MA0-101 Online Practice Questions and Answers

Which port needs to be opened for Alert Channel communication between Sensor and Manager through a firewall?

A. 8501

B. 8502

C. 8503

D. 8555

What type of encryption is used for file transfers between the Sensor and the Manager?

A. SSL with RC4

B. SSL with MD5

C. SSL with RC4 and MD5

D. DES

When placed in Layer3 mode, a Sensor detects a Layer2 device based on which of the following?

A. MAC address

B. IP address

C. DNS

D. Subnet

In double VLAN tagging, a second VLAN tag that is inserted into the frame is referred to as which of the following?

A. Customer Identification tag (CD)

B. VLAN Identification tag (VID)

C. Outer Identification tag (OID)

D. Inner Identification tag (HD)

Which of the following information is unique to Host Intrusion Prevention alerts? (Choose three)

A. Destination IP

B. User

C. Source IP

D. Agent IP

E. Agent name

Which command is used to manually download signature tiles from the tftpserver when connectivity to the Manager is not available?

A. Loadimage WORD

B. Loadconfig WORD

C. Loadconfiguration WORD

D. Loadsigset WORD

Which of the following are considered part of the Operational mode of System Health-based NAC? (Choose three)

A. Audit

B. IPS

C. TAP

D. Simulation

E. Enforcement

F. SPAN

Which operating mode allows a sensor lo prevent attacks from reaching their intended targets?

A. Tap

B. Span

C. In-line

D. Failover

When creating policies, which of the following rule sets are available for selection within those policies?

A. Only rule sets created using the Rule Set Editor

B. Only rule sets imported from the Sensor

C. Only rule sets created using the Rule Set Editor and Default rule sets

D. Only Default Rule sets

A sensor is placed in-line and is dropping traffic. This situation demands an immediate removal of the sensor from the network to let traffic flow uninterrupted. Which option will you use to verify whether the issue is due to sensor configuration or network congestion?

A. Layer2modeon

B. Layer2 mode assert

C. Layer2 mode deassert

D. Layer2 mode off

Setting a threshold limit in order for the IPS to react if traffic volume exceeds this limit is an example of which type of detection method?

A. Statistical anomaly

B. Protocol anomaly

C. Pattern matching

D. Application anomaly

Which sensor action allows the detection and dropping of attacks in real-time?

A. Host Quarantine action

B. ICMP Host unreachable

C. TCP reset

D. Drop further packets

Which is the correct syntax for the 'set dosprevenbonseverity' command?

A. Set dospreventionseveriry tcp-rst 150

B. Set dospreventionseverity icmp-echo-reply enable 150

C. Set dospreventionseverity tcp-syn inbound 150

D. Set dosprevenbonseverity ip-fragment inbound

As a recommended best practice, what is the total number of sensors that should be managed through a single Network Security Manager installation?

A. 25

B. 50

C. 75

D. 100

Which NSP sensor models support VLAN Bridging? (Choose three)

A. M-1450

B. M-2850

C. M-3050

D. M-4050

E. M-6050