Category: CCSP
Where to free download the new Cisco 642-515 exam questions to pass the exam easily? Now,Flydumps has publised the new version of Cisco 642-515 exam dumps with new added exam questions.you can also get free VCE and PDF, and the new Cisco 642-515 practice tests ensure your exam 100% pass. Visit Flydumps.com to get the 100% pass ensure!
QUESTION 60
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
What is the impact of the FTP inspection policy named MY-FTP-MAP on FTP traffic entering the partnernet interface?
A. Masks the FTP banner.
B. Tracks each FTP command and response sequence for certain anomalous activity.
C. Has no effect on the behavior of the Cisco Adaptive Security Appliance.
D. Prevents web browsers from sending embedded commands in FTP requests.
Correct Answer: C Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 61
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
Which two impacts are of the policy map named PARTNERNET-POLICY on FTP traffic entering the partnernet interface?
A. Prevents all users except “root” from accessing the path /root.
B. Logs all attempts to download files from the FTP server on the inside interface.
C. Blocks the FTP request commands DELE, MKD, PUT, RMD, RNFR, and RNTO.
D. Resets connections that send embedded commands.
Correct Answer: CD Section: Firewall/Policys Explanation
Explanation/Reference: QUESTION 62
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
Which option is correct with regard to HTTP inspection on the Cisco Adaptive Security Appliance?
A. HTTP traffic is inspected as it enters or exits the outside interface.
B. HTTP traffic is inspected only as it enters any interface.
C. Advanced HTTP inspection is applied to traffic entering the outside interface, and basic HTTP inspection is applied to traffic entering any interface.
D. HTTP traffic is inspected as it enters or exits any interface.
Correct Answer: A Section: Firewall/Policys Explanation
Explanation/Reference: QUESTION 63
Modular Policy Framework provides a consistent and flexible way to configure security appliance features in a manner similar to Cisco IOS software QoS CLI. Your company asked you to examine the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) by use of the Cisco Adaptive Security Device Manager (ASDM).
Which step will be taken by the Cisco Adaptive Security Appliance on FTP traffic entering its outside interface?
A. Masks the FTP greeting banner.
B. Translates embedded IP addresses.
C. Blocks the FTP request commands APPE, GET, RNFR, RNTO, DELE, MKD, and RMD.
D. Prevents all users except “root” from accessing the path/root.
Correct Answer: B Section: Firewall/Policys Explanation Explanation/Reference:
QUESTION 64
Which options can a clientless SSL VPN user access from a web browser without port forwarding, smart tunnels, or browser plug-ins?
A. web-enabled applications
B. Microsoft Outlook Web Access
C. files on the network, via FTP or the CIFS protocol
D. internal websites
Correct Answer: ABCD Section: VPN Explanation
Explanation/Reference:
QUESTION 65
While implementing QoS, which two types of queues are available on the Cisco ASA security appliance? (Choose two.)
A. best effort queue
B. round robin queue
C. weighted fair
D. low latency queue
Correct Answer: AD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 66
Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)
A. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client-server connections through the security appliance.
B. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection.
C. If inspection for a protocol is notenabled, traffic for that protocol may be blocked.
D. If you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy.
Correct Answer: ACD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 67
Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)
A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. It supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.
Correct Answer: ACD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 68
Reverse route injection (RRI) is the ability for static routes to be automatically inserted into the routing process for those networks and hosts protected by a remote tunnel endpoint. These protected hosts and networks are known as remote proxy identities. Study the following exhibit carefully. What does Reverse Route Injection enable in this configuration?
A. The Cisco ASA security appliance will advertise its default routes to the distant end of the site- to-site VPN tunnel.
B. The Cisco ASA security appliance will advertise routes that are at the distant end of the site-to- site VPN tunnel.
C. The Cisco ASA security appliance will advertise routes that are on its side of the site-to-site VPN tunnel to the distant end of the site-to-site VPN tunnel.
D. The Cisco ASA security appliance will advertise routes from the dynamic routing protocol that is running on the Cisco ASA security appliance to the distant end of the site-to-site VPN tunnel.
Correct Answer: B Section: Other Explanation
Explanation/Reference: QUESTION 69
Which two options are correct about the threat detection feature of the Cisco ASA adaptive security appliance? (Choose two.)
A. The security appliance scanning threat detection feature is based on traffic signatures.
B. The threat detection feature can help you determine the level of severity for packets that are detected and dropped by the security appliance inspection engines.
C. Because of their impact on performance, both basic threat detection and scanning threat detection are disabled by default.
D. Scanning threat detection detects network sweeps and scans and optionally takes appropriate preventative action.
Correct Answer: BD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 70
For configuring VLAN trunking on a security appliance interface, which three actions are mandatory? (Choose three.)
A. associating a logical interface with a physical interface
B. specifying a VLAN ID for asubinterface
C. specifying a name for asubinterface
D. specifying the maximum transmission unit for asubinterface
Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 71
Which three features can the Cisco ASA adaptive security appliance support? (Choose three.)
A. 802.1Q VLANs
B. OSPF dynamic routing
C. static routes
D. BGP dynamic routing
Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 72
What is the reason that you want to configure VLANs on a security appliance interface?
A. for use in multiple contextmode, where you can map only VLAN interfaces to contexts
B. for use in conjunction with device-level failover to increase the reliability of your security appliance
C. to increase the number of interfaces available to the network without adding additional physical interfaces or security appliances D. for use in transparent firewall mode, where only VLAN interfaces are used
Correct Answer: C Section: Other Explanation
Explanation/Reference:
QUESTION 73
The P4S security department would like to apply specific restrictions to one network user, Bob, because he works from home and accesses the corporate network from the outside interface of the security appliance. P4S decides to control network access for this user by using the downloadable ACL feature of the security appliance. Authentication of inbound traffic is already configured on the security appliance, and Bob already has a user account on the Cisco Secure ACS. Which three tasks should be completed in order to achieve the goal of limiting network access for Bob via downloadable ACLs? (Choose three.)
A. Configure the security appliance to use downloadable ACLs.
B. Configure the downloadable ACLs on the Cisco Secure ACS.
C. Attach the downloadable ACL to the user profile for Bob on the Cisco Secure ACS.
D. Configure the Cisco Secure ACS to use downloadable ACLs.
Correct Answer: BCD Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 74
The security department of the P4S company wants to configure cut-through proxy authentication via RADIUS to require users to authenticate before accessing the corporate DMZ servers. Which three tasks are needed to achieve this goal? (Choose three.)
A. Configure a rule that specifies which traffic flow to authenticate.
B. Designate an authentication server.
C. Specifya AAA server group.
D. Configure per-user override.
Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 75
Which two statements correctly describe the local user database in the security appliance? (Choose two.)
A. You can create user accounts with or without passwords in the local database.
B. You cannot use the local database for network access authentication.
C. You can configure the security appliance to lock a user out after the user meets a configured maximum number of failed authentication attempts.
D. The default privilege level for a new user is 15.
Correct Answer: AC Section: Other Explanation
Explanation/Reference: QUESTION 76
Which one of the following commands can provide detailed information about the crypto map configurations of a Cisco ASA adaptive security appliance?
A. show run ipsec sa
B. show run crypto map
C. show ipsec sa
D. show crypto map
Correct Answer: B Section: VPN Explanation
Explanation/Reference:
QUESTION 77
Which three commands can display the contents of flash memory on the Cisco ASA adaptive security appliance? (Choose three.)
A. show disk0:
B. dir
C. show flash:
D. show memory
Correct Answer: ABC Section: Other Explanation
Explanation/Reference:
QUESTION 78
Which two statements about the downloadable ACL feature of the security appliance are correct? (Choose two.)
A. Downloadable ACLs enable you to store full ACLs on a AAA server and download them to the security appliance.
B. Downloadable ACLs are supported using TACACS+ or RADIUS.
C. The downloadable ACL must be attached to a user or group profile on a AAA server.
D. The security appliance supports only per-user ACL authorization.
Correct Answer: AC Section: Other Explanation
Explanation/Reference:
QUESTION 79
In the default global policy, which three traffic types are inspected by default? (Choose three.)
A. TFTP
B. FTP
C. ESMTP
D. ICMP
Correct Answer: ABC Section: Firewall/Policys Explanation
Explanation/Reference:
QUESTION 80
What does the redundant interface feature of the security appliance accomplish?
A. to increase the number of interfaces available to your network without requiring you to add additional physical interfaces or security appliances
B. to increase the reliability of your security appliance
C. to allow a VPN client to sendIPsec-protected traffic to another VPN user by allowing such traffic in and out of the same interface
D. to facilitate out-of-band management
Correct Answer: B Section: Other Explanation
Explanation/Reference:
Preparing Cisco 642-515 exam is not difficult now.You can prepare from Cisco 642-515 Certification or Cisco 642-515 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-515 study material notes for test preparation.Latest Cisco 642-515 study material available.
[The Newest Dumps] Real Cisco 642-515 exam dumps revised by experts, they were updated with the change of the Cisco 642-515 ,covering all the whole aspects of Cisco 642-515 exam. Just have a training of Flydumps Cisco 642-515 exam questions to guarantee your 100% pass
QUESTION 51
The IT department of your company must perform a custom-built TCP application within the clientless SSL
VPN portal configured on your Cisco ASA security appliance. The application should be run by users who
have either guest or normal user mode privileges.
In order to allow this application to run, how to configure the clientless SSL VPN portal?
A. configure a smart tunnel for the application
B. configure a bookmark for the application
C. configure the plug-in that best fits the application
D. configure port forwarding for the application
Correct Answer: A Section: VPN Explanation
Explanation/Reference:
QUESTION 52
Which major benefit do digital certificates provide when deploying IPsec VPN tunnels?
A. Resiliency
B. Obfuscation
C. Simplification
D. Scalability
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Refer to the exhibit. As the administrator of a Cisco ASA security appliance for remote access IPsec VPNs,
you are assisting a user who has a digital certificate that is configured for the Cisco VPN Client.
Based on the exhibit, how would you find the MD5 and SHA-1 thumb print of the certificate?
A. Choose the certificate and then click the Certificate drop-down menu.
B. Choose the certificate and then click Options > Properties.
C. Choose the certificate and then click the View button.
D. Choose the certificate and then click the Verify button.
Correct Answer: C Section: Cert Authentication Explanation
Explanation/Reference:
QUESTION 54
Refer to the exhibit. You are configuring a laptop with the Cisco VPN Client, which will use digital certificates for authentication. Which protocol will the Cisco VPN client use to retrieve the digital certificate from the CA server?
