The Best BEA certifications -Visualexams ccna-dumps.com help you pass any IT exams

2B0-103 Free Demo Download

Certinside offers free demo for 2B0-103 25 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-103 Exam Pdf Demo

Download 2B0-103 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-103
Title : Enterasys Security Systems Engineer-NAC

1. What failed action(s) can be specified for the Lock MAC configuration
A. Reject
B. Use User Override
C. User MAC Override
D. All of the above
Answer: A

2. Which of the following information is required for creating a MAC Override?
A. Switch IP address
B. Configuration Template
C. MAC
D. All of the above
Answer: D

3. What is the minimum number of Assessment Servers required to implement end-system assessment?
A. 1
B. 2
C. 3
D. 4
Answer: A

4. Which of the following are required fields to import a User override from a file?
A. User Name
B. Configuration Template
C. Security Domain
D. All of the Above
Answer: D

5. What type of end systems will not interact with Enterasys Sentinel?
A. Unmanaged PCs (i.e. PCs not under the administrative control of IT operations)
B. Managed PCs (i.e. PCs under the administrative control of IT operations)
C. IP Phones, IP cameras, printer
D. None of the Above
Answer: D

2B0-101 Free Demo Download

Certinside offers free demo for 2B0-101 100 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-101 Exam Pdf Demo

Download 2B0-101 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-101
Title : Enterasys Security Systems Engineer (ESSE) Recertification

1. In an Event Flow Processor (EFP) a consumer can be?
A. A Sensor or an Event Channel
B. An Event channel only
C. An Event channel or an Agent
D. An Agent only
Answer: C

2. MD5 checksums are
A. Stored in a protected directory on the host
B. Appended to the protected file
C. Passed up the event channel to the MD5 Agent
D. Stored in the /usr/dragon/bin directory on the Enterprise Management Server (EMS)
Answer: C

3. Virtual sensor names?
A. Are included in events they generate
B. Must match the sensor key
C. Must include the device name
D. Require separate keys
Answer: A

4. The attack category is for events that
A. Attempt to discover weaknesses
B. Map the structure of the network
C. Have the potential to compromise the integrity of an end system.
D. Deny access to resources
Answer: C

5. Dragonctl is used to?
A. Start, stop and monitor the dragon processes on the remote node
B. Write log files
C. Monitor the Ring Buffer
D. Maintain configuration channel connections
Answer: A

6. Before the host Sensor can be deployed
A. It must be associated with a virtual sensor
B. It must be associated with a host policy
C. Its key must be added to the /usr/dragon/bin directory
D. Its address must be added to /etc/hosts
Answer: B

7. Traffic direction refers to traffic flows in relation to the
A. Server
B. Protected network
C. Client
D. DMZ
Answer: B

8. Agents can be deployed?
A. Only on non-forwarding Event Flow Processor (EFPs)
B. Only on forwarding Event Flow Processor (EFPs)
C. Only on the Enterprise Management Server (EMS) station
D. On any Event Flow Processor (EFP)
Answer: D

9. In a standalone deployment the system will have?
A. A net-config-client.xml file
B. A net-config-server.xml file
C. A net-config-server.xml and a net-con fig-client.xml file
D. A net-config-server.xml, a net-con fig-client.xml and a net-config-reports.xml file
Answer: C

10. Virtual Sensors can segregate traffic by?
A. IP Address, VLAN, Port
B. IP Address, VLAN, Port, Protocol
C. IP Address, VLAN, Port, Protocol, Application
D. IP Address, VLAN, Port, Application
Answer: B

11. Which of the following Dragon Agents is used for detecting changes to host files?
A. Real Time Console
B. MD5 Sum
C. Alarm Tool
D. Database
Answer: B

12. Which of the following best describes the commit operation?
A. It uses the configuration channel to push a configuration to a device
B. It uses the event channel to push a configuration to a device
C. It writes a configuration change to the Enterprise Management Server (EMS) database
D. It writes a configuration change to the management clients database
Answer: C

