ECCouncil 412-79V8 Real Demo, Buy Discount ECCouncil 412-79V8 Exam Questions Vce 100% Pass With A High Score

Welcome to download the newest pass4itsure 642-427 VCE dumps: http://www.flydumps.com/642-427.html

If you can prepare with FLYDUMPS ECCouncil 412-79V8 exam questions then no need to worry about result because our product always provides the satisfactory result. Once you are through with the ECCouncil 412-79V8 exam sample questions, you will remarkably enjoy the privileges of acquiring great job opportunities in your life. While talking about the ECCouncil 412-79V8 test, it is hard to neglect FLYDUMPS reliability and pass ratio. We shape your skills to let you pass ECCouncil 412-79V8 exam without any fear of failure.

QUESTION 1
Which of the following password cracking techniques is used when the attacker has some information about the password?
A. Hybrid Attack
B. Dictionary Attack
C. Syllable Attack
D. Rule-based Attack

Correct Answer: D
QUESTION 2
Which of the following is an application alert returned by a web application that helps an attacker guess a valid username?
A. Invalid username or password
B. Account username was not found
C. Incorrect password
D. Username or password incorrect

Correct Answer: C
QUESTION 3
A pen tester has extracted a database name by using a blind SQL injection. Now he begins to test the table inside the database using the below query and finds the table: http://juggyboy.com/page.aspx?id=1; IF (LEN(SELECT TOP 1 NAME from sysobjects where xtype=’U’)=3) WAITFOR DELAY ’00:00:10′–http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),1,1)))=101) WAITFOR DELAY ’00:00:10′– http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),2,1)))=109) WAITFOR DELAY ’00:00:10′– http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),3,1)))=112) WAITFOR DELAY ’00:00:10′–
What is the table name?
A. CTS
B. QRT
C. EMP
D. ABC

Correct Answer: C
QUESTION 4
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
A. Passive IDS
B. Active IDS
C. Progressive IDS
D. NIPS

Correct Answer: B
QUESTION 5
HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where ‘xx’ is the
A. ASCII value of the character
B. Binary value of the character
C. Decimal value of the character
D. Hex value of the character

Correct Answer: C
QUESTION 6
Which of the following appendices gives detailed lists of all the technical terms used in the report?
A. Required Work Efforts
B. References
C. Research
D. Glossary

Correct Answer: D
QUESTION 7
An external intrusion test and analysis identify security weaknesses and strengths of the client’s systems and networks as they appear from outside the client’s security perimeter, usually from the Internet. The goal of an external intrusion test and analysis is to demonstrate the existence of known vulnerabilities that could be exploited by an external attacker.

During external penetration testing, which of the following scanning techniques allow you to determine a port’s state without making a full connection to the host?
A. XMAS Scan
B. SYN scan
C. FIN Scan
D. NULL Scan

Correct Answer: B
QUESTION 8
Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company.
Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

Which of the following password cracking attacks tries every combination of characters until the password is broken?
A. Brute-force attack
B. Rule-based attack
C. Hybrid attack
D. Dictionary attack

Correct Answer: A
QUESTION 9
Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

What is the last step in preparing a Rules of Engagement (ROE) document?
A. Conduct a brainstorming session with top management and technical teams
B. Decide the desired depth for penetration testing
C. Conduct a brainstorming session with top management and technical teams
D. Have pre-contract discussions with different pen-testers

Correct Answer: B
QUESTION 10
Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?
A. DNSSEC
B. Netsec
C. IKE
D. IPsec

Correct Answer: D
QUESTION 11
Mason is footprinting an organization to gather competitive intelligence. He visits the company’s website for contact information and telephone numbers but does not find any. He knows the entire staff directory was listed on their website 12 months. How can he find the directory?
A. Visit Google’s search engine and view the cached copy
B. Crawl and download the entire website using the Surfoffline tool and save them to his computer
C. Visit the company’s partners’ and customers’ website for this information
D. Use WayBackMachine in Archive.org web site to retrieve the Internet archive

Correct Answer: D
QUESTION 12
Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system.

Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application.
A. Web Penetration Testing
B. Functionality Testing
C. Authorization Testing
D. Source Code Review

Correct Answer: D
QUESTION 13
Which of the following is not a characteristic of a firewall?
A. Manages public access to private networked resources
B. Routes packets between the networks
C. Examines all traffic routed between the two networks to see if it meets certain criteria
D. Filters only inbound traffic but not outbound traffic

Correct Answer: B
QUESTION 14
The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU. The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram. IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:
A. Multiple of four bytes
B. Multiple of two bytes
C. Multiple of eight bytes
D. Multiple of six bytes

Correct Answer: C QUESTION 15
From where can clues about the underlying application environment can be collected?
A. From the extension of the file
B. From executable file
C. From file types and directories
D. From source code

Correct Answer: D QUESTION 16
Which of the following information gathering techniques collects information from an organization’s web-based calendar and email services?
A. Anonymous Information Gathering
B. Private Information Gathering
C. Passive Information Gathering
D. Active Information Gathering

Correct Answer: B QUESTION 17
Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?

A. ip.dst==10.0.0.7
B. ip.port==10.0.0.7
C. ip.src==10.0.0.7
D. ip.dstport==10.0.0.7

Correct Answer: C
QUESTION 18
Which of the following statements is true about the LM hash?
A. Disabled in Windows Vista and 7 OSs
B. Separated into two 8-character strings
C. Letters are converted to the lowercase
D. Padded with NULL to 16 characters

Correct Answer: A QUESTION 19
Which of the following statement holds true for TCP Operation?

A. Port numbers are used to know which application the receiving host should pass the data to
B. Sequence numbers are used to track the number of packets lost in transmission
C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host
D. Data transfer begins even before the connection is established

Correct Answer: C
QUESTION 20
Which of the following will not handle routing protocols properly?
A. “Internet-router-firewall-net architecture”
B. “Internet-firewall-router-net architecture”
C. “Internet-firewall -net architecture”
D. “Internet-firewall/router(edge device)-net architecture”
Correct Answer: B
QUESTION 21
What is a goal of the penetration testing report?

A. The penetration testing report helps you comply with local laws and regulations related to environmental conditions in the organization.
B. The penetration testing report allows you to sleep better at night thinking your organization is protected
C. The pen testing report helps executive management to make decisions on implementing security controls in the organization and helps the security team implement security controls and patch any flaws discovered during testing.
D. The penetration testing report allows you to increase sales performance by effectively communicating with the internal security team.

Correct Answer: C
QUESTION 22
Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?
A. 3001-3100
B. 5000-5099
C. 6666-6674
D. 0 1023

Correct Answer: D
QUESTION 23
Identify the injection attack represented in the diagram below:

A. XPath Injection Attack
B. XML Request Attack
C. XML Injection Attack
D. Frame Injection Attack

Correct Answer: C
QUESTION 24
Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

A. Service-based Assessment Solutions
B. Product-based Assessment Solutions
C. Tree-based Assessment
D. Inference-based Assessment

Correct Answer: C
QUESTION 25
The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

What is the best way to protect web applications from parameter tampering attacks?
A. Validating some parameters of the web application
B. Minimizing the allowable length of parameters
C. Using an easily guessable hashing algorithm
D. Applying effective input field filtering parameters

Correct Answer: B QUESTION 26
Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.

What does a vulnerability assessment identify?
A. Disgruntled employees
B. Weaknesses that could be exploited
C. Physical security breaches
D. Organizational structure

Correct Answer: B
QUESTION 27
This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system, attack methods, and how to defend against them.

What is this team called?
A. Blue team
B. Tiger team
C. Gorilla team
D. Lion team

Correct Answer: B
QUESTION 28
ARP spoofing is a technique whereby an attacker sends fake (“spoofed”) Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker’s MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead. ARP spoofing attack is used as an opening for other attacks.

What type of attack would you launch after successfully deploying ARP spoofing?
A. Parameter Filtering
B. Social Engineering
C. Input Validation
D. Session Hijacking

Correct Answer: D
QUESTION 29
Amazon Consulting Corporation provides penetration testing and managed security services to
companies. Legality and regulatory compliance is one of the important components in conducting a
successful security audit.
Before starting a test, one of the agreements both the parties need to sign relates to limitations,
constraints, liabilities, code of conduct, and indemnification considerations between the parties.
Which agreement requires a signature from both the parties (the penetration tester and the company)?
A. Non-disclosure agreement
B. Client fees agreement
C. Rules of engagement agreement
D. Confidentiality agreement

Correct Answer: D QUESTION 30
John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client.
Which of the following factors does he need to consider while preparing the pen testing pricing report?

A. Number of employees in the client organization

Flydumps Free ECCouncil 412-79V8 exam dumps are audited by our certified subject matter experts and published authors for development. Flydumps ECCouncil 412-79V8 exam dumps are one of the highest quality ECCouncil 412-79V8 Q&As in the world.It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass ECCouncil 412-79V8 exam at first attempt.

Flydumps 642-427 dumps with PDF + Premium VCE + VCE Simulator: https://www.pass4itsure.com/642-427.html

ECCouncil 412-79V8 Real Demo, Buy Discount ECCouncil 412-79V8 Exam Questions Vce 100% Pass With A High Score

Continue Reading

Cisco 642-871 Exam Questions, Helpful Cisco 642-871 PDF 100% Pass With A High Score

From now on, you can quickly and easily pass the Cisco 642-871 Certification exam by FLYDUMPS while retaining the how-to and know-how involved in learning the skills covered in the Cisco 642-871 practice exam. Passing Cisco 642-871 exam will clear the path to future Riverbed exam success and instantly enhance your career. FLYDUMPS Cisco 642-871 exam sample questions ensure your success in high score. FLYDUMPS has played a key role in shaping my career. Doing upgrade from unlimited access package towards the Cisco 642-871 practice exam was a good step.

QUESTION 124
Which type of classification mechanism does the Cisco IP phone use?
A. ISL
B. Q.931
C. G.729a
D. 802.1p/Q
E. Spanning Tree

Correct Answer: D Section: (none) Explanation
Explanation/Reference: Explanation:
Streaming video applications, such as IPTV video on demand (VoD) programs, are relatively high bandwidth applications with a high tolerance for loss, delay, and delay variation. As such, significant QoS tools are not required to meet the needs of these applications. However, in most enterprise environments, these types of applications are considered more important than regular background applications (such as e-mail and web browsing) and should be given preferential treatment. A Layer 2 classification of CoS 1 in 8021.Q/802.1p environments should be used for these applications.
Reference: Arch student guide p.7-48
QUESTION 125
What problem does WFQ introduce when used in networks that have delay sensitive traffic like voice and video?
A. WFQ weights by giving preference to TCP-based flows whereas voice and video is UDP/RTP-based.
B. WFW weights by giving preference to UDP-based flows whereas voice and video is TCP/RTP-based.
C. WFQ becomes too fair in the presence of many flows so that an individual flow might not get enough bandwidth.
D. WFQ provides configuration settings that only permit data traffic, which is the root cause of WFQ’s inability to provide good service to voice and video traffic.

Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
WFQ is to fair.
WFQ classifies traffic into different flows based on such characteristics as source and destination address,
protocol, and port and socket of the session. WFQ is a default queueing discipline on links at and below

2.048 Mbps.
QUESTION 126
What is one of the reasons that custom QoS ACLs are recommended over automatic QoS when configuring ports on a Catalyst 6500 for use with IP phones?
A. 79xx IP phones do not automatically mark voice packets with non-zero DSCP values.
B. 79xx IP phones do not mark protocol packets such as DHCP, DNS or TFP with non-zero DSCP values.
C. 79xx IP phones do not mark voice packets with optimal DSCP values.
D. 79xx IP phones use a custom protocol to communicate CDP information to the switch.

Correct Answer: C Section: (none) Explanation
QUESTION 127
When working in a Cisco environment, which of the following models would be utilized when you connect to a PBX system that uses non-standard signaling?
A. Translate model
B. Cross over model
C. Interprete model
D. Transport model
E. Trans-cross model

Correct Answer: A Section: (none) Explanation
QUESTION 128
Both incoming and outgoing calls for a voice system are governed by rules. Which set of rules governs the handling of voice system calls?
A. Voice plan
B. Route plan
C. Route pattern
D. Dial pattern
E. Call handler
F. Dial plan

Correct Answer: F Section: (none) Explanation
QUESTION 129
You are a technician at Certkiller. Your newly appointed Certkiller trainee wants to know in which of the following Frame Relay PVC configurations that are able to carry both voice and data, is the potential voice load better understood and partially isolated from the data load.
What would your reply be?
A. Simplex PVCs
B. Separate PVCs
C. Half Duplex PVCs
D. Duplex PVCs
E. Combined PVCs

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 130
Your newly appointed Certkiller trainee wants to know which codec you would recommend for higher quality voice over a data network. What would your reply be?
A. G.711
B. G.714
C. G.723
D. G.726
E. Q.728
F. G.729

Correct Answer: A Section: (none) Explanation
QUESTION 131
What is the default setting that the Cisco IP phone employs to set the CoS/ToS value for voice packets?
A. 1
B. 3
C. 5
D. 7
E. None of the above.

Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
Ports that are in the data VLAN have a default class of service (CoS) of zero. Ports that are a member of the voice VLAN have a default CoS of 5
Reference: Arch student guide p.11-49
QUESTION 132
Bandwidth used by active calls can be delimited by which of the following types of Call Admission in the Control Manager?
A. Departments
B. Regions
C. Partitions
D. Locations
E. Device Pools
F. All of the above

Correct Answer: D Section: (none) Explanation
QUESTION 133
In a voice system, what set of rules governs the handling of incoming and outgoing calls?
A. A dial plan
B. The route table
C. The dial pattern
D. A call handler
E. A route pattern

Correct Answer: E Section: (none) Explanation
QUESTION 134
With regard to voice calls, which tool is used to reduce IP header size?
A. cRTP
B. RTCP
C. Transcoder
D. Coded (compression / decompression)
E. A and D

Correct Answer: A Section: (none) Explanation
Explanation/Reference: Explanation:
Header Compression – Compresses a header at various layers of the Open System Interconnection (OSI) reference model. Examples include Transmission Control Protocol (TCP) header compression, compressed RTP (cRTP), and compressed Internet Protocol/User Datagram Protocol (IP/UDP).
QUESTION 135
What type of protocol is SIP?
A. Peer-client
B. Server-peer
C. Peer-to-peer
D. Client-server

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
SIP stands for Session Initiation Protocol. SIP was published as a proposed standard by the Internet Engineering Task Force (IETF) in 1999. It is a signaling protocol for multimedia session control. This includes signaling for voice, data, and video sessions between just two parties or for multiparty conferencing sessions. SIP end-points negotiate the media parameters using Session Description Protocol (SDP). SDP allows the SIP terminal or application to negotiate media type (audio, video or data), transport protocol (RTP), and media encoding method. Unlike the switched circuit network of today, IP networks developed using SIP will easily support the concepts of presence, availability, and mobility since it is part of the SIP standard.
The IETF defines standard behavior for key SIP Server elements such as registration, redirect and proxy servers. SIP registration servers allow users to register with the SIP network using a SIP address that is similar to a URL or Web site location. Once a user registers, the local SIP proxy server routes messages on behalf of the user to the proper destination address. The SIP redirect server is a special server that returns a new or changed address for the destination party that may have temporarily changed locations (from work to home for example). Each of these servers have a particular behavior defined in the IETF standard and maintain session state information in a standard manner, leading to interoperability.
SIP’s main advantages over H.323 are its extensibility and flexibility for adding new features. H.323 is a more complex architecture and uses binary encoding of message parameters. The simplicity of SIP makes it easier to develop and debug applications leading to lower product costs for equipment providers.
The SIP client-server and header format design is based on proven Internet standards such as Hyper Text Transfer Protocol (used on commercial web servers) and Simple Mail Transfer Protocol (used for internet e-mail services). The Client-Server design means that each SIP request will result in a well-defined set of SIP responses. This modular design makes it easy to extend SIP to support new operations by simply adding a new request (or SIP Method) and its corresponding response message. Because SIP is text based, it is easy to parse the various SIP commands.
QUESTION 136
When enabling traffic shaping on a Frame Relay interface supporting voice and data, which three parameters should be configured to protect voice traffic? (Choose three)
A. Bt
B. Bc
C. Be
D. CIR
E. LMI
F. DLCI

Correct Answer: BCD Section: (none) Explanation
QUESTION 137
Your boss at Certkiller.com is curios as to which type of applications benefit from IP Multicast.
What should you tell her? (Select three).
A. Low bandwidth streaming applications with many simultaneous users
B. High bandwidth web serving applications
C. Video-on-demand served from the Internet
D. Scheduled classes delivered using IP-TV over multiple LAN/WAN connections
E. Live radio broadcasts delivered over multiple LAN/WAN connections
F. High bandwidth, high volume transactional applications

Correct Answer: ADE Section: (none) Explanation
QUESTION 138
You are a technician at Certkiller.com. Your newly appointed Certkiller trainee Jack wants to know which of the following are considerations to using IP Multicast delivery.
What would your reply be? (Select two.)
A. No congestion avoidance.
B. Not for bandwidth intensive applications.
C. No guaranteed delivery mechanism.
D. Source sends multiple data streams out each interface.
E. Ordered delivery of packets.

Correct Answer: CE Section: (none) Explanation
QUESTION 139
What are potential issues when using PIM-SM for multicast networks? (Choose two)
A. Not effective for dense distribution of receivers.
B. Easy to troubleshoot.
C. Unicast routing protocol dependent.
D. Requires an RP for the initial distribution.
E. RPs can become bottlenecks unless carefully placed.

Correct Answer: DE Section: (none) Explanation
Explanation/Reference: Explanation:
Potential issues with PIM-SM include:
1) PIM-SM requires an RP during the initial setup of the distribution tree (it can switch to the shortest-path
tree once RP is established and determined as optimal). RPs can become bottlenecks if not selected with
great care.
2) PIM-SM’s complex behavior is difficult to understand and therefore difficult to debug.

Reference: Arch student guide p.8-29

QUESTION 140
You are a technician at Certkiller.com. Your newly appointed Certkiller trainee wants to know which of the following are considerations to using IP Multicast delivery.
What would your reply be? (Choose Two.)
A. No congestion avoidance.
B. Low end routers in use.
C. No guaranteed delivery mechanism.
D. Source sends multiple data streams out each interface.
E. Ordered delivery of packets.
F. Not for bandwidth intensive applications.

Correct Answer: CE Section: (none) Explanation
QUESTION 141
You are the network administrator at Certkiller.Your newly appointed Certkiller trainee wants to know what the source address of IP multicast traffic is.
What will your reply be?
A. The assigned IP address of the source host
B. A reserved link address in the 224.0.0.0/24 LCP block
C. A GLOP address with an embedded AS number assigned to the source organization
D. A source-specific (SSM) address in the 232/8 block

Correct Answer: A Section: (none) Explanation
QUESTION 142
What are the characteristics of an IP Multicast source distribution tree? (Choose three)
A. Sub-optimal paths from source to all receivers.
B. Minimal memory utilization on multicast routers.
C. Router maintenance of complete path information for each source.
D. Optimal path from source to each receiver.
E. Reduced latency when compared to shared distribution trees.
F. Single root RP forwarding of all source traffic.

Correct Answer: CDE Section: (none) Explanation
Explanation/Reference: Explanation:
IP Multicast Source Distribution Trees:
1) Uses more memory (Router maintenance of complete path information for each source)
2) Supports optimal paths from source to all receivers
3) Minimizes delay

Reference: Arch student guide p.8-20

QUESTION 143
What are two potential issues when using PIM-SM for multicast networks? (Choose two)
A. Not effective for dense distribution of receivers.
B. Easy to troubleshoot.
C. Unicast routing protocol dependent.
D. Requires an RP for the initial distribution.
E. RPs can become bottlenecks unless carefully placed.