A. FTP
B. HTTPS
C. TFTP
D. LDAP
E. SCEP
Correct Answer: E Section: Cert Authentication Explanation
Explanation/Reference:
QUESTION 55
Refer to the exhibit. A junior Cisco ASA security appliance administrator has asked for your help in configuring a Cisco ASA security appliance for an identity certificate to be used for IPsec VPNs. Based on the two Cisco ASDM configuration screens that are shown, what is needed to configure the Cisco ASA security appliance for an identity certificate?
Exhibit:
A. To retrieve an identity certificate, a new pair of RSA keys must be created.
B. To retrieve an identity certificate, the Cisco ASA security appliance must have the certificate of the CA.
C. To retrieve an identity certificate, the common name must be an FQDN.
D. The Cisco ASA security appliance doesn’t need to retrieve an identity certificate. It can use a self-signed identity certificate for IPsec.
E. Because of the lack of a CA certificate, the administrator must import the identity certificate from a file.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 56
SSL VPNs can provide increased flexibility over IPsec VPNs, based on the location of the client and ownership of the endpoint. However, security of the endpoint is a potential problem. Which three of these potential security issues can the Cisco ASA security appliance address through SSL VPN policies or features? (Select three.)
A. SSL attacks
B. Malware
C. Phishing
D. Spoofing
E. Viruses
F. Spyware
Correct Answer: BEF Section: (none) Explanation
Explanation/Reference:
QUESTION 57
You have been tasked with configuring access for development partners using the clientless SSL VPN portal on your Cisco ASA security appliance. These partners need access to the desktop of internal development servers. Which three of these configurations for the clientless SSL VPN portal would allow these partners to access the desktop of remote servers? (Choose three.)
A. RDP bookmark using the RDP plug-in
B. Xwindows bookmark using the Xwindows plug-in
C. Telnet bookmark using the Telnet plug-in
D. Citrix plugin using the Citrix plug-in
E. SSH bookmark using the SSH plug-in
F. VNC bookmark using the VNC plug-in
Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 58
You are the administrator for Cisco ASA security appliances that are used for site-to-site VPNs between remote and corporate offices. You have used the Service Policy Rule Wizard within ASDM to configure low-latency queuing for unified communications on all the appropriate ASAs. Users are still having issues with unified communications between the remote and corporate offices. Assuming that the Cisco Unified Communications equipment is functioning properly and that the VPN configurations are correct, which of these choices is most likely the cause of the problems?
A. The DSCP, expedite forward, ef (46), was used to determine unified communications traffic within the Service Policy Rule Wizard.
B. The tunnel group and DSCP traffic matching criteria were configured within the Service Policy Rule Wizard.
C. Both a policing and priority queue must be applied on the interface to expedite the voice and control data flows.
D. A priority queue must be created on the interface where the site-to-site VPN tunnel is terminated.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 59
You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
Which two actions does the Cisco Adaptive Security Applicance take on HTTP traffic entering its outside interface? (Choose two.)
A. Drops HTTP request messages whose request method is post and whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.
B. Logs HTTP request messages whose request method is post and whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.
Correct Answer: AB Section: Case Study Explanation
Explanation/Reference:
QUESTION 60
You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
What is the effect of the FTP inspection policy named MY-FTP-MAP on FTP traffic entering the partnernet interface?
A. Has no effect on the behavior of the Cisco Adaptive Security Appliance.
Correct Answer: A Section: Case Study Explanation
Explanation/Reference:
QUESTION 61
You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
What are the two effects of the policy map named PARTNERNET-POLICY on FTP traffic entering the partnernet interface?
A. Resets connections that send embedded commands.
B. Blocks the FTP request commands DELE, MKD, PUT, RMD, RNFR, and RNTO.
Correct Answer: AB Section: Case Study Explanation
Explanation/Reference:
QUESTION 62
You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
Which statement is true about HTTP inspection on the Cisco Adaptive Security Appliance?
A. HTTP traffic is inspected as it enters or exits the outside interface.
Correct Answer: A Section: Case Study Explanation
Explanation/Reference:
QUESTION 63
You have been tasked with examining the current Cisco Modular Policy Framework configurations on the LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager (ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM configuration screens.
Which action does the Cisco Adaptive Security Appliance take on FTP traffic entering its outside interface?
A. Translates embedded IP addresses.
Correct Answer: A Section: Case Study Explanation
Explanation/Reference:
Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises, Cisco 642-515 helps you master the concepts and techniques that will enable you to succeed on the Cisco 642-515 exam the first time.
The 100% valid Flydumps latest Cisco 642-513 question answers ensure you 100% pass! And now we are offering the free new version along with the VCE format Cisco 642-513 practice test. Free download Cisco 642-513 more new PDF and VCE on Flydumps.com.
QUESTION 50
Which protocol is required for the administrative workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. SSL
D. IPSec
Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 51
How can the Agent kit be sent out to host machines?
A. via a URL that is e-mailed to clients
B. via a TFTP server
C. via an FTP server
D. via a Telnet server
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 52
What is the purpose of the sniffer and protocol detection rule?
A. to stop sniffers from running on a network
B. to allow sniffers to run on a network
C. to cause an event to be logged when non-IP protocols and sniffer programs are detected running on systems
D. to deny non-IP protocols and sniffer programs from running on systems
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 53
What are three types of variables used for CSA? (Choose three.)
A. global sets
B. file sets
C. API sets
D. data sets
E. network address sets
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 54
What is the purpose of connection rate limit rules?
