Cisco 642-825 Exam Dumps, Useful Cisco 642-825 Questions Will Be More Popular

Welcome to download the newest Flydumps 300-207 VCE dumps: http://www.flydumps.com/300-207.html

Cisco 642-825 exams are taken in computer networking. Android puts its own exam item into the system of Parametric Test Company, and then the testing system of that company makes different pieces of examination paper for registered examinees. The existing knowledge updates very quickly, so Cisco 642-825 exam sample questions updates constantly as the update of its products. You know that certification exams can not increase your work experience. In addition, Cisco 642-825 mainly concerns with technical skills. Our FLYDUMPS Cisco 642-825 exam sample questions are constantly being updated. You can check the quality of our practice test updates by visiting our latest news page or signing up to our newsletter for recent updates and New Releases to our practice exams.

QUESTION 110
Refer to the exhibit. Which two statements about the SDF Locations window of the IPS Rule wizard are true? (Choose two.)

A. An HTTP SDF file location can be specified by clicking the Add button.
B. If all specified SDF locations fail to load, the signature file that is named default.sdf will be loaded.
C. The Autosave feature automatically saves the SDF alarms if the router crashes.
D. The Autosave feature is automatically enabled for the default built-in signature file.
E. The name of the built-in signature file is default.sdf.
F. The Use Built-In Signatures (as backup) check box is selected by default.

Correct Answer: AF Section: (none) Explanation
Explanation/Reference:
QUESTION 111
Refer to the exhibit. Assume that a signature can identify an IP address as the source of an attack. Which action would automatically create an ACL that denies all traffic from an attacking IP address?

A. alarm
B. drop
C. reset
D. denyFlowInline
E. denyAttackerInline
F. deny-connection-inline

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 112
What technology must be enabled as a prerequisite to running MPLS on a Cisco router?
A. process switching
B. routing-table driven switching
C. cache driven switching
D. CEF switching
E. fast switching

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 113
Refer to the exhibit.
Router RTA is unable to establish an ADSL connection with its provider. What action can be taken to correct this problem?

A. On the Dialer0 interface, add the pppoe enable command.
B. On the Dialer0 interface, change the MTU value to 1500 by using the ip mtu 1500 command.
C. On the Dialer0 interface, change the pool number to 0 by using the dialer pool 0 command.
D. On the Dialer0 interface, enter the ip address negotiated command.
E. On the Ethernet 0/1 interface, change the pool number to 0 by using the pppoe-client dial-pool-number 0 command.
F. On the Ethernet 0/1 interface, enter the ip address negotiated command.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 114
Refer to the exhibit. On the basis of the information that is provided, which statement is true?

A. The IOS firewall has allowed an HTTP session between two devices.
B. A TCP session that started between 192.168.1.116 and 192.168.101.115 caused dynamic ACL entries to be created.
C. A UDP session that started between 192.168.1.116 and 192.168.101.115 caused dynamic ACL entries to be created.
D. Telnet is the only protocol allowed through this IOS firewall configuration.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 115
Refer to the exhibit.
Which network threat would the configuration in the exhibit mitigate?

A. DoS ping attacks
B. DoS TCP SYN attack
C. IP address spoofing attack – inbound
D. IP address spoofing attack – outbound
E. SNMP service filtering attack

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 116
Refer to the exhibit. Router RTA is unable to establish an ADSL connection with its provider. Which action would correct this problem?

A. On the Dialer0 interface, add the pppoe enable command.
B. On the Dialer0 interface, add the ip mtu 1496 command.
C. On the ATM0/0 interface, add the dialer pool-member 0 command.
D. On the ATM0/0 interface, add the dialer pool-member 1 command.
E. On the ATM0/0 interface, add the pppoe-client dial-pool-number 0 command.
F. On the ATM0/0 interface, add the pppoe-client dial-pool-number 1 command.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 117
Refer to the exhibit, which shows a PPPoA diagram and partial SOHO77 configuration. Which command needs to be applied to the SOHO77 to complete the configuration?

A. encapsulation aal5snap applied to the PVC.
B. encapsulation aal5ciscoppp applied to the PVC
C. encapsulation aal5ciscoppp applied to the ATM0 interface
D. encapsulation aal5mux ppp dialer applied to the ATM0 interface
E. encapsulation aal5mux ppp dialer applied to the PVC

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 118
Which two statements are true about signatures in a Cisco IOS IPS? (Choose two.)
A. The action of a signature can be enabled on a per-TCP-session basis.
B. Common signatures are hard-coded into the IOS image.
C. IOS IPS signatures are propagated with the SDEE protocol.
D. IOS IPS signatures are stored in the startup config of the router.
E. Selection of an SDF file should be based on the amount of RAM memory available on the router.

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 119
Refer to the exhibit. MPLS has been configured on all routers in the domain. In order for R2 and R3 to forward frames between them with label headers, what additional configuration will be required on devices that are attached to the LAN segment?

A. Decrease the maximum MTU requirements on all router interfaces that are attached to the LAN segment.
B. Increase the maximum MTU requirements on all router interfaces that are attached to the LAN segment.
C. No additional configuration is required. Interface MTU size will be automatically adjusted to accommodate the larger size frames.
D. No additional configuration is required. Frames with larger MTU size will be automatically fragmented and forwarded on all LAN segments.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 120
Refer to the exhibit. What information can be derived from the SDM firewall configuration that is shown?

