Pass4Test 에서 제공하는 학습가이드에는 IT전문가들이 만들어낸   IBM 000-561 인증시험의 완벽한 문제와 답들을 대비한 자료가포함되어있습니다. Pass4Test에서는 IT업계에서의 높은 신뢰감으로 여러분들한테 100%보장을 드립니다.  믿음을 드리기 위하여  IBM 000-561 관련자료의 일부분 문제와 답 등 샘플을 무료로 다운받아 체험해 볼수 있게 제공합니다.  IBM 000-561  문제와 답을체험하는 동시에 Pass4Test 제품 선택여부에 대하여 답이 나올 것입니다.Pass4Test 는 백프로 여러분들한테 편리함과 통과율을보장 드립니다. 여러분이 안전하게   IBM 000-561 시험을 패스할 수 있는 곳은 바로 Pass4Test입니다.인증시험을 패스하려면 시험대비 자료 선택은 필수입니다. Pass4Test의 전문가들은 모두 경험도 많고, 그들이 연구해낸 자료는 실제시험의 문제를 많이 적중하고 있습니다.IT업계 종사자라면 누구나   IBM 000-561 시험을 패스하고 싶어하리라고 믿습니다. 많은 분들이 이렇게 좋은 인증시험은 아주 어렵다고 생각합니다. 네 맞습니다. 패스할 확율은 아주 낮습니다. 노력하지 않고야 당연히 불가능한 일이 아니겠습니까? IBM 000-561 시험은 기초 지식 그리고 능숙한 전업지식이 필요 합니다. Pass4Test는 여러분들한테  IBM 000-561  시험을 쉽게 빨리 패스할 수 있도록 도와주는 사이트입니다. Pass4Test의   IBM 000-561 시험관련 자료로 여러분은 짧은 시간내에 간단하게시험을 패스할수 있습니다. 시간도 절약하고 돈도 적게 들이는 이런 제안은 여러분들한테 딱 좋은 해결책이라고 봅니다.

 

 

NO.1 Where in the IBM Security SiteProtector System Console can a customer find the link status of the
Security Interfaces on an IBM Security Network Intrusion Prevention System appliance?
A. the networkinfo section under Module Status in the appliance Properties screen
B. the Intrusion Prevention section under Module Status in the appliance Properties screen
C. the Security Interfaces section on the Health Summary Network tab in the appliance Properties screen
D. the Internal Communication section on the Health Summary System tab in the appliance Properties
screen
Answer: A

NO.2 Virtual Local Area Network (VLAN) exclusions have been added to a Protection Domain, however
events from those VLANs seem to be generated anyway. What is the most likely cause?
A. A VLAN cannot be excluded in a custom Protection Domain.
B. Multiple VLANs cannot be excluded in a custom Protection Domain.
C. Incorrect interfaces have been specified in a custom Protection Domain.
D. The same exception has not been created on the Global Protection Domain.
Answer: C

NO.3 Log Evidence is enabled for an event and an administrator wants to review the packet content. Where
in the Local Management Interface is this log file downloaded?
A. under Security Settings, select the policy that logs the event, click on Download Log, and the save file
B. select Review, under Downloads select Logs and Packet Captures, select the files, and click Download
C. on the Security Dashboard, click the Evidence Logs link, click all files related to the event, and save the
files
D. select Home Dashboard, scroll down to the section on evidence logs, select the log file(s), and click
Download
Answer: B

NO.4 Where would a user be added to allow a remote user to access the IBM Security Network Intrusion
Prevention System V4.3 Local Management Interface?
A. the Remote Access policy in IBM Security SiteProtector System (SiteProtector)
B. the User Management utility in SiteProtector
C. the Accounts and Passwords page in the Web interface
D. the Password Management menu in the SSH Configuration menu
Answer: C

NO.5 Which interface mode is required in order for quarantine response rules to work?
A. Bypass Mode
B. Inline Protection Mode
C. Inline Simulation Mode
D. Passive Monitoring Mode
Answer: B

NO.6 What are two restrictions placed on remote users using IBM Security Network Intrusion Prevention
System V4.3? (Choose two.)
A. They cannot reboot the appliance.
B. They cannot log in to the local console.
C. They cannot change the local user account passwords.
D. They cannot save changes to policies in the Web interface.
E. They cannot log in to the appliance when the authentication server is down.
Answer: C,E

NO.7 Which area of the IBM Protocol Analysis Module technology prevents Skype from using enterprise
network bandwidth?
A. Data Security
B. Application Control
C. Threat Detection and Prevention
D. Client-side Application Protection
Answer: B

NO.8 Which file is accessed on the IBM Security Network Intrusion Prevention System V4.3 appliance to
determine why it is Active with Errors in IBM Security SiteProtector System?
A. Boot log file
B. Kernel log file
C. Engine0 log file
D. Messages log file
Answer: D

NO.9 Where is the provinfo file stored?
A. /var/cache
B. /var/support/
C. root directory
D. admin directory
Answer: B

NO.10 A customer wants to change the severity of an IBM Protocol Analysis Module signature from high to low
in a given protection domain. Which policy meets this requirement?
A. Security Events
B. Open Signatures
C. System Updates
D. X-Force Virtual Patch
Answer: A

NO.11 How is a firewall rule configured to block remote desktop (RDP) access for all interfaces and all Virtual
Local Area Networks.?
A. protocol=TCP, source port exclude RDP
B. action=ignore, select Interfaces, protocol=TCP, port=3389
C. keep all default settings but change the target port to 3389
D. action=drop, protocol=UDP, target port uncheck any and enter 3389
Answer: C

NO.12 Where in the Local Management Interface is the location of the date and time of the last backup of an
IBM Security Network Intrusion Prevention System V4.3 viewable?
A. Evidence log
B. Message log
C. System Dashboard
D. Security Dashboard
Answer: C

NO.13 Which two user notification response object types are available in IBM Security Network Intrusion
Prevention System V4.3? (Choose two.)
A. SMS
B. E-mail
C. Remedy
D. Voicemail
E. SNMP Trap/Inform
Answer: B,E

NO.14 Which file can be imported or compiled, and defines the format of SNMP traps for security events
responses in the IBM Security Network Intrusion Prevention System appliance?
A. iss.mib
B. ibm.mib
C. linux.mib
D. snmp.mib
Answer: A

NO.15 What are two purposes for the Quarantine Rules in the Response Tuning page in the Local
Management Interface? (Choose two.)
A. add new quarantine rules
B. set network configuration options
C. temporarily disable a quarantine rule
D. review rules generated in response to intruder events
E. define how the appliance should send notifications when it detects an intrusion in the network
Answer: A,D