Category: CCSP
Flydumps bring you the best Cisco 642-551 exam preparation materials which will make you pass in the first attempt.And we also provide you all Cisco 642-551 exam updates as Microsoft announces a change in its Cisco 642-551 exam syllabus,we inform you about it without delay.
Exam A
QUESTION 1
What is a reconnaissance attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges.
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny service or access to networks, systems, or services
D. when an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and other access to your networks, systems, or services
E. when an intruder attempts to learn user IDs and passwords that can later be used in identity theft
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Attackers and hackers can employ social engineering techniques to pose as legitimate people
seeking out information. A few well structured telephone calls to unsuspecting employees can provide a
significant amount of information Incorrect:
A – Is called ‘Access attacks’
C – Is called ‘Worms, Viruses and Trojan Horses’
D – Is called ‘Denial of Service (DOS) attacks’
E – This is an example of social engineering
QUESTION 2
Which communication protocol is used by the administrator workstation to communicate with the CSA MC?
A. SSH
B. Telnet
C. HTTPS
D. SSL
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Management Center for Cisco Security Agent (CSA MC) uses a Secure Sockets Layer (SSL)-enabled web interface.
QUESTION 3
What should be the first step in migrating a network to a secure infrastructure?
A. developing a security policy
B. securing the perimeter
C. implementing antivirus protection
D. securing the DMZ
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The development of a security policy is the first step to a secure infrastructure, without this availability of your network will be compromised.
QUESTION 4
Select two ways to secure hardware from threats. (Choose two.)
A. The room must have steel walls and doors.
B. The room must be static free.
C. The room must be locked, with only authorized people allowed access.
D. The room should not be accessible via a dropped ceiling, raised floor, window, ductwork, or point of entry other than the secured access point.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Explanation: -Incorrect:
A – Not a required element.
B – Is called ‘Environment Threat mitigation’
QUESTION 5
At which layer of the OSI model does a proxy server work?
A. data link
B. physical
C. application
D. network
E. transport
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
A proxy server is an application
QUESTION 6
Which command on the Cisco PIX Security Appliance is used to write the current running config to the Flash memory startup config?
A. write terminal
B. write config
C. write memory
D. write startup config
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Incorrect: A – Shows running configuration on screen, like show running-configuration B – No such command D – No such command
QUESTION 7
What is a description of a promiscuous PVLAN port?
A. It has a complete Layer 2 separation from the other ports within the same PVLAN.
B. It can only communicate with other promiscuous ports.
C. It can communicate with all interfaces within a PVLAN.
D. It cannot communicate with other ports.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Incorrect:
A – This is called ‘Isolated’
B – This is called ‘Community’
D – No such PVLAN
QUESTION 8
How do you enable a host or a network to remotely access the Cisco IPS/IDS sensor?
A. Configure static routes.
B. Configure dynamic routing.
C. Configure allowed hosts.
D. Configure DHCP.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
The Allowed Hosts option enables you to define which IP addresses are allowed to access the sensor via
its management interface.
QUESTION 9
In which version did NTP begin to support cryptographic authentication?
A. version 5
B. version 4
C. version 3
D. version 2
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
Version 3 or above is required to support Cryptographic authentication mechanism between peers.
QUESTION 10
What must be configured on a network-based Cisco IDS/IPS to allow to monitor traffic?
A. Enable rules.
B. Enable signatures.
C. Disable rules.
D. Disable signatures.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 11
What is a DoS attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate access privileges
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny services or access to networks, systems, or services
D. When an intruder attacks your network in a way that damages or corrupts your computer system, or denies you and others access to your networks, systems, or services
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
These attacks are when malicious software is inserted onto a host in order to damage a system, corrupt a
system, replicate itself, or deny services or access to networks, systems, or services.
Incorrect:
A – Is called ‘Access attacks’
B – Is called ‘Reconnaissance attacks’
C – Is called ‘Worms, Viruses and Trojan Horses’
QUESTION 12
Cisco routers, such as the ISRs, are best suited for deploying which type of IPSec VPN?
