Cisco 642-374 Exam, New Updated Cisco 642-374 Certification Is What You Need To Take

Welcome to download the newest Flydumps 70-470 dumps 

Flydumps Cisco 642-374 exam sample questions offered complete in all respects and contains only Cisco 642-374 test with clear and easy to remember answers. Cisco 642-374 exam is a challenging CompTIA certification. Thus it is advisable for you to master all Cisco 642-374 practice questions before Appearing in the actual exam and make your targeted score. Cisco 642-374 exam sample questions provide you with the experience of taking the best materials. Flydumps provides the most comprehensive Cisco 642-374 test for our customers; we guarantee your success in the first attempt.

QUESTION 91
Which two of these statements best describe the benefits of Cisco’s wireless IDS functionality? (Choose two.)
A. Autonomous APs must be dedicated IDS sensors while lightweight APs can combine client traffic and RF monitoring.
B. AirDefense for wireless IDS is required by autonomous APs.
C. Cisco or CCX compatible client cards can extend the RF IDS service for autonomous APs.
D. APs only monitor the RF channels that are servicing the clients
E. 2.4GHz RF management can monitor both 802.11 and non-802.11 RF interference.

Correct Answer: CE Section: (none) Explanation
QUESTION 92
Which of these is an accurate list of Cisco Lifecycle Services phases?
A. presales, project planning, development, implementation, operations testing, and operations sign-off
B. project planning, site assessment, risk assessment, solution selection and acquisition, testing, and operations
C. analysis, design, deployment, testing, implementation, and production
D. prepare, plan, design, implement, operate, and optimize
E. initiation, planning, analysis, design, development, implementation, operations and maitenance

Correct Answer: D Section: (none) Explanation
QUESTION 93
In which of these phases is a customer’s network assessed to determine its system readiness?
A. plan
B. design
C. operate
D. implement

Correct Answer: A Section: (none) Explanation
QUESTION 94
Which two methods enable a PC connected to the PartnerNet to connect to a server on DMZ1 but deny it access to both DMZ2 and the Inside network? (Choose two).

A. Enable port address translation for traffic sourced from the PartnerNet PC to the DMZ1server.
B. Disable NAT control on DM72 and the Inside interfaces only.
C. Enable static NAT translation for the DMZ1 server, and then use an ACL to permit the PartnerNet PC traffic to the DMZ1 server.
D. Disable NAT control on the DMZ1 interface only.
E. Lower the security level of the DMZ2 interface to 30.
F. Raise the security level of the PartnerNet interface to 55.

Correct Answer: CF Section: (none) Explanation
QUESTION 95
In which of these phases is a customer’s current network infrastructure assessed?
A. plan
B. implement
C. prepare
D. design

Correct Answer: A Section: (none) Explanation
QUESTION 96
At which stage of the Cisco Lifecycle Services approach would you recommend supporting and troubleshooting the system?
A. Implementation
B. Optimization
C. Design
D. Preparation
E. Operation
F. Planning
Correct Answer: E Section: (none) Explanation

QUESTION 97
At which stage of the Cisco Lifecycle Services approach should customer education presentations occur?
A. Planning
B. Implementation
C. Operation
D. Design
E. Optimization

Correct Answer: A Section: (none) Explanation
QUESTION 98
Refer to the exhibit. Deploying integrated services on the Cisco ISR Router can help reduce network cost and complexity by integrating which four of these features on the ISR? (Choose four.)

A. firewall and VPN
B. IP telephony and voice mail
C. Secure Access Control Server
D. LAN switching and Wireless LAN
E. IPS
F. Anomaly Guard and Detection

Correct Answer: ABDE Section: (none) Explanation
QUESTION 99
Conducting a project kick-off in the plan phase provides which of the following customer benefits?
A. ensure end-user support immediately after the launch of a new system
B. confirm project roles and responsibilities, as well as milestone dates
C. ensure that it receives detailed network diagrams
D. reduce the risk of downtime due to facilities-related problems

Correct Answer: B Section: (none) Explanation
QUESTION 100
At which stage of the Cisco Lifecycle Services approach would you test for system acceptance?
A. Operation
B. Optimization
C. Planning
D. Design
E. Implementation
F. Preparation

Correct Answer: E Section: (none) Explanation
QUESTION 101
What is one benefit of the Cisco anti-X defense strategy?
A. malware, virus, and worm mitigation
B. security events correlation for proactive response
C. applications security
D. virtual firewall protection

Correct Answer: A Section: (none) Explanation
QUESTION 102
Which of these statements about CiscoWorks is true?
A. The LMS interface can manage a maximum of four CiscoWorks servers.
B. CiscoWorks SNMS supports integration with HPOV.
C. CiscoWorks does not require TCP reliability.
D. CiscoWorks Restricted is the recommended choice for large enterprise.

