Which two protocols enable Cisco Configuration Professional to pull IPS alerts from a Cisco ISR router? (Choose two.)
A. syslog
B. SDEE
C. FTP
D. TFTP
E. SSH
F. HTTPS
Correct Answer: AB
Explanation/Reference:
Explanation:
HTTP or HTTPs is a prerrequisite for CCP to function.
You can use CCP without HTTP, so https is discarded as a solution.
Https is obviously recommended but it’s not a must.
To enable SDEE, http is a must.
Enable SDEE and logging event notification:
Router(config)# ip http server (Enable the HTTP server (required).) Router(config)# ip ips notify sdee (Enable IPS SDEE event notification.) Router (config)# ip ips notify log (Enable logging.)
To use SDEE, the HTTP server must be enabled (via the `ip http server’ command). If the HTTP server is not enabled, the router cannot respond to the SDEE clients because it cannot see the requests. SDEE notification is disabled by default and must be explicitly enabled. IOS IPS also supports the use syslog to send event notification. SDEE and syslog can be used independently or enabled at the same time to send IOS IPS event notification. Syslog notification is enabled by default. If logging console is enabled, you will see IPS syslog messages. These are the options available when configuring router IPS:
Router(config)#ip ips notify?
SDEE Send events to SDEE
log Send events as syslog messages
The only 2 options when configuring IPS on a router are SDEE and syslog. But you also can use SNMP to generate ips alerts.
Explanation/Reference:
Explanation:
HTTP or HTTPs is a prerrequisite for CCP to function.
You can use CCP without HTTP, so https is discarded as a solution.
Https is obviously recommended but it’s not a must.
To enable SDEE, http is a must.
Enable SDEE and logging event notification:
Router(config)# ip http server (Enable the HTTP server (required).) Router(config)# ip ips notify sdee (Enable IPS SDEE event notification.) Router (config)# ip ips notify log (Enable logging.)
To use SDEE, the HTTP server must be enabled (via the `ip http server’ command). If the HTTP server is not enabled, the router cannot respond to the SDEE clients because it cannot see the requests. SDEE notification is disabled by default and must be explicitly enabled. IOS IPS also supports the use syslog to send event notification. SDEE and syslog can be used independently or enabled at the same time to send IOS IPS event notification. Syslog notification is enabled by default. If logging console is enabled, you will see IPS syslog messages. These are the options available when configuring router IPS:
Router(config)#ip ips notify?
SDEE Send events to SDEE
log Send events as syslog messages
The only 2 options when configuring IPS on a router are SDEE and syslog. But you also can use SNMP to generate ips alerts.
Correct answer: A and B (Syslogs and SDEE)
https://www.cisco.com/c/dam/en/us/products/collateral/security/ios-intrusion-prevention-system-ips/IOS_IPS_Technical_Review.pdf
Same question in Home/Cisco/210-260 (61) different answer. Decide: AB or BF