Cisco 642-542 Certification, Offer Cisco 642-542 Study Guide Book With New Discount

Welcome to download the newest Examwind 070-462 dumps:

Flydumps Online services are available whenever needed. To all candidates buy the Cisco 642-542 exam sample questions, we provide track service, when you buy the practice exam within one year. We offer free update service for one year. If in this period, if the Cisco 642-542 exam sample questions will changed, we will send the latest version to your email in time. Flydumps Cisco 642-542 exam sample questions along with latest test covers all the latest aspects and contents of your Cisco 642-542 exam. Flydumps provide Cisco 642-542 exam sample questions in PDF-version, which is convenient for you to read all Cisco 642-542 questions and answers anywhere. In addition, we also have Cisco 642-542 exam testing engine for you. Flydumps bring you all the resources necessary for maximum success in the Cisco 642-542 exam, designed by valued IT professionals and specialists.

QUESTION 61
What is an assumption of SAFE SMR?
A. implementing SAFE SMR guarantees a secure environment
B. the security policy is already in place
C. network contains only Cisco devices
D. SAFE SMR does not assume application and OS security

Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 62
In which module does the firewall exist in the SAFE SMR small network design?
A. Internet
B. campus
C. corporate Internet
D. edge

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 63
What IKE proposal should be chosen on the VPN Concentrator for the Unity Client?
A. any proposal that ends with DH7
B. any IKE proposal, except the IKE proposal that ends with DH7
C. any proposal that starts with Cisco VPN Client
D. any proposal that starts with DH7

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 64
What size network is best suited for the Cisco PIX Firewall 525 or 535?
A. small office or home office
B. small business or branch cffice
C. midsize enterprise
D. large enterprise or service provider

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 65
drag drop A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which are key devices in the SAFE SMR remote user network? Choose two.
A. firewall with VPN support
B. Layer 2 switch
C. broadband access device
D. NIDS
E. Layer 3 switch

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 67
What are two characteristics of a packet sniffer designed for attack purposes? Choose two.
A. captures first 300 to 400 bytes
B. typically captures login sessions
C. captures the last 300 to 400 bytes
D. deciphers encrypted passwords E. unable to capture UDP packets

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 68
When allowing syslog access from devices outside a firewall, what filtering at the perimeter router should you implement?
A. no filtering should be implemented since it will block the syslog traffic
B. RFC 1918
C. RFC 2827
D. RFC 1281
E. RFC 1642

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 69
According to SAFE guidelines for implementing VPN IPSec, which of these statements are true? (Select two.)
A. Wildcard preshared keys should be used for site-to-site device authentication.
B. Digital certificates are not tied to IP addresses but to unique, signed information on the device that is validated by the CA.
C. Unique preshared keys are recommended between two devices and can scale in a large network.
D. Digital certificates provide nonrepudiation but no public/private key pair aging.
E. Digital certificates scale better but require additional administrative resources to deploy and manage.

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 70
How many modules exist in the SAFE Enterprise Network Campus?
A. 3
B. 4
C. 5
D. 6

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 71
Which vulnerability is not expected in a network design comprised of multiple security zones, multiple user groups, and a single physical switch?
A. MAC spoofing
B. CAM table overflow
C. VTP attacks
D. VLAN hopping
E. private VLAN attacks

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 72
Which is a design alternative in the SAFE Enterprise network design server module?
A. proper aggregation and analysis of the Syslog information
B. connection state enforcement and detailed filtering
C. combine server module with the core module
D. a separate router can be used between the server and edge distribution module rather than the layer 3 switch

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 73
Wired Equivalent Privacy (WEP) operates at what layer of the OSI model?
A. physical
B. network
C. transport
D. data link

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 74
How many attacks should the NIDS appliance detect in the SAFE SMR midsize network design midsize network campus module?
A. very few
B. a moderate amount, depending on access through the Internet module
C. a large amount, due to outside placement of the Internet firewall
D. a large amount, due to outside placement of the edge router
Correct Answer: A Section: (none) Explanation

Explanation/Reference:
QUESTION 75
How many options exist for remote user connectivity in the SAFE SMR remote user network?
A. 1
B. 2
C. 3
D. 4
E. 5

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 76
How many modules exist in the SAFE SMR midsize network design?
A. 1
B. 2
C. 3
D. 4
E. 5

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 77
What method helps mitigate the threat of IP spoofing?
A. access control
B. logging
C. SNMP polling
D. Layer 2 switching

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 78
In the SAFE SMR midsize network design, which module does dial-in traffic terminate?
A. campus module
B. WAN module
C. ISP edge module
D. corporate Internet module
E. PSTN module
F. frame/ATM module

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 79
What type of authentication does the Cisco 3000 Series Concentrator use?
A. RADIUS
B. TACACS+
C. CHAP
D. PAP

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 80
Which is a key server found in SAFE Enterprise network design edge corporate internet module?
A. database server
B. application server
C. URL filtering server
D. proxy server

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 81
The ip verify reverse-path command implements which of the following on the PIX Firewall? Choose two.
A. performs a route lookup based on the source address
B. performs a route lookup based on the destination address
C. provides session state information based on source address
D. provides session state information based on destination address
E. provides ingress filtering

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 82
What is the purpose of BGP TTL Security Hash (BTSH)?
A. encrypts private network data when it is being passed through a public network
B. prevents attacker from creating a routing black hole
C. helps to prevent information overload from causing a network to melt
D. prevents attackers from disrupting peering sessions between routers
E. reduces the change rate in the Internet’s routing tables

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 83
drag drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 84
How many options exist for remote user connectivity in the SAFE SMR remote user network?
A. 1
B. 2
C. 3
D. 4
E. 5

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 85
drag drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 86
What service is provided by CSA Profiler?
A. Profiler analyzes applications to help in generating useful policies.
B. Profiler monitors and logs security events that occur on CSA protected hosts.
C. Profiler provides a COM component utility that installs with each CSA.
D. Profiler configures agent kits that are deployed on CSA protected hosts.

Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 87
What is the primary function of the firewall in the SAFE SMR midsize network design corporate Internet module?
A. provide connectivity to the Internet or ISP network
B. provide connectivity to the campus module
C. provide connectivity to the WAN module
D. provide connectivity to the LAN module
E. provide the demarcation point between the ISP and the midsize network
F. provide connection state enforcement and detailed filtering for sessions initiated through the firewall

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 88
drag drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation Explanation/Reference:
QUESTION 89
Which command implements Unicast RPF IP spoofing protection?
A. access-list
B. access-group
C. ip verify reverse-path interface
D. tcp verify reverse-path interface
E. udp verify reverse-path interface

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Which vulnerability is not expected in a network design comprised of multiple security zones, multiple user groups, and a single physical switch?
A. MAC spoofing
B. CAM table overflow
C. VTP attacks
D. VLAN hopping
E. private VLAN attacks

Correct Answer: C Section: (none) Explanation
Explanation/Reference

As with every FLYDUMPS guaranteed Cisco 642-542 exam sample questions, you will have the knowledge of Microsoft 70-346 exam personal trainers at your hands. Cisco 642-542 exam preparation offers you a comprehensive Cisco 642-542 exam sample questions to help you become Cisco 642-542 certified professional. FLYDUMPS provide you with every one of the means you actually required to increase the achievement of your Cisco 642-542 exam, Motorola Solutions Cisco 642-542 practice exam, created to install it by the industry experts.

Welcome to download the newest Examwind 070-462 dumps: http://www.examwind.com/070-462.html

IBM COG-180 Real Exam Questions And Answers, Discount IBM COG-180 Practice Exam Is Your Best Choice