Security Profile Management Lesson 6

Questions and Answers

What is responsible for both inspection and management on software-based IPS's and Eseries?

Memory allocation

One CPU (correct)

Segmentation

Two separate CPUs

What is required for the SMS to download Digital Vaccines from the Internet?

Internet, a gateway, and DNS (correct)

DNS only

TMC connection

Internet and a gateway only

Why can't you turn on certain filters within an IPS Profile in the case where the DV on the IPS is newer than on the SMS?

The SMS is not connected to the TMC

The filters do not exist (correct)

The DV distribution history is obsolete

The IPS Profile is corrupted

What does a Distribution Snapshot provide when distributing a profile to a device?

A restore point for rolling back changes

When should a manual Snapshot be created for a profile?

At any time to allow rollback

How can you clear DV distribution history entries?

Change the required version to Active

What should be demonstrated if the TMC is not connected?

Load off of the course CD materials

What will especially notice performance issues with High Priority on software-based IPS's and Eseries?

One CPU

What must be done in order to roll-back changes using a Distribution Snapshot?

Change the required version to Active

What is the purpose of Digital Vaccine (DV) packages?

To provide new signatures for protecting network security

What is the function of the Adaptive Filter Configuration (AFC) setting in Digital Vaccine Filters?

It determines whether to permit or block traffic and/or send a notification

How are Digital Vaccine (DV) packages distributed to devices?

Through automatic download from the Threat Management Center (TMC)

What type of security needs do specialized filter packages address?

Advanced malware protection

What is the purpose of Traffic Management Filters?

To filter malicious traffic from the network

What is the role of Profile Version, Rollback, and Auditing in Security Profile Management?

To provide a history of changes made to security profiles

What does Flow based vs. Non-flow based DV refer to?

Security measures for network traffic management

What is the primary function of Inspection Bypass Rules?

To bypass inspection for specific types of traffic

'Adaptive Filter Configuration (AFC)' setting is related to which aspect of Digital Vaccine Filters?

'Adaptive Filter Configuration (AFC)' determines whether to permit or block traffic and/or send a notification

What is the purpose of Suspicious URL Metadata introduced with SMS 4.6?

To be used with Deep Discovery

When editing multiple filters, what does the dialog change to?

Filters Being Modified

How can you select multiple filters at the same time?

Use the CTRL key

What can be achieved through Profile Import/Export?

Importing into another SMS

What appears in the Filters tab if a filter has been modified?

Modified filters

What additional criteria can be used for search besides release dates and filter source?

Actions and Exceptions

What is the purpose of the Filter Taxonomy Search Results?

To view search results related to filter taxonomy

What is the benefit of importing Profiles into another SMS?

Preserving or replacing existing settings

What is the main use of Security Profile Management in relation to Education Lesson 6?

To manage and customize security profiles for specific criteria