[TABS_R id=8782]
Which of the following are transmitted by SDEE? (Select the best answer.)
- SDFs
- TFTP data
- IPS events
- SNMP traps
Explanation:
Intrusion Prevention System (IPS) events are transmitted by Security Device Event Exchange (SDEE) between IPSenabled clients and a centralized IPS management server. SDEE uses Secure Sockets Layer (SSL), which provides a secure communication channel between the devices, to send data. Because the channel between the devices is secure, exchanging SDEE messages is more secure than exchanging syslog messages.
Signature definition files (SDFs) are not transmitted by SDEE. By default, a router will use the builtin SDF that is hardcoded into the IOS. However, you can issue the ip ips sdf location command to specify an alternative SDF for Cisco IOS IPS to use. The SDF files can be specified as a file name located in Flash memory, on a File Transfer Protocol (FTP) server, on a Trivial FTP (TFTP) server, or on a Remote Copy Protocol (RCP) server. If the specified SDF cannot be loaded, the builtin SDF is used.
Simple Network Management Protocol (SNMP) traps are not transmitted by SDEE. SNMP is used to monitor and manage network devices by collecting statistical data about those devices. SNMP version 3 (SNMPv3) provides encryption? SNMPv1 and SNMPv2 do not.
TFTP data is not transmitted by SDEE. TFTP is a management protocol that can be used to transfer configuration files and SDFs between devices. When you use TFTP to send data, the data is sent as plain text? TFTP does not provide encryption. In addition, TFTP does not provide message integrity or authentication.
[TABS_R id=8782]