13. The master Alarm Tool Default policy
A. Is write locked
B. Is writable
C. Cannot be copied
D. Cannot be associated with an Agent
Answer: A

14. Which of the following Dragon Agents sends notifications when the sensors detect an event that match a rule?
A. Real Time Console
B. MD5 Sum
C. Alarm Tool
D. Database
Answer: C

15. Signature OS
A. Applies signature to network traffic originating from the specified OS
B. Is used for writing Host signatures
C. Is optional on Network signatures
D. Is required on all signatures
Answer: B

16. The host policy MD5 detection module
A. Detects any changes in the contents of protected file
B. Detects file size increases
C. Detects file truncations
D. Detects ownership changes
Answer: A

2B0-018 Free Demo Download

Certinside offers free demo for 2B0-018 50 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-018 Exam Pdf Demo

Download 2B0-018 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-018
Title : ES Dragon IDS

1. Which of the following best describes the relationship between policies and signatures on a Dragon Host Sensor?
A. Policies can contain O/S-specific signatures
B. Signatures can contain O/S-specific policies
C. Policies and signatures are combined in a single library
D. Policies and signatures are unrelated
Answer: A

2. What is one benefit of Dragon Network Sensors dual network interface capability as deployed on a non-Dragon Appliance system?
A. Secure management and reporting on one interface; Network Sensor invisible on other interface
B. Allows for collection of event data from both interfaces simultaneously
C. Allows for protocol detection from one interface, and anomaly detection from the other interface
D. This functionality is ONLY available on Dragon Appliances
Answer: A

3. Which component of Dragon is most responsible for enabling hierarchical deployments?
A. Dragon Network Sensor
B. Dragon Security Information Manager
C. Dragon Event Flow Processor
D. Dragon Hierarchy Agent
Answer: C

4. Which of the following is NOT a function of Dragon Forensics Console?
A. Allows for central configuration of Active Response mechanisms to deter network attacks
B. Centrally analyzes activity as it is occurring or has occurred over time
C. Correlates events together across Network Sensor, Host Sensor, and any other infrastructure system (e.g., firewall, router) for which messages have been received (via Host Sensor log forwarding)
D. Provides the tools for performing a forensics level analysis and reconstructing an attackers session
Answer: A

5. What is the method that Dragon uses to secure the communication between the remote management host and Dragon Policy Manager?
A. SSH
B. SSL
C. IPSec
D. MD5
Answer: B

6. Which of the following is NOT a valid detection method used by Dragon Network Sensor?
A. Signature detection
B. Protocol detection
C. Policy detection
D. Anomaly detection
Answer: C

7. Which of the following is NOT a typical function of an Intrusion Detection System?
A. Monitors segment traffic to detect suspicious activity
B. Monitors network traffic and corrects attacks
C. Monitors traffic patterns to report on malicious events
D. Monitors individual hosts (HIDS) or network segments (NIDS)
Answer: B

8. How many Dragon Policy Managers can simultaneously manage a single Dragon Network/Host Sensor?
A. 1
B. 2
C. 10
D. Unlimited
Answer: A

9. Which best describes a type of attack that aims to prevent the use of a service or host?
A. Reconnaissance
B. Denial of Service
C. IP Spoofing
D. Exploit
Answer: B

10. Why might an IDS administrator configure Dragon Enterprise Management Server to INITIATE outbound connections to remote Network/Host Sensors?
A. To increase performance when traversing a corporate DMZ
B. To provide the additional security that is inherent in the Server-initiated communication
C. Dragon only allows server-initiated (outbound) connections
D. To integrate Dragon into MSSP or other environments where firewalls prohibit inbound connections from Network/Host Sensors
Answer: D

11. What two modes are available when installing a Dragon Host Sensor?
A. Standalone and Enterprise
B. Local and Remote
C. Active and Standby
Answer: A

12. What is the primary and default source of event data for Dragon RealTime Console?
A. dragon.log.xxx
B. dragon.db
C. Ring Buffer
D. Dragon Workbench
Answer: C

