Home » Cisco » Cisco 642-384 Self Study, Provides Cisco 642-384 Certification Exams On Sale

Cisco Exam Dumps

Latest Cisco CCNA dumps

Latest Cisco DevNet dumps

Latest Cisco CCNP dumps

Latest Cisco CCIE dumps

Latest Cisco CCDE dumps

Latest Cisco Special dumps

All Cisco dumps

Cisco 642-384 Self Study, Provides Cisco 642-384 Certification Exams On Sale

Welcome to download the newest Pass4itsure 412-79 VCE dumps: http://www.pass4itsure.com/412-79.html

A site with a decent screen would likely have a very good understanding environment. Rather than the consumer screen it’s essential to as well check for selections much like the query high quality as well as the way in which handy it really is intended for getting ready for the fundamental analyze! FLYDUMPS Cisco 642-384 exam sample questions is a reliable source of information for the candidates who want to take the Cisco 642-384 exam. The Cisco 642-384 is the composite exam associated with the Cisco 642-384 certification. The Cisco 642-384 certification strengthens the employment prospects and opens up myriads of opportunities for them. FLYDUMPS Cisco 642-384 exam sample questions provides the useful information about the exam.

QUESTION 113
OSPF routes are being redistributed into EIGRP but they are not showing up in the routing table. What are two possible causes? (Choose two.)
A. CEF has not been enabled.
B. Synchronization has been turned off.
C. incorrect distribute lists have been configured
D. No default metric has been configured for EIGRP
E. Theip classless command is missing.
F. There are mismatched autonomous system numbers.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 114
Which two statements best describe the wireless implementation of Cisco Aironet root and non- root bridging? (Choose two.)
A. Point-to-point access points can be used if one is root and the other is non-root.
B. WGB can be used with an access point if the distance is less than one mile
C. Root mode must be enabled only on one side in a point-to-point link to intemperate with other vendors and comply with 802.11
D. Up to 17 non-root bridges can associate to a root bridge
E. Point-to-point WGB can be used if total number of PCs is fewer than eight. The neighbor 10.1.1.1 is the BDR

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 115
CORRECT TEXT
Refer to the exhibit. Which two statements are
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: : about what is displayed? (Choose two.) Answer: C, D
QUESTION 116
The customer wants to implement wireless security through implementation of WPAv2. Which component of WPAv2 would limit the rollout because of the continued use of old access points?
“Pass Any Exam. Any Time.” – www.actualtests.com 43 Cisco 642-384: Practice Exam
A. 48-bit IV
B. AES
C. TKIP
D. MIC

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 117
A company needs to provide sitE.to-site VPN, remote access VPN, and firewall protection. Which device best supports all three functions?
A. Cisco PIX
B. Cisco ASA
C. Cisco Concentrator
D. Cisco Router and Security Device Manager

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 118
CORRECT TEXT
Which two statements are
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: : about using Cisco Router and Security Device Manager (SDM) to configure the OSPF routing protocol? (Choose two.) Answer: B, E
QUESTION 119
Refer to the exhibit. R2 is always in the init state. Which two statements are correct? (Choose two.)

A. R2 is seeing hello packets from R1.
B. R2 is not seeing hello packets from R1. “Pass Any Exam. Any Time.” – www.actualtests.com 44 Cisco 642-384: Practice Exam
C. The exchanging of data between R1 and R2 is occurring because each is sending hello packets.
D. Two-way communication has not been established between R1 and R2 because R2 is not seeing its router ID in the hello packets that it is receiving from R1
E. R2 has an access list defined for SO that is blocking an OSPF multicast IP address of 224.0.0.5.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference: QUESTION 120
Which two features are only supported when using the Cisco Router and Security Device Manager (SDM) Advanced Firewall wizard and not supported when using the Cisco SDM Basic Firewall wizard? (Choose two.)
A. deep-packet inspections
B. IP unicast Reverse Path Forwarding on the outside (untrusted) interface
C. DMZ services
D. Custom inspection rules
E. proxy authentication