A. to limit the number of connections to an application
B. to limit the number of calls to the kernel in a specified time frame
C. to limit the number of network connections within a specified time frame
D. to limit the number of malformed connection requests to a web server
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which port is used to access the CSA MC from the administrative workstation?
A. 21
B. 23
C. 1741
D. 1802
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which two of the following file access rule criteria can you use to allow or deny the operations that the selected applications can perform on files? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications
E. the address with which a system is attempting to communicate
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 57
What action is taken on user query windows when the Agent UI is not present on a system?
A. The default action is always taken.
B. All actions are denied.
C. All actions are allowed.
D. All actions are allowed and logged.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which three make up the CSA architecture model? (Choose three.)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. an administrative workstation
F. a syslog server
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which two of the following network access rules can you use to control access to specified network services? (Choose two.)
A. the application attempting to access the file
B. the application attempting to access the service or address
C. the operation attempting to act on the file
D. the direction of the communications
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 60
What is the purpose of the rootkit/kernel protection rule?
A. to restrict access to the operating system
B. to log access to the operating system
C. to restrict user access to the operating system
D. to restrict administrator access to the operating system
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Drag Drop question A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 62
Which definitions can be used to allow consistent configuration of policies across multiple systems and can also be used for event reporting purposes?
A. hosts
B. software updates
C. Agent kits
D. registration control
E. groups
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Which two items make up Agent kits? (Choose two.)
A. groups
B. hosts
C. policies
D. rules
E. network shim
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Which two types of rules apply to Windows systems only? (Choose two.)
A. Agent service control rules
B. clipboard access control rules
C. Agent UI control rules
D. COM component access control rules
E. data access control rules
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which portion of an HTTP request is examined by data access control rules?
A. the TCP header
B. the UDP header
C. the URI portion of the request
D. the URL portion of the request
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which two types of rules are UNIX-only rules?
A. network interface control rules
B. COM component access control rules
C. connection rate limit rules
D. file access control rules
E. rootkit/kernel protection rules
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 67
Choose three types of rules that apply to both Windows and UNIX systems.
(Choose three.)
A. Agent service control rules
B. Agent UI control rules
C. application control rules
D. COM component access control rules
E. file version control rules
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 68
What application is installed on the server after the CSA MC is installed?
A. Cisco Trust Agent
B. ACS
C. SQL
D. CSA
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which two attacks could an attacker use during the penetrate phase of an attack? (Choose two.)
A. install new code
B. modify configuration
C. ping scans
D. buffer overflow
E. erase files
F. e-mail attachment
Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
Cisco 642-513 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of Cisco 642-513. We provide our customers with the excellent 7×24 hours customer service.We have the most professional Cisco 642-513 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our Cisco 642-513 free pdf
GOOD NEWS:Flydumps has published the new version with all the new added questions and answers. By training the Cisco 642-552 VCE dumps, you can pass the exam easily and quickly.
Exam A
QUESTION 1
A malicious program is disguised as another useful program; consequently, when the user executes the program, files get erased and then the malicious program spreads itself using emails as the delivery mechanism. Which type of attack best describes how this scenario got started?
A. DoS
B. worm
C. virus
D. trojan horse
E. DDoS
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer’s network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests. A “denial-of-service” attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include
*
attempts to “flood” a network, thereby preventing legitimate network traffic
*
attempts to disrupt connections between two machines, thereby preventing access to a service
*
attempts to prevent a particular individual from accessing a service
*
attempts to disrupt service to a specific system or person Distributed Denial of Service
*
An attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time.
*
This makes it difficult to detect because attacks originate from several IP addresses.
*
If a single IP address is attacking a company, it can block that address at its firewall. If it is 300 00 this is extremely difficult.
QUESTION 2
What is the key function of a comprehensive security policy?
A. informing staff of their obligatory requirements for protecting technology and information assets
B. detailing the way security needs will be met at corporate and department levels
C. recommending that Cisco IPS sensors be implemented at the network edge
D. detailing how to block malicious network attacks
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: Developing a strong security policy helps to protect your resources only if all staff members are properly instructed on all facets and processes of the policy. Most companies have a system in place whereby all employees need to sign a statement confirming that they have read and understood the security policy. The policy should cover all issues the employees encounter in their day-to-day work, such as laptop security, password policy, handling of sensitive information, access levels, tailgating, countermeasures, photo IDs, PIN codes, and security information delivered via newsletters and posters. A top-down approach is required if the policy is to be taken seriously. This means that the security policy should be issued and supported from an executive level downward.
QUESTION 3
Which building blocks make up the Adaptive Threat Defense phase of Cisco SDN strategy?
A. VoIP services, NAC services, Cisco IBNS
B. network foundation protection, NIDS services, adaptive threat mitigation services
C. firewall services, intrusion prevention, secure connectivity
D. firewall services, IPS and network antivirus services, network intelligence
E. Anti-X defense, NAC services, network foundation protection
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Computer connected to the Internet without a firewall can be hijacked and added to an Internet outlaw’s botnet in just a few minutes. A firewall can block malware that could otherwise scan your computer for vulnerabilities and then try to break in at a weak point. The real issue is how to make one 99.9% secure when it is connected to in Internet. At a minimum computers need to have firewall, antivirus and anti-spyware software installed and kept up-to-date. A home network that uses a wired or wireless router with firewall features provides additional protection. A computer virus can be best described as a small program or piece of code that penetrates into the operating system, causing unexpected and negative events to occur. A well-known example is a virus, SoBig. Computer viruses reside in the active memory of the host and try to duplicate themselves by different means. This duplication mechanism can vary from copying files and broadcasting data on local-area network (LAN) segments to sending copies via e-mail or an Internet relay chat (IRC). Antivirus software applications are developed to scan the memory and hard disks of hosts for known viruses. If the application finds a virus (using a reference database with virus definitions), it informs the user.
QUESTION 4
DRAG DROP You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller asks you to match the malicious network attack types with the correct definition.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation:
1.
Reconnaissance: Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of attack prior to launching an attack. This phase is also where the attacker draws on competitive intelligence to learn more about the target. The phase may also involve network scanning either external or internal without authorization. This is a phase that allows the potential attacker to strategize his attack. This may spread over time, as the attacker waits to unearth crucial information. One aspect that gains prominence here is social engineering. A social engineer is a person who usually smooths talk’s people into revealing information such as unlisted phone numbers, passwords or even sensitive information. Other reconnaissance techniques include dumpster diving. Dumpster diving is the process of looking through an organization’s trash for discarded sensitive information. Building user awareness of the precautions they must take in order to protect their information assets is a critical factor in this context.
2.
DOS (Denial Of Service) Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer’s network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests.
3.
Brute force The brute force method is the most inclusive – though slow. Usually, it tries every possible letter and number combination in its automated exploration.
QUESTION 5
DRAG DROP You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller asks you to match signature type with the correct definition.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation:
1.
DOS (Denial Of Service)
Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing
normal services. The most common DoS attacks will target the computer’s network bandwidth or
connectivity. Bandwidth attacks flood the network with such a high volume of traffic, which all available
network resources are consumed and legitimate user requests cannot get through. Connectivity attacks
flood a computer with such a high volume of connection requests, that all available operating system
resources are consumed and the computer can no longer process legitimate user requests.
2.
Exploit
A defined way to breach the security of an IT system through vulnerability.
QUESTION 6
Which of these two ways does Cisco recommend that you use to mitigate maintenance-related threats? (Choose two.)
A. Maintain a stock of critical spares for emergency use.
B. Ensure that all cabling is Category 6.
C. Always follow electrostatic discharge procedures when replacing or working with internal router and switch device components.
D. Always wear an electrostatic wrist band when handling cabling, including fiber-optic cabling.
E. Always employ certified maintenance technicians to maintain mission-critical equipment and cabling.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 7
What are two security risks on 802.11 WLANs that implement WEP using a static 40-bit key with open authentication? (Choose two.)
A. The IV is transmitted as plaintext, and an attacker can sniff the WLAN to see the IV.
B. The challenge packet sent by the wireless AP is sent unencrypted.
C. The response packet sent by the wireless client is sent unencrypted.
D. WEP uses a weak-block cipher such as the Data Encryption Algorithm.
E. One-way authentication only where the wireless client does not authenticate the wireless-access point.
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
Explanation: The wireless nature and the use of radio frequency for networking makes securing WLANs more challenging than securing a wired LAN. Originally, the Wired Equivalent Privacy (WEP) protocol was developed to address this issue. It was designed to provide the same privacy that a user would have on a wired network. WEP is based on the RC4 symmetric encryption standard and uses either 64-bit or 128-bit key. However, the keys are not really this many bits because a 24-bit Initialization Vector (IV) is used to provide randomness. So the “real key” is actually 40 or 104 bits long. There are two ways to implement the key. First, the default key method shares a set of up to four default keys with all the wireless access points (WAPs). Second is the key mapping method, which sets up a key-mapping relationship for each wireless station with another individual station. Although slightly more secure, this method is more work. Consequently, most WLANs use a single shared key on all stations, which makes it easier for a hacker to recover the key. Now, let’s take a closer look at WEP and discuss the way it operates. To better understand the WEP process, you need to understand the basics of Boolean logic. Specifically, you need to understand how XORing works. XORing is just a simple binary comparison between two bytes that produce another byte as a result of the XORing process. When the two bits are compared, XORing looks to see if they are different. If they are different, the resulting output is 1. If the two bits are the same, the result is 0. If you want to learn more about Boolean logic, a good place to start is here: http://en.wikipedia.org/wiki/Boolean_algebra. All this talk about WEP might leave you wondering how exactly RC4 and XORing are used to encrypt wireless communication. To better explain those concepts, let’s look at the seven steps of encrypting a message:
1.
The transmitting and receiving stations are
initialized with the secret key. This secret
key must be distributed using an out-of-band mechanism such as email, posting it
on a website, or giving it to you on a piece
of paper the way many hotels do.
2.
The transmitting station produces a seed,
which is obtained by appending the 40-bit
secret key to the 24-bit Initialization
Vector (IV), for input into a Pseudo
Random Number Generator (PRNG).
3.
The transmitting station inputs the seed to
the WEP PRNG to generate a key stream
of random bytes.
4.
The key stream is XORd with plaintext to
obtain the cipher text.
5.
The transmitting station appends the
cipher text to the IV and sets a bit
indicates that it is a WEP-encrypted
packet. This completes WEP
encapsulation, and the results are
transmitted as a frame of data. WEP only
encrypts the data. The header and trailer
are sent in clear text.
6.
The receiving station checks to see if the
encrypted bit of the frame it received is
set. If so, the receiving station extracts the
IV from the frame and appends the IV
with the secret key.
7.
The receiver generates a key stream that
must match the transmitting station’s key.
This key stream is XORd with the cipher
text to obtain the sent plaintext.
QUESTION 8
DRAG DROP You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller asks order the steps to mitigate a worm attack.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation: Viruses and worms are part of a larger category of malicious code or malware. Viruses and worms are programs that can cause a wide range of damage from displaying messages to making programs work erratically or even destroying data or hard drives. Viruses accomplish their designed task by placing self-replicating code in other programs. When these programs execute, they replicate again and infect even more programs. Closely related to viruses and worms is spyware. Spyware is considered another type of malicious software. In many ways, spyware is similar to a Trojan, as most users don’t know that the program has been installed and it hides itself in an obscure location. Spyware steals information from the user and also eats up bandwidth. If that’s not enough, it can also redirect your web traffic and flood you with annoying pop-ups.
Many users view spyware as another type of virus.
The following are the recommended steps for worm attack mitigation:
1.
Containment: Contain the spread of the worm inside your network and within your network. Compartmentalize parts of your network that have not been infected.
2.
Inoculation: Start patching all systems and, if possible, scanning for vulnerable systems.
3.
Quarantine : Track down each infected machine inside your network. Disconnect, remove, or block infected machines from the network.
4.
Treatment: Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.
QUESTION 9
Which method of mitigating packet-sniffer attacks is the most effective?
A. implement two-factor authentication
B. deploy a switched Ethernet network infrastructure
C. use software and hardware to detect the use of sniffers
D. deploy network-level cryptography using IPsec, secure services, and secure protocols
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
You cannot talk about VPNs without saying something about IP Security (IPSec). IPSec is a framework of
open standards. It is not bound to any specific encryption or authentication algorithm keying technology.
IPSec acts on the network layer, where it protects and authenticates IP packets between participating
peers such as firewalls, routers, or concentrators. IPSec security provides four major functions:
*
Confidentiality The sender can encrypt the packets before transmitting them across the network. If such a communication is intercepted, it cannot be read by anybody.
*
Data integrity The receiver can verify whether the data was changed while traveling the Internet.
*
Origin authenticationThe receiver can authenticate the source of the packet.
*
Antireplayprotection The receiver can verify that each packet is unique and is not duplicated.
QUESTION 10
What is a reconnaissance attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges.
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny service or access to networks, systems, or services
D. when an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and other access to your networks, systems, or services
E. when an intruder attempts to learn user IDs and passwords that can later be used in identity theft
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of attack prior to launching an attack. This phase is also where the attacker draws on competitive intelligence to learn more about the target. The phase may also involve network scanning either external or internal without authorization. This is a phase that allows the potential attacker to strategize his attack. This may spread over time, as the attacker waits to unearth crucial information. One aspect that gains prominence here is social engineering. A social engineer is a person who usually smooths talk’s people into revealing information such as unlisted phone numbers, passwords or even sensitive information. Other reconnaissance techniques include dumpster diving. Dumpster diving is the process of looking through an organization’s trash for discarded sensitive information. Building user awareness of the precautions they must take in order to protect their information assets is a critical factor in this context.
QUESTION 11
What should be the first step in migrating a network to a secure infrastructure?
A. developing a security policy
B. securing the perimeter
C. implementing antivirus protection
D. securing the DMZ
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The development of a security policy is the first step to a secure infrastructure, without this availability of your network will be compromised.
QUESTION 12
What is a DoS attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny services or access to networks, systems, or services
D. When an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and others access to your networks, systems, or services
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Denial of Service (DoS) is an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer’s network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests cannot get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed and the computer can no longer process legitimate user requests. A “denial-of-service” attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include
*
attempts to “flood” a network, thereby preventing legitimate network traffic
*
attempts to disrupt connections between two machines, thereby preventing access to a service
*
attempts to prevent a particular individual from accessing a service
*
attempts to disrupt service to a specific system or person
QUESTION 13
Which method of mitigation packet-sniffer attacks is most cost effective?
A. authentication
B. switched infrastructure
C. antisniffer tools
D. cryptography
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cryptography: Rendering packet sniffers irrelevant is the most effective method for countering packet sniffers. Cryptography is even more effective than preventing or detecting packet sniffers. If a communication channel is cryptographically secure, the only data a packet sniffer detects is cipher text (a seemingly random string of bits) and not the original message.
QUESTION 14
During which phase of an attack does the attacker attempt to identify targets?
A. penetrate
B. propagate
C. persist
D. probe
E. paralyze
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Probe phase: The attacker identifies vulnerable targets in this phase. The goal of this phase is to find computers that can be subverted. Internet Control Message Protocol (ICMP) ping scans are used to map networks, and application port scans identify operating systems and vulnerable software. Passwords can be obtained through social engineering, a dictionary attack, a brute-force attack, or network sniffing. Incorrect: A – Phase 2 B – Phase 4 C – Phase 3 D – Phase 5
QUESTION 15
What is considered the main administrative vulnerability of Cisco Catalyst switches?
A. SNMP
B. Telnet
C. Poor passwords
D. Poor encryption
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explantion:
By default, a Cisco switch shows the passwords in plaintext for the following settings in the configuration
file: the .enable. password, the username password, the console line and the virtual terminal lines.
Using the same password for both the enable secret and other settings on a switch allows for potential
compromise because the password for certain settings (for example, telnet) may be in plaintext and can be
collected on a network using a network analyzer. Also, setting the same password for the .enable secret.
passwords on multiple switches provides a single point of failure because one compromised switch
endangers other switches.
QUESTION 16
DRAG DROP
Click and drag the four steps to mitigating worm attacks in order from step 1 to steep 4.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation:
Worm attack mitigation requires diligence on the part of system and network administration staff.
Coordination between system administration, network engineering, and security operations personnel is
critical in responding effectively to a worm incident. The following are the recommended steps for worm
attack mitigation:
1.
Containment: Contain the spread of the worm inside your network and within your network. Compartmentalize parts of your network that have not been infected.
2.
Inoculation: Start patching all systems and, if possible, scanning for vulnerable systems.
3.
Quarantine: Track down each infected machine inside your network. Disconnect, remove, or block infected machines from the network.
4.
Treatment: Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.
QUESTION 17
Certkiller .com network administrators have just configured SSH on their target router and have now discovered that an intruder has been using this router to perform a variety of malicious attacks. What have they most likely forgotten to do and which Cisco IOS commands do they need to use to fix this problem on their target router?
A. forgot to reset the encryption keys using the crypto key zeroize rsa Cisco IOS global configuration command
B. forgot to close port 23 and they need to issue the no transport input telnet Cisco IOS global
configuration command
C. forgot to disable vty inbound Telnet sessions and they need to issue the line vty 0 4 and the no transport input telnet Cisco IOS line configuration commands
D. forgot to restrict access to the Telnet service on port 23 using ACLs and they need to issue the access-list 90 deny any log Cisco IOS global configuration command, and the line vty 0 4 and access-class 90 in Cisco IOS line configuration commands
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Telnet and rlogin commands are known as unsecure commands, they transports the data packets on plain text format. If anyone can tries to capture the packets they can easily read. So SSH (Secure Shell) is the most usable Remote Login tool. Which maintains the secure communication. Router(Config)#line vty 0 4 Router(Config-router)transport input telnet | ssh | all May be telnet is enabled so just disable the telnet using no.
QUESTION 18
To verify role-based CLI configurations, which Cisco IOS CLI commands do you need use to verify a view?
A. parser view view-name, then use the ? to verify the available commands
B. enable view view-name, then use the ? to verify the available commands
C. enable view, then use the parser view view-name to verify the available commands
D. show view view-name to verify the available commands
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The Role-Based CLI Access feature allows the network administrator to define “views,” which are a set of operational commands and configuration capabilities that provide selective or partial access to CiscoIOS EXEC and configuration (Config) mode commands. Views restrict user access to CiscoIOS command-line interface (CLI) and configuration information; that is, a view can define what commands are accepted and what configuration information is visible. Thus, network administrators can exercise better control over access to Cisco networking devices. SUMMARY STEPS1. enable view
2.
configure terminal
3.
parser view view-name
4.
secret 5 encrypted-password
5.
commands parser-mode {include | include-exclusive | exclude} [all] [interface interface-name | command]
6.
exit
7.
exit
8.
enable [privilege-level] [view view-name]
9.
show parser view [all]
QUESTION 19
What two tasks should be done before configuring SSH server operations on Cisco routers? (Choose two.)
A. Upgrade routers to run a Cisco IOS Release 12.1(1)P image.
B. Upgrade routers to run a Cisco IOS Release 12.1(3)T image or later with the IPsec feature set.
C. Ensure routers are configured for external ODBC authentication.
D. Ensure routers are configured for local authentication or AAA for username and password authentication.
E. Upgrade routers to run a Cisco IOS Release 11.1(3)T image or later with the IPsec feature set.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
Secure Shell (SSH) is a protocol which provides a secure remote access connection to network devices.
Communication between the client and server is encrypted in both SSH version 1 and SSH version 2.
Implement SSH version 2 when possible because it uses a more enhanced security encryption algorithm.
SSH was introduced into these IOS platforms and images:
1.
SSH Version 1.0 (SSH v1) server was introduced in some IOS platforms and images starting in Cisco IOS Software Release 12.0.5.S.
2.
SSH client was introduced in some IOS platforms and images starting in Cisco IOS Software Release
12.1.3.T.
3.
SSH terminal-line access (also known as reverse-Telnet) was introduced in some IOS platforms and images starting in Cisco IOS Software Release 12.2.2.T.
4.
SSH Version 2.0 (SSH v2) support was introduced in some IOS platforms and images starting in Cisco IOS Software Release 12.1(19)E. Example of SSH Configuration on Cisco Router aaanew-model username cisco password 0 cisco ip domain-name rtp.cisco.com cry key generate rsa ip ssh time-out 60 ip ssh authentication-retries 2 line vty 0 4 transport input SSH
QUESTION 20
In the Cisco SDM Security Audit Wizard screen shown in the figure, which Fix it action should be selected to prevent smurf denial of service attacks?
A. IP Mask Reply is enabled
B. IP Unreachables is enabled
C. IP Directed Broadcast is enabled
D. IP Redirects is enabled
E. IP Proxy ARP is enabled
F. Access class is not set on vty lines
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Directed-Broadcast An IP directed broadcast is a datagram sent to the broadcast address of a subnet that is not directly attached to the sending machine. The directed broadcast is routed through the network as a unicast packet until it arrives at the target subnet, where it is converted into a link-layer broadcast. Because of the nature of the IP addressing architecture, only the last router in the chain, which is connected directly to the target subnet, can conclusively identify a directed broadcast.