13. For what purpose can Dragon Workbench be used?
A. Read data from TCPDUMP trace/capture file and write to dragon.db for later analysis
B. Read data from dragon.db file and write to a TCPDUMP trace/capture file for later analysis
C. Read data from RealTime Console and write to a TCPDUMP trace/capture file for later analysis
D. This functionality is ONLY available on Dragon Appliances
Answer: A

14. Which of the following does NOT describe Dragon Host Sensors Multi-Detection methods?
A. Monitors output to a hosts system and audit logs
B. Monitors a hosts files via MD5 integrity-checking
C. Monitors a hosts specified network interface promiscuously for anomalous activity
D. Monitors a hosts specific file attributes for changes to owner, group, permissions and file size
E. Monitors a Windows hosts Registry for attributes that should not be accessed and/or modified
Answer: C

15. What might be one benefit of configuring a Dragon Host Sensor Server?
A. To provide IKE-level security for Host Sensors deployed in a corporate DMZ
B. To centrally collect NIDS-event data from Network Sensors
C. To collect HIDS-event data from systems on which it is not possible or practical to deploy a Dragon Host Sensor
Answer: C

16. Which best describes a SYN Flood attack?
A. Attacker redirects unusually large number of SYN/ACK packets
B. Attacker sends relatively large number of altered SYN packets
C. Attacker floods a host with a relatively large number of unaltered SYN packets
D. Attacker floods a host with an unusually large number of legitimate ACK packets
Answer: B

2B0-015 Free Demo Download

Certinside offers free demo for 2B0-015 90 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-015 Exam Pdf Demo

Download 2B0-015 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-015
Title : ES Wireless

1. What is the default password on the R2?
A. public
B. admin
C. password
D. private
Answer: C

2. Which of the following is NOT a source of radio interference?
A. Microwave ovens
B. Overhead power lines
C. Cable TV
D. Theft detection devices
Answer: C

3. When should an Upline Dump be enabled for the AP 2000?
A. When configuring the AP for an upgrade to its firmware
B. When troubleshooting a poor SNR
C. When copying configurations from one AP to another
D. When requested by a RoamAbout service representative
Answer: D

4. What is the name of AP Manager integrated BootP/TFTP server application?
A. RAT
B. NetRider
C. NetSight Atlas
D. NCM_PCOV
Answer: B

5. What media access method does the RoamAbout use?
A. CSMA/CD
B. Beacon exchange
C. Binary Sequential Back off
D. CSMA/CA
Answer: D

6. Which of the following does NOT affect the size of a cell?
A. Network utilization
B. Radio frequency noise
C. Transmit speeds
D. Humidity
Answer: D

7. How do you avoid radio frequency interference within an area when positioning multiple APs with 802.11b PC Cards installed?
A. Configure different network names on the APs
B. Enable Secure Access
C. Configure overlapping cells at least five channels apart
D. Maintain at least 100 meters distance between APs
Answer: C

8. What does the RoamAbout employ, by default, to confirm successful frame delivery?
A. The receiving station sends a MAC level acknowledgement
B. Resolution by upper layer protocols (i.e., TCP) at the sending station
C. The sending station sends a source frame to verify delivery
D. There is no method of ensuring successful delivery
Answer: A

9. Up to how many buildings may be connected in a Point-to-Multipoint configuration?
A. 3
B. 7
C. 8
D. 12
Answer: B

10. When configuring LAN-to-LAN Endpoint, which of the following do you need?
A. Wired MAC Address of the remote Access Point
B. Wireless MAC Address of the remote Access Point
C. IP Address of the remote Access Point
D. Different channels configured on both Access Points
Answer: B

11. In which of the following devices is the PC Radio Card NOT used?
A. Laptops
B. Carrier (adapter) modules
C. Omni-directional antenna
D. Wireless Ethernet Adapter
Answer: C

12. Which AP Manager utility is used during LAN-to-LAN installations to determine signal strength?
A. Authentication
B. Link test
C. Integrity Check
D. Site Monitor
Answer: B

