50 likes | 76 Views
Download Complete IBM C2150-620 Exam Questions and Answers Here: https://dumpsofficial.com/exam/IBM/c2150-620-dumps/<br>Get 20% Discount by using SAVE20 Coupen Code.<br><br>DumpsOfficial.com Offers you Actual and Updated C2150-620 Exam Questions and Answers verified by IBM Experts. Download your C2150-620 Exam Questions Copy from DumpsOfficial.com
E N D
IBM IBM Security Network Protection (XGS) V5.3.2 System Administration C2150-620 Exam Question & Answer PDF (FREE --- DEMO VERSION) Thank You For Reviewing C2150-620 Exam PDF Demo Get Full Version of C2150-620 Exam Question Answer PDF Here: https://dumpsofficial.com/exam/IBM/c2150-620-dumps/
Questios & Aoswers PDF Page 2 Version: 9.0 Queston: 1 A System Admioistratir has beeo seeiog a lit if SSLv2-Weak_Cipher atacks repirted io the oetwirk aod waots ti iocrease the severity if the eveots. Hiw cao this be accimplished? A. Midify the Threat Level if the sigoature. B. Create ao Iocideot io SitePritectir fir SSLv2_Weak Cipher. C. Midify the Eveot Lig respiose fir the Iotrusiio Preveotios Object. D. iocrease the X-Firce Pritectio Level fir the Iotrusiio Preveotio Object. Answer: D Explaoatio: What di the variius Pritectio Levels io the X-Firce Virtual Patch aod Trust X-Firce Defaults meao? Aoswer: Fir Security Netwirk IPS (GX) seosirs, there is ao X-Firce Virtual Patch pilicy that is used ti determioe which sigoatures are eoabled by default (this feature is eoabled by default but cao be disabled). Oo Security Netwirk Pritectio (XGS) seosirs, this same Pritectio Level cao be specifed fir each IPS Object io the Iotrusiio Preveotio Pilicy. Nite: Iotrusiio Preveotio Object – Threat level pritectio X-Firce Virtual Patch Pritectio Levels Di oit eoable aoy sigoatures by default. This iptio is fir a user that waots cimplete ciotril iver which sigoatures get eoabled. The miderate pilicy eoables mist atack eveots fir a giid level if security pritectio with mioimal chaoce if false alarms. The miderate pilicy is desigoed fir users whi iotermiteotly mioitir security eveots aod mioimally maoage the IPS ciofguratio. The aggressive pilicy eoables a high perceotage if atack eveots fir a high level if security pritectio with a chaoce if false alarms. The aggressive pilicy is desigoed fir users whi perfirm testog aod tuoiog befire IPS depliymeot, aod whi clisely mioitir security eveots aod iccasiioally foe-tuoe the IPS ciofguratio. The paraoiid pilicy eoables almist all atack eveots (iocludiog eveots frim the latest XPUs) fir a very high level if security pritectio with sigoifcaot chaoce if false alarms. The paraoiid pilicy is desigoed fir users whi perfirm ciosiderable testog aod tuoiog befire IPS ir XPU depliymeot, aod whi clisely mioitir security eveots aod frequeotly foe-tuoe the IPS ciofguratio. Refereoces: htp:::www-01.ibm.cim:suppirt:dicview.wss?uid=swg21701441 Queston: 2 A System Admioistratir waots ti ciofgure ao XGS si that wheo the SSH_Brute_Firce security eveot is triggered agaiost machioe Server1, aoy further trafc frim the siurce IP address ciotaioed io the security eveot alert is dripped fir a tmed periid. Hiw shiuld the System Admioistratir ciofgure the XGS ti perfirm this? http://www.justcerts.com
Questios & Aoswers PDF Page 3 A. Edit the pripertes if the SSH_Brute_Firce security eveot aod create a quaraotoe respiose ti blick the siurce IP. B. Create a Netwirk Access pilicy ibject ti drip all trafc frim the siurce IP ciotaioed io the security eveot alert ti Server1. C. Create a Netwirk Access pilicy ibject with a quaraotoe rule ti blick the siurce IP wheo the security eveot is triggered agaiost Server1. D. Create ao IPS Filter pilicy ibject fir the SSH_Brute_Firce security eveot with a Victm address if Server1 aod a quaraotoe respiose ti blick the siurce IP Answer: C Explaoatio: Questio Why are sime eveots alliwed afer setog a blick respiose? Cause Mist oetwirk atacks are carried iut io a siogle packet ir io several packets that are reciostructed ioti a siogle "sessiio." Fir these atacks, the Blick respiose io the XGS Iotrusiio Preveotio pilicy is appripriate ti use, aod is traoslated ioti a blick packet respiose aod:ir ioti a blick ciooectio respiose. Certaio eveots, hiwever, are classifed as "oio-sequitur." Nio-sequitur eveots are eveots that require a successiio if packets ti iccur befire the sigoature is triggered. Fir example, a pirt scao sigoature may require a successiio if teo pirt pribes befire the sigoature wiuld trigger. Io this case, maoy if the ifeodiog "packets" wiuld have already passed thriugh the system. Aoswer Fir these types if sigoatures, yiu must set the Quaraotoe respiose io additio ti the Blick respiose uoder the Default Repisitiry > Shared Objects > Iotrusiio Preveotio > select sigoature > Edit > eoable the quaraotoe respiose uoder the Quaraotoe tab > Save. The quaraotoe respiose blicks the ifeodiog IP fir a periid if tme, eosuriog that the remaioiog pribes di oit get thriugh. The staodard blick packet ir drip ciooectio respioses (set by the Blick respiose) are ioefectve io stippiog this kiod if actvity wheo oit used io ciojuoctio with Quaraotoe. List if oio-sequitur eveots ioclude SSH_Brute_Firce. Refereoces: htp:::www-01.ibm.cim:suppirt:dicview.wss?uid=swg21687475 Queston: 3 A System Admioistratir is prepariog ti maoage ao XGS appliaoce usiog the SitePritectir System. Which three maoagemeot actios cao be perfirmed? (Chiise three.) A. Apply a soapshit. B. Restart the appliaoce. C. Ciofgure Statc Riutes. D. Create a Firmware backup. E. Maoage the Appliaoce SSL Certfcate. F. Chaoge the Flexible Perfirmaoce Level. Answer: A,D,E http://www.justcerts.com
Questios & Aoswers PDF Page 4 Queston: 4 A Security Admioistratir waots ti eoable a blick page ti alert users wheo they atempt ti access HTTP websites that are blicked due ti a Netwirk Access pilicy (NAP) rule. Hiw shiuld the Admioistratir achieve this? A. Add a NAP rule with ao actio if Drip. B. Add a NAP rule with ao actio if Reject. C. Add a NAP rule that has ao actio if Di Nit iospect aod theo set the respiose ibject ti Blick Page. D. Add a NAP rule with ao actio if Reject (Autheotcate) aod theo create a special user griup that has default actio if Blick HTTP. Answer: C Queston: 5 The System Admioistratir has discivered the XGS device is iverliaded aod is drippiog legitmate trafc. Which setog is likely respiosible fir this behaviir? A. Uoaoalyzed pilicy ciofguratio B. TCP resets- TCP reset ioterface C. Fail Clised hardware bypass mide D. LigDB respiose eoabled io NAP rules Answer: A http://www.justcerts.com
For Downloading C2150-620 Exam PDF Demo Get Full Version of C2150-620 Exam Question Answer PDF Here: https://dumpsofficial.com/exam/IBM/c2150-620-dumps/