Correct Answer: DE Section: (none) Explanation
Explanation/Reference: Explanation:
Potential issues with PIM-SM include:
1) PIM-SM requires an RP during the initial setup of the distribution tree (it can switch to the shortest-path
tree once RP is established and determined as optimal). RPs can become bottlenecks if not selected with
great care.
2) PIM-SM’s complex behavior is difficult to understand and therefore difficult to debug.

Reference: Arch student guide p.8-29

QUESTION 144
Which of the following components would you most probably encounter in the VPN/Remote Access module? (Choose three.)
A. ISDN
B. IDS
C. Firewall
D. PSTN
E. Access server
F. All of the above.

Correct Answer: BCE Section: (none) Explanation
QUESTION 145
Which VNP management characteristic would you use when you want to make sure that the network in operation has the least disruption of service when topology changes are made?
A. Auto setup
B. Remote management
C. Dynamic reconfiguration
D. Automatic reconfiguration.
E. Path MTU discovery

Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
Dynamic reconfiguration: All configuration changes should take effect without requiring a reboot of the
device.
Disruption of service with a fully loaded VPN device can potentially impact thousands of individual users.

Reference: Arch student guide p.9-17

QUESTION 146
Your newly appointed Certkiller trainee wants to know which protocol at Layer 3 can be used to provide data integrity, privacy, and security on an IP based VPN.
What would your reply be?
A. GRE
B. PKI
C. IPSec
D. L2TP
E. Kerberos
F. MD5

Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
IPSec is a set of standards that specify various options for providing VPN data privacy. Packet authentication protects the information flow from being tampered with or even repeated, thereby minimizing disruption to the communication. An IPSec networking architecture has been specifically designed to address these issues. The framework set forth by the IPSec working group, Internet Engineering Task Force (IETF), pofides data integrity checks for tamper detection, source address verification, and data privacy for the packet data nad data path.
Reference: Arch student guide p.9-9.
QUESTION 147
You are contracted as a network administrator the company, Certkiller Ltd. Recently you received complaints by users that they are experiencing performance problems on the company’s site-to-site VPN network. Upon investigating the complaints you find that the VPN connection uses IPSec and GRE and traverses several Ethernet segments. The VPN packets are being fragmented as they traverse the links.
What can be done to address this problem successfully? (Choose two.)
A. Employ path MTU discovery.
B. Set the MTU value to 1400 bytes.
C. Reset the MTU value to lower than 1400 bytes.
D. Set the MTU higher than 1500 bytes.
E. Turn off pre-fragmentation for IPSec.
F. None of the above.

Correct Answer: AB Section: (none) Explanation
QUESTION 148
You are the network administrator at Certkiller. Which Cisco Works VPN/Security Management Solution will you use to gain access to devices and the displays that will show their real-time status as well as their operational and configuration functions through a web browser?
A. Resource Manager (RME)
B. VPN Monitor
C. Cisco View
D. Omni-vision
E. IDS Host Sensor

Correct Answer: B Section: (none) Explanation Explanation/Reference: Explanation:
The CiscoWorks VPN/Security Management Solution includes VPN Monitor.
VPN Monitor: Collects, stores, and reports on IPsec-based site-to-site and remote-access VPNs. VPN
Monitor supports the Cisco VPN concentrators and routers.

Reference: Arch student guide p.9-19.

QUESTION 149
Which network management tool helps network administrators develop and maintain new and existing traffic filters on Cisco devices?
A. CiscoView
B. ACL Manager
C. Cisco Netsys
D. Resource Manager

Correct Answer: B Section: (none) Explanation
Explanation/Reference: Explanation:
ACL Manager manages the access lists of Cisco devices. ACLM provides tools to set up and manage IP and IPX filtering and device access control. These tools include: access list editors, policy template managers, network and service class managers for scalability, access list navigation tools for troubleshooting, optimization of access lists, and automated distribution of access list updates.
Reference: Arch student guide p.4-25
QUESTION 150
You are a technician at Certkiller. Your newly appointed Certkiller trainee wants to know what the device weight limit per CallManager in a Cisco IP phone configuration would be.
What would your reply be?
A. 800
B. 5000
C. 6500
D. 2500

Correct Answer: B Section: (none) Explanation
Explanation/Reference: Explanation:
The clustering option relate to the grouping of devices, usually phones and gateways. With the limits imposed on a single CallManager (device weights of 5,000 per CallManager, not IP phones) and good design practices, the minimum configuration consists of two CallManagers, which will support up to 2,500 IP phones. Cisco recommends four CallManagers to support 5,000 IP phones and up to six CallManagers to support up to 10,000 IP phones.
Reference: Arch student guide p.11-28
QUESTION 151
Which of the following signaling techniques is used amongst CallManager clusters for intercluster calls?
A. SS7
B. H.323
C. MGCP
D. BRI2

Correct Answer: B Section: (none) Explanation
QUESTION 152
You are a technician at Certkiller. Your newly appointed Certkiller trainee wants to know what the maximum number of CallManager servers you can have in a cluster is.
What would your reply be?
A. 3
B. 7
C. 8
D. 56

Correct Answer: C Section: (none) Explanation
QUESTION 153
With Call Manager v3.1, what is the maximum number of servers in a Cluster?
A. 3
B. 6
C. 7
D. 8

Correct Answer: D Section: (none) Explanation
Explanation/Reference: Explanation:
The primary advantage of the distributed call processing model is that, by using local call processing, it provides the same level of features and capabilities whether the IP WAN is available or not. Each site can have from one to eight Cisco CallManager servers in a cluster based on the number of users.
Reference: Arch student guide p.11-43
QUESTION 154
Which three are used in configuration Call Manager dial plans? (Choose three)
A. Route list
B. Route group
C. Gateway list
D. Route keeper
E. Route pattern
F. First digit pattern

Correct Answer: ABE Section: (none) Explanation QUESTION 155
Which of the following are functions form part of Web Cache Communication Protocol (WCCP)? (Choose four.)
A. Fault tolerance
B. Network address translation
C. Load balancing
D. Scalability
E. Remote management
F. Service assurance
G. Redundancy allowance

Correct Answer: ACDF Section: (none) Explanation
Explanation/Reference: Explanation:
Cisco routers and switches incorporate Web Cache Communication Protocol (WCCP) software to enable content routing capabilities. Additionally, Cisco offers content routers specifically designed to support large-scale mirrored web sites. Content routing routes user requests to the replicated-content site (typically a mirror site) that can serve them most quickly and efficiently. The content routing software redirects a user request to the closest (best) replicated-content site, based on network delay, using a software process called boomerang. The content routing software load balances up to 500 sites for each domain it is configured to support.
Reference: Arch student guide p.12-6
QUESTION 156
Mentioned below are several tools. Which of them is a web-browser based tool designed to provide administrative access for content networking?
A. Cisco CallManager
B. Hypertext Administration Design (HAD)
C. Access Point
D. Content Distribution Manager (CDM)
E. Self-Organizing Distributed Architecture (SODA)
F. Web Cache Communication Protocol (WCCP)

