Home » CCSP

Category Archives: CCSP

Cisco 642-515 Certification, Latest Updated Cisco 642-515 Questions And Answers With Low Price

Where to free download the new Cisco 642-515 exam questions to pass the exam easily? Now,Flydumps has publised the new version of Cisco 642-515 exam dumps with new added exam questions.you can also get free VCE and PDF, and the new Cisco 642-515 practice tests ensure your exam 100% pass. Visit Flydumps.com to get the 100% pass ensure!

QUESTION 60
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
What is the impact of the FTP inspection policy named MY-FTP-MAP on FTP traffic entering the partnernet interface?

A. Masks the FTP banner.
B. Tracks each FTP command and response sequence for certain anomalous activity.
C. Has no effect on the behavior of the Cisco Adaptive Security Appliance.
D. Prevents web browsers from sending embedded commands in FTP requests.

Correct Answer: C Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 61
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
Which two impacts are of the policy map named PARTNERNET-POLICY on FTP traffic entering the partnernet interface?

A. Prevents all users except “root” from accessing the path /root.
B. Logs all attempts to download files from the FTP server on the inside interface.
C. Blocks the FTP request commands DELE, MKD, PUT, RMD, RNFR, and RNTO.
D. Resets connections that send embedded commands.

Correct Answer: CD Section: Firewall/Policys Explanation
Explanation/Reference: QUESTION 62
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
Which option is correct with regard to HTTP inspection on the Cisco Adaptive Security Appliance?

A. HTTP traffic is inspected as it enters or exits the outside interface.
B. HTTP traffic is inspected only as it enters any interface.
C. Advanced HTTP inspection is applied to traffic entering the outside interface, and basic HTTP inspection is applied to traffic entering any interface.
D. HTTP traffic is inspected as it enters or exits any interface.

Correct Answer: A Section: Firewall/Policys Explanation
Explanation/Reference: QUESTION 63
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
Which step will be taken by the Cisco Adaptive Security Appliance on FTP traffic entering its outside interface?

A. Masks the FTP greeting banner.
B. Translates embedded IP addresses.
C. Blocks the FTP request commands APPE, GET, RNFR, RNTO, DELE, MKD, and RMD.
D. Prevents all users except “root” from accessing the path/root.

Correct Answer: B Section: Firewall/Policys Explanation Explanation/Reference:
QUESTION 64
Which options can a clientless SSL VPN user access from a web browser without port forwarding, smart tunnels, or browser plug-ins?
A. web-enabled applications
B. Microsoft Outlook Web Access
C. files on the network, via FTP or the CIFS protocol
D. internal websites

Correct Answer: ABCD Section: VPN Explanation
Explanation/Reference:
QUESTION 65
While implementing QoS, which two types of queues are available on the Cisco ASA security appliance? (Choose two.)
A. best effort queue
B. round robin queue
C. weighted fair
D. low latency queue

Correct Answer: AD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 66
Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)
A. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client-server connections through the security appliance.
B. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection.
C. If inspection for a protocol is notenabled, traffic for that protocol may be blocked.
D. If you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy.

Correct Answer: ACD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 67
Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)
A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. It supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.

Correct Answer: ACD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 68
Reverse route injection (RRI) is the ability for static routes to be automatically inserted into the routing process for those networks and hosts protected by a remote tunnel endpoint. These protected hosts and networks are known as remote proxy identities. Study the following exhibit carefully. What does Reverse Route Injection enable in this configuration?

A. The Cisco ASA security appliance will advertise its default routes to the distant end of the site- to-site VPN tunnel.
B. The Cisco ASA security appliance will advertise routes that are at the distant end of the site-to- site VPN tunnel.
C. The Cisco ASA security appliance will advertise routes that are on its side of the site-to-site VPN tunnel to the distant end of the site-to-site VPN tunnel.
D. The Cisco ASA security appliance will advertise routes from the dynamic routing protocol that is running on the Cisco ASA security appliance to the distant end of the site-to-site VPN tunnel.

Correct Answer: B Section: Other Explanation
Explanation/Reference: QUESTION 69
Which two options are correct about the threat detection feature of the Cisco ASA adaptive security appliance? (Choose two.)
A. The security appliance scanning threat detection feature is based on traffic signatures.
B. The threat detection feature can help you determine the level of severity for packets that are detected and dropped by the security appliance inspection engines.
C. Because of their impact on performance, both basic threat detection and scanning threat detection are disabled by default.
D. Scanning threat detection detects network sweeps and scans and optionally takes appropriate preventative action.

Correct Answer: BD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 70
For configuring VLAN trunking on a security appliance interface, which three actions are mandatory? (Choose three.)
A. associating a logical interface with a physical interface
B. specifying a VLAN ID for asubinterface
C. specifying a name for asubinterface
D. specifying the maximum transmission unit for asubinterface

Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 71
Which three features can the Cisco ASA adaptive security appliance support? (Choose three.)
A. 802.1Q VLANs
B. OSPF dynamic routing
C. static routes
D. BGP dynamic routing

Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 72
What is the reason that you want to configure VLANs on a security appliance interface?
A. for use in multiple contextmode, where you can map only VLAN interfaces to contexts
B. for use in conjunction with device-level failover to increase the reliability of your security appliance
C. to increase the number of interfaces available to the network without adding additional physical interfaces or security appliances D. for use in transparent firewall mode, where only VLAN interfaces are used

Correct Answer: C Section: Other Explanation
Explanation/Reference:
QUESTION 73
The P4S security department would like to apply specific restrictions to one network user, Bob, because he works from home and accesses the corporate network from the outside interface of the security appliance. P4S decides to control network access for this user by using the downloadable ACL feature of the security appliance. Authentication of inbound traffic is already configured on the security appliance, and Bob already has a user account on the Cisco Secure ACS. Which three tasks should be completed in order to achieve the goal of limiting network access for Bob via downloadable ACLs? (Choose three.)
A. Configure the security appliance to use downloadable ACLs.
B. Configure the downloadable ACLs on the Cisco Secure ACS.
C. Attach the downloadable ACL to the user profile for Bob on the Cisco Secure ACS.
D. Configure the Cisco Secure ACS to use downloadable ACLs.

Correct Answer: BCD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 74
The security department of the P4S company wants to configure cut-through proxy authentication via RADIUS to require users to authenticate before accessing the corporate DMZ servers. Which three tasks are needed to achieve this goal? (Choose three.)
A. Configure a rule that specifies which traffic flow to authenticate.
B. Designate an authentication server.
C. Specifya AAA server group.
D. Configure per-user override.

Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 75
Which two statements correctly describe the local user database in the security appliance? (Choose two.)
A. You can create user accounts with or without passwords in the local database.
B. You cannot use the local database for network access authentication.
C. You can configure the security appliance to lock a user out after the user meets a configured maximum number of failed authentication attempts.
D. The default privilege level for a new user is 15.

Correct Answer: AC Section: Other Explanation
Explanation/Reference: QUESTION 76
Which one of the following commands can provide detailed information about the crypto map configurations of a Cisco ASA adaptive security appliance?
A. show run ipsec sa
B. show run crypto map
C. show ipsec sa
D. show crypto map

Correct Answer: B Section: VPN Explanation
Explanation/Reference:
QUESTION 77
Which three commands can display the contents of flash memory on the Cisco ASA adaptive security appliance? (Choose three.)
A. show disk0:
B. dir
C. show flash:
D. show memory

Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 78
Which two statements about the downloadable ACL feature of the security appliance are correct? (Choose two.)
A. Downloadable ACLs enable you to store full ACLs on a AAA server and download them to the security appliance.
B. Downloadable ACLs are supported using TACACS+ or RADIUS.
C. The downloadable ACL must be attached to a user or group profile on a AAA server.
D. The security appliance supports only per-user ACL authorization.

Correct Answer: AC Section: Other Explanation
Explanation/Reference:
QUESTION 79
In the default global policy, which three traffic types are inspected by default? (Choose three.)
A. TFTP
B. FTP
C. ESMTP
D. ICMP

Correct Answer: ABC Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 80
What does the redundant interface feature of the security appliance accomplish?
A. to increase the number of interfaces available to your network without requiring you to add additional physical interfaces or security appliances
B. to increase the reliability of your security appliance
C. to allow a VPN client to sendIPsec-protected traffic to another VPN user by allowing such traffic in and out of the same interface
D. to facilitate out-of-band management

Correct Answer: B Section: Other Explanation
Explanation/Reference:

Preparing Cisco 642-515 exam is not difficult now.You can prepare from Cisco 642-515 Certification or Cisco 642-515 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-515 study material notes for test preparation.Latest Cisco 642-515 study material available.

Cisco 642-515 Brain Demos, Most Popular Cisco 642-515 Answers Covers All Key Points

[The Newest Dumps] Real Cisco 642-515 exam dumps revised by experts, they were updated with the change of the Cisco 642-515 ,covering all the whole aspects of Cisco 642-515 exam. Just have a training of Flydumps Cisco 642-515 exam questions to guarantee your 100% pass

QUESTION 51
The IT department of your company must perform a custom-built TCP application within the clientless SSL
VPN portal configured on your Cisco ASA security appliance. The application should be run by users who
have either guest or normal user mode privileges.
In order to allow this application to run, how to configure the clientless SSL VPN portal?

A. configure a smart tunnel for the application
B. configure a bookmark for the application
C. configure the plug-in that best fits the application
D. configure port forwarding for the application

Correct Answer: A Section: VPN Explanation
Explanation/Reference:
QUESTION 52
Which major benefit do digital certificates provide when deploying IPsec VPN tunnels?
A. Resiliency
B. Obfuscation
C. Simplification
D. Scalability

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Refer to the exhibit. As the administrator of a Cisco ASA security appliance for remote access IPsec VPNs,
you are assisting a user who has a digital certificate that is configured for the Cisco VPN Client.
Based on the exhibit, how would you find the MD5 and SHA-1 thumb print of the certificate?
A. Choose the certificate and then click the Certificate drop-down menu.
B. Choose the certificate and then click Options > Properties.
C. Choose the certificate and then click the View button.
D. Choose the certificate and then click the Verify button.

