Vendor:	Cisco
Exam :	642-532
Title :	Securing Networks Using Intrusion Prevention Systems Exam
Certification :	CCSP
No of Questions :	63 Q & A with Explanation
Updated :	16/05/2013

Unlimited Life Time Package Detials	Price
642-532 Exam training, Plus Over 3000 Exams Exam Training Tools Included	$99

642-532 IPS
Securing Networks Using Intrusion Prevention Systems Exam

Exam Description
The Securing Networks Using Intrusion Prevention Systems exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco IPS Specialist certifications. Candidates can prepare for this exam by taking the IPS v5.0 course. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco IPS appliance products.

Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Describe how Cisco IDS/IPS sensors are used to mitigate network security threats
* Select the best sensor platform to protect a given network
* Describe the features of the IDSM-2
* Describe the features of the NM-CIDS
* List sensor requirements for inline operations
* List platforms on which the 50 image will run
* Explain the difference between inline and promiscuous mode sensor operations
* Select the most effective location for the sensor and other defense-in-depth components
* Explain how Cisco IDS/IPS protects network devices from attacks (Describe signatures, alerts, and actions)
* Explain the similarities and differences among the various intrusion detection technologies
* Explain the evasive techniques used by hackers and how Cisco IDS defeats those techniques
* Explain the differences between HIPS and Network IPS
* Describe the network sensors that are currently available and their features
* Describe the considerations necessary for selection, placement, and deployment of a network intrusion prevention system
* Explain the features, benefits, and system requirements of the IDM
* Describe traffic that is not inspected by the NM-CIDS
* Define intrusion detection
* Define intrusion prevention
* Explain the Cisco IDS/IPS signature features

Install Cisco IDS/IPS sensors and configure essential system parameters
* Install a sensor appliance in the network
* Use the IDM to configure SSH and TLS communications
* Use the CLI to install the sensor's software image
* Select the appropriate image file for a sensor
* Select a router to host the NM-CIDS
* Configure communications between the router and the NM-CIDS
* Describe the functions of the various IDSM-2 ports
* Describe the tasks for configuring the NM-CIDS
* Describe the interfaces and components of the NM-CIDS
* Explain how the NM-CIDS works
* Explain how the IDSM-2 obtains access to network traffic
* Explain the importance of accurate time on the NM-CIDS and how the NM-CIDS should obtain the accurate time
* Explain the importance of accurate time on the IDSM-2 and how the IDSM-2 should obtain the accurate time
* Install the IDSM-2 in a switch
* Install the NM-CIDS in a router
* Select a switch to host the IDSM-2
* Use the CLI to initialize the sensor
* Describe user accounts and how they provide sensor security
* Use the IDM to configure and manage user accounts
* Use the IDM to verify secure management access to the sensor
* Obtain management access to the sensor appliance
* Obtain management access to the NM-CIDS
* Obtain management access to the IDSM-2
* Describe allowed hosts
* Use the IDM to configure allowed hosts
* Describe sensor interfaces and interface pairs
* Use the IDM to configure the sensor's interfaces (enable, create pairs, assign to virtual sensor)
* Describe software bypass mode
* Use the IDM to configure software bypass mode
* Use the IDM to configure the sensor's network settings (IP address, netmask, default gateway, etc)
* Describe sensor communications with external management and monitoring systems
* Launch, navigate, and use the IDM to manage and monitor the sensor
* Use the IDM to set the sensor's time
* Define traffic flow notification
* Use the IDM to configure traffic flow notification
* Describe the various CLI modes
* Navigate the sensor CLI
* List the tasks for installing and configuring the IDSM-2

Describe Cisco IDS/IPS sensor advanced system parameters
* Plan the mitigation of specific network vulnerabilities and exploits
* Describe sensor tuning
* Describe sensor tuning methods
* Explain IP fragment and TCP stream reassembly options
* Describe the IP logging capabilities of the sensor
* Explain how IP logging should be used
* Explain the use of Event Variables
* Determine the need for a custom signature
* Describe the signature engines and their functionality
* Describe the types of signatures supported by each engine
* Describe common engine parameters and their effects on signatures
* Describe engine-specific parameters and their effects on signatures
* Describe the device management capability of the sensor and how it is used to perform blocking with a Cisco device
* Determine which response actions need to be configured for a given scenario
* Determine the need for Event Action Filters in a given scenario
* Describe the purpose of the Meta Event Generator
* Explain Target Value Ratings and how they are used
* Determine the need for Event Action Rules in a given scenario
* Explain event Risk Ratings and how they are used
* Explain the sensor's SNMP support
* Determine if the sensor's application policy enforcement feature is needed in a given scenario