A. Access-list 100 was configured for the trusted interface, and access-list 101 was configured for the untrusted interface.
B. Access-list 101 was configured for the trusted interface, and access-list 100 was configured for the untrusted interface.
C. Access-list 100 was configured for the inbound direction, and access-list 101 was configured for the outbound direction on the trusted interface.
D. Access-list 100 was configured for the inbound direction, and access-list 101 was configured for the outbound direction on the untrusted interface.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 121
Which two statements are true about broadband cable (HFC) systems? (Choose two.)
A. Cable modems only operate at Layer 1 of the OSI model.
B. Cable modems operate at Layers 1 and 2 of the OSI model.
C. Cable modems operate at Layers 1, 2, and 3 of the OSI model.
D. A function of the cable modem termination system (CMTS) is to convert the modulated signal from the cable modem into a digital signal.
E. A function of the cable modem termination system is to convert the digital data stream from the end user host into a modulated RF signal for transmission onto the cable system.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 122
Refer to the exhibit. What type of security solution will be provided for the inside network?
A. The ACL will block all ICMP echo requests coming from an external host.
B. The ACL will prevent router R1 from forwarding broadcast traffic to the inside LAN network.
C. The ACL will filter all packets whose TCP headers have the SYN flag set.
D. The ACL will allow TCP connections into the inside network, but will reset the connections in case of a TCP SYN attack.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 123
Which two network attack statements are true? (Choose two.)
A. Access attacks can consist of password attacks, trust exploitation, port redirection, and man-in-the-middle attacks.
B. Access attacks can consist of UDP and TCP SYN flooding, ICMP echo-request floods, and ICMP directed broadcasts.
C. DoS attacks can be reduced through the use of access control configuration, encryption, and RFC 2827 filtering.
D. DoS attacks can consist of IP spoofing and DDoS attacks.
E. IP spoofing can be reduced through the use of policy-based routing.
F. IP spoofing exploits known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 124
Which two statements about the AutoSecure feature are true? (Choose two.)
A. AutoSecure automatically disables the CDP feature.
B. If you enable AutoSecure, the minimum length of the login and enable passwords is set to 6 characters.
C. The auto secure full command automatically configures the management and forwarding planes without any user interaction.
D. To enable AutoSecure, the auto secure global configuration command must be used.
E. Once AutoSecure has been configured, the user can launch the SDM Web interface to perform a security audit.

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 125
What two proactive preventive actions are taken by an intrusion prevention system (IPS) when malicious traffic is detected? (Choose two.)
A. The IPS shuts down intermediary ports.
B. The IPS invokes SNMP-enabled controls.
C. The IPS sends an alert to the management station.
D. The IPS enables a dynamic access list.
E. The IPS denies malicious traffic.

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 126
Which three MPLS statements are true? (Choose three.)
A. Cisco Express Forwarding (CEF) must be enabled as a prerequisite to running MPLS on a Cisco router.
B. Frame-mode MPLS inserts a 32-bit label between the Layer 3 and Layer 4 headers.
C. MPLS is designed for use with frame-based Layer 2 encapsulation protocols such as Frame Relay, but is not supported by ATM because of ATM fixed-length cells.
D. OSPF, EIGRP, IS-IS, RIP, and BGP can be used in the control plane.
E. The control plane is responsible for forwarding packets.
F. The two major components of MPLS include the control plane and the data plane.

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 127
Refer to the exhibit. Which description is true about the two-interface Cisco IOS firewall configuration?
A. blocks all incoming traffic except ICMP unreachable ‘packet-too-big’ messages that support MTU Path Discovery
B. permits all TCP, UDP, and ICMP traffic when the three types of traffic are initiated from outside the network
C. inspects the inbound packets on the fa0/0 interface and automatically allows the corresponding return traffic
D. blocks all ICMP unreachable ‘packet-too-big’ messages from reaching the inside network
E. inspects all TCP, UDP, and ICMP traffic when the three types of traffic are initiated from outside the network

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 128
Which three statements are correct about MPLS-based VPNs? (Choose three.)
A. Route Targets (RTs) are attributes attached to a VPNv4 BGP route to indicate its VPN membership.
B. Scalability becomes challenging for a very large, fully meshed deployment.
C. Authentication is done using a digital certificate or pre-shared key.
D. A VPN client is required for client-initiated deployments.
E. A VPN client is not required for users to interact with the network.
F. An MPLS-based VPN is highly scalable because no site-to-site peering is required.

Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 129
Refer to the exhibit. Which statement about the authentication process is true?
A. The LIST1 list will disable authentication on the console port.
B. Because no method list is specified, the LIST1 list will not authenticate anyone on the console port.
C. All login requests will be authenticated using the group tacacs+ method.
D. All login requests will be authenticated using the local database method.
E. The default login authentication will automatically be applied to all login connections.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 130
Refer to the exhibit. Which statement is true about the authentication process?
A. A user attempted to log in to the router via the tty51 port and tried to access the user mode (privilege level 1) using the default list for authentication against the local user database. The user’s access was permitted.
B. A user attempted to log in to the router via the tty51 port and tried to access the user mode (privilege level 1) using the default list for authentication against the local user database. The user’s access was denied.
C. A user attempted to log in to the router via the tty51 port and tried to access the user mode (privilege level 1) using the named list ADMIN. The user’s access was permitted.
D. A user attempted to log in to the router via the tty51 port and tried to access the user mode (privilege level 1) using named list ADMIN. The user’s access was denied.
E. The output “GETPASS” means that the user successfully authenticated.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

We provide Cisco 642-825 exam help and information on a wide range of issues. Cisco 642-825 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-825 exam free to send us any questions and we always try our best to keeping our Customers Satisfied.

Flydumps 300-207 dumps with PDF + Premium VCE + VCE Simulator: http://www.flydumps.com/300-207.html

Cisco 642-825 Exam Dumps, Useful Cisco 642-825 Questions Will Be More Popular