Correct Answer: C Section: Cert Authentication Explanation
Explanation/Reference:
QUESTION 54
Refer to the exhibit. You are configuring a laptop with the Cisco VPN Client, which will use digital certificates for authentication. Which protocol will the Cisco VPN client use to retrieve the digital certificate from the CA server?

A. FTP
B. HTTPS
C. TFTP
D. LDAP
E. SCEP

Correct Answer: E Section: Cert Authentication Explanation
Explanation/Reference:
QUESTION 55
Refer to the exhibit. A junior Cisco ASA security appliance administrator has asked for your help in configuring a Cisco ASA security appliance for an identity certificate to be used for IPsec VPNs. Based on the two Cisco ASDM configuration screens that are shown, what is needed to configure the Cisco ASA security appliance for an identity certificate?
Exhibit:

A. To retrieve an identity certificate, a new pair of RSA keys must be created.
B. To retrieve an identity certificate, the Cisco ASA security appliance must have the certificate of the CA.
C. To retrieve an identity certificate, the common name must be an FQDN.
D. The Cisco ASA security appliance doesn’t need to retrieve an identity certificate. It can use a self-signed identity certificate for IPsec.
E. Because of the lack of a CA certificate, the administrator must import the identity certificate from a file.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 56
SSL VPNs can provide increased flexibility over IPsec VPNs, based on the location of the client and ownership of the endpoint. However, security of the endpoint is a potential problem. Which three of these potential security issues can the Cisco ASA security appliance address through SSL VPN policies or features? (Select three.)
A. SSL attacks
B. Malware
C. Phishing
D. Spoofing
E. Viruses
F. Spyware

Correct Answer: BEF Section: (none) Explanation
Explanation/Reference:
QUESTION 57
You have been tasked with configuring access for development partners using the clientless SSL VPN portal on your Cisco ASA security appliance. These partners need access to the desktop of internal development servers. Which three of these configurations for the clientless SSL VPN portal would allow these partners to access the desktop of remote servers? (Choose three.)
A. RDP bookmark using the RDP plug-in
B. Xwindows bookmark using the Xwindows plug-in
C. Telnet bookmark using the Telnet plug-in
D. Citrix plugin using the Citrix plug-in
E. SSH bookmark using the SSH plug-in
F. VNC bookmark using the VNC plug-in

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 58
You are the administrator for Cisco ASA security appliances that are used for site-to-site VPNs between remote and corporate offices. You have used the Service Policy Rule Wizard within ASDM to configure low-latency queuing for unified communications on all the appropriate ASAs. Users are still having issues with unified communications between the remote and corporate offices. Assuming that the Cisco Unified Communications equipment is functioning properly and that the VPN configurations are correct, which of these choices is most likely the cause of the problems?
A. The DSCP, expedite forward, ef (46), was used to determine unified communications traffic within the Service Policy Rule Wizard.
B. The tunnel group and DSCP traffic matching criteria were configured within the Service Policy Rule Wizard.
C. Both a policing and priority queue must be applied on the interface to expedite the voice and control data flows.
D. A priority queue must be created on the interface where the site-to-site VPN tunnel is terminated.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 59

You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
Which two actions does the Cisco Adaptive Security Applicance take on HTTP traffic entering its outside interface? (Choose two.)
A. Drops HTTP request messages whose request method is post and whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.
B. Logs HTTP request messages whose request method is post and whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.

Correct Answer: AB Section: Case Study Explanation
Explanation/Reference:
QUESTION 60

You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
What is the effect of the FTP inspection policy named MY-FTP-MAP on FTP traffic entering the partnernet interface?
A. Has no effect on the behavior of the Cisco Adaptive Security Appliance.

Correct Answer: A Section: Case Study Explanation
Explanation/Reference:
QUESTION 61

You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
What are the two effects of the policy map named PARTNERNET-POLICY on FTP traffic entering the partnernet interface?
A. Resets connections that send embedded commands.
B. Blocks the FTP request commands DELE, MKD, PUT, RMD, RNFR, and RNTO.

Correct Answer: AB Section: Case Study Explanation
Explanation/Reference:
QUESTION 62

You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
Which statement is true about HTTP inspection on the Cisco Adaptive Security Appliance?
A. HTTP traffic is inspected as it enters or exits the outside interface.

Correct Answer: A Section: Case Study Explanation
Explanation/Reference:
QUESTION 63

You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
Which action does the Cisco Adaptive Security Appliance take on FTP traffic entering its outside interface?
A. Translates embedded IP addresses.

Correct Answer: A Section: Case Study Explanation
Explanation/Reference:

Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises, Cisco 642-515 helps you master the concepts and techniques that will enable you to succeed on the Cisco 642-515 exam the first time.

Cisco 642-513 Prep Guide, Easily To Pass Cisco 642-513 Exam Test Questions Are Based On The Real Exam

The 100% valid Flydumps latest Cisco 642-513 question answers ensure you 100% pass! And now we are offering the free new version along with the VCE format Cisco 642-513 practice test. Free download Cisco 642-513 more new PDF and VCE on Flydumps.com.

QUESTION 50
Which protocol is required for the administrative workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. SSL
D. IPSec

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 51
How can the Agent kit be sent out to host machines?
A. via a URL that is e-mailed to clients
B. via a TFTP server
C. via an FTP server
D. via a Telnet server

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 52
What is the purpose of the sniffer and protocol detection rule?
A. to stop sniffers from running on a network
B. to allow sniffers to run on a network
C. to cause an event to be logged when non-IP protocols and sniffer programs are detected running on systems
D. to deny non-IP protocols and sniffer programs from running on systems

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 53
What are three types of variables used for CSA? (Choose three.)
A. global sets
B. file sets
C. API sets
D. data sets
E. network address sets

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 54
What is the purpose of connection rate limit rules?
A. to limit the number of connections to an application
B. to limit the number of calls to the kernel in a specified time frame
C. to limit the number of network connections within a specified time frame
D. to limit the number of malformed connection requests to a web server
Correct Answer: C Section: (none) Explanation

Explanation/Reference:
QUESTION 55
Which port is used to access the CSA MC from the administrative workstation?
A. 21
B. 23
C. 1741
D. 1802

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which two of the following file access rule criteria can you use to allow or deny the operations that the selected applications can perform on files? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications
E. the address with which a system is attempting to communicate

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 57
What action is taken on user query windows when the Agent UI is not present on a system?
A. The default action is always taken.
B. All actions are denied.
C. All actions are allowed.
D. All actions are allowed and logged.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which three make up the CSA architecture model? (Choose three.)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. an administrative workstation
F. a syslog server

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which two of the following network access rules can you use to control access to specified network services? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 60
What is the purpose of the rootkit/kernel protection rule?
A. to restrict access to the operating system
B. to log access to the operating system
C. to restrict user access to the operating system
D. to restrict administrator access to the operating system

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Drag Drop question A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 62
Which definitions can be used to allow consistent configuration of policies across multiple systems and can also be used for event reporting purposes?
A. hosts
B. software updates
C. Agent kits
D. registration control
E. groups
Correct Answer: E Section: (none) Explanation

Explanation/Reference:
QUESTION 63
Which two items make up Agent kits? (Choose two.)
A. groups
B. hosts
C. policies
D. rules
E. network shim

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Which two types of rules apply to Windows systems only? (Choose two.)
A. Agent service control rules
B. clipboard access control rules
C. Agent UI control rules
D. COM component access control rules
E. data access control rules

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which portion of an HTTP request is examined by data access control rules?
A. the TCP header
B. the UDP header
C. the URI portion of the request
D. the URL portion of the request

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which two types of rules are UNIX-only rules?
A. network interface control rules
B. COM component access control rules
C. connection rate limit rules
D. file access control rules
E. rootkit/kernel protection rules

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 67
Choose three types of rules that apply to both Windows and UNIX systems.
(Choose three.)
A. Agent service control rules
B. Agent UI control rules
C. application control rules
D. COM component access control rules
E. file version control rules

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 68
What application is installed on the server after the CSA MC is installed?
A. Cisco Trust Agent
B. ACS
C. SQL
D. CSA

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)
A. install new code
B. modify configuration
C. ping scans
D. buffer overflow
E. erase files
F. e-mail attachment

Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
Cisco 642-513 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of Cisco 642-513. We provide our customers with the excellent 7×24 hours customer service.We have the most professional Cisco 642-513 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our Cisco 642-513 free pdf

New Questions Cisco 642-552 New Questions For Cisco 642-552 Exam

GOOD NEWS:Flydumps has published the new version with all the new added questions and answers. By training the Cisco 642-552 VCE dumps, you can pass the exam easily and quickly.

Exam A
QUESTION 1
A malicious program is disguised as another useful program; consequently, when the user executes the program, files get erased and then the malicious program spreads itself using emails as the delivery mechanism. Which type of attack best describes how this scenario got started?
A. DoS
B. worm
C. virus
D. trojan horse
E. DDoS
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer’s network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests. A “denial-of-service” attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include
*
attempts to “flood” a network, thereby preventing legitimate network traffic

*
attempts to disrupt connections between two machines, thereby preventing access to a service

*
attempts to prevent a particular individual from accessing a service

*
attempts to disrupt service to a specific system or person Distributed Denial of Service

*
An attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time.

*
This makes it difficult to detect because attacks originate from several IP addresses.