A. remote-access VPN
B. overlay VPN
C. WAN-to-WAN VPN
D. site-to-site VPN
E. SSL VPN
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
Site-to-site VPNs can be deployed using a wide variety of Cisco VPN Routers. Cisco VPN routers provide
scalability through optional encryption acceleration. The Cisco VPN router portfolio provides solutions for
small office and home office (SOHO) access through centralsite VPN aggregation. SOHO solutions include
platforms for fast-emerging cable and DSLaccess technologies.
Incorrect:
A – This VPN solution connects telecommuters and mobile users securely and cost-effectively to corporate
network resources from anywhere in the world over any access technology.
QUESTION 13
Which method of mitigation packet-sniffer attacks is most cost effective?
A. authentication
B. switched infrastructure
C. antisniffer tools
D. cryptography
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cryptography: Rendering packet sniffers irrelevant is the most effective method for countering packet sniffers. Cryptography is even more effective than preventing or detecting packet sniffers. If a communication channel is cryptographically secure, the only data a packet sniffer detects is cipher text (a seemingly random string of bits) and not the original message.
QUESTION 14
Which encryption method uses a 56-bit to ensure high-performance encryption?
A. 3DES
B. AES
C. RSA
D. DES
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Incorrect: A – 3DES 3*56bits B – Advanced Encryption Standard C – It was the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography.
QUESTION 15
In which Cisco Catalyst Series switches can the Firewall Service Modules be installed?
A. Catalyst 2900 and 3500 XL Series
B. Catalyst 1900 and 2000 Series
C. Catalyst 4200 and 4500 Series
D. Catalyst 6500 and 7600 Series
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Reference: http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/
QUESTION 16
Which protocol does the Cisco Web VPN solution use?
A. SSH
B. Telnet
C. SSL
D. IPSec
E. XML
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Reference: http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns347/ networking_solutions_sub_solution_home.html
QUESTION 17
During which phase of an attack does the attacker attempt to identify targets?
A. penetrate
B. propagate
C. persist
D. probe
E. paralyze
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Probe phase: The attacker identifies vulnerable targets in this phase. The goal of this phase is to find computers that can be subverted. Internet Control Message Protocol (ICMP) ping scans are used to map networks, and application port scans identify operating systems and vulnerable software. Passwords can be obtained through social engineering, a dictionary attack, a brute-force attack, or network sniffing. Incorrect: A – Phase 2 B – Phase 4 C – Phase 3 D – Phase 5
QUESTION 18
What are the three types of private VLAN ports? (Choose three.)
A. typical
B. isolated
C. nonisolated
D. promiscuous
E. community
F. bridging
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
Explanation:
There are three types of PVLAN ports:
Promiscuous: A promiscuous port can communicate with all interfaces, including the isolated and
community ports within a PVLAN.
Isolated: An isolated port has complete Layer 2 separation from the other ports within the same PVLAN,
but not from the promiscuous ports. PVLANs block all traffic to isolated ports except traffic from
promiscuous ports. Traffic from isolated port is forwarded only to promiscuous ports. Community:
Community ports communicate among themselves and with their promiscuous ports. These interfaces are
separated at Layer 2 from all other interfaces in other communities or isolated ports within their PVLAN.
QUESTION 19
What is considered the main administrative vulnerability of Cisco Catalyst switches?
A. SNMP
B. Telnet
C. Poor passwords
D. Poor encryption
Correct Answer: C Section: (none) Explanation Explanation/Reference:
Explantion:
By default, a Cisco switch shows the passwords in plaintext for the following settings in the configuration
file: the .enable. password, the username password, the console line and the virtual terminal lines.
Using the same password for both the enable secret and other settings on a switch allows forpotential
compromise because the password for certain settings (for example, telnet) may be in plaintext and can be
collected on a network using a network analyzer. Also, setting the same password for the .enable secret.
passwords on multiple switches provides a single point of failure because one compromised switch
endangers other switches.
