Exam A Flydumps is one of the leading exam preparation material providers. We have a complete range of exams offered by the top vendors of their respective industries. You can download https://www.pass4itsure.com Cisco 642-541 free demos in PDF files that are the latest.
Exam A
QUESTION 1
Which routing protocol does not support the use of MD5 authentication?
A. BGP
B. IGRP
C. EIGRP
D. OSPF
E. IS-IS
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 2
What is an assumption of SAFE SMR?
A. implementing SAFE SMR guarantees a secure environment
B. the security policy is already in place
C. network contains only Cisco devices
D. SAFE SMR does not assume application and OS security
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Why are all providers of Internet connectivity urged to implement the filtering described in RFC 2827?
A. to prohibit attackers from using source addresses that reside within a range of legitimately advertised prefixes
B. to prohibit attackers from using forged source addresses that do not reside within a range of legitimately advertised prefixes
C. to filter Java applications that come from a source that is not trusted
D. to stop internal users from reaching web sites that violate the established security policy
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 4
The VPN acceleration module (VAM) is available on what series of VPN optimized routers? Choose two.
A. 1700 Series
B. 2600 Series
C. 3600 Series
D. 7100 Series
E. 7200 Series
Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which two devices in the SAFE SMR small network campus module should have HIDS installed? Choose two.
A. Layer 2 switches
B. firewalls
C. management hosts
D. desktop workstations
E. corporate servers
F. lab workstations
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In which module does the firewall exist in the SAFE SMR small network design?
A. Internet
B. campus
C. corporate Internet
D. edge
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
What is the NIDS primary function in the SAFE SMR midsize network design corporate Internet module?
A. provide connectivity to the campus module
B. provide connectivity to the WAN module
C. provide connectivity to the LAN module
D. provides detection of attacks on ports that the firewall is configured to permit
E. provide the demarcation point between the ISP and the medium network
F. provide connection state enforcement and detailed filtering for sessions initiated through the firewall
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which two general IP spoofing techniques does a hacker use? Choose two.
A. an IP address within the range of trusted IP addresses
B. an unknown IP address which cannot be traced
C. an RFC 1918 address
D. an authorized external IP address that is trusted
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which model is recommended for an IDS with at least 100 Mbps performance?
A. 4210
B. 4220
C. 4250
D. 4260
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which is a key server found in SAFE Enterprise network design edge corporate internet module?
A. database server
B. application server
C. URL filtering server
D. proxy server
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What is the purpose of BGP TTL Security Hash (BTSH)?
A. encrypts private network data when it is being passed through a public network
B. prevents attacker from creating a routing black hole
C. helps to prevent information overload from causing a network to melt
D. prevents attackers from disrupting peering sessions between routers
E. reduces the change rate in the Internet’s routing tables
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 12
What are two characteristics of a packet sniffer designed for attack purposes? Choose two.
A. captures first 300 to 400 bytes
B. typically captures login sessions
C. captures the last 300 to 400 bytes
D. deciphers encrypted passwords
E. unable to capture UDP packets
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 13
In the SAFE SMR midsize network design, which module does dial-in traffic terminate?
A. campus module
B. WAN module
C. ISP edge module
D. corporate Internet module
E. PSTN module
F. frame/ATM module
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Drag Drop question
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 15
Which type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. network reconnaissance
B. application layer
C. man-in-the-middle
D. trust exploitation
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 16
LAB
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 17
Which three models of the Cisco 3000 Series Concentrator can have redundant power supplies? Choose three.
A. 3005
B. 3020
C. 3030
D. 3060
E. 3080
F. 3090
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 18
What are the SAFE guidelines when routing information is exchanged with an outside routing domain? (Select two.)
A. Use exterior gateway protocols only.
B. Use exterior gateway protocols that operate between routing domains and do not allow administrators to build and act on policies.
C. Use exterior gateway protocols because they allow administrators to build and act on policies rather than just on reachability information.
D. Do not use autonomous system path filters on every EBGP peering session in network.
E. Use exterior gateway protocols or static routes
F. Make certain that your outside peer advertises your routes to other peers for maximum reachability
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 19
What services does EAP provide?
A. EAP provides wireless gateway and complementary code keying.
B. EAP provides centralized authentication and dynamic key distribution.
C. EAP provides open authentication and shared key distribution
D. EAP provides message integrity check and wireless domain service
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 20
What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. brute force password
C. IP spoofing
D. unauthorized access
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
PDF format– Printable version, print Cisco 642-541 exam dumps out and study anywhere. Software format– Simulation version, test yourself like Cisco 642-541 exam real test.Credit Guarantee– Passtcert never sell the useless Cisco 642-541 exam dumps out. You will receive our Cisco 642-541 exam dumps in time and get CCIE Certified easily.