Latest 2B0-023 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : 2B0-023
Exam Name : ES Advanced Dragon IDS
Vendor Name :
"Enterasys"

Download Full Version of 2B0-023

---

2B0-023 Dumps

2B0-023 Braindumps 2B0-023 Real Questions 2B0-023 Practice Test

2B0-023 Actual Questions

killexams.com Enterasys 2B0-023

ES Advanced Dragon IDS

https://killexams.com/pass4sure/exam-detail/2B0-023

1. MySQL

2. DBI

3. Nessus

4. DataShowTable

Answer: C

Question: 42

From where does Dragon Trending Console import event data?

1. Dragon Ring Buffer

2. Dragon DB Agent

3. Dragon Export Log Agent

4. Dragon Trending Console Agent

Answer: C

Question: 43

Which Dragon configuration file allows you to modify Dragon Ring Buffer

parameters?

1. /usr/dragon/dragon.cfg

2. /usr/dragon/tools/displayringstats

3. /usr/dragon/policymgr/driders.cfg

4. /usr/dragon/sensor/conf/dragon.net

Answer: A

Question: 44

Given a scenario where an SSH session is already established between Host_A and

Server_B, what is the effect on the established session if you PUSH a SNIPER ACL to a Network Sensor that is configured to block all SSH communication from Host_A?

1. The established session is immediately terminated, and all subsequent SSH attempts from Host_A are denied

2. The established session is immediately terminated, and all subsequent SSH attempts from Host_A are allowed

3. The established session remains active until the user terminates it, and all subsequent SSH attempts from Host_A are denied

4. Host Sensor immediately logs an event and initiates strong monitoring on Host_A, but allows all SSH to/from Host_A until an actual attack is detected

Answer: A

Question: 45

What is the purpose of the rtu-mysql.pl script?

1. Tails the Dragon Export Log, parses the data, then imports the data into an SQL database

2. Starts the MySQL programs and connects the Dragon DB Agent to the Dragon

   Realtime Console Agent

3. Writes detected event data to a dragon.log file in ASCII format

4. Exports data from a MySQL database to a dragon.log file in ASCII format

Answer: A

Question: 46

How can Dragon Workbench be configured to read a 'snoop' capture file on a Solaris

host?

1. No configuration necessary; Workbench will read a 'snoop' file natively

2. Add the SNOOP keyword to the dragon.net file

3. Add a 'SNOOP=1' entry to the dragon.cfg file

4. Run the /usr/dragon/install/config script and select the Workbench snoop option

Answer: B

Question: 47

1. Will conflict with Host Sensor if run concurrently

2. Is located in the /usr/dragon/policymgr/tools directory

3. Monitors SNMP Traps during the phase of defining a Host Sensor SNMP-trap policy library

4. Provides SNMP alerting functionality for Dragon Alarmtool

5. Allows traps to be caught, parsed and displayed in much the same way that Host

   Sensor will process them

6. Analyzes traps and generates NIDS events for any anomalies within an SNMPv1

or SNMPv3 trap

Answer: A, C, E

Question: 48

Which of the following are true with regard to Dragon Workbench?

1. Allows Dragon to replay data contained in TCPDUMP trace/capture files with the goal of tuning a Network Sensor prior to deployment

2. Can read data directly from the interface specified in the dragon.net file

3. Will create separate dragon.db files for each 24-hours worth of data contained in a

   TCPDUMP trace/capture file

4. Allows Dragon to compensate for the Snap Length limitation of TCPDUMP

5. Can read data from Snoop trace/capture files

6. Can analyze data contained in TCPDUMP trace/capture files and generate events

based on anomalies

Answer: A, E, F

Question: 49

What file must be present in the directory in which the 'reinstall' script is executed?

1. The dragon.cfg file

2. The config script

3. The Dragon software bundle in the .tar.gz format

4. The dragon.tar file after it has been extracted from the software bundle

Answer: D

Question: 50

In UPN's 'Acceptable Use Policy', what proactive service is designed to complement a Dragon IDS deployment?

1. Deny Spoofing

2. Deny Unsupported Protocol Access

3. Protocol Priority Access Control

4. Dragon RealTime Console

5. Threat Management

Answer: E

User: Savina***** The products from killexams.com helped me clarify the subjects in a more organized way. I scored an 81% in the authentic exam without much hassle, finishing the 2B0-023 exam in 75 minutes. I also read many captivating books, which served to aid my success in passing the exam. I must admit that my success in the exam was due to the well-prepared material provided by killexams.com, which I was able to grasp easily within two weeks. Thank you very much!

User: Charlotte***** The brain dump specialists at killexams.com were always available via live chat to help with even the smallest problems. Their advice and clarifications were invaluable, and I passed my 2b0-023 certification exam on my first try using the killexams.com practice tests. The 2b0-023 exam simulator through killexams.com is also superb. I am grateful to have killexams.com 2b0-023 material, as it helped me achieve my goals.

User: Nadine***** For 2b0-023 certifications, many materials are available online, but I chose killexams.com 2b0-023 practice tests. I paid for their questions and answers and could not be happier. They provided real exam questions and answers, and I passed the 2b0-023 exam without much strain. Their website is user-friendly and reliable, and I highly recommend it to others.

User: Vadim***** I almost gave up on my 2B0-023 exam due to my lack of confidence in passing it. However, just a week before the exam, I decided to switch to Killexams.com Questions and Answers for my exam preparation. To my surprise, the subjects that I had previously avoided were suddenly much more fun to learn, and I was able to quickly grasp the concepts. Thanks to Killexams.com Questions and Answers, I passed my 2B0-023 exam with flying colors.

User: Syuzanna***** As someone in the IT field, passing the 2B0-023 exam was critical for me, but I had trouble finding the time to prepare. killexams.com provided easy-to-memorize answers that made it much easier for me to prepare. Their guide worked like a complete reference guide and I was amazed at the result. I referred to their study guide with 2 weeks left to prepare, and I managed to finish all the questions well within the stipulated time.

---