QUESTION 20
Click and drag the four steps to mitigating worm attacks in order from step 1 to steep 4.
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation:
Worm attack mitigation requires diligence on the part of system and network administration staff. Coordination between system administration, network engineering, and security operations personnel is critical in responding effectively to a worm incident. The following are the recommended steps for worm attack mitigation:
1.
Containment: Contain the spread of the worm inside your network and within your network. Compartmentalize parts of your network that have not been infected.
2.
Inoculation: Start patching all systems and, if possible, scanning for vulnerable systems.
3.
Quarantine: Track down each infected machine inside your network. Disconnect, remove, or block
infected machines from the network.
4.
Treatment: Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.
Flydumps is ready to provide Cisco 642-551 candidates with Cisco 642-551 training materials which can be very much helpful for getting Cisco 642-551 certification, which means that candidates.Cisco 642-551 can easily get access to the services of Cisco 642-551 for practice exam, which will assure them 100% Cisco 642-511 success rate.Though Cisco642-551 tests are not easy at all, but they do not make Cisco 642-551 things complicated.
100% Valid And Newest–Do not worry about your Cisco 642-513 exam! Just try Flydumps the latest Cisco 642-513 exam dumps.The latest new version with all the official new added Cisco 642-513 questions and answers.High pass rate and money back
Exam A
QUESTION 1
Which of these is a reason for using groups to administer Agents?
A. to link similar devices together
B. to complete configuration changes on groups instead of hosts
C. to complete the same configuration on like items
D. to apply the same policy to hosts with similar security requirements
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Which three items make up rules? (Choose three.)
A. variables
B. applications
C. application classes
D. rule modules
E. policies
F. actions
Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which action do you take when you are ready to deploy your CSA configuration to systems?
A. select
B. clone
C. deploy
D. generate rules
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Which one of the five phases of an attack attempts to become resident on a target?
A. probe phase
B. penetrate phase
C. persist phase
D. propagate phase
E. paralyze phase
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 5
What is the purpose of the Audit Trail function?
A. to generate a report listing events matching certain criteria, sorted by event severity
B. to generate a report listing events matching certain criteria, sorted by group
C. to generate a report showing detailed information for selected groups
D. to display a detailed history of configuration changes
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In which type of rules are network address sets used?
A. COM component access control rules
B. connection rate limit rules
C. network access control rules
D. file control rules
E. file access control rules
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which three of these does the buffer overflow rule detect on a UNIX operating system, based on the type of memory space involved? (Choose three.)
A. location space
B. stack space
C. slot space
D. data space
E. heap space
F. file space
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
When should you use preconfigured application classes for application deployment investigation?
A. never
B. always
C. only for specific applications
D. only when applications require detailed analysis
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Drag Drop question
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 10
Which systems with specific operating systems are automatically placed into mandatory groups containing rules for that operating system? (Choose three.)
A. OS2
B. HPUX
C. Solaris
D. Mac OS
E. Linux
F. Windows
Correct Answer: CEF Section: (none) Explanation Explanation/Reference:
We provide Cisco 642-513 help and information on a wide range of issues.Cisco 642-513 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-513 free to send us any questions and we always try our best to keeping our Customers Satisfied.
Flydumps offers the first-hand Cisco 642-513 exam real questions and answers, by train the latest Cisco 642-513 PDF and VCE dumps, you will well prepare for the Cisco 642-513 exam. Visit Flydumps.com to get free new version for training.
Exam A
QUESTION 1
Certkiller chose the Cisco CSA product to protect the network against the newest attacks. Cisco Security Agent provides Day Zero attack prevention by using which of these methods?