*
If a single IP address is attacking a company, it can block that address at its firewall. If it is 300 00 this is extremely difficult.
QUESTION 2
What is the key function of a comprehensive security policy?
A. informing staff of their obligatory requirements for protecting technology and information assets
B. detailing the way security needs will be met at corporate and department levels
C. recommending that Cisco IPS sensors be implemented at the network edge
D. detailing how to block malicious network attacks
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: Developing a strong security policy helps to protect your resources only if all staff members are properly instructed on all facets and processes of the policy. Most companies have a system in place whereby all employees need to sign a statement confirming that they have read and understood the security policy. The policy should cover all issues the employees encounter in their day-to-day work, such as laptop security, password policy, handling of sensitive information, access levels, tailgating, countermeasures, photo IDs, PIN codes, and security information delivered via newsletters and posters. A top-down approach is required if the policy is to be taken seriously. This means that the security policy should be issued and supported from an executive level downward.
QUESTION 3
Which building blocks make up the Adaptive Threat Defense phase of Cisco SDN strategy?
A. VoIP services, NAC services, Cisco IBNS
B. network foundation protection, NIDS services, adaptive threat mitigation services
C. firewall services, intrusion prevention, secure connectivity
D. firewall services, IPS and network antivirus services, network intelligence
E. Anti-X defense, NAC services, network foundation protection
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Computer connected to the Internet without a firewall can be hijacked and added to an Internet outlaw’s botnet in just a few minutes. A firewall can block malware that could otherwise scan your computer for vulnerabilities and then try to break in at a weak point. The real issue is how to make one 99.9% secure when it is connected to in Internet. At a minimum computers need to have firewall, antivirus and anti-spyware software installed and kept up-to-date. A home network that uses a wired or wireless router with firewall features provides additional protection. A computer virus can be best described as a small program or piece of code that penetrates into the operating system, causing unexpected and negative events to occur. A well-known example is a virus, SoBig. Computer viruses reside in the active memory of the host and try to duplicate themselves by different means. This duplication mechanism can vary from copying files and broadcasting data on local-area network (LAN) segments to sending copies via e-mail or an Internet relay chat (IRC). Antivirus software applications are developed to scan the memory and hard disks of hosts for known viruses. If the application finds a virus (using a reference database with virus definitions), it informs the user.
QUESTION 4
DRAG DROP You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller asks you to match the malicious network attack types with the correct definition.

A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation:
1.
Reconnaissance: Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of attack prior to launching an attack. This phase is also where the attacker draws on competitive intelligence to learn more about the target. The phase may also involve network scanning either external or internal without authorization. This is a phase that allows the potential attacker to strategize his attack. This may spread over time, as the attacker waits to unearth crucial information. One aspect that gains prominence here is social engineering. A social engineer is a person who usually smooths talk’s people into revealing information such as unlisted phone numbers, passwords or even sensitive information. Other reconnaissance techniques include dumpster diving. Dumpster diving is the process of looking through an organization’s trash for discarded sensitive information. Building user awareness of the precautions they must take in order to protect their information assets is a critical factor in this context.

2.
DOS (Denial Of Service) Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer’s network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests.

3.
Brute force The brute force method is the most inclusive – though slow. Usually, it tries every possible letter and number combination in its automated exploration.
QUESTION 5
DRAG DROP You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller asks you to match signature type with the correct definition.

A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation:
1.
DOS (Denial Of Service)
Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing
normal services. The most common DoS attacks will target the computer’s network bandwidth or
connectivity. Bandwidth attacks flood the network with such a high volume of traffic, which all available
network resources are consumed and legitimate user requests cannot get through. Connectivity attacks
flood a computer with such a high volume of connection requests, that all available operating system
resources are consumed and the computer can no longer process legitimate user requests.
2.
Exploit
A defined way to breach the security of an IT system through vulnerability.

QUESTION 6
Which of these two ways does Cisco recommend that you use to mitigate maintenance-related threats? (Choose two.)
A. Maintain a stock of critical spares for emergency use.
B. Ensure that all cabling is Category 6.
C. Always follow electrostatic discharge procedures when replacing or working with internal router and switch device components.
D. Always wear an electrostatic wrist band when handling cabling, including fiber-optic cabling.
E. Always employ certified maintenance technicians to maintain mission-critical equipment and cabling.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 7
What are two security risks on 802.11 WLANs that implement WEP using a static 40-bit key with open authentication? (Choose two.)
A. The IV is transmitted as plaintext, and an attacker can sniff the WLAN to see the IV.
B. The challenge packet sent by the wireless AP is sent unencrypted.
C. The response packet sent by the wireless client is sent unencrypted.
D. WEP uses a weak-block cipher such as the Data Encryption Algorithm.
E. One-way authentication only where the wireless client does not authenticate the wireless-access point.
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
Explanation: The wireless nature and the use of radio frequency for networking makes securing WLANs more challenging than securing a wired LAN. Originally, the Wired Equivalent Privacy (WEP) protocol was developed to address this issue. It was designed to provide the same privacy that a user would have on a wired network. WEP is based on the RC4 symmetric encryption standard and uses either 64-bit or 128-bit key. However, the keys are not really this many bits because a 24-bit Initialization Vector (IV) is used to provide randomness. So the “real key” is actually 40 or 104 bits long. There are two ways to implement the key. First, the default key method shares a set of up to four default keys with all the wireless access points (WAPs). Second is the key mapping method, which sets up a key-mapping relationship for each wireless station with another individual station. Although slightly more secure, this method is more work. Consequently, most WLANs use a single shared key on all stations, which makes it easier for a hacker to recover the key. Now, let’s take a closer look at WEP and discuss the way it operates. To better understand the WEP process, you need to understand the basics of Boolean logic. Specifically, you need to understand how XORing works. XORing is just a simple binary comparison between two bytes that produce another byte as a result of the XORing process. When the two bits are compared, XORing looks to see if they are different. If they are different, the resulting output is 1. If the two bits are the same, the result is 0. If you want to learn more about Boolean logic, a good place to start is here: http://en.wikipedia.org/wiki/Boolean_algebra. All this talk about WEP might leave you wondering how exactly RC4 and XORing are used to encrypt wireless communication. To better explain those concepts, let’s look at the seven steps of encrypting a message:
1.
The transmitting and receiving stations are
initialized with the secret key. This secret
key must be distributed using an out-of-band mechanism such as email, posting it
on a website, or giving it to you on a piece
of paper the way many hotels do.
2.
The transmitting station produces a seed,
which is obtained by appending the 40-bit
secret key to the 24-bit Initialization
Vector (IV), for input into a Pseudo
Random Number Generator (PRNG).
3.
The transmitting station inputs the seed to
the WEP PRNG to generate a key stream
of random bytes.
4.

The key stream is XORd with plaintext to
obtain the cipher text.

5.
The transmitting station appends the
cipher text to the IV and sets a bit
indicates that it is a WEP-encrypted
packet. This completes WEP
encapsulation, and the results are
transmitted as a frame of data. WEP only
encrypts the data. The header and trailer
are sent in clear text.
6.
The receiving station checks to see if the
encrypted bit of the frame it received is
set. If so, the receiving station extracts the
IV from the frame and appends the IV
with the secret key.
7.
The receiver generates a key stream that
must match the transmitting station’s key.
This key stream is XORd with the cipher
text to obtain the sent plaintext.

QUESTION 8
DRAG DROP You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller asks order the steps to mitigate a worm attack.

A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation: Viruses and worms are part of a larger category of malicious code or malware. Viruses and worms are programs that can cause a wide range of damage from displaying messages to making programs work erratically or even destroying data or hard drives. Viruses accomplish their designed task by placing self-replicating code in other programs. When these programs execute, they replicate again and infect even more programs. Closely related to viruses and worms is spyware. Spyware is considered another type of malicious software. In many ways, spyware is similar to a Trojan, as most users don’t know that the program has been installed and it hides itself in an obscure location. Spyware steals information from the user and also eats up bandwidth. If that’s not enough, it can also redirect your web traffic and flood you with annoying pop-ups.
Many users view spyware as another type of virus.
The following are the recommended steps for worm attack mitigation:

1.
Containment: Contain the spread of the worm inside your network and within your network. Compartmentalize parts of your network that have not been infected.

2.
Inoculation: Start patching all systems and, if possible, scanning for vulnerable systems.

3.
Quarantine : Track down each infected machine inside your network. Disconnect, remove, or block infected machines from the network.

4.
Treatment: Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.
QUESTION 9
Which method of mitigating packet-sniffer attacks is the most effective?
A. implement two-factor authentication
B. deploy a switched Ethernet network infrastructure
C. use software and hardware to detect the use of sniffers
D. deploy network-level cryptography using IPsec, secure services, and secure protocols
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
You cannot talk about VPNs without saying something about IP Security (IPSec). IPSec is a framework of
open standards. It is not bound to any specific encryption or authentication algorithm keying technology.
IPSec acts on the network layer, where it protects and authenticates IP packets between participating
peers such as firewalls, routers, or concentrators. IPSec security provides four major functions:

*
Confidentiality The sender can encrypt the packets before transmitting them across the network. If such a communication is intercepted, it cannot be read by anybody.

*
Data integrity The receiver can verify whether the data was changed while traveling the Internet.

*
Origin authenticationThe receiver can authenticate the source of the packet.

