Exam: Cisco 642-825
Title: Implementing Secure Converged Wide Area Networks
Version : Demo
1. What are three methods of network reconnaissance? (Choose three.)
A. IP spoofing
B. one-time password
C. dictionary attack
D. packet sniffer
E. ping sweep
F. port scan
Answer: DEF
2. What are two steps that must be taken when mitigating a worm attack? (Choose two.)
A. Inoculate systems by applying update patches.
B. Limit traffic rate.
C. Apply authentication.
D. Quarantine infected machines.
E. Enable anti-spoof measures
Answer: AD
3. Which three statements about IOS Firewall configurations are true? (Choose three.)
A. The IP inspection rule can be applied in the inbound direction on the secured interface.
B. The IP inspection rule can be applied in the outbound direction on the unsecured interface.
C. The ACL applied in the outbound direction on the unsecured interface should be an extended ACL.
D. The ACL applied in the inbound direction on the unsecured interface should be an extended ACL.
E. For temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for the returning traffic must be a standard ACL.
F. For temporary openings to be created dynamically by Cisco IOS Firewall, the IP inspection rule must be applied to the secured interface.
Answer: ABD
4. Refer to the exhibit. Which two statements are true about the authentication method used to authenticate users who want privileged access into Router1? (Choose two.)
A. All users will be authenticated using the RADIUS server. If the RADIUS server is unavailable, the router will attempt to authenticate the user using its local database.
B. All users will be authenticated using the RADIUS server. If the RADIUS server is unavailable, the authentication process stops and no other authentication method is attempted.
C. All users will be authenticated using the RADIUS server. If the user authentication fails, the router will attempt to authenticate the user using its local database.
D. All users will be authenticated using the RADIUS server. If the user authentication fails, the authentication process stops and no other authentication method is attempted.
E. The default login authentication method is applied automatically to all lines including console, auxiliary, TTY, and VTY lines.
Answer: AD
5. Refer to the exhibit. On the basis of the presented information, which configuration was completed on the router CPE?
A. CPE(config)# ip nat inside source list 101 interface Dialer0 CPE(config)# access-list 101 permit ip 10.0.0.0 0.255.255.255 any
B. CPE(config)# ip nat inside source list 101 interface Dialer0 overload CPE(config)# access-list 101 permit ip 10.0.0.0 0.255.255.255 any
C. CPE(config)# ip nat inside source list 101 interface Ethernet 0/0 CPE(config)# access-list 101 permit ip 10.0.0.0 0.255.255.255 any
D. CPE(config)# ip nat inside source list 101 interface Ethernet 0/0 overload CPE(config)# access-list 101 permit ip 10.0.0.0 0.255.255.255 any
E. CPE(config)# ip nat inside source list 101 interface Ethernet 0/1 CPE(config)# access-list 101 permit ip 10.0.0.0 0.255.255.255 any
F. CPE(config)# ip nat inside source list 101 interface Ethernet 0/1 overload CPE(config)# access-list 101 permit ip 10.0.0.0 0.255.255.255 any
Answer: B
6. Refer to the exhibit. FastEthernet0/0 has been assigned a network address of 200.0.1.2/24 and no ACL has been applied to that interface. Serial0/0/0 has been assigned a network address of 200.0.0.1/30. Assuming that there are no network-related problems, which ping will be successful?
A. from 200.0.0.1 to 200.0.0.2
B. from 200.0.0.2 to 200.0.0.1
C. from 200.0.0.2 to 200.0.1.1
D. from 200.0.0.2 to 200.0.1.2
E. from 200.0.1.1 to 200.0.0.2
F. from 200.0.1.2 to 200.0.0.2
Answer: A
the related exam:642-845
没有评论:
发表评论