Correct Answer: D Section: (none) Explanation
Explanation/Reference: Explanation:
The Cisco Content Distribution Manager (CDM) is a web-browser-based tool that provides the administrative function for content networking. With the CDM, you can configure and monitor Content Engines, import and preview media, and generate media URLs for access from web sites. You also set maximum bandwidth usage over the WAN from the CDM to the remote Content Engines, as well as maximum LAN bandwidth usage from the Content Engines to end-user desktops.
Reference: Arch student guide p.12-9
QUESTION 157
You are a technician at Certkiller. You were instructed to place Content Engines on the Certkiller network.
Where would you place it when you are dealing with transparent caching?
A. Close to the servers.
B. Behind the main server.
C. At the Internet edge.
D. In front of web server farms.
E. Close to the end users.

Correct Answer: E Section: (none) Explanation

We provide Cisco 642-871 exam help and information on a wide range of issues. Cisco 642-871 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-825 exam free to send us any questions and we always try our best to keeping our Customers Satisfied.

Continue Reading

Cisco 642-811 Demo Free Download, Offer Cisco 642-811 Exam Test Questions With New Discount

Cisco 642-811 exam sample questions enable you to with success control your job. When you take Riverbed 101-01 Exam qualification, this is able to enable you to acquire information needed with success through the use of Riverbed technological know-how. This is an excellent Riverbed if you want to turned into a Cisco expert. It is known that hottest Cisco 642-811 Exam test analyze will be the hot test of Cisco 642-811 qualification. Have got in your own Cisco 642-811 exam sample questions delights to your profession. What precisely things, will be the best plus the right focus for the choice.

QUESTION 142
Which protocol specified by RFC 2281 provides network redundancy for IP networks, ensuring that user traffic immediately and transparently recovers from first-hop failures in network edge devices or access circuits?
A. STP
B. IRDP
C. ICMP
D. HSRP

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 143
A medium-sized network with a redundant topology that uses core and access switches is experiencing intermittent end-station accessibility. The root bridge is on one of the core switches. It is determined that the problem occurs during STP convergence and that accessibility issues depend on the STP state of the individual switch port. What is the best way to decrease STP convergence time in this situation?
A. Enable PortFast on the core switches to accelerate the choice of a new root port.
B. Enable UplinkFast on the VLAN that is having the most accessibility problems.
C. Enable UplinkFast on the wiring closet switches at the edge of the network.
D. Enable PortFast on all IOS based switches that have been configured for bridge priority.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 144
Refer to the exhibit. On the basis of the information that is generated by the show commands, which two EtherChannel statements are true? (Choose two.)
A. Interfaces FastEthernet 0/1 and 0/2 have been configured with the channel-group 1 mode desirable command.
B. Interfaces FastEthernet 0/3 and 0/4 have been configured with the no switchport command.
C. Interface Port-Channels 1 and 2 have been assigned IP addresses with the ip address commands.
D. Port-Channels 1 and 2 are providing two 400 Mbps EtherChannels.
E. Port-Channels 1 and 2 are capable of combining up to 8 FastEthernet ports to provide full-duplex bandwidth of up to 16 Gbps between a switch and another switch or host.
F. Switch SW1 has been configured with a Layer 3 EtherChannel.
Correct Answer: AD Section: (none) Explanation

Explanation/Reference:
QUESTION 145
Which two table types are CEF components?(Choose two.)
A. forwarding information base
B. adjacency tables
C. neighbor tables
D. caching tables
E. route tables

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 146
Refer to the exhibit. All switches are connected using FastEthernet links. Given the information in the exhibit, which two statements are true? (Choose two.)

A. Switch S1 is the root bridge.
B. Switch S2 is the root bridge.
C. Switch S3 is the root bridge.
D. Port 1/2 on switch S1 is a nondesignated port.
E. Port 1/2 on switch S2 is a nondesignated port.
F. Port 1/2 on switch S3 is a nondesignated port.

Correct Answer: AF Section: (none) Explanation Explanation/Reference:
QUESTION 147
Refer to the exhibit. The DLSwitch is a Catalyst 3550 and the ALSwitch is a Catalyst 2950. Which two configurations sequence would be used to establish an EtherChannel group? (Choose two.)

A. ALSwitch(config)# interface range fa 0/1 – 2ALSwitch(config-if)# channel-group 1 mode desirable
B. ALSwitch(config)# interface range fa 0/1 – 2ALSwitch(config-if)# channel-protocol pagpALSwitch (config-if)# channel-group 1 mode desirable
C. ALSwitch(config)# interface range fa 0/1 – 2ALSwitch(config-if)# channel-protocol lacpALSwitch(config-if)# channel-group 1 mode desirable
D. DLSwitch(config)# interface range fa 0/1 – 2DLSwitch(config-if)# channel-group 1 mode auto
E. DLSwitch(config)# interface range fa 0/1 – 2DLSwitch(config-if)# channel-protocol pagpDLSwitch (config-if)# channel-group 1 mode auto
F.     DLSwitch(config)# interface range fa 0/1 – 2DLSwitch(config-if)# channel-protocol lacpDLSwitch(config-if)# channel-group 1 mode desirable

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 148
Which two statements are true about a switched virtual interface (SVI)? (Choose two.)
A. An SVI is created by entering the no switchport command in interface configuration mode.
B. An SVI is created for the default VLAN (VLAN1) to permit remote switch administration by default.
C. An SVI provides a default gateway for a VLAN.
D. Multiple SVIs can be associated with a VLAN.
E. SVI is another name for a routed port.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 149
Refer to the exhibit. A network engineer is trying to prevent VLAN attacks. Ports 0/20 – 24 are not currently used on switch Cat2. VLAN 50 is an unused VLAN. How does the configuration in the exhibit improve security on the switch Cat2?

A. The native VLAN is different from any data VLAN.
B. Trunking is negotiated rather than on.
C. DTP is turned off.
D. The ports have been configured as a primary PVLAN.
E. The ports have been configured as a secondary PVLAN.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 150
Which three IP addresses are valid multicast addresses? (Choose three.)
A. 169.254.23.59
B. 223.254.255.254
C. 225.1.1.1
D. 227.43.34.2
E. 238.3.3.3
F. 249.1.2.3

Correct Answer: CDE Section: (none) Explanation
Explanation/Reference: QUESTION 151
When IP multicast is enabled via PIM, which mode uses the flood and prune method?
A. PIM sparse-dense
B. Bidir-PIM
C. PIM-RP
D. PIM-DM
E. PIM-SM

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 152
Refer to the exhibit. On the basis of the show ip pim interface count output, which interface or interfaces will receive and forward multicast traffic?

A. interface Vlan10 only
B. interfaces Vlan11 and Vlan12
C. interfaces Vlan10, Vlan11, and Vlan12
D. interfaces Vlan23 and Vlan24
E. all interfaces
F. none of the interfaces

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 153
Refer to the exhibit. LACP has been configured on Switch1 as shown. Which is the correct command set to configure LACP on Switch2?

A. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode auto
B. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode passive
C. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode desirable
D. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode on

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 154
Refer to the exhibit. Given the output of a debug ip mrouting command, which two statements are true? (Choose two.)

A. This router received an IGMP host report from a group member or a PIM join message.
B. The reverse path forwarding (RPF) for the route 224.2.0.1 failed to find the interface on which the multicast packet was received.
C. Multicast route to 10.16.0.0/16 was added to the mroute table and created by a source directly connected to the router.
D. Multicast route to 224.69.15.0/24 was added to the mroute table and created by a source directly connected to the router.
E. The route to 224.69.15.0/24 will be out Ethernet 0.

Correct Answer: AC Section: (none)
Explanation
Explanation/Reference:
QUESTION 155
What is a characteristic of a static VLAN membership assignment?
A. VMPS server lookup
B. easy to configure
C. ease of adds, moves, and changes
D. based on MAC address of the connected device

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 156
Which technology manages multicast traffic at Layer 2 by configuring Layer 2 LAN interfaces dynamically to forward multicast traffic only to those interfaces that want to receive it?
A. IGMP
B. IGMP snooping
C. PIM-DM
D. DVMRP
E. MOSPF

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 157
Given the following configuration on a switch interface, what happens when a host with the MAC address of 0003.0003.0003 is directly connected to the switch port? switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002 switchport port-security violation shutdown
A. The port will shut down.
B. The host will be allowed to connect.
C. The host will be refused access.
D. The host can only connect through a hub/switch where 0002.0002.0002 is already connected.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 158
Switch C is configured with UplinkFast. How much time will expire after a failure in L2 before switch C activates the port connected to L3?

A. 1-5 seconds
B. 15 seconds
C. 30 seconds
D. 50 seconds

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 159
Which two statements are true about the UplinkFast feature? (Choose two.)
A. It must be used with the PortFast feature enabled.
B. When enabled, it is enabled for the entire switch and all VLANs.
C. It should be configured on all switches, including the Root Bridge.
D. When the primary Root Port uplink fails, another blocked uplink can be immediately brought up for use.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 160
Which enhancement was added to IGMP version 3?
A. membership query message
B. membership report message
C. leave group message
D. source filtering
E. destination filtering

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 161
Refer to the exhibit. A network engineer is trying to connect to the console port of Sw2. What authentication process will the switch go through?

A. Authentication will fail because SmartPort has not been enabled.
B. Authentication will fail because an IP address has not been specified for the SmartPort database.
C. The switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the local database.
D. The switch will attempt to authenticate using the enable secret password. If this fails, the switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the password goaway.
E. The switch will contact the SmartPort database. If the SmartPort database is unreachable, the switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the local database.
F.     The switch will contact the SmartPort database. If the SmartPort database is unreachable, the switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the enable secret password.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 162
Which option correctly identifies the Cisco IOS switching methods in descending order from the fastest method to the slowest method?
A. CEF, distributed CEF (dCEF), fast switching, process switching
B. distributed CEF (dCEF), CEF, fast switching, process switching
C. fast switching, process switching, distributed CEF (dCEF), CEF
D. process switching, fast switching, distributed CEF (dCEF), CEF
E. process switching, distributed CEF (dCEF), CEF, fast switching
F.     process switching, CEF, distributed CEF (dCEF), fast switching

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 163
In the use of 802.1X access control, which three protocols are allowed through the switch port before authentication takes place? (Choose three.)
A. STP
B. CDP
C. EAP MD5
D. TACACS+
E. EAP-over-LAN
F.     protocols not filtered by an ACL

Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 164
Which three statements are true of the Port Aggregation Protocol (PAgP)? (Choose three.)
A. PAgP is a standards-based protocol defined in IEEE 802.3ad.
B. PAgP is used to connect to non-Cisco devices.
C. PAgP packets are sent with the command channel-group 1 mode desirable.
D. PAgP does not require the STP costs to be the same in order to form an EtherChannel.
E. An Etherchannel link will form if one end of the channel is configured as active and the other end as passive mode.
F.     An Etherchannel link will form if one end of the channel is configured as auto and the other end as desirable mode.

Correct Answer: CDF Section: (none) Explanation
Explanation/Reference:
QUESTION 165
Which command will ensure that External_B will be the primary router for traffic using the gateway address of 172.16.15.20?

A. On External_B add the command standby 1 priority 80.
B. On External_A add the command standby 1 priority 110.
C. On External_A add the command standby 1 priority 80.
D. On External_B remove the command standby 1 preempt

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 166
Which two statements characterize VLANs? (Choose two.)
A. All hosts in the same VLAN are in the same broadcast domain.
B. All hosts in the same VLAN are in the same collision domain.
C. VLAN membership is based upon port membership or assigned dynamically based on MAC.
D. It is a physical network segment.
E. They must be created in the vlan database mode on all IOS and Cat OS based Catalyst Switches.

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 167
What must be configured on a Cisco switch in order to advertise VLAN information?
A. VTP password
B. VTP domain name
C. VTP revision number
D. VTP mode
E. VTP pruning
Correct Answer: BD Section: (none) Explanation

Explanation/Reference:
QUESTION 168
Which statement about VTP is false?
A. Switches in VTP transparent mode will simply forward advertisements without processing them.
B. VTP reduces administrative overhead.
C. VTP pruning reduces overall network traffic.
D. VTP pruning is on by default.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 169
Which two statements are true about Cisco Express Forwarding (CEF) operation? (Choose two.)
A. CEF supports per packet load balancing.
B. The CEF switching process can perform packet fragmentation.
C. CEF processed packets forwarded to a tunnel interface create separate lookup table entries.
D. access control lists should be avoided when utilizing CEF because they cause the forwarding decision to bypass CEF and use process switching.
E. CEF can be used to forward packets when an ACL is involved since CEF tables include access control list information.

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 170
How does 802.1q trunking keep track of multiple VLAN’s?
A. modifies the port index of a data frame to indicate the VLAN
B. adds a new header containing the VLAN ID to the data frame
C. encapsulates the data frame with a new header and frame check sequence
D. tags the data frame with VLAN information and recalculates the CRC value

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 171
Which command will need to be added to External_A to ensure that it will take over if serial 0/0 on External_B fails?

A. standby 1 preempt
B. standby 1 track 10.10.10.1
C. standby 1 priority 130
D. standby 1 track fastethernet 0/0

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 172
Which Cisco IOS command assigns a Catalyst switch port to VLAN 10?
A. switchport mode vlan 10
B. switchport trunk native 10
C. switchport access vlan 10
D. switchport mode access vlan 10

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 173
Which statement correctly describes the extended system ID?
A. It is the 2-bit number of the MSTP instance.
B. It is the VLAN identifier value and allows for 4096 BIDs to be uniquely identified.
C. It is a bridge MAC address which is allocated from a pool of MAC addresses that are factory assigned.
D. It is a hex number used to measure the preference of a bridge in the spanning-tree algorithm.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 174
In a customer’s network, VLAN Trunking Protocol (VTP) is running with a domain named main1. VLANs 1,2,3,4,5,10,20 are active on the network. Suddenly the whole network goes down. No traffic is being passed on VLANs 2,3,4,5,10,20, however traffic passes on VLAN 1 and indicates all switches are operational. Right before the network problem occurred, a switch named TEST1 was added to the network. What three configuration issues on TEST1 could be causing the network outage? (Choose three.)
A. TEST1 is configured as a VTP server with a different domain name.
B. TEST1 is not configured to participate in VTP.
C. TEST1 is configured as a VTP server with the domain name main1.
D. TEST1 has a lower VTP configuration revision than the current VTP revision.
E. TEST1 has a higher VTP configuration revision than the current VTP revision.
F. TEST1 is configured with only VLAN1.

Correct Answer: CEF Section: (none) Explanation
Explanation/Reference:
QUESTION 175
Refer to the show interface Gi0/1 switchport command output shown in the exhibit. Which two statements are true about this interface? (Choose two.)

A. This interface is a dot1q trunk passing all configured VLANs.
B. This interface is configured for access mode.
C. This interface is a member of VLAN1.
D. This interface is a member of VLAN7.
E. This interface is a member of a voice VLAN.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 176
Which two tasks are required to configure PIM for IP multicast routing? (Choose two.)
A. Join a multicast group.
B. Enable CGMP.
C. Enable IP multicast routing.
D. Configure the TTL threshold.
E. Enable PIM on an interface.
Correct Answer: CE Section: (none) Explanation

Explanation/Reference:
QUESTION 177
Assuming that VLAN 1 and VLAN 2 traffic is enabled on the above network, what effect will the following command have when entered on port 0/2 on Switch Aspanning-tree vlan 1 port-priority 16

A. VLAN 1 traffic will be blocked on Switch B port 1/1.
B. VLAN 2 traffic will be blocked on Switch B port 1/1.
C. VLAN 2 traffic will be blocked on Switch A port 0/2.
D. VLANs 1 and 2 will be blocked on Switch A port 0/1.
E. VLANs 1 and 2 will be blocked on Switch A port 0/2.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 178
Which message type was added to IGMPv2?
A. heartbeat
B. join request
C. leave report
D. status report
E. membership report

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 179
Frames from Workstation 1 are given the proper priority through Switch A, but Switch B handles Workstation 1 frames as if they have no precedence. Which of the following actions will allow traffic from Workstation 1 to be given the proper priority?

A. configure qos all command under Switch B fa0/1 interface
B. configure mls qos trust cos command under Switch B fa0/1 interface
C. configure mls qos trust cos 5 command under Switch B fa0/1 interface
D. configure qos cos 5 command under Switch B fa0/1 interface
E. configure mls qos trust cos command under Switch A fa0/1 interface
F. configure qos cos 5 command under Switch A fa0/1 interface

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 180
Which two multicast IP addresses can be represented by the multicast MAC address 0100.5e0A.0A07? (Choose two.)
A. 228.10.10.7
B. 228.10.10.8
C. 228.10.138.7
D. 229.11.10.7
E. 229.138.10.7
F. 229.138.10.8

Correct Answer: AE Section: (none) Explanation
Explanation/Reference: QUESTION 181
Which two statements about the various implementations of STP are true? (Choose two.)
A. Common Spanning Tree maintains a separate spanning-tree instance for each VLAN configured in the network.
B. The Spanning Tree Protocol (STP) is an evolution of the IEEE 802.1w standard.
C. Per-VLAN Spanning Tree (PVST) supports 802.1Q trunking.
D. Per-VLAN Spanning Tree Plus(PVST+) is an enhancement to 802.1Q specification and is supported only on Cisco devices.
E. Rapid Spanning Tree Protocol (RSTP) includes features equivalent to Cisco PortFast, UplinkFast, and BackboneFast for faster network reconvergence.
F.     Multiple Spanning Tree (MST) assumes one spanning-tree instance for the entire Layer 2 network, regardless of the multiple number of VLANs.

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 182
Examine the diagram. A network administrator has recently installed the above switched network using 3550s and would like to control the selection of the root bridge. Which switch should the administrator configure as the root bridge and which configuration command must the administrator enter to accomplish this?

A. DSW11(config)# spanning-tree vlan 1 priority 4096
B. DSW12(config)# set spanning-tree priority 4096
C. ASW13(config)# spanning-tree vlan 1 priority 4096
D. DSW11(config)# set spanning-tree priority 4096
E. DSW12(config)# spanning-tree vlan 1 priority 4096
F.     ASW13(config)# set spanning-tree priority 4096

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 183
Refer to the exhibit. Both host stations are part of the same subnet but are in different VLANs. On the basis of the information presented in the exhibit, which statement is true about an attempt to ping from host to host?

e
A. A trunk port will need to be configured on the link between Sw_A and Sw_B for the ping command to be successful.
B. The two different hosts will need to be in the same VLAN in order for the ping command to be successful.
C. A Layer 3 device is needed for the ping command to be successful.
D. The ping command will be successful without any further configuration changes.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 184
When building an IP multicast domain using PIM which mode assumes that other routers do not want to forward multicast packets for the group?
A. PIM-DM
B. PIM-SM
C. PIM-RP
D. CGMP
E. IGMP snooping

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 185
What can be determined about the HSRP relationship from the displayed debug output?

A. The preempt feature is not enabled on the 172.16.11.111 router.
B. The nonpreempt feature is enabled on the 172.16.11.112 router.
C. Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router
172.16.11.112.
D. Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router
172.16.11.111.
E. The IP address 172.16.11.111 is the virtual HSRP router IP address.
F. The IP address 172.16.11.112 is the virtual HSRP router IP address.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 186
Refer to the exhibit. The Gateway Load Balancing Protocol has been configured on routers R1 and R2,
and hosts A and B have been configured as shown. Which statement
can be derived from the exhibit?

A. The GLBP weighted load balancing mode has been configured.
B. The GLBP host-dependent, load-balancing mode has been configured.
C. The GLBP round-robin, load-balancing mode has been configured.
D. The host A default gateway has been configured as 10.88.1.1/24.
E. The host A default gateway has been configured as 10.88.1.4/24.
F. The host A default gateway has been configured as 10.88.1.10/24.

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 187
Which two statements are true about CEF switching? (Choose two.)
A. The CEF data plane is responsible for the fragmentation of outgoing packets.
B. The CEF control plane builds the FIB table. The data plane builds the adjacency table and forwards traffic.
C. The CEF control plane builds the FIB and adjacency tables. The data plane forwards IP unicast traffic.
D. IP packets with the IP header options set are process switched.
E. Packets with the TCP header options set are process switched.
F. The adjacency table is derived from next hop IP addresses in the routing table.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 188
On a 3550 EMI switch, which three types of interfaces can be used to configure HSRP? (Choose three.)
A. loopback interface
B. SVI interface
C. routed port
D. access port
E. EtherChannel port channel
F. BVI interface

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 189
A switch sends BPDUs with which destination address upon initial bootup?
A. a well-known STP multicast address
B. the IP address of its default gateway
C. the MAC addresses stored in the CAM table
D. the MAC address of neighbors discovered via CDP

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 190
Refer to the exhibit. Switch A is initially the root bridge. Switch D with bridge priority of 0 is added to the network. Which port should the Root Guard feature be configured on to prevent Switch D from becoming the root?

A. Switch A fa0/2
B. Switch C fa0/1
C. Switch C fa0/3
D. Switch D fa0/1

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

Preparing Cisco 642-811 exam is not difficult now.You can prepare from Cisco 642-811 Certification or Cisco 642-811 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-811 study material notes for test preparation. Latest Cisco 642-811 study material available.

Continue Reading

Cisco 700-260 Exam Demos, First-hand Cisco 700-260 Online Exam With Accurate Answers

Welcome to download the newest pass4itsure 642-832 VCE dumps: http://www.flydumps.com/642-832.html

FLYDUMPS will ensure you pass the Cisco 700-260 exam. The Cisco 700-260 exam sample questions give you possibility to work in any country of the world because they are acknowledged in all countries equally. This FLYDUMPS Cisco 700-260 exam sample questions helps not only to improve your knowledge and skills, but it also helps your career, gives a possibility for qualified usage of FLYDUMPS exam products under different conditions.

QUESTION 1
Increased employee productivity, confidence in data confidentiality, and increased visibility are features that demonstrate which Cisco business value?
A. Cost effectiveness
B. Protection
C. Control
D. Flexibility
E. Completeness

Correct Answer: C
QUESTION 2
Which licensing feature enables customers to better manage their software assets and optimize their IT spending?
A. Cisco ONE
B. Smart Accounts
C. Enterprise License Agreements
D. License Bundling

Correct Answer: B
QUESTION 3
Which Cisco network security solution helps protect against threats by monitoring and responding to any network anomalies, continually analyzing for potential threats and reacting to them in real time?
A. Cisco Security Manager
B. Cisco ASA Firewall Services
C. Cisco ASA Next-Generation Firewall Services
D. Cisco Next-Generation Intrusion Prevention System
E. Cisco Web Security Appliance
F. Cisco Email Security Appliance
G. Cisco Identity Services Engine
H. Cisco Site-to-Site VPN
Correct Answer: D
QUESTION 4
Which Cisco security technology delivers the best real-time threat intelligence?
A. Cisco Security Intelligence Operations
B. Cisco ASA Next-Generation Firewall Services
C. Cisco Identity Services Engine
D. Cisco Security Manager
E. Cisco TrustSec

Correct Answer: A
QUESTION 5
Upon which component are security solutions directly built in the Cisco future solutions architecture framework?
A. Security intelligence operations
B. Third-party applications
C. Management and intelligence capabilities
D. Cisco security platforms

Correct Answer: D
QUESTION 6
At which point during the attack continuum does a customer experience limited remediation tools?
A. Across the entire continuum
B. During
C. Before
D. After

Correct Answer: A
QUESTION 7
Which technology solution can resolve the inability of a customer to properly restrict and authorize access to protected resources while still introducing new applications, devices, and business partnerships?
A. Cisco Secure Data Center
B. Cisco Cyber Threat Defense
C. Cisco TrustSec
D. Cisco Data Center Virtualization and Cloud
E. Cisco Application Centric Infrastructure
F. Cisco Security Intelligence Operations

Correct Answer: C
QUESTION 8
Utilizing the Cisco software lifecycle generates which two benefits for partners? (Choose two.)
A. Adaptable deployment
B. Software portability
C. Improved sales performance
D. Cisco incentives
E. Increased efficiencies
F. Sales promotions
G. Customer support
Correct Answer: CE
QUESTION 9
Which Cisco security benefit is a differentiator that allows partners to plan and model their businesses?
A. Comprehensive vision for security
B. One solution to fit every need
C. Unparalleled commitment
D. Lowest price points
E. Best-in-class technologies

Correct Answer: A
QUESTION 10
What is the primary customer challenge that is created by the wide variety of security solution providers on the market?
A. Choosing the right provider
B. Contacting all providers for information
C. Finding a low-cost option
D. Determining the single best security product

Correct Answer: A
QUESTION 11
Automatic updates and post-attack guidance are features that demonstrate which Cisco business value?
A. Completeness
B. Cost effectiveness
C. Flexibility
D. Control
E. Protection

Correct Answer: D
QUESTION 12
End-to-end protection and protection across the attack continuum are features that demonstrate which two Cisco business values? (Choose two.)
A. Cost effectiveness
B. Protection
C. Control
D. Flexibility
E. Completeness

Correct Answer: BE
QUESTION 13
The unmatched security that Cisco offers is demonstrated by its long-standing experience in which two options? (Choose two.)
A. Mobile solutions
B. Networks
C. Software
D. Security
E. Devices
Correct Answer: BD
QUESTION 14
Refer to the exhibit.

Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises, Cisco 700-260 helps you master the concepts and techniques that will enable you to succeed on the Cisco 700-260 exam the first time.

Flydumps 642-832 dumps with PDF + Premium VCE + VCE Simulator: https://www.pass4itsure.com/642-832.html

Cisco 700-260 Exam Demos, First-hand Cisco 700-260 Online Exam With Accurate Answers

Continue Reading