*
Antireplayprotection The receiver can verify that each packet is unique and is not duplicated.
QUESTION 10
What is a reconnaissance attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges.
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny service or access to networks, systems, or services
D. when an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and other access to your networks, systems, or services
E. when an intruder attempts to learn user IDs and passwords that can later be used in identity theft
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of attack prior to launching an attack. This phase is also where the attacker draws on competitive intelligence to learn more about the target. The phase may also involve network scanning either external or internal without authorization. This is a phase that allows the potential attacker to strategize his attack. This may spread over time, as the attacker waits to unearth crucial information. One aspect that gains prominence here is social engineering. A social engineer is a person who usually smooths talk’s people into revealing information such as unlisted phone numbers, passwords or even sensitive information. Other reconnaissance techniques include dumpster diving. Dumpster diving is the process of looking through an organization’s trash for discarded sensitive information. Building user awareness of the precautions they must take in order to protect their information assets is a critical factor in this context.
QUESTION 11
What should be the first step in migrating a network to a secure infrastructure?
A. developing a security policy
B. securing the perimeter
C. implementing antivirus protection
D. securing the DMZ
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The development of a security policy is the first step to a secure infrastructure, without this availability of your network will be compromised.
QUESTION 12
What is a DoS attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny services or access to networks, systems, or services
D. When an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and others access to your networks, systems, or services
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer’s network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests. A “denial-of-service” attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include
*
attempts to “flood” a network, thereby preventing legitimate network traffic

*
attempts to disrupt connections between two machines, thereby preventing access to a service

*
attempts to prevent a particular individual from accessing a service

*
attempts to disrupt service to a specific system or person
QUESTION 13
Which method of mitigation packet-sniffer attacks is most cost effective?
A. authentication
B. switched infrastructure
C. antisniffer tools
D. cryptography
Correct Answer: D Section: (none) Explanation

Explanation/Reference:
Cryptography: Rendering packet sniffers irrelevant is the most effective method for countering packet sniffers. Cryptography is even more effective than preventing or detecting packet sniffers. If a communication channel is cryptographically secure, the only data a packet sniffer detects is cipher text (a seemingly random string of bits) and not the original message.
QUESTION 14
During which phase of an attack does the attacker attempt to identify targets?
A. penetrate
B. propagate
C. persist
D. probe
E. paralyze

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Probe phase: The attacker identifies vulnerable targets in this phase. The goal of this phase is to find computers that can be subverted. Internet Control Message Protocol (ICMP) ping scans are used to map networks, and application port scans identify operating systems and vulnerable software. Passwords can be obtained through social engineering, a dictionary attack, a brute-force attack, or network sniffing. Incorrect: A – Phase 2 B – Phase 4 C – Phase 3 D – Phase 5
QUESTION 15
What is considered the main administrative vulnerability of Cisco Catalyst switches?
A. SNMP
B. Telnet
C. Poor passwords
D. Poor encryption

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explantion:
By default, a Cisco switch shows the passwords in plaintext for the following settings in the configuration
file: the .enable. password, the username password, the console line and the virtual terminal lines.
Using the same password for both the enable secret and other settings on a switch allows for potential
compromise because the password for certain settings (for example, telnet) may be in plaintext and can be
collected on a network using a network analyzer. Also, setting the same password for the .enable secret.
passwords on multiple switches provides a single point of failure because one compromised switch
endangers other switches.

QUESTION 16
DRAG DROP
Click and drag the four steps to mitigating worm attacks in order from step 1 to steep 4.
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation:
Worm attack mitigation requires diligence on the part of system and network administration staff.
Coordination between system administration, network engineering, and security operations personnel is
critical in responding effectively to a worm incident. The following are the recommended steps for worm
attack mitigation:

1.
Containment: Contain the spread of the worm inside your network and within your network. Compartmentalize parts of your network that have not been infected.

2.
Inoculation: Start patching all systems and, if possible, scanning for vulnerable systems.

3.
Quarantine: Track down each infected machine inside your network. Disconnect, remove, or block infected machines from the network.

4.
Treatment: Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.
QUESTION 17
Certkiller .com network administrators have just configured SSH on their target router and have now discovered that an intruder has been using this router to perform a variety of malicious attacks. What have they most likely forgotten to do and which Cisco IOS commands do they need to use to fix this problem on their target router?
A. forgot to reset the encryption keys using the crypto key zeroize rsa Cisco IOS global configuration command
B. forgot to close port 23 and they need to issue the no transport input telnet Cisco IOS global
configuration command
C. forgot to disable vty inbound Telnet sessions and they need to issue the line vty 0 4 and the no transport input telnet Cisco IOS line configuration commands
D. forgot to restrict access to the Telnet service on port 23 using ACLs and they need to issue the access-list 90 deny any log Cisco IOS global configuration command, and the line vty 0 4 and access-class 90 in Cisco IOS line configuration commands

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Telnet and rlogin commands are known as unsecure commands, they transports the data packets on plain text format. If anyone can tries to capture the packets they can easily read. So SSH (Secure Shell) is the most usable Remote Login tool. Which maintains the secure communication. Router(Config)#line vty 0 4 Router(Config-router)transport input telnet | ssh | all May be telnet is enabled so just disable the telnet using no.
QUESTION 18
To verify role-based CLI configurations, which Cisco IOS CLI commands do you need use to verify a view?
A. parser view view-name, then use the ? to verify the available commands
B. enable view view-name, then use the ? to verify the available commands
C. enable view, then use the parser view view-name to verify the available commands
D. show view view-name to verify the available commands

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The Role-Based CLI Access feature allows the network administrator to define “views,” which are a set of operational commands and configuration capabilities that provide selective or partial access to CiscoIOS EXEC and configuration (Config) mode commands. Views restrict user access to CiscoIOS command-line interface (CLI) and configuration information; that is, a view can define what commands are accepted and what configuration information is visible. Thus, network administrators can exercise better control over access to Cisco networking devices. SUMMARY STEPS1. enable view
2.

configure terminal

3.

parser view view-name

4.

secret 5 encrypted-password

5.

commands parser-mode {include | include-exclusive | exclude} [all] [interface interface-name | command]

6.

exit

7.

exit

8.

enable [privilege-level] [view view-name]

9.

show parser view [all]
QUESTION 19
What two tasks should be done before configuring SSH server operations on Cisco routers? (Choose two.)
A. Upgrade routers to run a Cisco IOS Release 12.1(1)P image.
B. Upgrade routers to run a Cisco IOS Release 12.1(3)T image or later with the IPsec feature set.
C. Ensure routers are configured for external ODBC authentication.
D. Ensure routers are configured for local authentication or AAA for username and password authentication.
E. Upgrade routers to run a Cisco IOS Release 11.1(3)T image or later with the IPsec feature set.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
Secure Shell (SSH) is a protocol which provides a secure remote access connection to network devices.
Communication between the client and server is encrypted in both SSH version 1 and SSH version 2.
Implement SSH version 2 when possible because it uses a more enhanced security encryption algorithm.
SSH was introduced into these IOS platforms and images:

1.
SSH Version 1.0 (SSH v1) server was introduced in some IOS platforms and images starting in Cisco IOS Software Release 12.0.5.S.

2.
SSH client was introduced in some IOS platforms and images starting in Cisco IOS Software Release
12.1.3.T.
3.
SSH terminal-line access (also known as reverse-Telnet) was introduced in some IOS platforms and images starting in Cisco IOS Software Release 12.2.2.T.

4.
SSH Version 2.0 (SSH v2) support was introduced in some IOS platforms and images starting in Cisco IOS Software Release 12.1(19)E. Example of SSH Configuration on Cisco Router aaanew-model username cisco password 0 cisco ip domain-name rtp.cisco.com cry key generate rsa ip ssh time-out 60 ip ssh authentication-retries 2 line vty 0 4 transport input SSH
QUESTION 20
In the Cisco SDM Security Audit Wizard screen shown in the figure, which Fix it action should be selected to prevent smurf denial of service attacks?

A. IP Mask Reply is enabled
B. IP Unreachables is enabled
C. IP Directed Broadcast is enabled
D. IP Redirects is enabled
E. IP Proxy ARP is enabled
F. Access class is not set on vty lines

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Directed-Broadcast An IP directed broadcast is a datagram sent to the broadcast address of a subnet that is not directly attached to the sending machine. The directed broadcast is routed through the network as a unicast packet until it arrives at the target subnet, where it is converted into a link-layer broadcast. Because of the nature of the IP addressing architecture, only the last router in the chain, which is connected directly to the target subnet, can conclusively identify a directed broadcast.
*
IP directed broadcasts are used in the extremely common and popular smurf Denial of Service (DoS)
attacks. In a smurf attack, the attacker sends ICMP echo requests from a falsified source address to a
directed broadcast address, causing all the hosts on the target subnet to send replies to the falsified
source. By sending a continuous stream of such requests, the attacker can create a much larger stream of
replies, which can completely inundate the host whoseaddress is being falsified.
*
This service should be disabled on all interfaces when not needed to prevent smurf and DoS attacks.
*
Cisco AutoSecure disables IP directed broadcasts using the no ip directed-broadcast command in
interface configuration mode on each interface.
Reference:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_white_paper09186a00801dbf61.shtml

Cisco 642-552 Interactive Testing Engine is an engine that can be downloaded and installed on your PC.This Cisco 642-552 is not only advanced and equipped with much more features,it is also not internet dependent, once installed.It enables you to see Interconnecting Cisco Networking Devices Part 1 questions and answers in a simulated Cisco 642-552 exam environment. Working with Cisco 642-552  Interactive Testing Engine is like passing an actual Cisco 642-552 exam.

Flydumps Cisco 642-551 New Questions:Just Updated Cisco 642-551 Exam with All New Questions

Flydumps  presents the highest quality of Cisco 642-551 practice material which helps candidates to pass the Cisco 642-551 exams in the first attempt.The brain dumps are the latest,authenticated by expert and covering each and every aspect of Cisco 642-551   exam.

Exam A
QUESTION 1
What is a set of conditions that, when met, indicates that an intrusion is occurring or has occurred?
A. rules
B. state tables
C. signatures
D. master parameters

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 2
If you choose Add from the Allowed Hosts panel in Cisco IDM, which two fields are available for configuration? (Choose two.)
A. Static Routes
B. Dynamic Routes
C. IP Address
D. Default Route
E. Netmask

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center

QUESTION 4
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center

QUESTION 5
What are the three types of private VLAN ports? (Choose three.)
A. typical
B. isolated
C. nonisolated
D. promiscuous
E. community
F. bridging

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 6
LAB
This is the answer:

pixfirewall(config)#interface eth3 100full
pixfirewall(config)# nameif eth3 protected security 56
pixfirewall(config)# ip address protected 192.168.147.1 255.255.255.0
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 7
When port security is enabled on a Cisco Catalyst switch, what is the default action when the configured maximum of allowed MAC addresses value is exceeded?
A. The port is shut down.
B. The port is enabled and the maximum number automatically increases.
C. The MAC address table is cleared and the new MAC address is entered into the table.
D. The MAC address table is shut down.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 8
What is a description of a promiscuous PVLAN port?
A. It has a complete Layer 2 separation from the other ports within the same PVLAN.
B. It can only communicate with other promiscuous ports.
C. It can communicate with all interfaces within a PVLAN.
D. It cannot communicate with any other ports.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which two protocols does Cisco Secure ACS use for AAA services? (Choose two.)
A. TACACS+
B. Telnet
C. SSH
D. RADIUS
E. SSL
F. SNMP

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which command would be used on the Cisco PIX Security Appliance to show the pool of addresses to be translated?
A. show nat
B. show xlate
C. show global
D. show conn

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What is the default security-level definition setting for the outside interface for the Cisco PIX Security Appliance?
A. 0
B. 100
C. 50
D. 25

Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 12
Which Cisco IOS command enables the AAA access-control commands and functions on the router, and overrides the older TACACS and extended TACACS commands?
A. no aaa authentication login default enable
B. aaa authentication login default local
C. aaa new-model
D. login authentication default
E. no login authentication default

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which communication protocol is used by the administrator workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. HTTPS
D. SSL

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
To which router platform can Turbo ACLs be applied?
A. Cisco 800 Router
B. Cisco 2600 Series Router
C. Cisco 3500
D. Cisco 7200 Router

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which administrative access mode for the Cisco PIX Security Appliance allows you to change the current settings?
A. unprivileged mode
B. privileged mode
C. configuration mode
D. monitor mode
Correct Answer: B Section: (none) Explanation

Explanation/Reference:
QUESTION 16
Which Cisco IDS/IPS feature enables the appliance to aggregate alarms?
A. FireOnce
B. response actions
C. alarm summarization
D. threshold configuration

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which method does a Cisco firewall use for packet filtering?
A. inspection rules
B. ACLs
C. security policies
D. VACLs

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which component within the Cisco Network Admission Control architecture acts as the policy server for evaluating the endpoint security information that is relayed from network devices, and for determining the appropriate access policy to apply?
A. CiscoWorks
B. CiscoWorks VMS
C. Cisco Secure ACS
D. Cisco Trust Agent
E. Cisco Security Agent

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which command is used to reboot the Cisco PIX Security Appliance?
A. reboot
B. restart
C. boot D. reload

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Packet sniffers work by using a network interface card in which mode?
A. inline
B. cut-through
C. promiscuous
D. Ethernet
E. passive

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

Cisco 642-551 Questions and Answers Products basically comprise of the simulated Cisco 642-551   exam questions AND their most correct answers,accompanied with a methodical elucidation of the Cisco 642-551   answers and the probable wrong answers.The extent to which Cisco 642-551  Questions and Answers Products cover their Cisco subject is so thorough,that once you are done with a Cisco product, passing the Cisco 642-551  exam in first attempt should be a piece of cake.

642-551 New Questions – Recent Updated New Cisco 642-551 Dumps with New PDF & VCE

Flydumps bring you the best Cisco 642-551 exam preparation materials which will make you pass in the first attempt.And we also provide you all Cisco 642-551 exam updates as Microsoft announces a change in its Cisco 642-551 exam syllabus,we inform you about it without delay.

Exam A
QUESTION 1
What is a reconnaissance attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges.
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny service or access to networks, systems, or services
D. when an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and other access to your networks, systems, or services
E. when an intruder attempts to learn user IDs and passwords that can later be used in identity theft

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Attackers and hackers can employ social engineering techniques to pose as legitimate people
seeking out information. A few well structured telephone calls to unsuspecting employees can provide a
significant amount of information Incorrect:
A – Is called ‘Access attacks’
C – Is called ‘Worms, Viruses and Trojan Horses’
D – Is called ‘Denial of Service (DOS) attacks’
E – This is an example of social engineering
QUESTION 2
Which communication protocol is used by the administrator workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. HTTPS
D. SSL

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Management Center for Cisco Security Agent (CSA MC) uses a Secure Sockets Layer (SSL)-enabled web interface.

QUESTION 3
What should be the first step in migrating a network to a secure infrastructure?
A. developing a security policy
B. securing the perimeter
C. implementing antivirus protection
D. securing the DMZ

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The development of a security policy is the first step to a secure infrastructure, without this availability of your network will be compromised.
QUESTION 4
Select two ways to secure hardware from threats. (Choose two.)
A. The room must have steel walls and doors.
B. The room must be static free.
C. The room must be locked, with only authorized people allowed access.
D. The room should not be accessible via a dropped ceiling, raised floor, window, ductwork, or point of entry other than the secured access point.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Explanation: -Incorrect:
A – Not a required element.
B – Is called ‘Environment Threat mitigation’
QUESTION 5
At which layer of the OSI model does a proxy server work?
A. data link
B. physical
C. application
D. network
E. transport

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
A proxy server is an application
QUESTION 6
Which command on the Cisco PIX Security Appliance is used to write the current running config to the Flash memory startup config?
A. write terminal
B. write config
C. write memory
D. write startup config

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Incorrect: A – Shows running configuration on screen, like show running-configuration B – No such command D – No such command
QUESTION 7
What is a description of a promiscuous PVLAN port?
A. It has a complete Layer 2 separation from the other ports within the same PVLAN.
B. It can only communicate with other promiscuous ports.
C. It can communicate with all interfaces within a PVLAN.
D. It cannot communicate with other ports.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Incorrect:
A – This is called ‘Isolated’
B – This is called ‘Community’
D – No such PVLAN

QUESTION 8
How do you enable a host or a network to remotely access the Cisco IPS/IDS sensor?
A. Configure static routes.
B. Configure dynamic routing.
C. Configure allowed hosts.
D. Configure DHCP.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
The Allowed Hosts option enables you to define which IP addresses are allowed to access the sensor via
its management interface.

QUESTION 9
In which version did NTP begin to support cryptographic authentication?
A. version 5
B. version 4
C. version 3
D. version 2

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
Version 3 or above is required to support Cryptographic authentication mechanism between peers.

QUESTION 10
What must be configured on a network-based Cisco IDS/IPS to allow to monitor traffic?
A. Enable rules.
B. Enable signatures.
C. Disable rules.
D. Disable signatures.

Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 11
What is a DoS attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny services or access to networks, systems, or services
D. When an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and others access to your networks, systems, or services

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
These attacks are when malicious software is inserted onto a host in order to damage a system, corrupt a
system, replicate itself, or deny services or access to networks, systems, or services.
Incorrect:
A – Is called ‘Access attacks’
B – Is called ‘Reconnaissance attacks’
C – Is called ‘Worms, Viruses and Trojan Horses’

QUESTION 12
Cisco routers, such as the ISRs, are best suited for deploying which type of IPSec VPN?
A. remote-access VPN
B. overlay VPN
C. WAN-to-WAN VPN
D. site-to-site VPN
E. SSL VPN

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
Site-to-site VPNs can be deployed using a wide variety of Cisco VPN Routers. Cisco VPN routers provide
scalability through optional encryption acceleration. The Cisco VPN router portfolio provides solutions for
small office and home office (SOHO) access through centralsite VPN aggregation. SOHO solutions include
platforms for fast-emerging cable and DSLaccess technologies.
Incorrect:
A – This VPN solution connects telecommuters and mobile users securely and cost-effectively to corporate
network resources from anywhere in the world over any access technology.

QUESTION 13
Which method of mitigation packet-sniffer attacks is most cost effective?
A. authentication
B. switched infrastructure
C. antisniffer tools
D. cryptography

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cryptography: Rendering packet sniffers irrelevant is the most effective method for countering packet sniffers. Cryptography is even more effective than preventing or detecting packet sniffers. If a communication channel is cryptographically secure, the only data a packet sniffer detects is cipher text (a seemingly random string of bits) and not the original message.
QUESTION 14
Which encryption method uses a 56-bit to ensure high-performance encryption?
A. 3DES
B. AES
C. RSA
D. DES

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Incorrect: A – 3DES 3*56bits B – Advanced Encryption Standard C – It was the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography.
QUESTION 15
In which Cisco Catalyst Series switches can the Firewall Service Modules be installed?
A. Catalyst 2900 and 3500 XL Series
B. Catalyst 1900 and 2000 Series
C. Catalyst 4200 and 4500 Series
D. Catalyst 6500 and 7600 Series

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Reference: http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/
QUESTION 16
Which protocol does the Cisco Web VPN solution use?
A. SSH
B. Telnet
C. SSL
D. IPSec
E. XML

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Reference: http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns347/ networking_solutions_sub_solution_home.html
QUESTION 17
During which phase of an attack does the attacker attempt to identify targets?
A. penetrate
B. propagate
C. persist
D. probe
E. paralyze

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Probe phase: The attacker identifies vulnerable targets in this phase. The goal of this phase is to find computers that can be subverted. Internet Control Message Protocol (ICMP) ping scans are used to map networks, and application port scans identify operating systems and vulnerable software. Passwords can be obtained through social engineering, a dictionary attack, a brute-force attack, or network sniffing. Incorrect: A – Phase 2 B – Phase 4 C – Phase 3 D – Phase 5
QUESTION 18
What are the three types of private VLAN ports? (Choose three.)
A. typical
B. isolated
C. nonisolated
D. promiscuous
E. community
F. bridging

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
Explanation:
There are three types of PVLAN ports:
Promiscuous: A promiscuous port can communicate with all interfaces, including the isolated and
community ports within a PVLAN.
Isolated: An isolated port has complete Layer 2 separation from the other ports within the same PVLAN,
but not from the promiscuous ports. PVLANs block all traffic to isolated ports except traffic from
promiscuous ports. Traffic from isolated port is forwarded only to promiscuous ports. Community:
Community ports communicate among themselves and with their promiscuous ports. These interfaces are
separated at Layer 2 from all other interfaces in other communities or isolated ports within their PVLAN.