Tune Cisco IDS/IPS sensor advanced system parameters to optimize attack mitigation performance
* Use the IDM to tune the sensor to work optimally in the network
* Use the IDM to tune signatures to provide maximum protection for a network
* Use the IDM to create custom signatures as needed
* Configure response actions for a signature
* Configure the sensor to take response actions based on a risk rating
* Configure the sensor to minimize false alerts
* Use the IDM to create a Meta signature and disable alert production for the component signatures
* Use the IDM to configure the sensor to support SNMP
* Configure Event Action Filters
* Configure Event Action Overrides
* Configure Target Value Ratings
* Configure general settings for Event Action Rules
* Use the IDM to configure IP logging
* Configure Event Variables
* Use the IDM to configure blocking for a given scenario
* Use the IDM to configure the sensor to use a Master Blocking Sensor
* Use the IDM to configure IP fragment and TCP stream reassembly options
* Use the sensor's application policy enforcement feature

Analyze Cisco IDS/IPS sensor events to determine the appropriate response to network attacks
* Configure the IDM events display
* Analyze alerts and make configuration changes to respond to attacks
* Use the CLI and the IDM to monitor events
* Classify an alarm as true, false, positive or negative
* Explain the fields in a Cisco IDS/IPS alert
* Describe the various types of events generated by the sensor
* Explain the difference between true and false and positive and negative alarms

Upgrade and maintain Cisco IDS/IPS sensors
* Configure the sensor to allow an SNMP NMS to obtain its health and welfare information
* Use the CLI to recover the sensor's software image
* Use the IDM to install signature updates and service packs
* Use the IDM to configure automatic signature and service pack updates
* Move software images/upgrades and configuration files via HTTP, HTTPS, SCP, and FTP
* Use the IDM to restore the default configuration to the sensor
* Select the correct software update file for a sensor
* Use the CLI to upgrade the software image
* Describe the various types of image files
* Apply the appropriate system image to the sensor
* Describe maintenance tasks specific to the NM-CIDS
* Use the CLI to obtain PEP information from the sensor
* Use the IDM to install a sensor license
* Describe PEP information and its purpose
* Explain the purpose of service packs and signature updates
* Describe service pack and signature update file names
* Explain why a sensor license is needed
* Obtain a license key

Troubleshoot Cisco IDS/IPS sensor operation and configuration errors
* Use the packet command to display and capture packets from the data interfaces
* Copy (to a location off the sensor) packets that have been captured from the data interfaces
* Use the IDM to verify the sensor's configuration
* Use the CLI to back up the sensor configuration
* View IP logs for troubleshooting purposes
* Troubleshoot communications between the NM-CIDS and its host router
* Reset and power down the sensor
* Determine when resetting or powering down the sensor is necessary
* Describe the main components of the IPS 50 software architecture
* Verify functionality of the NM-CIDS
* Verify the Catalyst 6500 switch and Catalyst IDSM-2 functionality
* Use the IDM and the CLI to obtain sensor statistics
* Use the IDM to obtain a sensor diagnostic report
* Use the IDM to obtain sensor system information
* Use general troubleshooting commands
* Use the IDM to shut down and reboot the sensor
* Describe Cisco IDS/IPS configuration file format

 

Make The Best Choice Chose - Actualkey
Make yourself more valuable in today's competitive computer industry Actualkey's preparation material includes the most excellent features, prepared by the same dedicated experts who have come together to offer an integrated solution. We provide the most excellent and simple method to pass your CCSP 642-532 exam on the first attempt "GUARANTEED".

Our Unlimited Access Package will prepare you for your exam with guaranteed results, 642-532 Study Guide. Your exam will download as a single 642-532 PDF or complete 642-532 testing engine as well as over +1500 other technical exam PDF and exam engine downloads. Forget buying your prep materials separately at three time the price of our unlimited access plan - skip the 642-532 audio exams and select the one package that gives it all to you at your discretion: 642-532 Study Materials featuring the exam engine.

Actualkey 642-532 Exam Preparation Tools
Actualkey CCSP preparation begins and ends with your accomplishing this credential goal. Although you will take each CCSP online test one at a time - each one builds upon the previous. Remember that each CCSP exam paper is built from a common certification foundation.

642-532 Exam Testing Engines
Beyond knowing the answer, and actually understanding the 642-532 test questions puts you one step ahead of the test. Completely understanding a concept and reasoning behind how something works, makes your task second nature. Your 642-532 quiz will melt in your hands if you know the logic behind the concepts. Any legitimate CCSP prep materials should enforce this style of learning - but you will be hard pressed to find more than a CCSP practice test anywhere other than Actualkey.

642-532 Exam Questions and Answers with Explanation
This is where your CCSP 642-532 exam prep really takes off, in the testing your knowledge and ability to quickly come up with answers in the 642-532 online tests. Using Specialist 642-532 practice exams is an excellent way to increase response time and queue certain answers to common issues.

642-532 Exam Study Guides
All CCSP online tests begin somewhere, and that is what the EMC Specialist training course will do for you: create a foundation to build on. Study guides are essentially a detailed CCSP 642-532 tutorial and are great introductions to new CCSP training courses as you advance. The content is always relevant, and compound again to make you pass your 642-532 exams on the first attempt. You will frequently find these 642-532 PDF files downloadable and can then archive or print them for extra reading or studying on-the-go.