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 121
:When troubleshooting poor network performance, which two symptoms would typically be associated with a network layer problem? (Choose two.)
A. Packet loss is more than 30 percent
B. There is excessive broadcast traffic.
C. There are excessive CRC errors.
D. Pings succeed only part of the time
E. Slips are detected on WAN interfaces.
F. ARP requests are timing out.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 122
Which command can be used to verify that RIPv2 is running on a router?
“Pass Any Exam. Any Time.” – www.actualtests.com 45 Cisco 642-384: Practice Exam
A. show startup-config
B. show ip route
C. showip route rip
D. Show ip protocols

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 123
Which two statements best describe the wireless core feature set using autonomous access points when implementing Wireless Domain Services? (Choose two.)
A. Layer 2 and Layer 3 services can be configured in a CiscoAironet autonomous AP or a Cisco Integrated Services Router.
B. Layer 2 services can be configured in a Cisco Aironet autonomous AP or a Cisco Integrated Services Router
C. Layer 2 and Layer 3 services can be configured in a CiscoAironet autonomous AP or controllers.
D. Layer 3 services can be configured in WLSM.
E. Layer 3 services can be configured in WLSE.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 124
You have just configured and enabled the Cisco IOS Firewall feature set from a remote location using the Cisco Router and Security Device Manager (SDM) Firewall wizard. You later want to doublE. check your configuration using Cisco SDM. However, you find that you can no longer connect to the Cisco IOS Firewall using Cisco SDM.
What is the probable cause of this failure?
A. You must additionally specify the Cisco SDM management port number to gain access when the configuration has been applied.
B. You have not generated an RSA key pair between the host and device to allow secure access via Cisco SDM.
C. You have been locked out via access lists mat nave been applied to the router as a result of your Cisco SDM configuration.
D. You must specify the host IP address of Cisco SDM in the Configuration panel for allowed management connections. “Pass Any Exam. Any Time.” – www.actualtests.com 46 Cisco 642-384: Practice Exam

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 125
An 802.11 b telephone is receiving an audio signal from an access point, but cannot send audio. What is a possible cause?
A. the RSSI value on the telephone is greater than 35.
B. The access point is set to receive only at 802.11g data rates.
C. The security settings in the telephone do not match the settings in the access point.
D. The transmit power in the telephone is significantly lower than the transmit power in the access point.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 126
Refer to the exhibit. A host on the Sales subnet (10.0.2.0/24) is not able to initiate a web connection to an outside website. According to the network diagram and partial Cisco Adaptive Security Device Manager configuration shown in the exhibit, what is the cause of the problem?

“Pass Any Exam. Any Time.” – www.actualtests.com 47 Cisco 642-384: Practice Exam
A. The dynamic NAT global pool is not configured correctly.
B. The source networks for static NAT are not configured correctly.
C. The administrator has not added an access list to allow the connection.
D. The source network for dynamic NAT is not configured correctly

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 127
Users logging into Cisco Router and Security Device Manager should be authenticated using the Cisco ISR local user database. Currently, none of the users can access Cisco Router and Security Device Manager via HTTP. You should check the configuration of which command or commands when attempting to resolve this problem?
A. There is no ip http secure-server
B. There is ip http authentication local
C. There is linevty 0 5 login local
D. There isaaa new-model

Correct Answer: B Section: (none) Explanation Explanation/Reference:
QUESTION 128
When using Cisco Router and Security Device Manager to configure AAA login authentication policies, which four methods are available? (Choose four.)
A. group RADIUS: use a list of RADIUS hosts
B. group TACACS+ use a list of TACACS+ hosts
C. enable: use enable password
D. otp: use onE.time password
E. local use local database
F. default: use line password