QUESTION 19
What is considered the main administrative vulnerability of Cisco Catalyst switches?
A. SNMP
B. Telnet
C. Poor passwords
D. Poor encryption

Correct Answer: C Section: (none) Explanation Explanation/Reference:
Explantion:
By default, a Cisco switch shows the passwords in plaintext for the following settings in the configuration
file: the .enable. password, the username password, the console line and the virtual terminal lines.
Using the same password for both the enable secret and other settings on a switch allows forpotential
compromise because the password for certain settings (for example, telnet) may be in plaintext and can be
collected on a network using a network analyzer. Also, setting the same password for the .enable secret.
passwords on multiple switches provides a single point of failure because one compromised switch
endangers other switches.

QUESTION 20
Click and drag the four steps to mitigating worm attacks in order from step 1 to steep 4.

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation:

Worm attack mitigation requires diligence on the part of system and network administration staff. Coordination between system administration, network engineering, and security operations personnel is critical in responding effectively to a worm incident. The following are the recommended steps for worm attack mitigation:
1.
Containment: Contain the spread of the worm inside your network and within your network. Compartmentalize parts of your network that have not been infected.

2.
Inoculation: Start patching all systems and, if possible, scanning for vulnerable systems.

3.
Quarantine: Track down each infected machine inside your network. Disconnect, remove, or block

infected machines from the network.

4.
Treatment: Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.

Flydumps is ready to provide Cisco 642-551 candidates with Cisco 642-551 training materials which can be very much helpful for getting Cisco 642-551 certification, which means that candidates.Cisco 642-551 can easily get access to the services of Cisco 642-551 for practice exam, which will assure them 100% Cisco 642-511 success rate.Though Cisco642-551 tests are not easy at all, but they do not make Cisco 642-551 things complicated.

New Questions-100% Valid Cisco 642-513 New Questions for Cisco 642-513 Exam

100% Valid And Newest–Do not worry about your Cisco 642-513 exam! Just try Flydumps the latest Cisco 642-513 exam dumps.The latest new version with all the official new added Cisco 642-513 questions and answers.High pass rate and money back

Exam A
QUESTION 1
Which of these is a reason for using groups to administer Agents?
A. to link similar devices together
B. to complete configuration changes on groups instead of hosts
C. to complete the same configuration on like items
D. to apply the same policy to hosts with similar security requirements

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Which three items make up rules? (Choose three.)
A. variables
B. applications
C. application classes
D. rule modules
E. policies
F. actions

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which action do you take when you are ready to deploy your CSA configuration to systems?
A. select
B. clone
C. deploy
D. generate rules

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

QUESTION 4
Which one of the five phases of an attack attempts to become resident on a target?
A. probe phase
B. penetrate phase
C. persist phase
D. propagate phase
E. paralyze phase

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 5
What is the purpose of the Audit Trail function?
A. to generate a report listing events matching certain criteria, sorted by event severity
B. to generate a report listing events matching certain criteria, sorted by group
C. to generate a report showing detailed information for selected groups
D. to display a detailed history of configuration changes

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In which type of rules are network address sets used?
A. COM component access control rules
B. connection rate limit rules
C. network access control rules
D. file control rules
E. file access control rules

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which three of these does the buffer overflow rule detect on a UNIX operating system, based on the type of memory space involved? (Choose three.)
A. location space
B. stack space
C. slot space
D. data space
E. heap space
F. file space

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
When should you use preconfigured application classes for application deployment investigation?
A. never
B. always
C. only for specific applications
D. only when applications require detailed analysis

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 10
Which systems with specific operating systems are automatically placed into mandatory groups containing rules for that operating system? (Choose three.)
A. OS2
B. HPUX
C. Solaris
D. Mac OS
E. Linux
F. Windows

Correct Answer: CEF Section: (none) Explanation Explanation/Reference:
We provide Cisco 642-513 help and information on a wide range of issues.Cisco 642-513 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-513 free to send us any questions and we always try our best to keeping our Customers Satisfied.

Cisco 642-513 New Questions:Just Updated Cisco 642-513 Exam with All New Questions from Flydumps

Flydumps offers the first-hand Cisco 642-513 exam real questions and answers, by train the latest Cisco 642-513 PDF and VCE dumps, you will well prepare for the Cisco 642-513 exam. Visit Flydumps.com to get free new version for training.

Exam A
QUESTION 1
Certkiller chose the Cisco CSA product to protect the network against the newest attacks. Cisco Security Agent provides Day Zero attack prevention by using which of these methods?
A. Using signatures to enforce security policies
B. Using API control to enforce security policies
C. Using stateful packet filtering to enforce security policies
D. Using algorithms that compare application calls for system resources to the security policies
E. None of the above

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Because Cisco Security Agent analyzes behavior rather than relying on signature matching, it never needs updating to stop a new attack. This zero-update architecture provides protection with reduced operational costs and can identify so-called “Day Zero” threats.” At a high level, Cisco(r) Security Agent is straightforward. It intercepts system calls between applications and the operating system, correlates them, compares the correlated system calls against a set of behavioral rules, and then makes an “allow” or”deny” decision based on the results of its comparison. This process is called INCORE, which stands for intercept, correlate, rules engine. Reference: http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_white_paper0900aecd8020f448.shtml

QUESTION 2
Certkiller has implemented the CSA product to provide security for all of their devices. For which layers of the OSI reference model does CSA enforce security?
A. Layer 1 through Layer 4
B. Layer 1 through Layer 7
C. Layer 2 through Layer 4
D. Layer 3 through Layer 7

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco Security Agent provides threat protection for server and desktop computing systems, also known as endpoints. It helps to reduce operational costs by identifying, preventing, and eliminating known and unknown security threats. The Cisco Security Agent consolidates endpoint security functions in a single agent, providing:
1.
Host intrusion prevention
2.
Spyware/adware protection
3.
Protection against buffer overflow attacks
4.
Distributed firewall capabilities
5.
Malicious mobile code protection
6.
Operating-system integrity assurance
7.
Application inventory
8.
Audit log-consolidation
This provides security for endpoints at the network layer (layer 3) through the application layer (layer 7).
QUESTION 3
The CSA architecture model is made up of three major components. Which three are they? (Choose three)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. An administrative workstation
F. A syslog server

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
Explanation: The CSA MC architecture model consists of a central management center which maintains a database of policies and system nodes, all of which have Cisco Security Agent software installed on their desktops and servers. The agents themselves, and an administrative workstations, combined with the Management Center, comprise the three aspects of the CSA architecture. Agents register with CSA MC. CSA MC checks its configuration database for a record of the system. When the system is found and authenticated, CSA MC deploys a configured policy for that particular system or grouping of systems.

 

Preparing Cisco 642-513 exam is not difficult now.You can prepare from Cisco 642-513 Certification or Cisco 642-513 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-513 study material notes for test preparation.Latest Cisco 642-513 study material available.

About the Free Cisco 642-502 Study Guide With The All New Exam Questions Of Flydumps

Important Info — Cisco 642-502 new study guide are designed to help you pass the exam in a short time.Everything you need can be found in the new version Cisco 642-502 exam dumps.Visit Flydumps.com to get more valid information.

Exam A
QUESTION 1
What are the two functions that crypto ACLs perform on outbound traffic? Choose two.
A. bypasses outbound traffic that should be protected by IPSec
B. selects inbound traffic that should be protected by IPSec
C. selects outbound traffic that should be protected by IPSec
D. sends outbound traffic that should not be protected by IPSec as clear text
E. discards outbound traffic that should not be protected by IPSec
F. discards outbound traffic that requires protection by IPSec

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Refer to the exhibit. An administrator cannot telnet to the router. The administrator is not prompted for a username or password and cannot ping the router. After reviewing the output of a show running-config command, what do you determine?

A. AAA is not enabled.
B. Everything is configured correctly (the problem must be caused by something else).
C. An access control list is blocking traffic.
D. The wrong passwords are being used.
E. The TACACS server must be unreachable.
F. The wrong authentication method is applied to lines.

Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 3
Which three thresholds does CBAC on the Cisco IOS Firewall provide against DoS attacks? Choose three.
A. number of half-open sessions based upon time
B. total number of half-open TCP or UDP sessions
C. number of fully open sessions based upon time
D. number of half-open TCP-only sessions per host
E. total number of fully open TCP or UDP sessions
F. number of fully open TCP-only sessions per host

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Refer to the LAN Wizard screen in the exhibit. How many bits would you input to configure this host for a subnet consisting of two hosts on subnet 172.26.26.0?

A. 3
B. 4
C. 24
D. 30
E. 128
F. 255

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Refer to the Cisco Router and Security Device Manager page in the exhibit.
What would be the result of clicking the “Launch the selected task” button in the VPN configuration screen?