642-532 Exam Video Training
For some, this is the best way to get the latest CCSP 642-532 training. However you decide to learn 642-532 exam topics is up to you and your learning style. The Actualkey CCSP products and tools are designed to work well with every learning style. Give us a try and sample our work. You'll be glad you did.

642-532 Other Features
* Realistic practice questions just like the ones found on certification exams.
* Each guide is composed from industry leading professionals real CCSP notes, certifying 100% brain dump free.
* Study guides and exam papers are guaranteed to help you pass on your first attempt or your money back.
* Designed to help you complete your certificate using only
* Delivered in PDF format for easy reading and printing Actualkey unique CBT 642-532 will have you dancing the CCSP jig before you know it..
* Specialist 642-532 prep files are frequently updated to maintain accuracy. Your courses will always be up to date.

Get Specialist ebooks from Actualkey which contain real 642-532 exam questions and answers. You WILL pass your Specialist exam on the first attempt using only Actualkey's Specialist excellent preparation tools and tutorials.

Hi friends! Actualkey.com is No1 in sites coz in $99 I cant believe this but when I purchased the 50$ package it was amazing I Cisco passed 10 Exams using Actualkey guides in one Month So many thanks to Actualkey Team , Please continue this offer for next year also. So many Thanks.........................................................Mike CA..

---

Thank You
I would just like to thank Actualkey.com for the Cisco Securing Networks Using Intrusion Prevention Systems Exam 642-532 test guide that I bought a couple months ago and I took my test and pass overwhelmingly. I completed the test of
Notice: Undefined variable: exrow in /home/certking/public_html/actualkey.com/exam.php on line 422
questions in about 90 minutes I must say that their Q & A with Explanation are very amazing and easy to learn. ...........................................Jay Brunets After my co-workers found out what I used to pass Cisco Securing Networks Using Intrusion Prevention Systems Exam 642-532 the test, that many are thinking about purchasing Actualkey products

---

Thanks Actualkey.com team for their Securing Networks Using Intrusion Prevention Systems Exam exams prepration tools, I Pass my exam on the first attemp!...........................................John NA

---

I passed the Cisco Securing Networks Using Intrusion Prevention Systems Exam 642-532 exam yesterday, and now it's on to security exam. Couldn't have done it with out you.
Thanks very much.....................................................................Oley R.

---

Hello Everyone
I Just Passed The Cisco Securing Networks Using Intrusion Prevention Systems Exam 642-532 Took 80 to 90 Minutes max to understand and easy to learn. Thanks For Everything Now On To 642-532..............................Robert R.

---

Hi Actualkey.com thanks so much for your assistance in Cisco Securing Networks Using Intrusion Prevention Systems Exam i passed today it was a breeze and i couldn't have done it without you. Thanks again
.......................................................................................Seymour G.

---

I have used your Exam Study Guides for preparation for Cisco Securing Networks Using Intrusion Prevention Systems Exam 642-532. I also passed all those on the first round. I'm currently preparing for the Microsoft and theSecuring Networks Using Intrusion Prevention Systems Exam. exams...................................................................Ken T.

---

I just wanted to thank you for helping me get mySecuring Networks Using Intrusion Prevention Systems Exam 50$ package for all guides is awesome you made the journey a lot easier. I passed every test the first time using your
Guide.....................................................................................Mario B.

---

I take this opportunity to express my appreciation to the authors of Actualkey.com Cisco Securing Networks Using Intrusion Prevention Systems Exam test guide. I purchased the 642-532 soon after my formal hands on training and honestly, my success in the test came out of nowhere but Actualkey.com.
Once again I say thanks...................................................................Kris H.

---

Dear Actualkey.com team the test no. 642-532 that i took was very good, I received 880 and could have gain more just by learning your exams.......................................................................................Gil L.

---

Hi and Thanks
I have just passed the Securing Networks Using Intrusion Prevention Systems Exam Directory Services Design exam with a score of 928 thanks to you! The guide was excellent
..............................................................Edward T.

---

Great stuff so far....I love this site....!!
I am also on the Cisco Securing Networks Using Intrusion Prevention Systems Exam I decided to start from Actualkeyand start learning study Securing Networks Using Intrusion Prevention Systems Exam from home... It has been really difficult but so far I have managed to get through 4 exams....., now currently studying for the more exams.... Have a good day.................................................. Cheers - Ted Hannam

---

Thanks for your Help,
But I have finally downloaded Cisco Securing Networks Using Intrusion Prevention Systems Exam 642-532 exam preparation from Actualkey.com they are provided me complete information about the exam, lets hope I get success for the 642-532 exam, I found there exams very very realistic and useful. thanks again.....................................lindsay Paul