In which three ways can you achieve better Cisco IPS appliance performance? (Choose three.)
A.
Place the Cisco IPS appliance behind a firewall.
B.
Disable unneeded signatures.
C.
Enable unidirectional capture.
D.
Have multiple Cisco IPS appliances in the path and configure them to detect different types of events
E.
Enable selective packet capture using VLAN ACL on the Cisco IPS 4200 Series appliance.
F.
Enable all anti-evasive measures to reduce noise.
Explanation:
A)
Placing the IPS behind a firewall will reduce traffic which will help improve performance – Confirmed Correct
B)
Disable unneeded signatures will reduce processing over head which will help improve performance – Unconfirmed Correct
C)
Enabling unidirectional capture would improve device performance but it would also result in poor IPS performance – Unconfirmed Incorrect
D)
Having multiple Cisco IPS devices in the path each detecting a different type of traffic would balance the load resulting in increased performance on each device
– Confirmed correct E. VACL selective packet capture is enabled on the switch, not the device. – Confirmed incorrect F. Enabling all anti-evasive measures would
force all traffic through the device likely causing an increase in noice (not a reduction) and the increased traffic would cause increased load on the device resulting
in decrease performance. – Confirmed Incorrect http://my.safaribooksonline.com/book/certification/ccnp/9780132372107/deploying-cisco-ips- for-highavailabilityand-high-performance/499#