A. to start the GRE site-to-site VPN connection configuration
B. to edit the site-to-site VPN connection
C. to start the security audit
D. to start the Easy VPN Server configuration
E. to start the default site-to-site VPN connection configuration
F. to start the Easy VPN Remote configuration

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Where are access profiles stored with the authentication proxy features of the Cisco IOS Firewall?
A. PIX Firewall
B. Cisco router
C. Cisco VPN Concentrator
D. Cisco Secure ACS authentication server

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Choose the correct command to allow IKE to establish the IPSec security associations.
A. crypto map 10 isakmp
B. crypto map 10 manual
C. crypto map MYMAP ipsec-isakmp
D. crypto map MYMAP ipsec-manual
E. crypto map MYMAP 10 ipsec-isakmp
F. crypto map MYMAP 10 ipsec-manual
Correct Answer: E Section: (none) Explanation

Explanation/Reference:
QUESTION 8
Choose the correct command to generate two RSA key pairs for use with certificate authority.
A. key generate rsa general-keys
B. key generate rsa usage-keys
C. crypto key generate rsa general-keys
D. crypto key generate rsa usage-keys
E. enable crypto key generate rsa general-keys
F. enable crypto key generate rsa usage-keys

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which command is required to specify the authorization protocol for authentication proxy?
A. auth-proxy group tacacs+
B. aaa auth-proxy default group tacacs+
C. authorization auth-proxy default group tacacs+
D. aaa authorization auth-proxy default group tacacs+
E. aaa authorization auth-proxy group tacacs+
F. aaa authorization auth-proxy default group

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which Cisco Catalyst IOS command can be used to mitigate a CAM table overflow attack?
A. switch(config-if)# port-security maximum 1
B. switch(config)# switchport port-security
C. switch(config-if)# port-security
D. switch(config-if)# switchport port-security maximum 1
E. switch(config-if)# switchport access
F. switch(config-if)# access maximum 1

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 11
An authentication attempt to a Cisco Secure ACS for Windows server failed, yet no log entries are in the reports. What are two possible causes of this problem? (Choose two.)
A. user is not defined
B. user belongs to the wrong group
C. CSAUTH service is down on the Cisco Secure ACS server
D. password has expired
E. user entered an incorrect password
F. communication path between the NAS and Cisco Secure ACS server is down

Correct Answer: CF Section: (none) Explanation
Explanation/Reference:
QUESTION 12
What are three main components of the Cisco IOS Firewall feature set? (Choose three.)
A. Context-based Access Control
B. port security
C. authentication proxy
D. authentication, authorization, and accounting
E. Intrusion Prevention System
F. neighbor router authentication

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 13
The SDF uses which type of file format, with a definition of each signature along with relevant configurable actions?
A. ASCII
B. HTML
C. JPEG
D. Word
E. text
F. XML

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Which two are typical Layer 2 attacks? (Choose two.)
A. MAC spoofing
B. CAM table overflow
C. route poisoning
D. DHCP Starvation
E. ARP Starvation
F. spam

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 15
What kind of signatures trigger on a single packet? (Choose one.)
A. regenerative
B. cyclical
C. atomic
D. dynamic
E. compound

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 16
What does authentication proxy on the Cisco IOS Firewall do?
A. creates specific authorization policies for each user with Cisco Secure ACS, dynamic, per-user security and authorization
B. provides additional visibility at intranet, extranet, and Internet perimeters
C. creates specific security policies for each user with Cisco Secure ACS, dynamic, per-user authentication and authorization
D. provides secure, per-application access control across network perimeters

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Select the two protocols used to provide secure communications between SDM and the target router. (Choose two.)
A. HTTPS
B. RCP
C. Telnet
D. SSH
E. HTTP
F. AES

Correct Answer: AD Section: (none) Explanation Explanation/Reference:
QUESTION 18
Which one of the following actions is used to send SDM generated commands to the target router?
A. Refresh
B. Save
C. Deliver
D. Download
E. Copy-config

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Select the maximum number of routers SDM can manage simultaneously?
A. 1
B. 5
C. 50
D. 100
E. 1000
F. determined by router model

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Drag Drop question A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 21
The Cisco Identity-Based Networking Services (IBNS) solution is based on which two standard implementations? (Choose two.)
A. TACACS+
B. RADIUS
C. 802.11
D. 802.1x
E. 802.1q
F. IPSec
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Which module is audited first when packets enter an IOS Firewall IDS and match a specific audit rule?
A. TCP
B. ICMP
C. IP
D. application level
E. UDP

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 23
How does the user trigger the authentication proxy after the idle timer expires?
A. authenticates the user
B. initiates another HTTP session
C. enters a new username and password
D. enters a valid username and password

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 24
Refer to the exhibit. Given the output of the show crypto ipsec sa command, which encryption algorithm is being used?

A. PCP
B. ESP
C. DES
D. 3DES
E. AH
F. HMAC

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Which Cisco Catalyst IOS command is used to mitigate a MAC spoofing attack?
A. switch(config-if)# port-security mac-address 0000.ffff.aaaa
B. switch(config)# switchport port-security mac-address 0000.ffff.aaaa
C. switch(config-if)# switchport port-security mac-address 0000.ffff.aaaa
D. switch(config)# port-security mac-address 0000.ffff.aaaa
E. switch(config-if)# mac-address 0000.ffff.aaaa
F. switch(config)# security mac-address 0000.ffff.aaaa

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 26
Which three keywords are used with the dot1x port-control command? (Choose three.)
A. enable
B. force-authorized
C. force-unauthorized
D. authorized
E. unauthorized
F. auto

Correct Answer: BCF Section: (none) Explanation
Explanation/Reference:
QUESTION 27
Refer to the exhibit. After reviewing the running-config file, what do you determine?

A. No one will be able to log in.
B. No one will be able to console in.
C. The wrong authentication method is applied to lines.
D. Users will use the local database to log in to console.
E. Users will use the password cisco to log in to console.
F. Users will use the local database to log in to vty.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 28
Which one of the following actions is used to prevent newly configured SDM commands from being sent to a target router?
A. Delete
B. Remove
C. Undo
D. Clear-commands
E. Refresh

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Choose the correct command that will load the SDF into a router and merge the new signatures with those that are already loaded in the router.
A. copy flash ips-sdf
B. copy url ips-sdf
C. copy ips-sdf url
D. write flash ips-sdf
E. write ips-sdf url
F. write url ips-sdf

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Choose the correct command to disable signature 1000 in the SDF file.
A. 1000 disable
B. no ip ips signature 1000
C. no ip ips signature 1000 enable
D. ip ips signature 1000 disable
E. ip signature 1000 disable
F. signature 1000 disable

Correct Answer: D Section: (none) Explanation Explanation/Reference:
QUESTION 31
What is the minimum IOS release that supports SDM?
A. 11.2
B. 12.0
C. 12.1
D. 12.2
E. 6.1

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 32
Choose the correct global command that will specify the TACACS server.
A. host 10.1.1.4
B. server 10.1.1.4
C. tacacs-server host 10.1.1.4
D. tacacs-server 10.1.1.4
E. tacacs-host host 10.1.1.4
F. server-tacacs host 10.1.1.4

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 33
What defines the standard certificate format?
A. CEP
B. CRLv2
C. ISAKMP
D. X.509v3

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 34
Which four files are required for basic HTTP connectivity to SDM? (Choose four.)
A. home.html
B. home.tar
C. home.cfg
D. sdm.tar
E. sdm.html
F. sdmconfig-xxxx.cfg

Correct Answer: ABDF Section: (none) Explanation
Explanation/Reference:
QUESTION 35
Choose the two types of signature implementations that the IOS Firewall IDS can detect. (Choose two.)
A. atomic
B. dynamic
C. regenerative
D. cyclical
E. compound
F. complex

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:

Cisco 642-502 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of Cisco 642-502 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification

Categories

Latest Microsoft Dumps Exam

HOT Microsoft 642-193 Dumps ⇨ PDF & VCE
HOT Microsoft 70-243 Dumps ⇨ PDF & VCE
HOT Microsoft 70-246 Dumps ⇨ PDF & VCE
HOT Microsoft 70-247 Dumps ⇨ PDF & VCE
HOT Microsoft 70-331 Dumps ⇨ PDF & VCE
HOT Microsoft 70-332 Dumps ⇨ PDF & VCE
HOT Microsoft 70-336 Dumps ⇨ PDF & VCE
HOT Microsoft 70-337 Dumps ⇨ PDF & VCE
HOT Microsoft 70-341 Dumps ⇨ PDF & VCE
HOT Microsoft 70-342 Dumps ⇨ PDF & VCE
HOT Microsoft 70-346 Dumps ⇨ PDF & VCE
HOT Microsoft 70-347 Dumps ⇨ PDF & VCE
HOT Microsoft 70-354 Dumps ⇨ PDF & VCE
HOT Microsoft 70-355 Dumps ⇨ PDF & VCE
HOT Microsoft 70-383 Dumps ⇨ PDF & VCE
HOT Microsoft 70-384 Dumps ⇨ PDF & VCE
HOT Microsoft 70-410 Dumps ⇨ PDF & VCE
HOT Microsoft 70-411 Dumps ⇨ PDF & VCE
HOT Microsoft 70-412 Dumps ⇨ PDF & VCE
HOT Microsoft 70-413 Dumps ⇨ PDF & VCE
HOT Microsoft 70-414 Dumps ⇨ PDF & VCE
HOT Microsoft 70-415 Dumps ⇨ PDF & VCE
HOT Microsoft 70-416 Dumps ⇨ PDF & VCE
HOT Microsoft 70-417 Dumps ⇨ PDF & VCE
HOT Microsoft 70-432 Dumps ⇨ PDF & VCE
HOT Microsoft 70-448 Dumps ⇨ PDF & VCE
HOT Microsoft 70-457 Dumps ⇨ PDF & VCE
HOT Microsoft 70-458 Dumps ⇨ PDF & VCE
HOT Microsoft 70-459 Dumps ⇨ PDF & VCE
HOT Microsoft 70-460 Dumps ⇨ PDF & VCE
HOT Microsoft 70-461 Dumps ⇨ PDF & VCE
HOT Microsoft 70-462 Dumps ⇨ PDF & VCE
HOT Microsoft 70-463 Dumps ⇨ PDF & VCE
HOT Microsoft 70-464 Dumps ⇨ PDF & VCE
HOT Microsoft 70-465 Dumps ⇨ PDF & VCE
HOT Microsoft 70-466 Dumps ⇨ PDF & VCE
HOT Microsoft 70-467 Dumps ⇨ PDF & VCE
HOT Microsoft 70-469 Dumps ⇨ PDF & VCE
HOT Microsoft 70-470 Dumps ⇨ PDF & VCE
HOT Microsoft 70-480 Dumps ⇨ PDF & VCE
HOT Microsoft 70-481 Dumps ⇨ PDF & VCE
HOT Microsoft 70-482 Dumps ⇨ PDF & VCE
HOT Microsoft 70-483 Dumps ⇨ PDF & VCE
HOT Microsoft 70-484 Dumps ⇨ PDF & VCE
HOT Microsoft 70-485 Dumps ⇨ PDF & VCE
HOT Microsoft 70-486 Dumps ⇨ PDF & VCE
HOT Microsoft 70-487 Dumps ⇨ PDF & VCE
HOT Microsoft 70-488 Dumps ⇨ PDF & VCE
HOT Microsoft 70-489 Dumps ⇨ PDF & VCE
HOT Microsoft 70-490 Dumps ⇨ PDF & VCE
HOT Microsoft 70-491 Dumps ⇨ PDF & VCE
HOT Microsoft 70-492 Dumps ⇨ PDF & VCE
HOT Microsoft 70-494 Dumps ⇨ PDF & VCE
HOT Microsoft 70-496 Dumps ⇨ PDF & VCE
HOT Microsoft 70-497 Dumps ⇨ PDF & VCE
HOT Microsoft 70-498 Dumps ⇨ PDF & VCE
HOT Microsoft 70-499 Dumps ⇨ PDF & VCE
HOT Microsoft 70-511 Dumps ⇨ PDF & VCE
HOT Microsoft 70-513 Dumps ⇨ PDF & VCE
HOT Microsoft 70-515 Dumps ⇨ PDF & VCE
HOT Microsoft 70-516 Dumps ⇨ PDF & VCE
HOT Microsoft 70-517 Dumps ⇨ PDF & VCE
HOT Microsoft 70-532 Dumps ⇨ PDF & VCE
HOT Microsoft 70-533 Dumps ⇨ PDF & VCE
HOT Microsoft 70-534 Dumps ⇨ PDF & VCE
HOT Microsoft 70-573 Dumps ⇨ PDF & VCE
HOT Microsoft 70-576 Dumps ⇨ PDF & VCE
HOT Microsoft 70-640 Dumps ⇨ PDF & VCE
HOT Microsoft 70-642 Dumps ⇨ PDF & VCE
HOT Microsoft 70-646 Dumps ⇨ PDF & VCE
HOT Microsoft 70-659 Dumps ⇨ PDF & VCE
HOT Microsoft 70-662 Dumps ⇨ PDF & VCE
HOT Microsoft 70-663 Dumps ⇨ PDF & VCE
HOT Microsoft 70-667 Dumps ⇨ PDF & VCE
HOT Microsoft 70-668 Dumps ⇨ PDF & VCE
HOT Microsoft 70-673 Dumps ⇨ PDF & VCE
HOT Microsoft 70-680 Dumps ⇨ PDF & VCE
HOT Microsoft 70-685 Dumps ⇨ PDF & VCE
HOT Microsoft 70-686 Dumps ⇨ PDF & VCE
HOT Microsoft 70-687 Dumps ⇨ PDF & VCE
HOT Microsoft 70-688 Dumps ⇨ PDF & VCE
HOT Microsoft 70-689 Dumps ⇨ PDF & VCE
HOT Microsoft 70-692 Dumps ⇨ PDF & VCE
HOT Microsoft 70-694 Dumps ⇨ PDF & VCE
HOT Microsoft 70-695 Dumps ⇨ PDF & VCE
HOT Microsoft 70-696 Dumps ⇨ PDF & VCE
HOT Microsoft 70-697 Dumps ⇨ PDF & VCE
HOT Microsoft 70-980 Dumps ⇨ PDF & VCE
HOT Microsoft 70-981 Dumps ⇨ PDF & VCE
HOT Microsoft 74-335 Dumps ⇨ PDF & VCE
HOT Microsoft 74-338 Dumps ⇨ PDF & VCE
HOT Microsoft 74-343 Dumps ⇨ PDF & VCE
HOT Microsoft 74-344 Dumps ⇨ PDF & VCE
HOT Microsoft 74-409 Dumps ⇨ PDF & VCE
HOT Microsoft 74-674 Dumps ⇨ PDF & VCE
HOT Microsoft 74-678 Dumps ⇨ PDF & VCE
HOT Microsoft 74-697 Dumps ⇨ PDF & VCE
HOT Microsoft 77-427 Dumps ⇨ PDF & VCE
HOT Microsoft 98-361 Dumps ⇨ PDF & VCE
HOT Microsoft 98-364 Dumps ⇨ PDF & VCE
HOT Microsoft 98-365 Dumps ⇨ PDF & VCE
HOT Microsoft 98-366 Dumps ⇨ PDF & VCE
HOT Microsoft 98-367 Dumps ⇨ PDF & VCE
HOT Microsoft 98-368 Dumps ⇨ PDF & VCE
HOT Microsoft 98-369 Dumps ⇨ PDF & VCE
HOT Microsoft 98-375 Dumps ⇨ PDF & VCE
HOT Microsoft 98-379 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-700 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-701 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-702 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-703 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-704 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-708 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-709 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-866 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-867 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-868 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-876 Dumps ⇨ PDF & VCE
HOT Microsoft MB5-705 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-700 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-701 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-702 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-703 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-704 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-705 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-884 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-885 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-886 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-889 Dumps ⇨ PDF & VCE
HOT Microsoft 70-698 dumps ⇨ PDF & VCE
HOT Microsoft 70-734 dumps ⇨ PDF & VCE
HOT Microsoft 70-741 dumps ⇨ PDF & VCE
HOT Microsoft 70-742 dumps ⇨ PDF & VCE
HOT Microsoft 70-743 dumps ⇨ PDF & VCE
HOT Microsoft 70-761 dumps ⇨ PDF & VCE
HOT Microsoft 70-764 dumps ⇨ PDF & VCE
HOT Microsoft 70-767 dumps ⇨ PDF & VCE
HOT Microsoft 70-765 dumps ⇨ PDF & VCE
HOT Microsoft 70-740 dumps ⇨ PDF & VCE
HOT Microsoft 70-357 dumps ⇨ PDF & VCE
HOT Microsoft 70-398 dumps ⇨ PDF & VCE
HOT Microsoft 70-475 dumps ⇨ PDF & VCE
HOT Microsoft 70-694 dumps ⇨ PDF & VCE
HOT Microsoft 70-348 dumps ⇨ PDF & VCE
HOT Microsoft 70-473 dumps ⇨ PDF & VCE
HOT Microsoft 70-773 dumps ⇨ PDF & VCE
HOT Microsoft 70-774 dumps ⇨ PDF & VCE
HOT Microsoft 70-775 dumps ⇨ PDF & VCE

Latest Citrix Dumps Exam

Latest CompTIA Dumps Exam

Latest Cisco Dumps Exam

HOT Cisco 100-101 Dumps ⇨ PDF & VCE
HOT Cisco 100-105 Dumps ⇨ PDF & VCE
HOT Cisco 200-101 Dumps ⇨ PDF & VCE
HOT Cisco 200-105 Dumps ⇨ PDF & VCE
HOT Cisco 200-120 Dumps ⇨ PDF & VCE
HOT Cisco 200-125 Dumps ⇨ PDF & VCE
HOT Cisco 200-310 Dumps ⇨ PDF & VCE
HOT Cisco 200-355 Dumps ⇨ PDF & VCE
HOT Cisco 200-401 Dumps ⇨ PDF & VCE
HOT Cisco 210-260 Dumps ⇨ PDF & VCE
HOT Cisco 210-060 Dumps ⇨ PDF & VCE
HOT Cisco 210-065 Dumps ⇨ PDF & VCE
HOT Cisco 300-101 Dumps ⇨ PDF & VCE
HOT Cisco 300-115 Dumps ⇨ PDF & VCE
HOT Cisco 300-135 Dumps ⇨ PDF & VCE
HOT Cisco 300-206 Dumps ⇨ PDF & VCE
HOT Cisco 300-207 Dumps ⇨ PDF & VCE
HOT Cisco 300-208 Dumps ⇨ PDF & VCE
HOT Cisco 300-209 Dumps ⇨ PDF & VCE
HOT Cisco 300-070 Dumps ⇨ PDF & VCE
HOT Cisco 300-075 Dumps ⇨ PDF & VCE
HOT Cisco 300-080 Dumps ⇨ PDF & VCE
HOT Cisco 300-085 Dumps ⇨ PDF & VCE
HOT Cisco 400-101 Dumps ⇨ PDF & VCE
HOT Cisco 400-201 Dumps ⇨ PDF & VCE
HOT Cisco 400-051 Dumps ⇨ PDF & VCE
HOT Cisco 350-018 Dumps ⇨ PDF & VCE
HOT Cisco 642-035 Dumps ⇨ PDF & VCE
HOT Cisco 210-250 dumps ⇨ PDF & VCE
HOT Cisco 210-255 dumps ⇨ PDF & VCE
HOT Cisco 200-150 dumps ⇨ PDF & VCE
HOT Cisco 200-155 dumps ⇨ PDF & VCE
HOT Cisco 300-160 dumps ⇨ PDF & VCE
HOT Cisco 300-165 dumps ⇨ PDF & VCE
HOT Cisco 300-170 dumps ⇨ PDF & VCE
HOT Cisco 300-175 dumps ⇨ PDF & VCE
HOT Cisco 300-180 dumps ⇨ PDF & VCE
HOT Cisco 300-210 dumps ⇨ PDF & VCE
HOT Cisco 600-509 dumps ⇨ PDF & VCE
HOT Cisco 600-510 dumps ⇨ PDF & VCE
HOT Cisco 600-512 dumps ⇨ PDF & VCE
HOT Cisco 700-172 dumps ⇨ PDF & VCE
HOT Cisco 700-070 dumps ⇨ PDF & VCE
HOT Cisco 300-560 dumps ⇨ PDF & VCE
HOT Cisco 642-385 dumps ⇨ PDF & VCE
HOT Cisco 810-502 dumps ⇨ PDF & VCE
HOT Cisco 830-506 dumps ⇨ PDF & VCE