Correct Answer: ABCE Section: (none) Explanation
Explanation/Reference:
QUESTION 129
CORRECT TEXT
Which two statements are
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: : about OSPF in a multiarea environment? (Choose two.) Answer: C, D
“Pass Any Exam. Any Time.” – www.actualtests.com 48 Cisco 642-384: Practice Exam
QUESTION 130
You have just configured HSRP and need to determine which router is active. Which command should you enter?
A. show ip hsrp active
B. show standby active
C. show star
D. show active

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 131
A North American customer is using 2.4-GHz radios in a point-to-point configuration. The radio power level is 17 dBm and is transmitting at 11 Mbps. The customer is using 21.5-dBi dish antennas and 50 feet of cabling, with a loss of 8.4 dB per 100 feet. The customer increased the distance between the transmitter stations and began experiencing link problems.
Without using a professional installer, which step should the customer take to fix the situation?
A. Use a cable with a lower loss.
B. Upgrade to an 802.11a radio.
C. Install a higher gain antenna.
D. Increase the transmitter power.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 132
CORRECT TEXT Which three statements are
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: : about the IEEE 802.3af Power over Ethernet standard? (Choose three.) Answer: A, C, E
QUESTION 133
A user is unable to connect to the Cisco Router and Security Device Manager via HTTPS. Which two of these might have caused this problem? (Choose two.)
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Cisco 642-384: Practice Exam
A. Theip https server command is missing from the running configuration.
B. The ip http securE.server command is missing from the running configuration
C. The user is trying to launch Cisco Router and Security Device Manager from the inside (secured) interface with a firewall enabled.
D. The user has a privilege level lower than 15.
E. The browser security level is set too high.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 134
Which two statements best describe the wireless core feature set using autonomous access points when implementing Wireless Domain Services? (Choose two.)
A. The primary Layer 2 WDS server address is configured via the infrastructure access point GUI.
B. The primary Layer 2 WDS server address is automatically discovered by the infrastructure access points through multicast
C. The primary Layer 2 WDS is selected by the highest MAC address, followed by priority number.
D. The primary Layer 2 WDS is selected by the highest priority number followed by MAC address.
E. The primary Layer 2 WDS is selected by the highest IP address, followed by MAC address.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 135
Refer to the exhibit. A network administrator is troubleshooting an EIGRP connection between Router A
and Router B. Given the debug output on Router A, which two statements are true? (Choose two.)
Router A= debug eigrp packets
. m .

01:39:13:
EIGRP: Received HELLO on SerialQ 0 nbr 10.1.2.2

01:39:13:
AS 100, Flags 0x0, Seq 0/0 idbQ 00 iidbQ un/rely 0/0 peerQ un/rely 0/0

01:39:13:
K-value mismatch

A.
Router A received a hello packet with mismatched autonomous system numbers.

B.
Router A received a hello packet with mismatched hello timers.

C.
Router A received a hello packet with mismatched authentication parameters.

D.
Router A received a hello packet with mismatchedmetriC.calculation mechanisms

E.
Router A will form an adjacency with Router B.

F.
Router A will not form an adjacency with Router B “Pass Any Exam. Any Time.” – www.actualtests.com 50 Cisco 642-384: Practice Exam

Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
QUESTION 136
Which command assigns a cost value of “17” to a switch port?
A. spanning-tree interfacefastethernet 5/8 17
B. spanning-treeportcost 17
C. spanning-treeportcost 17
D. spanning-treevlan 1 cost 17