A. Using signatures to enforce security policies
B. Using API control to enforce security policies
C. Using stateful packet filtering to enforce security policies
D. Using algorithms that compare application calls for system resources to the security policies
E. None of the above
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Because Cisco Security Agent analyzes behavior rather than relying on signature matching, it never needs updating to stop a new attack. This zero-update architecture provides protection with reduced operational costs and can identify so-called “Day Zero” threats.” At a high level, Cisco(r) Security Agent is straightforward. It intercepts system calls between applications and the operating system, correlates them, compares the correlated system calls against a set of behavioral rules, and then makes an “allow” or”deny” decision based on the results of its comparison. This process is called INCORE, which stands for intercept, correlate, rules engine. Reference: http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_white_paper0900aecd8020f448.shtml
QUESTION 2
Certkiller has implemented the CSA product to provide security for all of their devices. For which layers of the OSI reference model does CSA enforce security?
A. Layer 1 through Layer 4
B. Layer 1 through Layer 7
C. Layer 2 through Layer 4
D. Layer 3 through Layer 7
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco Security Agent provides threat protection for server and desktop computing systems, also known as endpoints. It helps to reduce operational costs by identifying, preventing, and eliminating known and unknown security threats. The Cisco Security Agent consolidates endpoint security functions in a single agent, providing:
1.
Host intrusion prevention
2.
Spyware/adware protection
3.
Protection against buffer overflow attacks
4.
Distributed firewall capabilities
5.
Malicious mobile code protection
6.
Operating-system integrity assurance
7.
Application inventory
8.
Audit log-consolidation
This provides security for endpoints at the network layer (layer 3) through the application layer (layer 7).
QUESTION 3
The CSA architecture model is made up of three major components. Which three are they? (Choose three)
A. Cisco Trust Agent
B. Cisco Security Agent
C. Cisco Security Agent Management Center
D. Cisco Intrusion Prevention System
E. An administrative workstation
F. A syslog server
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
Explanation: The CSA MC architecture model consists of a central management center which maintains a database of policies and system nodes, all of which have Cisco Security Agent software installed on their desktops and servers. The agents themselves, and an administrative workstations, combined with the Management Center, comprise the three aspects of the CSA architecture. Agents register with CSA MC. CSA MC checks its configuration database for a record of the system. When the system is found and authenticated, CSA MC deploys a configured policy for that particular system or grouping of systems.
Preparing Cisco 642-513 exam is not difficult now.You can prepare from Cisco 642-513 Certification or Cisco 642-513 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-513 study material notes for test preparation.Latest Cisco 642-513 study material available.
Important Info — Cisco 642-502 new study guide are designed to help you pass the exam in a short time.Everything you need can be found in the new version Cisco 642-502 exam dumps.Visit Flydumps.com to get more valid information.
Exam A
QUESTION 1
What are the two functions that crypto ACLs perform on outbound traffic? Choose two.
A. bypasses outbound traffic that should be protected by IPSec
B. selects inbound traffic that should be protected by IPSec
C. selects outbound traffic that should be protected by IPSec
D. sends outbound traffic that should not be protected by IPSec as clear text
E. discards outbound traffic that should not be protected by IPSec
F. discards outbound traffic that requires protection by IPSec
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Refer to the exhibit. An administrator cannot telnet to the router. The administrator is not prompted for a username or password and cannot ping the router. After reviewing the output of a show running-config command, what do you determine?
A. AAA is not enabled.
B. Everything is configured correctly (the problem must be caused by something else).
C. An access control list is blocking traffic.
D. The wrong passwords are being used.
E. The TACACS server must be unreachable.
F. The wrong authentication method is applied to lines.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 3
Which three thresholds does CBAC on the Cisco IOS Firewall provide against DoS attacks? Choose three.
A. number of half-open sessions based upon time
B. total number of half-open TCP or UDP sessions
C. number of fully open sessions based upon time
D. number of half-open TCP-only sessions per host
E. total number of fully open TCP or UDP sessions
F. number of fully open TCP-only sessions per host
Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Refer to the LAN Wizard screen in the exhibit. How many bits would you input to configure this host for a subnet consisting of two hosts on subnet 172.26.26.0?
A. 3
B. 4
C. 24
D. 30
E. 128
F. 255
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Refer to the Cisco Router and Security Device Manager page in the exhibit.
