1.
Cisco Security MARS combines network intelligence, context correlation, vector analysis, anomaly detection, hotspot identification, and automated mitigation capabilities. Which action will you take to enable the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely, or by just logging them to the database?
2.
Which three items are correct based on the Incident Vector Graph shown on the MARS GUI screen? (Choose three.) PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-546
3.
Cisco Security MARS uses NetFlow data to perform which function?
4.
Which incident type is pushed from a local controller to a global controller?
5.
Which statement about the Cisco Security MARS maintenance procedure is true?
6.
Global Controller is a master unit that allows for global management of one or more Local Controllers. Is correct?
7.
Match the correct relationship between the Cisco Security MARS terms and their definitions.
1. queries
2. events
3. sessions
4. incidents
5. rules
8.
Which option is correct about the case management feature of Cisco Security MARS?
9.
Which description is correct with regard to Cisco Security MARS and Cisco IPS signature support?
10.
The Cisco Security MARS appliance supports which protocol for data archiving and restoring?