*
IP directed broadcasts are used in the extremely common and popular smurf Denial of Service (DoS)
attacks. In a smurf attack, the attacker sends ICMP echo requests from a falsified source address to a
directed broadcast address, causing all the hosts on the target subnet to send replies to the falsified
source. By sending a continuous stream of such requests, the attacker can create a much larger stream of
replies, which can completely inundate the host whoseaddress is being falsified.
*
This service should be disabled on all interfaces when not needed to prevent smurf and DoS attacks.
*
Cisco AutoSecure disables IP directed broadcasts using the no ip directed-broadcast command in
interface configuration mode on each interface.
Reference:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_white_paper09186a00801dbf61.shtml
Cisco 642-552 Interactive Testing Engine is an engine that can be downloaded and installed on your PC.This Cisco 642-552 is not only advanced and equipped with much more features,it is also not internet dependent, once installed.It enables you to see Interconnecting Cisco Networking Devices Part 1 questions and answers in a simulated Cisco 642-552 exam environment. Working with Cisco 642-552 Interactive Testing Engine is like passing an actual Cisco 642-552 exam.
Flydumps presents the highest quality of Cisco 642-551 practice material which helps candidates to pass the Cisco 642-551 exams in the first attempt.The brain dumps are the latest,authenticated by expert and covering each and every aspect of Cisco 642-551 exam.
Exam A
QUESTION 1
What is a set of conditions that, when met, indicates that an intrusion is occurring or has occurred?
A. rules
B. state tables
C. signatures
D. master parameters
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 2
If you choose Add from the Allowed Hosts panel in Cisco IDM, which two fields are available for configuration? (Choose two.)
A. Static Routes
B. Dynamic Routes
C. IP Address
D. Default Route
E. Netmask
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Drag Drop question
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 4
Drag Drop question
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 5
What are the three types of private VLAN ports? (Choose three.)
A. typical
B. isolated
C. nonisolated
D. promiscuous
E. community
F. bridging
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 6
LAB
This is the answer:
pixfirewall(config)#interface eth3 100full
pixfirewall(config)# nameif eth3 protected security 56
pixfirewall(config)# ip address protected 192.168.147.1 255.255.255.0
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 7
When port security is enabled on a Cisco Catalyst switch, what is the default action when the configured maximum of allowed MAC addresses value is exceeded?
A. The port is shut down.
B. The port is enabled and the maximum number automatically increases.
C. The MAC address table is cleared and the new MAC address is entered into the table.
D. The MAC address table is shut down.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 8
What is a description of a promiscuous PVLAN port?
A. It has a complete Layer 2 separation from the other ports within the same PVLAN.
B. It can only communicate with other promiscuous ports.
C. It can communicate with all interfaces within a PVLAN.
D. It cannot communicate with any other ports.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which two protocols does Cisco Secure ACS use for AAA services? (Choose two.)
A. TACACS+
B. Telnet
C. SSH
D. RADIUS
E. SSL
F. SNMP
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which command would be used on the Cisco PIX Security Appliance to show the pool of addresses to be translated?
A. show nat
B. show xlate
C. show global
D. show conn
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What is the default security-level definition setting for the outside interface for the Cisco PIX Security Appliance?
A. 0
B. 100
C. 50
D. 25
Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 12
Which Cisco IOS command enables the AAA access-control commands and functions on the router, and overrides the older TACACS and extended TACACS commands?
A. no aaa authentication login default enable
B. aaa authentication login default local
C. aaa new-model
D. login authentication default
E. no login authentication default
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which communication protocol is used by the administrator workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. HTTPS
D. SSL
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
To which router platform can Turbo ACLs be applied?
A. Cisco 800 Router
B. Cisco 2600 Series Router
C. Cisco 3500
D. Cisco 7200 Router
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which administrative access mode for the Cisco PIX Security Appliance allows you to change the current settings?
A. unprivileged mode
B. privileged mode
C. configuration mode
D. monitor mode
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 16
Which Cisco IDS/IPS feature enables the appliance to aggregate alarms?
A. FireOnce
B. response actions
C. alarm summarization
D. threshold configuration
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which method does a Cisco firewall use for packet filtering?
A. inspection rules
B. ACLs
C. security policies
D. VACLs
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which component within the Cisco Network Admission Control architecture acts as the policy server for evaluating the endpoint security information that is relayed from network devices, and for determining the appropriate access policy to apply?
A. CiscoWorks
B. CiscoWorks VMS
C. Cisco Secure ACS
D. Cisco Trust Agent
E. Cisco Security Agent
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which command is used to reboot the Cisco PIX Security Appliance?
A. reboot
B. restart
C. boot D. reload
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Packet sniffers work by using a network interface card in which mode?
A. inline
B. cut-through
C. promiscuous
D. Ethernet
E. passive
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Cisco 642-551 Questions and Answers Products basically comprise of the simulated Cisco 642-551 exam questions AND their most correct answers,accompanied with a methodical elucidation of the Cisco 642-551 answers and the probable wrong answers.The extent to which Cisco 642-551 Questions and Answers Products cover their Cisco subject is so thorough,that once you are done with a Cisco product, passing the Cisco 642-551 exam in first attempt should be a piece of cake.