do 15 grudnia 2003. $50 za rejestracje
Exam Number: 643-531
Associated Certifications: CCSP, Cisco IDS Specialist
Duration: 75 minutes (55-65 questions)
Available Languages: English
Click Here to Register: Pearson VUE or Prometric
Exam Description
Exam Topics
Recommended Training
Additional Resources
Exam Description
The Cisco Security Intrusion Detection Systems exam tests the knowledge and skills needed to design, install, and configure a Cisco Intrusion Protection solution for small, medium, and enterprise networks.
Exam Topics
The following information provides general guidelines for the content likely to be included on this exam. However, other related topics may also appear on any specific delivery of the exam.
Describe and explain the various intrusion detection technologies and evasive techniques
Define intrusion detection
Explain the difference between true and false, and positive and negative alarms
Describe the relationship between vulnerabilities and exploits
Explain the difference between HIP and NIDS
Describe the various techniques used to evade intrusion detection
Design a Cisco IDS protection solution for small, medium, and enterprise customers
List the network devices involved in capturing traffic for intrusion detection analysis
Describe the traffic flows for each of the network devices
Explain the features and benefits of IDM
Identify the requirements for IDM
Configure Cisco Catalyst switches to capture network traffic for intrusion detection analysis
Identify the Cisco IDS Sensor platforms and describe their features
Describe the features of the various IDS Sensor appliance models
Install and configure a Cisco IDS Sensor including a network appliance and IDS module
Identify the interfaces and ports on the various Sensors
Distinguish between the functions of the various Catalyst IDS Module ports
Initialize a Catalyst IDS Module
Verify the Catalyst 6500 switch and Catalyst IDSM configurations
Install the Sensor software image
Install the Sensor appliance on the network
Obtain management access on the Sensor
Initialize the Sensor
Describe the various command line modes
Navigate the CLI
Apply configuration changes made via the CLI
Create user accounts via the CLI
Configure Sensor communication properties
Configure Sensor logging properties
Perform a configuration backup via the CLI
Setting up Sensors and Sensor Groups
Sensor Communications Sensor Logging
Tune and customize Cisco IDS signatures to work optimally in specific environments
Configure the Sensor's sensing parameters
Configure a signature's enable status, severity level, and action
Create signature filters to exclude or include a specific signature or list of signatures
Tune a signature to perform optimally based on a network's characteristics
Create a custom signature given an attack scenario
Configure a Cisco IDS Sensor to perform device management of supported blocking devices
Describe the device management capability of the Sensor and how it is used to perform blocking with a Cisco device
Design a Cisco IDS solution using the blocking feature, including the ACL placement considerations, when deciding where to apply Sensor-generated ACLs
Configure a Sensor to perform blocking with a Cisco IDS device
Configure a Sensor to perform blocking through a Master Blocking Sensor
Describe the Cisco IDS signatures and determine the immediate threat posed to the network
Explain the Cisco IDS signature features
Select the Cisco IDS signature engine to create a custom signature
Explain the global Cisco IDS signature parameters
Explain the engine-specific signature parameters
Perform maintenance operations such as signature updates, software upgrades, data archival and license updates
Identify the correct IDS software update files for a Sensor and an IDSM
Install IDS signature updates and service packs
Upgrade a Sensor and an IDSM to an IDS major release version
Describe the Cisco IDS architecture including supporting services and configuration files
Explain the Cisco IDS directory structure
Explain the communication infrastructure of the Cisco IDS
Locate and identify the Cisco IDS log and error files
List the Cisco IDS services and their associated configuration files
Describe the Cisco IDS configuration files and their function
Monitor a Cisco IDS protection solution for small and medium networks
Explain the features and benefits of IEV
Identify the requirements for IEV
Install the IEV software and configure it to monitor IDS devices
Create custom IEV views and filters
Navigate IEV to view alarm details
Perform IEV database administration functions
Configure IEV application settings and preferences
Manage a large scale deployment of Cisco IDS Sensors with Cisco IDS Management software
Define features and key concepts of the IDS MC
Install the IDS MC
Generate, approve, and deploy sensor configuration files
Administer the IDS MC Server
Use the IDS MC to set up Sensors
Use the IDS MC to configure Sensor communication properties
Use the IDS MC to configure Sensor logging properties
Monitor a large scale deployment of Cisco IDS Sensors with Cisco IDS Monitoring software
Define features and key concepts of the Security Monitor
Install and verify the Security Monitor functionality
Monitor IDS devices with the Security Monitor
Administer Security Monitor event rules
Create alarm exceptions to reduce alarms and possible false positives
Use the reporting features of the Security Monitor
Administer the Security Monitor server
Recommended Training
Cisco Secure Intrusion Detection System (CSIDS v4.0) is the recommended training for this exam.
Courses listed are offered by Cisco Learning Partners-the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the List of Learning Partners for a Cisco Learning Partner nearest you.
http://www.cisco.com/warp/public/10/wwt ... -531.html