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 137
You have configured and applied a Cisco IOS Firewall access rule to the inbound, untrusted interface. You suspect that the rule may be blocking necessary traffic onto the network. What must you do to delete that rule when using Cisco Router and Security Device Manager?
A. Select ACL Editor > Access Rules to delete the rule.
B. You must remove the association between the rule and the interface before deleting the rule
C. You must delete the associated access list on the interface, then reconfigure the access list as required, and then reapply the access group to the proper interface.
D. Go to the Edit Firewall Policy tab to delete the rule.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 138
A customer in Europe needs to establish an 11-Mbps wireless bridge link between two office buildings that are approximately 1.3 km apart. The wireless link will pass through a public park, which contains a lake that is surrounded by trees. You run the range calculation and determine that the Cisco Aironet 1300 Series Outdoor Access Point/Bridge should work. You install the link using 10.5-dB yagis with 75 feet of standard Cisco cabling and both radios set at 20 mW. The wireless bridges are not able to establish or maintain a link.
What is needed to successfully complete this link?
A. An amplifier needs to be installed at one of the sites.
B. The antenna must be raised high enough to clear the trees
C. Lower loss cabling needs to be used to bring the EIRP into legal limits. “Pass Any Exam. Any Time.” – www.actualtests.com 51 Cisco 642-384: Practice Exam
D. Due to the trees, a 21-dBi dish needs to be used for its narrower beam width.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 139
You connect via Telnet to a Cisco access point and enter the command show dot11 link test. Which output might you obtain?
A. signal-to-noise ratio
B. incoming and outgoing signal strength
C. TX packets dropped
D. RX packets per second

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 140
Refer to the exhibit. The tables contain information from the Cisco Router and Security Device Manager configurations of Router A and Router B. Traffic between Host 1 and Host 2 is not successfully establishing the sitE.to-site VPN between Router A and Router B.
What is the mostly likely cause of this fault?

A. Router A is using a standard IP ACL (100-149) while Router B is using a Turbo ACL (150-199). “Pass Any Exam. Any Time.” – www.actualtests.com 52 Cisco 642-384: Practice Exam
B. The IKE encryption methods on the two routers are different
C. the IPSec policy map names on the two routers are different.
D. the IPSec rules on the two routers are not permitting the Answer: interesting traffic.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 141
This item consists of one or more multiple choice type questions that you must answer. To answer these questions, you need to use a GUI tool that becomes fully accessible by the use of the labs you see below these directions. The tabs have up and down arrows to signal the direction that the tabbed window may be dragged lo expose or hide the GUI tool. When you are done using the GUI tool, you may drag the tab down to continue answering questions. To advance to the next question in the series, click on the numbered button to the left of each question. Make sure that you have answered all the questions before continuing to the next item.

How many active VPN clients are currently connected to the 1841 ISR router?
A. 0
B. 1
C. 2
D. 3
E. 4
F. 5

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 142
This item consists of one or more multiple choice type questions that you must answer. To answer these questions, you need to use a GUI tool that becomes fully accessible by the use of the labs you see below these directions. The tabs have up and down arrows to signal the direction that the “Pass Any Exam. Any Time.” – www.actualtests.com 53 Cisco 642-384: Practice Exam
tabbed window may be dragged lo expose or hide the GUI tool. When you are done using the GUI tool, you may drag the tab down to continue answering questions. To advance to the next question in the series, click on the numbered button to the left of each question. Make sure that you have answered all the questions before continuing to the next item.

Which IP address or address range will be used when allocating an internal IP address to the VPN clients for the “test” VPN group?________________________________________________________________________
A. 10.1.1.100 to 10.1.1.200 I
B. 10.1-1.2 to 10.1.1.254
C. 192.168.1.1 to 192.168.1.100
D. 192.168.1.2 to 192.168.1.254
E. 192.168.1.1
F. 192.168.1.2

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 143
This item consists of one or more multiple choice type questions that you must answer. To answer these questions, you need to use a GUI tool that becomes fully accessible by the use of the labs you see below these directions. The tabs have up and down arrows to signal the direction that the tabbed window may be dragged lo expose or hide the GUI tool. When you are done using the GUI tool, you may drag the tab down to continue answering questions. To advance to the next question in the series, click on the numbered button to the left of each question. Make sure that you have answered all the questions before continuing to the next item.
“Pass Any Exam. Any Time.” – www.actualtests.com 54 Cisco 642-384: Practice Exam

Which authentication method is used by the test” VPN group?
A. RSA Encrypted Nounce
B. RSA Digital Signature
C. PrE.Shared Key
D. Digital Certificate
E. DH2