What would be the result of clicking the “Launch the selected task” button in the VPN configuration screen?
A. to start the GRE site-to-site VPN connection configuration
B. to edit the site-to-site VPN connection
C. to start the security audit
D. to start the Easy VPN Server configuration
E. to start the default site-to-site VPN connection configuration
F. to start the Easy VPN Remote configuration
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Where are access profiles stored with the authentication proxy features of the Cisco IOS Firewall?
A. PIX Firewall
B. Cisco router
C. Cisco VPN Concentrator
D. Cisco Secure ACS authentication server
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Choose the correct command to allow IKE to establish the IPSec security associations.
A. crypto map 10 isakmp
B. crypto map 10 manual
C. crypto map MYMAP ipsec-isakmp
D. crypto map MYMAP ipsec-manual
E. crypto map MYMAP 10 ipsec-isakmp
F. crypto map MYMAP 10 ipsec-manual
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Choose the correct command to generate two RSA key pairs for use with certificate authority.
A. key generate rsa general-keys
B. key generate rsa usage-keys
C. crypto key generate rsa general-keys
D. crypto key generate rsa usage-keys
E. enable crypto key generate rsa general-keys
F. enable crypto key generate rsa usage-keys
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which command is required to specify the authorization protocol for authentication proxy?
A. auth-proxy group tacacs+
B. aaa auth-proxy default group tacacs+
C. authorization auth-proxy default group tacacs+
D. aaa authorization auth-proxy default group tacacs+
E. aaa authorization auth-proxy group tacacs+
F. aaa authorization auth-proxy default group
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which Cisco Catalyst IOS command can be used to mitigate a CAM table overflow attack?
A. switch(config-if)# port-security maximum 1
B. switch(config)# switchport port-security
C. switch(config-if)# port-security
D. switch(config-if)# switchport port-security maximum 1
E. switch(config-if)# switchport access
F. switch(config-if)# access maximum 1
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 11
An authentication attempt to a Cisco Secure ACS for Windows server failed, yet no log entries are in the reports. What are two possible causes of this problem? (Choose two.)
A. user is not defined
B. user belongs to the wrong group
C. CSAUTH service is down on the Cisco Secure ACS server
D. password has expired
E. user entered an incorrect password
F. communication path between the NAS and Cisco Secure ACS server is down
Correct Answer: CF Section: (none) Explanation
Explanation/Reference:
QUESTION 12
What are three main components of the Cisco IOS Firewall feature set? (Choose three.)
A. Context-based Access Control
B. port security
C. authentication proxy
D. authentication, authorization, and accounting
E. Intrusion Prevention System
F. neighbor router authentication
Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 13
The SDF uses which type of file format, with a definition of each signature along with relevant configurable actions?
A. ASCII
B. HTML
C. JPEG
D. Word
E. text
F. XML
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Which two are typical Layer 2 attacks? (Choose two.)
A. MAC spoofing
B. CAM table overflow
C. route poisoning
D. DHCP Starvation
E. ARP Starvation
F. spam
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 15
What kind of signatures trigger on a single packet? (Choose one.)
A. regenerative
B. cyclical
C. atomic
D. dynamic
E. compound
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 16
What does authentication proxy on the Cisco IOS Firewall do?
A. creates specific authorization policies for each user with Cisco Secure ACS, dynamic, per-user security and authorization
B. provides additional visibility at intranet, extranet, and Internet perimeters
C. creates specific security policies for each user with Cisco Secure ACS, dynamic, per-user authentication and authorization
D. provides secure, per-application access control across network perimeters
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Select the two protocols used to provide secure communications between SDM and the target router. (Choose two.)
A. HTTPS
B. RCP
C. Telnet
D. SSH
E. HTTP
F. AES
Correct Answer: AD Section: (none) Explanation Explanation/Reference:
QUESTION 18
Which one of the following actions is used to send SDM generated commands to the target router?
A. Refresh
B. Save
C. Deliver
D. Download
E. Copy-config
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Select the maximum number of routers SDM can manage simultaneously?
A. 1
B. 5
C. 50
D. 100
E. 1000
F. determined by router model
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Drag Drop question A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 21
The Cisco Identity-Based Networking Services (IBNS) solution is based on which two standard implementations? (Choose two.)
A. TACACS+
B. RADIUS
C. 802.11
D. 802.1x
E. 802.1q
F. IPSec
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Which module is audited first when packets enter an IOS Firewall IDS and match a specific audit rule?
A. TCP
B. ICMP
C. IP
D. application level
E. UDP
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 23
How does the user trigger the authentication proxy after the idle timer expires?
A. authenticates the user
B. initiates another HTTP session
C. enters a new username and password
D. enters a valid username and password
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 24
Refer to the exhibit. Given the output of the show crypto ipsec sa command, which encryption algorithm is being used?
A. PCP
B. ESP
C. DES
D. 3DES
E. AH
F. HMAC
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Which Cisco Catalyst IOS command is used to mitigate a MAC spoofing attack?
A. switch(config-if)# port-security mac-address 0000.ffff.aaaa
B. switch(config)# switchport port-security mac-address 0000.ffff.aaaa
C. switch(config-if)# switchport port-security mac-address 0000.ffff.aaaa
D. switch(config)# port-security mac-address 0000.ffff.aaaa
E. switch(config-if)# mac-address 0000.ffff.aaaa
F. switch(config)# security mac-address 0000.ffff.aaaa
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 26
Which three keywords are used with the dot1x port-control command? (Choose three.)
A. enable
B. force-authorized
C. force-unauthorized
D. authorized
E. unauthorized
F. auto
Correct Answer: BCF Section: (none) Explanation
Explanation/Reference:
QUESTION 27
Refer to the exhibit. After reviewing the running-config file, what do you determine?
A. No one will be able to log in.
B. No one will be able to console in.
C. The wrong authentication method is applied to lines.
D. Users will use the local database to log in to console.
E. Users will use the password cisco to log in to console.
F. Users will use the local database to log in to vty.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 28
Which one of the following actions is used to prevent newly configured SDM commands from being sent to a target router?
A. Delete
B. Remove
C. Undo
D. Clear-commands
E. Refresh
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Choose the correct command that will load the SDF into a router and merge the new signatures with those that are already loaded in the router.
A. copy flash ips-sdf
B. copy url ips-sdf
C. copy ips-sdf url
D. write flash ips-sdf
E. write ips-sdf url
F. write url ips-sdf
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Choose the correct command to disable signature 1000 in the SDF file.
A. 1000 disable
B. no ip ips signature 1000
C. no ip ips signature 1000 enable
D. ip ips signature 1000 disable
E. ip signature 1000 disable
F. signature 1000 disable
Correct Answer: D Section: (none) Explanation Explanation/Reference:
QUESTION 31
What is the minimum IOS release that supports SDM?
A. 11.2
B. 12.0
C. 12.1
D. 12.2
E. 6.1
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 32
Choose the correct global command that will specify the TACACS server.
A. host 10.1.1.4
B. server 10.1.1.4
C. tacacs-server host 10.1.1.4
D. tacacs-server 10.1.1.4
E. tacacs-host host 10.1.1.4
F. server-tacacs host 10.1.1.4
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 33
What defines the standard certificate format?
A. CEP
B. CRLv2
C. ISAKMP
D. X.509v3
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 34
Which four files are required for basic HTTP connectivity to SDM? (Choose four.)
A. home.html
B. home.tar
C. home.cfg
D. sdm.tar
E. sdm.html
F. sdmconfig-xxxx.cfg
Correct Answer: ABDF Section: (none) Explanation
Explanation/Reference:
QUESTION 35
Choose the two types of signature implementations that the IOS Firewall IDS can detect. (Choose two.)
A. atomic
B. dynamic
C. regenerative
D. cyclical
E. compound
F. complex
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
Cisco 642-502 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of Cisco 642-502 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification