100% Valid Free Download 2016 New Questions for Cisco 642-541 Exam

We are committed on providing you with the latest and most accurate Cisco 642-541 exam preparation products.If you want to pass Cisco https://www.pass4itsure.com/642-541.html  exam successfully, do not miss to read latest Cisco 642-541  brain dumps on Flydumps.

Exam A
QUESTION 1
Threats that come from hackers who are more highly motivated and technically competent are called:
A. Sophisticated
B. Advanced
C. External
D. Structured
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Structured threats come from adversaries that are highly motivated and technically competent. Ref: Cisco Secure Intrusion Detection System (Ciscopress) Page 9
QUESTION 2
The worst attacks are the ones that:
A. Are intermittent.
B. Target the applications
C. You can not stop them.
D. Target the executables.
E. Target the databases.
F. You can not determine the source.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: The worst attack is the one that you cannot stop. When performed properly, DDoS is just such an attack.
QUESTION 3
What type of network requires availability to the Internet and public networks as a major requirement and has several access points to other networks, both public and private?
A. Open
B. Closed
C. Intermediate
D. Balanced
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The networks of today are designed with availability to the Internet and public networks, which is a major requirement. Most of today’s networks have serverla access points to other networks both public and private; therefore, securing these networks has become fundamentally important. Reference: CSI Student guide v2.0 p.2-4
QUESTION 4
The security team at Certkiller Inc. is working on network security design. What is an example of a trust model?
A. One example is NTFS
B. One example is NTP
C. One example is NFS
D. One example is NOS
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: One of the key factors to building a successful network security design is to identify and enforce a proper trust model. The proper trust model defines who needs to talk to whom and what kind of traffic needs to be exchanged; all other traffic should be denied. Once the proper trust model has been identified, then the security designer should decide how to enforce the model. As more critical resources are globally available and new forms of network attacks evolve, the network security infrastructure tends to become more sophisticated, and more products are available. Firewalls, routers, LAN switches, intrusion detection systems, AAA servers, and VPNs are some of the technologies and products that can help enforce the model. Of course, each one of these products and technologies plays a particular role within the overall security implementation, and it is essential for the designer to understand how these elements can be deployed. Network File Sharing seems to be the best answer out of all the answers listed. Reference: Securing Networks with Private VLANs and VLAN Access Control Lists
QUESTION 5
Which type of attack can be mitigated only through encryption?
A. DoS
B. Brute force
C. Man-in-the-middle
D. Trojan horse
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
1. Man-in-the-middle attacks-Mitigated through encrypted remote traffic Reference: Safe White papers; Page 26 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 6
The security team at Certkiller Inc. is working on understanding attacks that happen in the network. What type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. Network reconnaissance
B. Man-in-the-middle
C. Trust exploitation
D. Application layer
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: The primary problem with application layer attacks is that they often use ports that are allowed through a firewall. Reference: Safe White papers 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 7
You are the security administrator at Certkiller and you need to know the attacks types to the network. Which two general IP spoofing techniques does a hacker use? (Choose two)
A. An IP address within the range of trusted IP addresses.
B. An unknown IP address which cannot be traced.
C. An authorized external IP address that is trusted.
D. An RFC 1918 address.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation: IP Spoofing An IP spoofing attack occurs when a hacker inside or outside a network impersonates the conversations of a trusted computer. A hacker can do this in one of two ways. The hacker uses either an IP address that is within the range of trusted IP addresses for a network or an authorized external IP address that is trusted and to which access is provided to specified resources on a network. IP spoofing attacks are often a launch point for other attacks. The classic example is to launch a denial-of-service (DoS) attack using spoofed source addresses to hide the hacker’s identity. Normally, an IP spoofing attack is limited to the injection of malicious data or commands into an existing stream of data that is passed between a client and server application or a peer-to-peer network connection. To enable bidirectional communication, the hacker must change all routing tables to point to the spoofed IP address. Another approach hackers sometimes take is to simply not worry about receiving any response from the applications. If a hacker tries to obtain a sensitive file from a system, application responses are unimportant. However, if a hacker manages to change the routing tables to point to the spoofed IP address, the hacker can receive all the network packets that are addressed to the spoofed address and reply just as any trusted user can. Reference: Safe White papers; Page 65 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 8
John the security administrator at Certkiller Inc. is working on securing the network with strong passwords. What is the definition of a strong password?
A. The definition of a strong password is at least ten characters long and should contain cryptographic characters.
B. The definition of a strong password is at least eight characters long; contains uppercase letters, lowercase letters, numbers, and should not contain special characters.
C. The definition of a strong password is defined by each company depending on the product being used.
D. The definition of a strong password is at least eight characters long; contains uppercase letters, lowercase letters, numbers, and special characters.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Passwords should be at least eight characters long and contain uppercase letters, lowercase letters, numbers, and special characters (#, %, $, and so forth). Reference: Safe White papers; Page 67 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 9
The two Denial of Service attack methods are: (Choose two)
A. Out of Band data crash
B. SATAN
C. TCP session hijack
D. Resource Overload
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
Explanation: When involving specific network server applications; such as a Web server or an FTP server, these attacks can focus on acquiring and keeping open all the available connections supported by that server, effectively locking out valid users of the server or service. Some attacks compromise the performance of your network by flooding the network with undesired-and often useless-network packets and by providing false information about the status of network resources. Ref: Safe White papers; Page 66 & 67 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks Incorrect Answers:
B: SATAN is a testing and reporting tool that collects a variety of information about networked hosts.
C: TCP session hijack is when a hacker takes over a TCP session between two machines.
QUESTION 10
This program does something undocumented which the programmer intended, but that the user would not approve of if he or she knew about it.
A. What is a Virus.
B. What is a Macro Virus.
C. What is a Trojan Horse.
D. What is a Worm.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: A Trojan horse is different only in that the entire application was written to look like something else, when in fact it is an attack tool. An example of a Trojan horse is a software application that runs a simple game on the user’s workstation. While the user is occupied with the game, the Trojan horse mails a copy of itself to every user in the user’s address book. Then other users get the game and play it, thus spreading the Trojan horse. Ref: Safe White papers; Page 70 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 11
Choose the true statements regarding IP spoofing attack and DoS attack. (Choose all that apply)
A. IP spoofing attack is a prelude for a DoS attack.
B. DoS attack is a prelude for a IP spoofing attack.
C. IP spoofing attack is generally performed by inserting a string of malicious commands into the data that is passed between a client and a server.
D. A DoS attack is generally performed by inserting a string of malicious command into the data that is passed between a client and a server.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation: IP spoofing attacks are often a launch point for other attacks. The classic example is to launch a denial-of-service (DoS) attack using spoofed source addresses to hide the hacker’s identity. Normally, an IP spoofing attack is limited to the injection of malicious data or commands into an existing stream of data that is passed between a client and server application or a peer-to-peer network connection. Ref: Safe White papers; Page 65 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 12
What method helps mitigate the threat of IP spoofing?
A. Access control
B. Logging
C. SNMP polling
D. Layer 2 switching
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The most common method for preventing IP spoofing is to properly configure access control. To reduce the effectiveness of IP spoofing, configure access control to deny any traffic from the external network that has a source address that should reside on the internal network. Ref: Safe White papers; Page 67 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 13
What is an example of a trust model?
A. NTFS
B. NFS
C. NTP
D. NOS
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: One of the key factors to building a successful network security design is to identify and enforce a proper trust model. The proper trust model defines who needs to talk to whom and what kind of traffic needs to be exchanged; all other traffic should be denied. Once the proper trust model has been identified, then the security designer should decide how to enforce the model. As more critical resources are globally available and new forms of network attacks evolve, the network security infrastructure tends to become more sophisticated, and more products are available. Firewalls, routers, LAN switches, intrusion detection systems, AAA servers, and VPNs are some of the technologies and products that can help enforce the model. Of course, each one of these products and technologies plays a particular role within the overall security implementation, and it is essential for the designer to understand how these elements can be deployed. Network File Sharing seems to be the best answer out of all the answers listed. Reference: Securing Networks with Private VLANs and VLAN Access Control Lists
QUESTION 14
Which type of attack is usually implemented using packet sniffers?
A. Man-in-the-middle
B. DoS
C. Brute force
D. IP spoofing
Correct Answer: A Section: (none) Explanation Explanation/Reference:
Explanation: Man-in-the-middle attacks are often implemented using network packet sniffers and routing and transport protocols. Ref: Safe White papers; 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 15
Which type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. Network reconnaissance
B. Application layer
C. Man-in-the-middle
D. Trust exploitation
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The primary problem with application layer attacks is that they often use ports that are allowed through a firewall. Ref: Safe White papers 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 16
What is the only way to effectively prevent the Man-in-the-middle attacks?
A. Firewalls
B. ISP filtering and rate limiting
C. HIDS & Firewall filtering
D. Encryption
E. Access Control
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Man-in-the-middle attacks can be effectively mitigated only through the use of cryptography. If someone hijacks data in the middle of a cryptographically private session, all the hacker will see is cipher text, and not the original message. Ref: Safe White papers 68 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 17
What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. Brute force password
C. IP spoofing
D. Unauthorized access
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Although unauthorized-access attacks are not a specific type of attack, they refer to most attacks executed in networks today. Ref: Safe White papers; Page 70 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 18
This method of attack will always compute the password if it is made up of the character set you have selected to test.
A. What is LOphtCracks
B. What is brute force computation
C. What is dictionary lookup
D. What is brute force mechanism
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 19
What is the primary method of mitigating port redirection attacks?
A. Keep firewalls up to date with the latest patches and fixes.
B. Do not allow trust models.
C. Keep OS and applications up to date with the latest patches and fixes.
D. Use proper trust models.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: Port redirection can be mitigated primarily through the use of proper trust models (as mentioned earlier). If we assume that a system is under attack, host-based IDS can help detect and prevent a hacker installing such utilities on a host. Ref: Safe White papers; Page 70 SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks Reference: Cisco Courseware page 2-28
QUESTION 20
What are two characteristics of a packet sniffer designed for attack purposes? (Choose two)
A. Captures first 300 to 400 bytes.
B. Typically captures login sessions.
C. Captures the last 300 to 400 bytes.
D. Deciphers encrypted passwords.
E. Enable to capture UDP packets.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:

Try Cisco 642-541  exam free demo before you decide to buy it in Flydumps. After you buy Flydumps Cisco https://www.pass4itsure.com/642-541.html exam dumps, you will get free update for ONE YEAR!

You may also like