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 144
You are the network consultant. You have a customer with a small network of 15 remote sites is trying to optimize its VPN by migrating some remote sites using Frame Relay connections to the Internet to using cable connections to the Internet. The keypoint for your customer is to save money. Only a moderate amount of IP traffic is passing through the network, most of which is from the remote sites to the central site. IPSec should be used to provide VPN functionality and basic confidentiality is desired..Considering the above requirements. Which solution would be the easiest for this customer to set up and manage?
A. point-to-point
B. partial mesh
C. point-to-multipoint
D. hub-and-spoke

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 145
In an infrastructure based on a wireless advanced feature set using lightweight access points, by which method is a rogue contained?
“Pass Any Exam. Any Time.” – www.actualtests.com 55 Cisco 642-384: Practice Exam
A. The WCS sends excessive traffic to the rogue thus overloading the access point.
B. The rogue MAC address is used to spoof broadcastdeassociation packets.
C. The rogue MAC address is used to spoof broadcastdeauthentication packets.
D. The WCS sends out excessive signals on the same channel when the rogue is detected.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 146
With industry-leading services and performance, the Cisco Catalyst 6500 Series Switch is Cisco’s flagship switching solution. It delivers the most comprehensive feature sets for core, distribution, wiring closet, data center, enterprise WAN routing, and Metro-Ethernet deployments. Which layer you think is recommended that the Cisco Catalyst 6500 Series WLSM be placed?
A. core
B. distribution
C. access
D. presentation

Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 147
The Cisco Lifecycle Services approach defines the activities needed to help you successfully deploy and operate Cisco technologies and optimize their performance throughout the lifecycle of your network. Which statement is an accurate list of Cisco Lifecycle Services phases?
A. initiation, prepare, plan, design, implement, operate, and optimize
B. site assessment, risk assessment, solution selection and acquisition, testing, and operations
C. prepare, plan, design, implement, operate, and optimize
D. deployment, testing, implementation, and production

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 148
Which IP address or address range will be used when allocating an internal ip address to the VPN client for the test
“Pass Any Exam. Any Time.” – www.actualtests.com 56 Cisco 642-384: Practice Exam

A. 120.1.1.100 to 10.1.1.200
B. 10.1.1.2 to 10.1.1.254
C. 192.1681.1 to 192.1681.1.100
D. 192.1681.2 to 192.1681.1.254

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 149
Which authentication method is used by the test VPN group?

A. RSA EncryptedNounce
B. RSA Digital Signature
C. Pre-shared key
D. DH2

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 150
“Pass Any Exam. Any Time.” – www.actualtests.com 57 Cisco 642-384: Practice Exam
A network administrator is troubleshooting an EIGRP connection between RA and RB. Given the debug output on RA, which two statements are true?(Choose two)
A. RA received a hello packet with mismatched hello timers.
B. RA received a hello packet with mismatched metric-calculation mechanisms.
C. RA will form an adjacency with RB.
D. RAwill not form an adjacency with RB.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 151
You are the network administrator. There is one Gigabit Ethernet port on the Cisco CE520 used in the Smart Business Communications System. Which port role assignment would you make for?
A. Cisco Express 520
B. Cisco UC520
C. Cisco CE520
D. Cisco 871W
Correct Answer: B Section: (none) Explanation

Explanation/Reference:
QUESTION 152
Refer to the exhibit. CK-SA and CK-SC are running PVST+ STP, and CK-SB is running 802.1 Q STP. If the BPDU of the root in VLAN 1 is better than the BPDU of the root in VU\N 2, then there is no blocking port in the VLAN 2 topology. The BPDU of VU\N 2 never makes a “full circle” around the topology; it is replaced by the VLAN 1 BPDU on the CK-SB-CK-SC link, because CK-SB runs only one STP merged with VU\N 1 STP of PVST+. Thus, there is a forwarding loop. “Pass Any Exam. Any Time.” -www.actualtests.com 58 Cisco 642-384: Practice Exam

What does PVST+ do to correct this?
A. CK-SA sends PVST+ BPDUs ofVLAU 2 (to the SSTP address that is flooded by CK-SB) towards CK-SC. CK-SC will put port CK-SC-CK-SB into a type-inconsistent state, which prevents the loop.
B. CK-SB sends PVST+ BPDUs of VU\N 1 (to the SSTP address that is flooded by CK-SA) towards CK-SC. CK-SC will put port CK-SC-CK-SB into a type-inconsistent state, which prevents the loop.
C. CK-SC sends PVST+BPDUsofVU\N 2 (to the SSTP address that is flooded by CK-SB) towards CK-SC. CK-SAwill put port CK-SC-CK-SB into a type-inconsistent state, which prevents the loop.
D. CK-SA sends PVST+ BPDUs of VU\N 1 (to the SSTP address that is flooded by CK-SB) towards CK-SB. CK-SA will put port CK-C-CK-B into a type-inconsistent state, which prevents the loop.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 153
A wireless autonomous 1200 access point running core feature set in root mode has its SSID set to Factory_floor and provides connection to a repeater access point with its SSID set to factory_floor, if the root-mode access point is using channel 11 which channel will the repeater “Pass Any Exam. Any Time.” – www.actualtests.com 59 Cisco 642-384: Practice Exam
access point use?
A. channel 11
B. channel 1 or 6
C. anynonoverlapping channel
D. The root access point and the repeater will negotiate this setting

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 154
The VPN server uses a preshared key for remote device authentication
A. TRUE
B. FALSE

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 155
A customer with a large enterprise network wants to allow employees to work from home over the Internet. The customer anticipates a large amount of traffic, predominantly toward the central site. The customer also requires a VPN using strong user authentication and encryption to protect highly sensitive data. Which solution best meets this customer’s requirements?
A. remote-access VPN with software encryption
B. remote-access VPN with hardware encryption
C. site-to-site VPN with hub-and-spoke tunnels using 3DES and pre-shared secrets
D. site-to-site Cisco Easy VPN

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 156
The tables contain information from the Cisco Router and Security Device Manager configurations of RA and RB. Traffic between PC1 and PC2 is not successfully establishing the site-to-site VPN between -RA and -RB. What is the mostly likely cause of this fault?
A. RAis using a standard IP ACL (100-149) while RB is using a Turbo ACL(150-199).
B. The IPSec encryption methods used by each router do not match.
C. The D-H Group settings on the two routers are the same. “Pass Any Exam. Any Time.” – www.actualtests.com 60 Cisco 642-384: Practice Exam
D. The IPSec rules on the two routers are not permitting the correct interesting traffic.
Correct Answer: B Section: (none) Explanation

Explanation/Reference:
QUESTION 157
You are the network consultant. When will you assess a customer’s current network infrastructure?
A. plan
B. design
C. operate
D. optimize

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 158
A client is experiencing lower throughput and more packet retransmits is one area of the wireless network. At these times, the client utility shows high signal strength but low signal quality. What may be causing this issue?
A. The client does not support Cisco Compatible Extensions version 2.
B. Diversity is not enabled in the access point.
C. The WDS is failing to register the client card in the WLSM.
D. The channel is set incorrectly in the access point or in the client configuration.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 159
Which statement is correct about the current address translation configurations on the security appliance?
A. Dynamic NAT is used to translate the 10.0.1.100 host on the inside interface to a global address of
192.168.1.1
B. Port AddressTranslation(PAT) is used to translate any host on the inside interface to the 192.168.1.100 global address.
C. Static NAT is used to translate the 172.16.1.2 host on thedmzl interface to a global address of
192.168.1.102
D. Dynamic NAT is used to translate any host ondmzl and dmz2 interfaces to a mapped address from the address from the address pool of 192.168.1.110 to 192.168.1.250 “Pass Any Exam. Any Time.” -www.actualtests.com 61 Cisco 642-384: Practice Exam

