2B0-018 Exam

Quality and Value for the 2B0-018 Exam

Test4pass Practice Exams for Enterasys Networks 2B0-018 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.

100% Guarantee to Pass Your 2B0-018 Exam

If you prepare for the exam using our Test4pass testing engine, we guarantee your success in the first attempt. If you do not pass the Enterasys Networks Certification 2B0-018 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.

Enterasys Networks 2B0-018 Downloadable, Printable Exams (in PDF format)

Our Exam 2B0-018 Preparation Material provides you everything you will need to take your 2B0-018 Exam. The 2B0-018 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.

2B0-018 Downloadable, Interactive Testing engines

We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Enterasys Networks 2B0-018 Exam will provide you with free 2B0-018 dumps questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 2B0-018 Exam:100% Guarantee to Pass Your Enterasys Networks Certification exam and get your Enterasys Networks Certification Certification.

Hot KeyWords On 2B0-018 test

We collect some hot keywords about this exam:
Test4pass , Pass 4 Sure , Test in Side ,Pass Guide ,Test King 2B0-018 exam | 2B0-018 pdf exam | 2B0-018 braindumps | 2B0-018 study guides | 2B0-018 trainning materials | 2B0-018 simulations | 2B0-018 testing engine | 2B0-018 vce | 2B0-018 torrent | 2B0-018 dumps | free download 2B0-018 | 2B0-018 practice exam | 2B0-018 preparation files | 2B0-018 questions | 2B0-018 answers.

How to pass your 2B0-018 exam

You can search on Search Engine and Find Best IT Certification site: Test4pass.com - Find the Method to succeed 2B0-018 test,The safer.easier way to get Enterasys Networks Certification Certification .

��
��
Exam : Enterasys Networks 2B0-018
Title : ES Dragon IDS


1. What is the method that Dragon uses to secure the communication between the remote management host and Dragon Policy Manager?
A. SSH
B. SSL
C. IPSec
D. MD5
Answer: B

2. Which of the following does NOT describe Dragon Host Sensors Multi-Detection methods?
A. Monitors output to a hosts system and audit logs
B. Monitors a hosts files via MD5 integrity-checking
C. Monitors a hosts specified network interface promiscuously for anomalous activity
D. Monitors a hosts specific file attributes for changes to owner, group, permissions and file size
E. Monitors a Windows hosts Registry for attributes that should not be accessed and/or modified
Answer: C

3. Which best describes a type of attack that aims to prevent the use of a service or host?
A. Reconnaissance
B. Denial of Service
C. IP Spoofing
D. Exploit
Answer: B

4. Why might an IDS administrator configure Dragon Enterprise Management Server to INITIATE outbound connections to remote Network/Host Sensors?
A. To increase performance when traversing a corporate DMZ
B. To provide the additional security that is inherent in the Server-initiated communication
C. Dragon only allows server-initiated (outbound) connections
D. To integrate Dragon into MSSP or other environments where firewalls prohibit inbound connections from Network/Host Sensors
Answer: D

5. Which best describes a SYN Flood attack?
A. Attacker redirects unusually large number of SYN/ACK packets
B. Attacker sends relatively large number of altered SYN packets
C. Attacker floods a host with a relatively large number of unaltered SYN packets
D. Attacker floods a host with an unusually large number of legitimate ACK packets
Answer: B

6. For what purpose can Dragon Workbench be used?
A. Read data from TCPDUMP trace/capture file and write to dragon.db for later analysis
B. Read data from dragon.db file and write to a TCPDUMP trace/capture file for later analysis
C. Read data from RealTime Console and write to a TCPDUMP trace/capture file for later analysis
D. This functionality is ONLY available on Dragon Appliances
Answer: A

7. What is the primary and default source of event data for Dragon RealTime Console?
A. dragon.log.xxx
B. dragon.db
C. Ring Buffer
D. Dragon Workbench
Answer: C

8. Which of the following is NOT a function of Dragon Forensics Console?
A. Allows for central configuration of Active Response mechanisms to deter network attacks
B. Centrally analyzes activity as it is occurring or has occurred over time
C. Correlates events together across Network Sensor, Host Sensor, and any other infrastructure system (e.g., firewall, router) for which messages have been received (via Host Sensor log forwarding)
D. Provides the tools for performing a forensics level analysis and reconstructing an attackers session
Answer: A

9. What is one benefit of Dragon Network Sensors dual network interface capability as deployed on a non-Dragon Appliance system?
A. Secure management and reporting on one interface; Network Sensor invisible on other interface
B. Allows for collection of event data from both interfaces simultaneously
C. Allows for protocol detection from one interface, and anomaly detection from the other interface
D. This functionality is ONLY available on Dragon Appliances
Answer: A

10. Which of the following is NOT a valid detection method used by Dragon Network Sensor?
A. Signature detection
B. Protocol detection
C. Policy detection
D. Anomaly detection
Answer: C

11. How many Dragon Policy Managers can simultaneously manage a single Dragon Network/Host Sensor?
A. 1
B. 2
C. 10
D. Unlimited
Answer: A

12. Which component of Dragon is most responsible for enabling hierarchical deployments?
A. Dragon Network Sensor
B. Dragon Security Information Manager
C. Dragon Event Flow Processor
D. Dragon Hierarchy Agent
Answer: C

13. Which of the following is NOT a typical function of an Intrusion Detection System?
A. Monitors segment traffic to detect suspicious activity
B. Monitors network traffic and corrects attacks
C. Monitors traffic patterns to report on malicious events
D. Monitors individual hosts (HIDS) or network segments (NIDS)
Answer: B

14. What might be one benefit of configuring a Dragon Host Sensor Server?
A. To provide IKE-level security for Host Sensors deployed in a corporate DMZ
B. To centrally collect NIDS-event data from Network Sensors
C. To collect HIDS-event data from systems on which it is not possible or practical to deploy a Dragon Host Sensor
Answer: C