Cisco 642-541 Exam Tests, First-hand Cisco 642-541 Dumps Are Based On The Real Exam

Welcome to download the newest Examwind MOPF dumps:

Flydumps practice test training resources are versatile and highly compatible with Microsoft exam formats. We provide up to date resources and comprehensive coverage on Cisco 642-541 exam dumps help you to advance your skills.

QUESTION 176
The ip verify reverse-path command implements which of the following on the PIX Firewall? Choose two.
A. performs a route lookup based on the source address
B. performs a route lookup based on the destination address
C. provides session state information based on source address
D. provides session state information based on destination address
E. provides ingress filtering

Correct Answer: AE Section: (none) Explanation
Explanation/Reference: QUESTION 177
What is IP logging, as defined for the Cisco IDS appliance?
A. IDS logs IP address information for hosts being attacked
B. IDS logs user information from an attacking host
C. IDS captures packets from an attacking host
D. IDS logs IP address information from an attacking host

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 178
LAB

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 179
As an alternative design in the SAFE SMR small network campus module, a small filtering router can be placed between the rest of the network and which devices?
A. Layer 2 switches
B. management stations
C. corporate users
D. routers

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 180
What signature actions can be configured on an IDS Sensor in the SAFE SMR medium network design? Choose two.
A. UDP reassembly
B. none
C. IP log
D. total reassembly

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 181
Which of the following is not a SAFE guideline to proactively mitigate Code Red attacks?
A. host intrusion prevention system
B. network-based application recognition
C. antivirus
D. access control

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 182
What are the two options in the SAFE SMR midsize network design for WAN connections? Choose two.
A. IPSec VPN tunnel connections
B. only frame relay connections
C. private WAN connections
D. ATM connections

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 183
How does Java applet filtering distinguish between trusted and untrusted applets?
A. examines the applet for suspicious code
B. relies on a list of applets that you designate as hostile
C. relies on a list of applets that you designate as friendly
D. relies on a list of external sites that you designate as friendly

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 184
Which two are design alternatives in the SAFE SMR midsize network design corporate Internet module? Choose two.
A. place a URL filtering server on the public services segment
B. eliminate the router between the firewall and the campus module
C. set up a small filtering router between the management stations and the rest of the network
D. eliminate HIDS

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:

If you have any doubts download the online Cisco 642-541 practice test from sample page. we want to delight our customers by offering Cisco 642-541 practice test online so that you can clear you Cisco 642-541 certification with the highly advanced IT experts are building the Passcert Cisco 642-541 practice test for the Top Cisco 642-541 exam in order to response the customers demand. You can download updated Cisco 642-541 practice test for checking the quality.

Welcome to download the newest Examwind MOPF dumps: http://www.examwind.com/MOPF.html

Cisco 300-206 Tests, Latest Updated Cisco 300-206 Real Testing Sale

Continue Reading

Cisco 642-541 Dumps, First-hand Cisco 642-541 Questions And Answers Are Based On The Real Exam

Welcome to download the newest Pass4itsure 412-79 dumps: http://www.pass4itsure.com/412-79.html

Flydumps bring you the best Cisco 642-541 exam preparation materials which will make you pass in the first attempt.And we also provide you all the Cisco 642-541 exam updates as Flydumps announces a change in its Cisco 642-541 exam syllabus,we inform you about it without delay.

QUESTION 159
Which are the attack mitigation roles for the VPN Concentrator in the SAFE standard VPN WLAN design? Choose three.
A. authenticate remote users
B. two-factor authentication
C. terminate IPsec
D. RFC 2827 filtering
E. DHCP relay
F. VPN client auto-initiate

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 160
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 161
Which IDS guidelines should be followed, according to SAFE SMR?
A. use TCP shunning as opposed to TCP resets
B. use shunning no longer than 15 minutes
C. use shunning on only UDP traffic, as it is more difficult to spoof than TCP
D. use shunning on only TCP traffic, as it is more difficult to spoof than UDP

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 162
Which three Cisco components encompass secure connectivity? Choose three.
A. Cisco IDS Sensors
B. Cisco PIX Firewalls
C. Cisco IDS Sensors
D. Cisco VPN Concentrators
E. Cisco IOS IDS
F. Cisco IOS VPN

Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 163
According to the SAFE Layer 2 security white paper, which is not a threat to switches?
A. CAM table overflow
B. DHCP starvation
C. IP address spoofing
D. VLAN hopping
E. Spanning-Tree Protocol manipulation

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 164
What causes the default TCP intercept feature of the IOS Firewall to become more aggressive? Choose two.
A. the number of incomplete connections exceeds 1100
B. the number of connections arriving in the last 1 minute exceeds 1100
C. the number of incomplete connections exceeds 100
D. the number of connections arriving in the last 10 minutes exceeds 1000

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 165
Which is true about the PIX Firewall in the remote site firewall option in the SAFE SMR remote user design environment?
A. ISAKMP is enabled when the ISAKMP policy is created
B. ISAKMP is enabled when the crypto map is applied to the interface
C. ISAKMP is disabled by default
D. ISAKMP is enabled by default

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 166
Which are key devices in the SAFE SMR remote user network? Choose two.
A. firewall with VPN support
B. Layer 2 switch
C. broadband access device
D. NIDS
E. Layer 3 switch

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 167
What is the function of a crypto map on a PIX Firewall?
A. to configure a pre-shared authentication key and associate the key with an IKE peer address or host name
B. to configure a pre-shared authentication key and associate the key with an IPSec peer address or host name
C. to specify which algorithms to use with the selected security protocol
D. to filter and classify the traffic to be protected

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 168
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 169
How are password attacks mitigated in the SAFE SMR midsize network design corporate Internet module?
A. filtering at the ISP, edge router, and corporate firewall
B. RFC 2827 and 1918 filtering at ISP edge and midsize network edge router
C. e-mail content filtering, HIDS, and host-based virus scanning
D. OS and IDS detection
E. CAR at the ISP edge and TCP setup controls at the firewall

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 170
According to SAFE worm mitigation, which of the following is not a mitigation for MS Blaster?
A. private VLANs
B. NBAR
C. CAR
D. sink-hole routers

Correct Answer: B Section: (none) Explanation Explanation/Reference:
QUESTION 171
Which method will always compute the password if it is made up of the character set you selected to test?
A. brute force computation
B. strong password computation
C. password reassemble
D. brute force mechanism

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 172
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 173
What are the SAFE guidelines when routing information is exchanged with an outside routing domain? (Select two.)
A. Use exterior gateway protocols only
B. Use exterior gateway protocols that operate between routing domains and do not allow administrators to build and act on policies.
C. Use exterior gateway protocols because they allow administrators to build and act on policies rather than just on reachability information.
D. Do not use autonomous system path filters on every EBGP peering session in network
E. Use exterior gateway protocols or static routes.

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 174
Which are key devices in the SAFE SMR midsize network design midsize network campus module? Choose three.
A. WAN router
B. VPN Concentrator
C. firewalls
D. NIDS host
E. corporate servers
F. layer 2 switches

Correct Answer: DEF Section: (none) Explanation
Explanation/Reference:
QUESTION 175
According to SAFE SMR, what type of VPN connectivity is typically used with the Cisco PIX Firewall?
A. remote access
B. site-to-site
C. mobile user
D. corporate

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Flydumps is a specialized IT certification exam training website which provide you the targeted exercises and current exams. We focus on the popular Cisco 642-541 exam and has studied out the latest Cisco 642-541 exam dumps, which can meet the needs of many people. HP HP5-K03D certification is a reference of many well-known IT companies to hire IT employee. So this Cisco 642-541 exam is very popular now. Flydumps is also recognized and relied by many people. Flydumps can help a lot of people achieve their dream. If you choose Flydumps, but you do not successfully pass the examination, Flydumps will give you a full refund.

Welcome to download the newest Pass4itsure 412-79  dumps: http://www.pass4itsure.com/412-79.html

Cisco 642-541 Dumps, First-hand Cisco 642-541 Questions And Answers Are Based On The Real Exam

Continue Reading

Cisco 642-541 Exam Practice, Valid and updated Cisco 642-541 Real Testing On Our Store

Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html

Flydumps bring you the best Cisco 642-541 Certification exam preparation materials which will make you pass in the first attempt.And we also provide you all the Cisco 642-541 exam updates as Microsoft announces a change in its Cisco 642-541 exam syllabus,we inform you about it without delay.