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 160
VLAN Hopping is one of the primary VLAN based attacks used by hackers to infiltrate network security. VLAN hopping is used to attack a network by sending packets to a port which is generally not accessible.
VLAN hopping attacks are mainly conducted in the Dynamic Trunking Protocol and, in some cases; the attacks are targeted to the trunking encapsulation protocol (802.1 q or ISL).You worry about the switched infrastructure in an integrated network is vulnerable to VLAN hopping attacks. Which two configuration can be used to mitigate VLAN hopping? (Choose two.)
A. switchporttrunk encapsulation
B. switchport mode trunk
C. switchport access vlan
D. switchport mode access

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 161
CiscoWorks SNMS is a part of the CiscoWorks family of products for managing small to large networks. CiscoWorks SIMMS is a new Web-based network management solution for small to medium-sized businesses, with 40 or fewer Cisco internetworking devices such as switches, routers, hubs, and access servers. CiscoWorks SNMS can also monitor third-party IT assets such as servers, applications, services, and printers A Public Switched Telephone Network (PSTN) trunk is typically the voice interconnect between any business and the outside world. Which network management tool is designed to allow businesses to manage up to 40 devices?
A. CiscoWorks Unrestricted
B. CiscoWorks WAN Management
C. CiscoWorks LAN Management
D. CiscoWorks SNMS

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 162
Which statement is correct about the information in the Cisco Adaptive Security Device Manager General and License Information screen?
“Pass Any Exam. Any Time.” – www.actualtests.com 62 Cisco 642-384: Practice Exam
A. The security appliance supports active/active failover only.
B. The security appliance supports 3DES-AES only.
C. The managed device is a Cisco ASA 5540 Security Appliance with VPN premium license enabled.
D. The managed device is Cisco PIX515E Security Appliance.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 163
Which three are different types of STP inconsistencies in a Layer 2 network?(Choose three) A. MAC inconsistency
B. Root inconsistency
C. EtherChannel inconsistency
D. type inconsistency

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 164
According to the error log, VLAN 1 is where the BPDU was received, and VLAN 2 is where the BPDU originated. When inconsistency is detected, what happens?
A. VLAN 1 is blocked, while VLAN 2 is forwarding
B. VLAN1 is blocked, while VLAN 2 is listening
C. Both VLANs are listening on the port from which this BPDU is send
D. Both VLANs are blocked on the port from which this BPDU is received

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 165
Which is the current configured default gateway IP address on the security appliance?
A. 172.16.10.1
B. 172.16.1.1
C. 192.168.1.2
D. 10.0.1.1

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” – www.actualtests.com 63 Cisco 642-384: Practice Exam
QUESTION 166
Which statement is true about a Cisco Aironet 350 Series wireless client when its green LED appears to be off and its amber LED is blinking?
A. The client adapter is scanning for a network.
B. The client adapter is in ad hoc mode.
C. The client adapter is performing a self-test.
D. The client adapter is in power-save mode.

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 167
You are the Cisco Configuration Assistant. Your IT Manager tells you 802.11b telephone can receive an audio signal from an access point, but cannot send audio. What is the most likely reason?
A. The value of RSSI telephone is greater than 30.
B. The access point only receives 802.11g data rates.
C. The security settings in the telephone mismatch the access point.
D. The telephone transmit power is significantly lower than the t the access point

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Welcome to download the newest Pass4itsure 412-79 VCE dumps: http://www.pass4itsure.com/412-79.html

Cisco 642-384 Self Study, Provides Cisco 642-384 Certification Exams On Sale

Categories

Microsoft Exam Dumps

microsoft azure exam dumps

microsoft data exam dumps

microsoft dynamics 365 exam dumps

microsoft 365 exam dumps

microsoft fundamentals exam dumps

microsoft certified exam dumps

microsoft mta exam dumps

more… microsoft exam dumps