13. Why is it important to read Release Notes when installing a wireless PC Card and its drivers?
A. To enable you to decipher LED indications
B. They include a PC Card license key
C. To learn about restrictions and requirements for your OS
D. To learn what channels are supported in your geographic region
Answer: C

14. With Secure Access enabled on an AP with an IEEE 802.11b PC Card installed, which of the following is true?
A. The AP allows access to wireless clients that use "ANY" as the wireless network name
B. The AP allows access to wireless clients that leave the wireless network name configuration blank
C. The AP denies access to wireless clients that do not provide the proper access password
D. The AP denies access to wireless clients that do not use the correct wireless network name
Answer: D

15. What are two solutions to a "Hidden Station" problem?
A. Enable the RTS/CTS Protocol
B. Increase the transmission power of the station
C. Increase the Density setting
D. Move the problem station
Answer: AD

16. What file extension is used for RoamAbout Boot ROM image files?
A. .txt
B. .asp
C. .WEP
D. .BIN
Answer: D

2B0-012 Free Demo Download

Certinside offers free demo for 2B0-012 70 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-012 Exam Pdf Demo

Download 2B0-012 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-012
Title : ES Switching Edition 4.0

1. Which IP Address Class is reserved for Multicast?
A. Class A
B. Class B
C. Class C
D. Class D
E. Class E
Answer: D

2. The Matrix C2 Stacking technology deploys which type of algorithm for packet forwarding through the stack?
A. packet forwarding in a Matrix C2 stack uses a Time Division Multiplexing algorithm
B. packet forwarding in a Matrix C2 stack uses a Token Passing algorithm
C. packet forwarding in a Matrix C2 stack uses an algorithm that passes all traffic in one direction regardless of hop count
D. packet forwarding in a Matrix C2 stack uses a Shortest-Path algorithm
Answer: D

3. How many static routes can the Matrix C1 support?
A. 250
B. 500
C. 1,000
D. 2,000
Answer: C

4. 0.1
C. 255.255.255.255
D. 0.0.0.0
Answer: D
4. The Data Link layer of the OSI model defines which sub-layers?
A. LLC
B. MAC
C. CSMA
D. none of the above
E. both A & B
Answer: E
5. Which information does a bridge use to build its SAT?
A. the source’s logical address
B. the source’s physical address
C. the destination’s logical address
D. the destination’s physical address
Answer: B
6. What version of management does the Matrix-E1 support?
A. SNMP-v4
B. IGMP
C. SNMP-v3
D. Level 2
Answer: C

5. Which groups of RMON does the Matrix C2 support?
A. the C2 supports 4 groups of RMON (groups 1,2,3 and 9)
B. the C2 supports 4 groups of RMON (groups 1,2,3 and 4)
C. the C2 supports 5 groups of RMON (groups 1,2,3, 4 and 9)
D. the C2 supports all 9 groups of RMON
Answer: A

6. 255.255.255
D. 0.0.0.0
Answer: D
4. The Data Link layer of the OSI model defines which sub-layers?
A. LLC
B. MAC
C. CSMA
D. none of the above
E. both A & B
Answer: E
5. Which information does a bridge use to build its SAT?
A. the source’s logical address
B. the source’s physical address
C. the destination’s logical address
D. the destination’s physical address
Answer: B

7. 1.1.1
B. 172.16.0.1
C. 255.255.255.255
D. 0.0.0.0
Answer: D

8. What is the default VLAN assignment method for Enterasys 802.1Q switches?
A. MAC
B. Port
C. Protocol type
D. DSAP or SSAP values
Answer: B

9. Which IP address will trigger Remote IP Address Discovery?
A. 10.1.1.1
B. 172.16.0.1
C. 255.255.255.255
D. 0.0.0.0
Answer: D

10. What is a feature of 802.3ad link aggregation?
A. The logical link provides multiple active links
B. The logical link must be manually configured
C. The logical link eliminates the need for Spanning Tree
D. The logical link increases the size of the collision domain
Answer: A

