Cisco 642-545 Exam - TopITexams.com
Free 642-545 Sample Questions:
1. Which three options are true with regard to the Cisco Security MARS global and local controller architecture? (Choose three.)
A. All local controllers events are propagated to the global controller for correlations.
B. One global controller can support multiple local controllers.
C. Each zone can have one local controller.
D. Incidents can be viewed on the global controller based on a selected local controller.
Answer: B, C, D
2. Which two alert actions can notify a user that a Cisco Security MARS rule has fired, and that an incident has been logged? (Choose two.)
B. Short Message Service
C. OPSEC-LEA (clear and encrypted)
D. XML notification
Answer: B, D
3. Which option is correct about the case management feature of Cisco Security MARS?
A. It is used in conjunction with the Cisco Security MARS incident escalation feature for incident reporting.
B. It is used to capture, combine, and preserve user-selected Cisco Security MARS data within a specialized report.
C. It is used to automatically collect and save information on incidents, sessions, queries, and reports dynamically without user interventions.
D. It is used to very quickly evaluate the state of the network.
4. Which two statements accurately describe the Cisco Security MARS rules? (Choose two)
A. Drop rules are treated as global rules so it will automatically propagate to the Cisco Security MARS global controller.
B. Predefined system rules are treated as global rules. When an incident is fired by a system rule on the Cisco Security MARS local controller, the system rule propagates to the Cisco Security MARS global controller.
C. It is not possible to edit the global rules created on the Cisco Security MARS global controller from the Cisco Security MARS local controller.
D. Rules can be created on both the Cisco Security MARS global controller and the Cisco Security MARS local controllers. Rules on the Cisco Security MARS global controller will propagate down to the Cisco Security MARS local controllers.
Answer: B, D
5. The Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) is an appliance-based, all-inclusive solution that provides unmatched insight and control of your existing security deployment. Which three items are correct with regard to Cisco Security MARS rules? (Choose three.)
A. There are three types of rules.
B. Rules can be deleted.
C. Rules can be created using a query.
D. Rules trigger incidents.
Answer: A, C, D