QUESTION 136
Which are the functional areas in SAFE Enterprise Network? Choose two.
A. Enterprise Network VPN/Remote Access
B. Enterprise Network Campus
C. Enterprise Network Distribution
D. Enterprise Network Corporate Internet

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 137
How are packet sniffer attacks mitigated in the SAFE SMR small network campus module?
A. host based virus scanning
B. the latest security fixes
C. the use of HIDS and application access control
D. switched infrastructure
E. HIDS

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 138
What are private VLANs?
A. tools that allow segregating traffic at Layer 3, turning broadcast segments into non-broadcast, multi-access-like segments
B. tools that allow segregating traffic at Layer 2, turning broadcast segments into non-broadcast, multi-access-like segments
C. tools that allow segregating traffic at Layer 2, turning non-broadcast, multi-access-like segments into broadcast segments
D. tools that allow segregating traffic at Layer 3, turning non-broadcast, multi-access-like segments into broadcast segments

Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 139
Which IDS guideline should be followed, according to SAFE SMR?
A. use UDP resets more often than shunning, because UDP traffic is more difficult to spoof
B. use TCP resets more often than shunning, because TCP traffic is more difficult to spoof
C. use TCP resets no longer than 15 minutes
D. use UDP resets no longer than 15 minutes

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 140
What IKE proposal should be chosen on the VPN Concentrator for the Unity Client?
A. any proposal that ends with DH7
B. any IKE proposal, except the IKE proposal that ends with DH7
C. any proposal that starts with Cisco VPN Client
D. any proposal that starts with DH7

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 141
Which two Cisco components encompass secure management? Choose two.
A. Cisco VPN Concentrators
B. CiscoWorks
C. Cisco IDS Sensors
D. Cisco PIX Firewalls
E. Web Device Managers

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 142
What Radio Frequency (RF) band does the Home RF Shared Wireless Access Protocol (SWAP) specification use
A. 900 GHz
B. 2.4 GHz
C. 5.7 GHz
D. 900 MHz

Correct Answer: A Section: (none) Explanation Explanation/Reference:
QUESTION 143
What is the primary function of the IOS firewall in the SAFE SMR small network design?
A. provide connection state enforcement and detailed filtering for sessions initiated through the firewall
B. provide remote site connectivity and general filtering for sessions initiated through the firewall
C. provide host DoS mitigation
D. authenticate IPSec tunnels
E. provide remote site authentication

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 144
How are virus and Trojan Horse attacks mitigated in the SAFE SMR midsize network design corporate Internet module?
A. filtering at the ISP, edge router, and corporate firewall
B. IDS at the host and network levels
C. mail content filtering, HIDS, and host-based virus scanning
D. OS and IDS detection
E. CAR at the ISP edge and TCP setup controls at the firewall
F. RFC 2827 and 1918 filtering at ISP edge and midsize network edge router

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 145
What threats are expected for the SAFE SMR small network campus module? Choose two.
A. IP spoofing
B. packets sniffers
C. denial of service
D. applications layer attacks

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 146
Which type of attack is usually implemented using packet sniffers?
A. man-in-the-middle
B. DoS
C. brute force
D. IP spoofing

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 147
Which threats are expected in the SAFE SMR remote user network environment? Choose two.
A. trust exploitation
B. port redirection attacks
C. man in the middle attacks
D. network reconnaissance

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 148
Which is a design alternative in the SAFE SMR midsize network design campus module?
A. A NIDS appliance can be placed in front of the firewall.
B. A URL filtering server can be placed on the public services segment to filter the types of Web pages employees can access.
C. A separate router and Layer 2 switch can be used for the core and distribution rather than the higher-performing Layer 3 switch.
D. The router between the firewall and the campus module can be eliminated.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 149
Drag Drop question A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 150
Which vulnerability is not expected in a network design comprised of multiple security zones, multiple user groups, and a single physical switch?
A. MAC spoofing
B. CAM table overflow
C. VTP attacks
D. VLAN hopping
E. private VLAN attacks

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 151
According to SAFE SMR guidelines, where do you implement the Cisco VPN 3000 Series Concentrator?
A. in front of the Internet access router
B. behind the PIX Firewall and parallel to the Internet access router
C. behind the Internet access router and parallel to the PIX Firewall
D. behind the corporate network module

Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 152
What services do extranet VPNs provide?
A. link corporate headquarters to remote offices
B. link telecommuters and mobile users to corporate network resources
C. link network resources with third-party vendors and business partners
D. link private networks to public networks

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 153
Which vulnerability is not expected in a network design comprised of multiple security zones, multiple user groups, and a single physical switch?
A. MAC spoofing
B. CAM table overflow
C. VTP attacks
D. VLAN hopping
E. private VLAN attacks

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 154
According to SAFE, which statement is true about IPSec tunneling protocols?
A. L2TP supports data encryption and packet integrity.
B. GRE is better suited for site-to-site VPNs.
C. IPSec standard supports IP unicast and multicast traffic.
D. GRE is better suited for remote-access VPNs.
E. GRE supports data encryption and packet integrity.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 155
Which are key devices in the SAFE SMR midsize network design midsize network campus module? Choose three.
A. Syslog hosts
B. corporate servers
C. Layer 3 switches
D. firewalls
E. VPN Concentrator
F. WAN router

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 156
Which routing protocol does not support the use of MD5 authentication?
A. BGP
B. IGRP
C. EIGRP
D. OSPF
E. IS-IS

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 157
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 158
What version of the Cisco PIX Firewall is required to use the VPN accelerator card?
A. version 2.3 or higher
B. version 3.3 or higher
C. version 4.3 or higher
D. version 5.3 or higher
E. version 6.3 or higher

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

With the complete collection of Cisco 642-541 Questions and Answers, Flydumps has assembled to take you through Questions and Answers to your Cisco 642-541 Exam preparation. In the Cisco 642-541 exam resources, you will cover every field of Cisco 642-541 exam helping to ready you for your successful Adobe Certification.

Pass4itsure hp0-m52 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/hp0-m52.html

Cisco 642-541 Exam Practice, Valid and updated Cisco 642-541 Real Testing On Our Store

Continue Reading

100% New Questions Flydumps New Updated Cisco 642-541 Exam Questions

Exam A Flydumps is one of the leading exam preparation material providers. We have a complete range of exams offered by the top vendors of their respective industries. You can download https://www.pass4itsure.com Cisco 642-541  free demos in PDF files that are the latest.

Exam A
QUESTION 1
Which routing protocol does not support the use of MD5 authentication?
A. BGP
B. IGRP
C. EIGRP
D. OSPF
E. IS-IS
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 2
What is an assumption of SAFE SMR?
A. implementing SAFE SMR guarantees a secure environment
B. the security policy is already in place
C. network contains only Cisco devices
D. SAFE SMR does not assume application and OS security
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Why are all providers of Internet connectivity urged to implement the filtering described in RFC 2827?
A. to prohibit attackers from using source addresses that reside within a range of legitimately advertised prefixes
B. to prohibit attackers from using forged source addresses that do not reside within a range of legitimately advertised prefixes
C. to filter Java applications that come from a source that is not trusted
D. to stop internal users from reaching web sites that violate the established security policy
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 4
The VPN acceleration module (VAM) is available on what series of VPN optimized routers? Choose two.
A. 1700 Series
B. 2600 Series
C. 3600 Series
D. 7100 Series
E. 7200 Series
Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which two devices in the SAFE SMR small network campus module should have HIDS installed? Choose two.
A. Layer 2 switches
B. firewalls
C. management hosts
D. desktop workstations
E. corporate servers
F. lab workstations
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In which module does the firewall exist in the SAFE SMR small network design?
A. Internet
B. campus
C. corporate Internet
D. edge
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
What is the NIDS primary function in the SAFE SMR midsize network design corporate Internet module?
A. provide connectivity to the campus module
B. provide connectivity to the WAN module
C. provide connectivity to the LAN module
D. provides detection of attacks on ports that the firewall is configured to permit
E. provide the demarcation point between the ISP and the medium network
F. provide connection state enforcement and detailed filtering for sessions initiated through the firewall
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which two general IP spoofing techniques does a hacker use? Choose two.
A. an IP address within the range of trusted IP addresses
B. an unknown IP address which cannot be traced
C. an RFC 1918 address
D. an authorized external IP address that is trusted

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which model is recommended for an IDS with at least 100 Mbps performance?
A. 4210
B. 4220
C. 4250
D. 4260
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which is a key server found in SAFE Enterprise network design edge corporate internet module?
A. database server
B. application server
C. URL filtering server
D. proxy server
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What is the purpose of BGP TTL Security Hash (BTSH)?
A. encrypts private network data when it is being passed through a public network
B. prevents attacker from creating a routing black hole
C. helps to prevent information overload from causing a network to melt
D. prevents attackers from disrupting peering sessions between routers
E. reduces the change rate in the Internet’s routing tables
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 12
What are two characteristics of a packet sniffer designed for attack purposes? Choose two.
A. captures first 300 to 400 bytes
B. typically captures login sessions
C. captures the last 300 to 400 bytes
D. deciphers encrypted passwords
E. unable to capture UDP packets
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 13
In the SAFE SMR midsize network design, which module does dial-in traffic terminate?
A. campus module
B. WAN module
C. ISP edge module
D. corporate Internet module
E. PSTN module
F. frame/ATM module
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 15
Which type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. network reconnaissance
B. application layer
C. man-in-the-middle
D. trust exploitation
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 16
LAB

A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 17
Which three models of the Cisco 3000 Series Concentrator can have redundant power supplies? Choose three.
A. 3005
B. 3020
C. 3030
D. 3060
E. 3080
F. 3090
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 18
What are the SAFE guidelines when routing information is exchanged with an outside routing domain? (Select two.)
A. Use exterior gateway protocols only.
B. Use exterior gateway protocols that operate between routing domains and do not allow administrators to build and act on policies.
C. Use exterior gateway protocols because they allow administrators to build and act on policies rather than just on reachability information.
D. Do not use autonomous system path filters on every EBGP peering session in network.
E. Use exterior gateway protocols or static routes
F. Make certain that your outside peer advertises your routes to other peers for maximum reachability
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 19
What services does EAP provide?
A. EAP provides wireless gateway and complementary code keying.
B. EAP provides centralized authentication and dynamic key distribution.
C. EAP provides open authentication and shared key distribution
D. EAP provides message integrity check and wireless domain service
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 20
What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. brute force password
C. IP spoofing
D. unauthorized access
Correct Answer: D Section: (none) Explanation
Explanation/Reference:

PDF format– Printable version, print Cisco 642-541  exam dumps out and study anywhere. Software format– Simulation version, test yourself like Cisco 642-541  exam real test.Credit Guarantee– Passtcert never sell the useless Cisco 642-541 exam dumps out. You will receive our Cisco 642-541  exam dumps in time and get CCIE Certified easily.

Continue Reading

100% Valid Free Download 2016 New Questions for Cisco 642-541 Exam

We are committed on providing you with the latest and most accurate Cisco 642-541 exam preparation products.If you want to pass Cisco https://www.pass4itsure.com/642-541.html  exam successfully, do not miss to read latest Cisco 642-541  brain dumps on Flydumps.

Exam A
QUESTION 1
Threats that come from hackers who are more highly motivated and technically competent are called:
A. Sophisticated
B. Advanced
C. External
D. Structured
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Structured threats come from adversaries that are highly motivated and technically competent. Ref: Cisco Secure Intrusion Detection System (Ciscopress) Page 9
QUESTION 2
The worst attacks are the ones that:
A. Are intermittent.
B. Target the applications
C. You can not stop them.
D. Target the executables.
E. Target the databases.
F. You can not determine the source.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: The worst attack is the one that you cannot stop. When performed properly, DDoS is just such an attack.
QUESTION 3
What type of network requires availability to the Internet and public networks as a major requirement and has several access points to other networks, both public and private?
A. Open
B. Closed
C. Intermediate
D. Balanced
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The networks of today are designed with availability to the Internet and public networks, which is a major requirement. Most of today’s networks have serverla access points to other networks both public and private; therefore, securing these networks has become fundamentally important. Reference: CSI Student guide v2.0 p.2-4
QUESTION 4
The security team at Certkiller Inc. is working on network security design. What is an example of a trust model?
A. One example is NTFS
B. One example is NTP
C. One example is NFS
D. One example is NOS
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: One of the key factors to building a successful network security design is to identify and enforce a proper trust model. The proper trust model defines who needs to talk to whom and what kind of traffic needs to be exchanged; all other traffic should be denied. Once the proper trust model has been identified, then the security designer should decide how to enforce the model. As more critical resources are globally available and new forms of network attacks evolve, the network security infrastructure tends to become more sophisticated, and more products are available. Firewalls, routers, LAN switches, intrusion detection systems, AAA servers, and VPNs are some of the technologies and products that can help enforce the model. Of course, each one of these products and technologies plays a particular role within the overall security implementation, and it is essential for the designer to understand how these elements can be deployed. Network File Sharing seems to be the best answer out of all the answers listed. Reference: Securing Networks with Private VLANs and VLAN Access Control Lists
QUESTION 5
Which type of attack can be mitigated only through encryption?
A. DoS
B. Brute force
C. Man-in-the-middle
D. Trojan horse
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
1. Man-in-the-middle attacks-Mitigated through encrypted remote traffic Reference: Safe White papers; Page 26 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 6
The security team at Certkiller Inc. is working on understanding attacks that happen in the network. What type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. Network reconnaissance
B. Man-in-the-middle
C. Trust exploitation
D. Application layer
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: The primary problem with application layer attacks is that they often use ports that are allowed through a firewall. Reference: Safe White papers 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 7
You are the security administrator at Certkiller and you need to know the attacks types to the network. Which two general IP spoofing techniques does a hacker use? (Choose two)
A. An IP address within the range of trusted IP addresses.
B. An unknown IP address which cannot be traced.
C. An authorized external IP address that is trusted.
D. An RFC 1918 address.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation: IP Spoofing An IP spoofing attack occurs when a hacker inside or outside a network impersonates the conversations of a trusted computer. A hacker can do this in one of two ways. The hacker uses either an IP address that is within the range of trusted IP addresses for a network or an authorized external IP address that is trusted and to which access is provided to specified resources on a network. IP spoofing attacks are often a launch point for other attacks. The classic example is to launch a denial-of-service (DoS) attack using spoofed source addresses to hide the hacker’s identity. Normally, an IP spoofing attack is limited to the injection of malicious data or commands into an existing stream of data that is passed between a client and server application or a peer-to-peer network connection. To enable bidirectional communication, the hacker must change all routing tables to point to the spoofed IP address. Another approach hackers sometimes take is to simply not worry about receiving any response from the applications. If a hacker tries to obtain a sensitive file from a system, application responses are unimportant. However, if a hacker manages to change the routing tables to point to the spoofed IP address, the hacker can receive all the network packets that are addressed to the spoofed address and reply just as any trusted user can. Reference: Safe White papers; Page 65 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 8
John the security administrator at Certkiller Inc. is working on securing the network with strong passwords. What is the definition of a strong password?
A. The definition of a strong password is at least ten characters long and should contain cryptographic characters.
B. The definition of a strong password is at least eight characters long; contains uppercase letters, lowercase letters, numbers, and should not contain special characters.
C. The definition of a strong password is defined by each company depending on the product being used.
D. The definition of a strong password is at least eight characters long; contains uppercase letters, lowercase letters, numbers, and special characters.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Passwords should be at least eight characters long and contain uppercase letters, lowercase letters, numbers, and special characters (#, %, $, and so forth). Reference: Safe White papers; Page 67 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 9
The two Denial of Service attack methods are: (Choose two)
A. Out of Band data crash
B. SATAN
C. TCP session hijack
D. Resource Overload
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
Explanation: When involving specific network server applications; such as a Web server or an FTP server, these attacks can focus on acquiring and keeping open all the available connections supported by that server, effectively locking out valid users of the server or service. Some attacks compromise the performance of your network by flooding the network with undesired-and often useless-network packets and by providing false information about the status of network resources. Ref: Safe White papers; Page 66 & 67 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks Incorrect Answers:
B: SATAN is a testing and reporting tool that collects a variety of information about networked hosts.
C: TCP session hijack is when a hacker takes over a TCP session between two machines.
QUESTION 10
This program does something undocumented which the programmer intended, but that the user would not approve of if he or she knew about it.
A. What is a Virus.
B. What is a Macro Virus.
C. What is a Trojan Horse.
D. What is a Worm.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: A Trojan horse is different only in that the entire application was written to look like something else, when in fact it is an attack tool. An example of a Trojan horse is a software application that runs a simple game on the user’s workstation. While the user is occupied with the game, the Trojan horse mails a copy of itself to every user in the user’s address book. Then other users get the game and play it, thus spreading the Trojan horse. Ref: Safe White papers; Page 70 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 11
Choose the true statements regarding IP spoofing attack and DoS attack. (Choose all that apply)
A. IP spoofing attack is a prelude for a DoS attack.
B. DoS attack is a prelude for a IP spoofing attack.
C. IP spoofing attack is generally performed by inserting a string of malicious commands into the data that is passed between a client and a server.
D. A DoS attack is generally performed by inserting a string of malicious command into the data that is passed between a client and a server.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation: IP spoofing attacks are often a launch point for other attacks. The classic example is to launch a denial-of-service (DoS) attack using spoofed source addresses to hide the hacker’s identity. Normally, an IP spoofing attack is limited to the injection of malicious data or commands into an existing stream of data that is passed between a client and server application or a peer-to-peer network connection. Ref: Safe White papers; Page 65 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 12
What method helps mitigate the threat of IP spoofing?
A. Access control
B. Logging
C. SNMP polling
D. Layer 2 switching
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The most common method for preventing IP spoofing is to properly configure access control. To reduce the effectiveness of IP spoofing, configure access control to deny any traffic from the external network that has a source address that should reside on the internal network. Ref: Safe White papers; Page 67 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 13
What is an example of a trust model?
A. NTFS
B. NFS
C. NTP
D. NOS
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: One of the key factors to building a successful network security design is to identify and enforce a proper trust model. The proper trust model defines who needs to talk to whom and what kind of traffic needs to be exchanged; all other traffic should be denied. Once the proper trust model has been identified, then the security designer should decide how to enforce the model. As more critical resources are globally available and new forms of network attacks evolve, the network security infrastructure tends to become more sophisticated, and more products are available. Firewalls, routers, LAN switches, intrusion detection systems, AAA servers, and VPNs are some of the technologies and products that can help enforce the model. Of course, each one of these products and technologies plays a particular role within the overall security implementation, and it is essential for the designer to understand how these elements can be deployed. Network File Sharing seems to be the best answer out of all the answers listed. Reference: Securing Networks with Private VLANs and VLAN Access Control Lists
QUESTION 14
Which type of attack is usually implemented using packet sniffers?
A. Man-in-the-middle
B. DoS
C. Brute force
D. IP spoofing
Correct Answer: A Section: (none) Explanation Explanation/Reference:
Explanation: Man-in-the-middle attacks are often implemented using network packet sniffers and routing and transport protocols. Ref: Safe White papers; 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 15
Which type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. Network reconnaissance
B. Application layer
C. Man-in-the-middle
D. Trust exploitation
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The primary problem with application layer attacks is that they often use ports that are allowed through a firewall. Ref: Safe White papers 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 16
What is the only way to effectively prevent the Man-in-the-middle attacks?
A. Firewalls
B. ISP filtering and rate limiting
C. HIDS & Firewall filtering
D. Encryption
E. Access Control
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Man-in-the-middle attacks can be effectively mitigated only through the use of cryptography. If someone hijacks data in the middle of a cryptographically private session, all the hacker will see is cipher text, and not the original message. Ref: Safe White papers 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 17
What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. Brute force password
C. IP spoofing
D. Unauthorized access
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Although unauthorized-access attacks are not a specific type of attack, they refer to most attacks executed in networks today. Ref: Safe White papers; Page 70 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 18
This method of attack will always compute the password if it is made up of the character set you have selected to test.
A. What is LOphtCracks
B. What is brute force computation
C. What is dictionary lookup
D. What is brute force mechanism
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 19
What is the primary method of mitigating port redirection attacks?
A. Keep firewalls up to date with the latest patches and fixes.
B. Do not allow trust models.
C. Keep OS and applications up to date with the latest patches and fixes.
D. Use proper trust models.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Port redirection can be mitigated primarily through the use of proper trust models (as mentioned earlier). If we assume that a system is under attack, host-based IDS can help detect and prevent a hacker installing such utilities on a host. Ref: Safe White papers; Page 70 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks Reference: Cisco Courseware page 2-28
QUESTION 20
What are two characteristics of a packet sniffer designed for attack purposes? (Choose two)
A. Captures first 300 to 400 bytes.
B. Typically captures login sessions.
C. Captures the last 300 to 400 bytes.
D. Deciphers encrypted passwords.
E. Enable to capture UDP packets.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:

Try Cisco 642-541  exam free demo before you decide to buy it in Flydumps. After you buy Flydumps Cisco https://www.pass4itsure.com/642-541.html exam dumps, you will get free update for ONE YEAR!

Continue Reading