11. The Data Link layer of the OSI model defines which sub-layers?
A. LLC
B. MAC
C. CSMA
D. none of the above
E. both A & B
Answer: E

12. The Advanced Routing Feature Set of the Matrix N-Series DFE adds support for which of the following
A. VRRP and Policy-Based Routing
B. BGP and ISIS
C. DVMRP and PIM-SM
D. RIP versions 1 and 2
Answer: C

13. How many VLANs does the Matrix V2 support?
A. 256
B. 512
C. 1024
D. 2048
Answer: A

14. What is the first factor considered in the election of a Designated Bridge by 802.1D compliant bridges using the Spanning Tree Algorithm?
A. the port ID number
B. the path cost to Root
C. the bridge MAC address
D. the bridge priority number
Answer: B

15. The ability to route multicast traffic is a benefit of which of the following?
A. CIDR
B. DVMRP
C. IGMP
D. CDP
Answer: B

2B0-102 Free Demo Download

Certinside offers free demo for 2B0-102 45 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-102 Exam Pdf Demo

Download 2B0-102 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-102
Title : Enterasys Security Systems Engineer-Defense

1. In a signature the service direction refers to
A. Ports
B. Networks
C. VLANS
D. Protocols
Answer: A

2. Traffic direction refers to traffic flows in relation to the
A. Server
B. Protected network
C. Client
D. DMZ
Answer: B

3. When using the Report Wizard within the Dragon Security Command Console all but one of the following formats can be chosen for output?
A. HTML
B. DOC
C. RTF
D. PDF
Answer: B

4. Network policies and signatures are associated with the?
A. Managed node
B. Network sensor
C. Virtual sensor
D. Agent
Answer: C

5. The license key file for Dragon Security Command Console must be?
A. pulled automatically from the Dragon EMS Server in the /usr/dragon/policymgr/keys directory
B. manually copied to each of the remote Behavioral Flow Sensors before flows are collected
C. must be carefully entered into the license field of the Dragon Administration Console because it is tied to the hostname of the server and may have an extra carriage return at the end of the file
D. None of the above
Answer: D

6. The net-config-client.xml file is associated with?
A. The Enterprise Management Server (EMS)
B. Managed node client
C. Enterprise Management Server (EMS) Management Client
D. Reporting server
Answer: B

7. The virtual sensor name?
A. Must match the license name
B. Is included in all events reported by the virtual sensor
C. Must include the node name
D. Applies only to the device view
Answer: B

8. Which of the following techniques is not a viable way for a Device Support Module (DSM) to receive event data?
A. OPSEC
B. SSH
C. SYSLOG
D. SNMP V3 Inform
Answer: B

9. Dynamic Collection controls
A. The number of packets to analyze
B. The number of times to execute the signature in a flow
C. The number of follow on packets to capture for forensics
D. The number of bytes to search for a match
Answer: C

10. Which of the following Dragon Agents sends notifications when the sensors detect an event that match a rule?
A. Real Time Console
B. MD5 Sum
C. Alarm Tool
D. Database
Answer: C

2B0-104 Free Demo Download

Certinside offers free demo for 2B0-104 75 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.


Download 2B0-104 Exam Pdf Demo

Download 2B0-104 Exam iEngine Demo

　
　
Exam : Enterasys Networks 2B0-104
Title : Enterasys Certified Internetworking Engineer(ECIE)

1. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from a user masquerading as a valid service on the network?
A. Deny Unsupported Protocol Access service
B. Deny Spoofing & other Administrative Protocols service
C. Application Provisioning AUP service
D. Limit Exposure to DoS Attacks service
Answer: B

2. An Acceptable Use Policy for the network should define:
A. Which types of traffic trusted users only are allowed to generate on the network
B. Which types of traffic untrusted users only are allowed to generate on the network
C. Which types of traffic trusted and untrusted users are allowed to generate on the network
D. Which types of traffic guest users only are allowed to generate on the network
Answer: C

3. As defined in NetSight Policy Managers demo.pmd file, the Guest Access policy role is associated to:
A. No services
B. The Deny Spoofing & Other Administrative Protocols service only
C. The Deny Unsupported Protocol Access service only
D. All services grouped under the Secure Guest Access service group
Answer: D

4. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from Denial of Service attacks on the network?
A. Deny Unsupported Protocol Access service
B. Deny DoS Attacks service
C. Limit Exposure to DoS Attacks service
D. Application Provisioning – AUP service
Answer: C

5. Which of the following is not a pre-defined Port Group in NetSight Policy Manager to:
A. All ports
B. Authenticated ports
C. Logical ports
D. CDP ports
Answer: B

6. In a multi-vendor environment, where is the placement of a policy capable device most effective in discarding malicious traffic and protecting the entire network:
A. At the access layer edge
B. At the distribution layer
C. In the DMZ
D. In the core
Answer: A

7. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. If a network administrator desires to prevent infected devices from being further exploited within the enterprise network, the network administrator should configure and enforce policy for infected devices to the Active Edge of the network that:
A. Discards traffic destined to TCP port X
B. Discards traffic sourced from TCP port X
C. Prioritizes traffic destined or sourced to TCP port X to a low priority
D. Rate limit traffic destined or sourced to TCP port X
Answer: B

8. As defined in NetSight Policy Managers demo.pmd file, the Secure Guest Access Service Group:
A. Allows PPTP and HTTP traffic only, and discards all other traffic
B. Allows HTTP, DNS, and DHCP traffic only, and discards all other traffic
C. Allows PPTP, HTTP, DNS, and DHCP traffic, and denies access to all other TCP/UDP ports and unsupported protocols on the network
D. Discards all traffic
Answer: C

9. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. If a network administrator desires to prevent an internal user from connecting to an infected device, the network administrator should configure and enforce policy for malicious users to the Active Edge of the network that:
A. Discards traffic destined to TCP port X
B. Discards traffic sourced from TCP port X
C. Prioritizes traffic destined or sourced to TCP port X to a low priority
D. Rate limit traffic destined or sourced to TCP port X
Answer: A

10. Fill in the blank. It is necessary to ______ policy configuration changes to the switches in NetSight Policy Manager before the changes can take effect.
A. Mediate
B. Enforce
C. Compile
D. Encrypt
Answer: B

11. The following components are mandatory for dynamic policy deployment on the network:
A. NetSight Policy Manager and policy-capable devices
B. NetSight Policy Manager, policy-capable devices, and authentication services
C. NetSight Policy Manager and any device
D. NetSight Policy Manager only
Answer: B

12. In a multi-vendor environment where 3 rd party devices are located at the edge of the network and are not policy-capable, installing a policy-capable device in the distribution layer:
A. Protects the network core from internally sourced attacks
B. Protects the server farm from internally sourced attacks
C. Secures other access layer segments connected through the policy-capable distribution layer device
D. All of the above
Answer: D

13. The RADIUS Filter-ID parameter is used to:
A. Authenticate users
B. Authenticate a RADIUS client
C. Pass policy information to a switch to authorize an authenticated user with a level of network access
D. Discard traffic destined for a RADIUS server
Answer: C

14. A new policy role, Staff, is created under the Roles tab in NetSight Policy Manager. To use the Staff policy role to classify ingressed traffic for static policy deployment, the network administrator must at a minimum:
A. Do nothing else. Once the Staff policy role is created in NetSight Policy Manager, the network begins classifying traffic according to the configuration of Staff
B. Enforce NetSight Policy Managers policy configuration to policy-capable devices only
C. Enforce NetSight Policy Managers policy configuration to policy-capable devices and also assign the Staff policy role to a port
D. Enforce NetSight Policy Managers policy configuration to policy-capable devices, assign the Staff policy role to a port, and enable authentication on the port.
Answer: C

15. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, reduces network congestion by removing legacy protocols from the network such as IPX?
A. Deny Unsupported Protocol Access service
B. Deny Spoofing & other Administrative Protocols service
C. Threat Management service
D. Limit Exposure to DoS Attacks service
Answer: A