sensor SNMP-trap policy library D. Provides SNMP alerting functionality for Dragon Alarmtool E. Allows traps to be caught, parsed and displayed in much the same way that Host Sensor will process them F. Analyzes traps and generates NIDS events for any anomalies within an SNMPv1 or SNMPv3 trap Answer: A, C, E QUESTION: 48 Which of the following are true with regard to Dragon Workbench? A. Allows Dragon to replay data contained in TCPDUMP trace/capture files with the goal of tuning a Network Sensor prior to deployment B. Can read data directly from the interface specified in the dragon.net file C. Will create separate dragon.db files for each 24-hours worth of data contained in a TCPDUMP trace/capture file D. Allows Dragon to compensate for the Snap Length limitation of TCPDUMP E. Can read data from Snoop trace/capture files F. Can analyze data contained in TCPDUMP trace/capture files and generate events based on anomalies Answer: A, E, F QUESTION: 49 What file must be present in the directory in which the 'reinstall' script is executed? A. The dragon.cfg file B. The config script C. The Dragon software bundle in the .tar.gz format D. The dragon.tar file after it has been extracted from the software bundle 17 Answer: D QUESTION: 50 In UPN's 'Acceptable Use Policy', what proactive service is designed to complement a Dragon IDS deployment? A. Deny Spoofing B. Deny Unsupported Protocol Access C. Protocol Priority Access Control D. Dragon RealTime Console E. Threat Management Answer: E 18 6$03/( 48(67,216 7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV .LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP $FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP ([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP 3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV *XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV 8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV 7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\ 'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU .LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG