Which two protocols enable Cisco Configuration Professional to pull IPS alerts from a Cisco ISR router? (Choose two.)
A. syslog
B. SDEE
C. FTP
D. TFTP
E. SSH
F. HTTPS
Which two protocols enable Cisco Configuration Professional to pull IPS alerts from a Cisco ISR router? (Choose two.)
A. syslog
B. SDEE
C. FTP
D. TFTP
E. SSH
F. HTTPS
SDEE and HTTPS
The explaination in brief is, in the “Implementing Cisco IOS Network Security (IINS): (CCNA Security exam 640-553) (Authorized Self-Study Guide)” book of Cisco Press, it is written as a note “to “PULL” IPS alerts from the router, SDM use SDEE and NOT Syslog, and to enable SDEE you have to enable HTTP or HTTPS on the router.
Again, it is a tricky question, but think good, and read carefully the question and think about the word “PULL”, you will figure out that the answer is: SDEE and HTTPS.
The key word in the question is ‘Pull’. An ISR can ‘send’ IPS alerts via syslog. With a pull mechanism, requests come from the network management application. CCP uses SDEE which requires either HTTP or HTTPS to be enabled in order for the router to see the request.
Correct: B,F
The correct answer is B and A
SDEE and Syslog
https://learningnetwork.cisco.com/thread/10795
Official Cert Guide:
Chapter 17: Cisco IDS/IPS Fundamentals > Page 471 > Monitoring and Managing Alarms and Alerts >
Three main protocols are used in delivering alerts. They are Security Device Event Exchange (SDEE), syslog, and
SNMP.