Correct Answer: C Section: (none) Explanation QUESTION 103
Which statement concerning the Active/Active failover feature is correct?
A. Active/Active failover is supported in “multiple mode” configuration only.
B. Active/Active failover supports site-to-site IPSec VPN stateful failover.
C. If an active security context within the primary security appliance “fails”, the status of the primary security appliance unit changes to “failed” while the secondary failover security appliance unit transitions to “active.”
D. ASA Security Appliance failover pair must have either an Unrestricted and UR license or a UR and FO-A/A license to be able to support Active/Active failover.

Correct Answer: A Section: (none) Explanation
QUESTION 104
Which design phase service component includes the development and documentation of the test case or cases used to verify that a deployed infrastructure meets operational, functional, and interface requirements?
A. Detailed Design Development
B. Systems Acceptance Test Plan Development
C. Staging Plan
D. Business Plan
E. Implementation Plan

Correct Answer: B Section: (none) Explanation
QUESTION 105
Which CiscoWorks component would most help you locate end-station connections at the access switch level quickly?
A. Campus Manager
B. Device Fault Manager
C. CiscoView
D. Resource Manager Essentials

Correct Answer: A Section: (none) Explanation
QUESTION 106
You are about to upgrade a router with a newer IOS version, but you would like to check for known bugs
first.
Which tool will allow you to do this most easily?

A. Dynamic Configuration Tool
B. Cisco Bug Toolkit
C. Cisco.com Search functionality
D. Cisco Bug Matrix

Correct Answer: B Section: (none) Explanation QUESTION 107
What is the benefit of using the Cisco Easy VPN Server feature along with the Cisco software VPN client for implementing remote-access VPNs?
A. The Cisco Easy VPN Server feature and the Cisco software VPN client enable scalable remote-access VPNs deployment by using a thick client/thin server model where the central site VPN router can handle thousands of incoming VPN connections.
B. The Cisco Easy VPN Server feature and the Cisco software VPN client use the same GUI configuration tool to simplify remote-access VPN configurations.
C. The Cisco Easy VPN Server feature and the Cisco software VPN client use hardware-based encryption to reduce the CPU overhead of the central site VPN router.
D. The Cisco Easy VPN Server feature allows the Cisco software VPN client to receive its security policies from the central site VPN device. This minimizes the configuration requirements at the remote location for large remote access VPN deployments.

Correct Answer: D Section: (none) Explanation
QUESTION 108
Which two of these statements best describe fast secure roaming? (Choose two.)
A. a feature of WDS in lightweight APs
B. available in autonomous and lightweight APs
C. a feature of WDS in autonomous APs
D. available only in autonomous APs
E. requires at least one AP and one Wireless LAN Services Module

Correct Answer: BC Section: (none) Explanation
QUESTION 109
In which of these phases is a detailed design of a proposed customer solution developed?
A. design
B. operate
C. prepare
D. plan

Correct Answer: A Section: (none) Explanation
QUESTION 110
Which SDM feature secures the router using a set of recommended security configurations based on Cisco IOS AutoSecure and ICSA recommendations?
A. Security Wizard
B. Security Audit
C. One-step lockdown
D. Easy VPN Server
Correct Answer: C Section: (none) Explanation

QUESTION 111
What is the main advantage of configuring all switches in the enterprise network to VTP transparent mode?
A. Ensures consistency between VLAN numbering for all switches in the network
B. Prevents the network administrator from accidentally deleting VLAN information from all switches
C. Allows for a more rapid deployment of VLAN information throughout the enterprise
D. Reduces the total number of VLANs required in the enterprise

Correct Answer: B Section: (none) Explanation
QUESTION 112
You are going to deploy a wireless advanced feature set using lightweight access points. A site survey shows that the customer will need 34 Access Points to cover the facility. Assuming that the customer will not need to install more Access Points, only two devices can be used for wireless functionality? (Choose two.)
A. 2000 Series WLAN Controller
B. 4100 Series WLAN Controller
C. 4400 Series WLAN Controller
D. Wireless LAN solution Engine

Correct Answer: BC Section: (none) Explanation
QUESTION 113
What are three advantages of the Cisco Integrated Services Router Product family? (Choose three.)
A. Provides advanced security such as hardware encryption acceleration
B. Provides investment protection through increased modularity
C. Contains integrated wireless access using the 802.11 g/b standard
D. Contains integrated web-based management tools for easy configuration and maintenance

Correct Answer: ACD Section: (none) Explanation
QUESTION 114
What is the benefit of the parallel signature scanning feature in Cisco IOS IPS Software?
A. Scans multiple patterns within a Signature Micro Engine at any given time
B. Scans traffic patterns serially and correlates the events in parallel
C. Dynamically runs detection scanning rules in parallel within a Signature Micro Engine to increase IPS performance
D. Runs currently configured scanning rules in parallel while updating new signature definition files to reduce the risk of day-zero attacks

Correct Answer: A Section: (none) Explanation QUESTION 115
Which of these is an administrative time saving benefit of dynamic signature definition files on a Cisco router running Cisco IOS IPS?
A. Dynamically learns new signatures in real time
B. Dynamically updates signatures from cisco.com
C. Dynamically configures IPS signature parameters
D. Dynamically chooses which signatures to activate based upon network traffic seen

Correct Answer: B Section: (none) Explanation
QUESTION 116
Which is a key benefit of Cisco IOS IPS?
A. It configures the router to shun malicious activity via dynamically created access control lists
B. It utilizes the latest versions of Cisco IOS software to obtain the latest signature definition file
C. It mitigates network attacks via SDEE.
D. It leverages existing Cisco router infrastructure.

Correct Answer: D Section: (none) Explanation
QUESTION 117
Which Cisco PIX and ASA feature provides reliable, comprehensive security against virus and worm propagation, as well as data theft?
A. AIM
B. WebVPN for SSL
C. IPSec
D. stateful packet inspection

Correct Answer: B Section: (none) Explanation
QUESTION 118
Cisco security appliances act as a proxy between the end user and the target web server.
A. FALSE
B. TRUE

Correct Answer: B Section: (none) Explanation
QUESTION 119
You are Cisco Express Foundation Design Specialist in a company. Which type of customers should you suggest Cisco Lifecycle Services approach?
A. any type customer, regardless of size
B. customers from the large enterprise with a single campus
C. customers from large enterprise with a global presence
D. customers from small-or medium-sized business

Correct Answer: A Section: (none) Explanation
QUESTION 120
Cisco Lifecycle Services approach is a methodology for introducing new technologies
A. TRUE
B. FALSE

Correct Answer: A Section: (none) Explanation
QUESTION 121
What are three components of the wireless core feature set using autonomous access points? (Choose three.)
A. 802.1X authentication server
B. CiscoWorks WLSE
C. Wireless LAN Controller
D. Cisco autonomous access points running WDS

Correct Answer: ABD Section: (none) Explanation
QUESTION 122
The Cisco SDM can configure most, but not all, routing protocols. Which two of these routing protocols can be configured using SDM? (Choose two.)
A. BGP
B. EIGRP
C. OSPF
D. IGRP

Correct Answer: BC Section: (none) Explanation
QUESTION 123
In the plan phase, network readiness assessment addresses a comprehensive design that has been customized based on the operations processes, network management processes, and tools of its system
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation QUESTION 124
What are three benefits that companies gain with intelligent networking based on Cisco IOS network infrastructure? (Choose three.)
A. a network requiring fewer networking devices
B. a more resilient network
C. an adaptive network
D. a fully integrated network

Correct Answer: BCD Section: (none) Explanation
QUESTION 125
Your company plans to implement a wireless core feature set using autonomous access points. When choosing the access points, what is required for the customer to implement WDS?
A. WDS must be enabled on all APs in the WLAN.
B. Client cards must be using Cisco’s LEAP authentication.
C. The customer must have a WLSM blade in their Cisco Catalyst 6000.
D. All APs must support 802.1X for registration with WDS.

Correct Answer: D Section: (none) Explanation
QUESTION 126
You are working with a company that has an infrastructure based on lightweight access points using the advanced feature set. A new security requirement demands real-time asset tracking for 800 assets. Which product or solution will provide this function?
A. Wireless LAN Services Module
B. Wireless Location Appliance
C. Wireless LAN Solution Engine
D. Wireless Control System

Correct Answer: B Section: (none) Explanation

FLYDUMPS have full confident of helping you pass your Cisco 642-374 exam. FLYDUMPS’S sproducts come with a 100% guarantee of success. Cisco 642-374 exam is a very valuable exam of Cisco Specialist certification. This exam is one of the most important and top of the line certifications for the IT professionals. Cisco 642-374 Q&As are also available on the internet. The very concept of Cisco 642-374 exam sample questions is to introduce the candidates with the questions of utmost importance with regard to their IT certification exam.

Welcome to download the newest Pass4itsure AWS-SYSOPS dumps: http://www.pass4itsure.com/AWS-SysOps.html

IBM A4040-221 Dump, High Pass Rate IBM A4040-221 Free Dumps With Accurate Answers

Cisco 642-373 Practise Questions, High Pass Rate Cisco 642-373 Dumps PDF Are Based On The Real Exam

Welcome to download the newest Examwind 300-075 dumps: http://www.examwind.com/300-075.html

We at Flydumps Cisco 642-373 exam sample questions are IT. experts and are highly experienced in the field of exam dumps and study notes as our team is continuously working for the more accomplished Cisco 642-373 exam guide and test questions. At Cisco 642-373 exam sample questions Flydumps, all the necessary Cisco 642-373 exam guide is available which not only includes free Cisco 642-373 but it also contains Cisco 642-373 study guide and Cisco 642-373 practice exam.

QUESTION 135
In the plan phase, network readiness assessment addresses the optimal technologies for supporting its business requirements and objectives
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation
QUESTION 136
A customer is deploying a wireless core feature set using autonomous access points and requires  Layer 2 roaming. What is a requirement when deploying this solution?
A. a minimum of one Cisco 4100 Series WLAN Controller
B. one WDS per subnet
C. a minimum of one Wireless LAN Services Module
D. all clients using CiscoAironet Wireless LAN Adapters

Correct Answer: B Section: (none) Explanation
QUESTION 137
Cisco security appliances act as a proxy between the end user and the target web server.

A. TRUE
B. FALSE

Correct Answer: A Section: (none) Explanation
QUESTION 138
Which is not the benefit of implementing an integrated security solution based on the Cisco Self- Defending Network strategy?
A. integrated security
B. collaborative security system
C. self provisioning
D. Adaptive Threat Defense

Correct Answer: C Section: (none) Explanation
QUESTION 139
Cisco Lifecycle Services approach is a methodology for introducing new technologies
A. TRUE
B. FALSE

Correct Answer: A Section: (none) Explanation
QUESTION 140
In CiscoWorks LAN Management Solution, what are some of the examples of a managed device (sometimes called network elements)? (Choose three.)
A. routers
B. LAN switches
C. PBXswitches
D. appliances

Correct Answer: ABD Section: (none) Explanation
QUESTION 141

Which two of these statements best describe the benefits of WPAvl? (Choose two.)
A. SSID broadcast prevention
B. improved mutual authentication
C. improved encryption through AES
D. improved protection against sniffing initialization vectors

Correct Answer: BD Section: (none) Explanation QUESTION 142
The Cisco SDM can configure most, but not all, routing protocols. Which two of these routing protocols can be configured using SDM? (Choose two.)
A. BGP
B. IGRP
C. OSPF
D. EIGRP

Correct Answer: CD Section: (none) Explanation
QUESTION 143
Your company wants to deploy a wireless advanced feature set using lightweight access points. A site
survey shows that the customer will need 34 APs to cover the facility. Assuming that the customer will not
need to install more APs, only two devices can be used for wireless functionality.
Which two? (Choose two.)

A. 2000 Series WLAN Controller
B. 4100 Series WLAN Controller
C. 4400 Series WLAN Controller
D. Wireless LAN Solution Engine

Correct Answer: BC Section: (none) Explanation
QUESTION 144
Which is a key benefit of Cisco IOS IPS?
A. it mitigates network attacks via SDEE.
B. It utilizes the latest versions of Cisco IOS software to obtain the latest signature definition file
C. It leverages existing Cisco router infrastructure.
D. It configures the router to shun malicious activity via dynamically created access control lists

Correct Answer: C Section: (none) Explanation
QUESTION 145
Dynamic Configuration Tool is used to _______
A. verify IOS version
B. implement the mass deployment
C. test router configurations virtually
D. verify that hardware

Correct Answer: D Section: (none) Explanation QUESTION 146
You are Cisco Express Foundation Design Specialist in a company. You just properly configured multiple VLANs, Which three steps are required to secure VLAN network? (Choose three.)
A. If a port is connected to a foreign device make sure to disable CDP, DTP, RPR,PAgP, UDLP
B. Enable root guard feature
C. Configure VTP domains appropriately or turn off VTP altogether
D. Disable all unused ports and place them in an unused VLAN.

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:

QUESTION 147
Your company plans to implement a wireless core feature set using autonomous access points. When choosing the access points, what is required for the customer to implement WDS?
A. Client cards must be using Cisco’s LEAP authentication.
B. All APs must support 802.1Xfor registration with WDS.
C. WDS must be enabled on all APs in the WLAN.
D. The customer must have a WLSM blade in their Cisco Catalyst 6000.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:

QUESTION 148
Refer to the exhibit. A company wants to connect two new offices to their main office. One building is 2 miles away from the headquarters and the other is 12 miles away. The angle between the buildings is 80 degrees. Which antenna is the best to use in this situation?
A 12 dBi omni
A. 10dBiyagi
B. 14dBi sector
C. 21dBi dish

Correct Answer: C Section: (none) Explanation
QUESTION 149
The lower-level transport protocol that CiscoWorks LAN Management Solution rely on is____
A. TCP,
B. UDP,
C. IP,
D. FTP

Correct Answer: B Section: (none) Explanation
QUESTION 150
What is a key technical advantage of configuring all switches in the enterprise network to VTP transparent mode?
A. ensures consistency between VLAN numbering for all switches in the network
B. prevents the network administrator from accidentally deletingVLANinformation from all switches
C. allows for a more rapid deployment of VLAN information throughout the enterprise
D. reduces the total number of VLANs required in the enterprise

Correct Answer: B Section: (none) Explanation
QUESTION 151
You are Cisco Express Foundation Design Specialist in a company. Which type of customers should you suggest Cisco Lifecycle Services approach?

A. customers from large enterprise with a global presence
B. customers from the large enterprise with a single campus
C. customers from small-or medium-sized business
D. any type customer, regardless of size

Correct Answer: D Section: (none) Explanation
QUESTION 152
Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both support WebVPN
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation
QUESTION 153
Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both support WebVPN
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation QUESTION 154
Cisco’s WebVPN solution supports both TCP and UDP port forwarding for legacy application support
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation
QUESTION 155
A wireless assisted site survey cannot optimize_____.

A. radio transmit power setting
B. security selection
C. beacon interval
D. channel selection

Correct Answer: B Section: (none) Explanation
QUESTION 156
Cisco Lifecycle Services approach is a methodology for proactively updating equipment before it reaches the end of its life
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation
QUESTION 157
What are three benefits that companies gain with intelligent networking based on Cisco IOS network infrastructure? (Choose three.)
A. a fully integrated network
B. a network requiring fewer networking devices
C. an adaptive network
D. a more resilient network

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:

QUESTION 158
What are two Cisco IOS commands that would verify connectivity between routers R1 and R2? (Choose two.)
A. showcdp neighbor
B. show running configure
C. show frame-relay
D. showip route

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:

QUESTION 159
Please the description to the correct phase of the Cisco Self Defending Network strategy
(1)
security become a network-wide system: endpoints+network+policies (2) every network element is a point of defense

(3)
applications security+anti-x defenses+containment and control

(l)
SDN phase 1 (ll) SDN phase 2 (lll) SDN phase 3

A.
(I)-(3);(IIH2);(IHH1)

B.
(IH3);(IIH1);(IIIH2)

C.
(l)-(2);(ll)-(1);(lll)-(3)

D.
(I)-(2);(II)-(3);(IIIH1)

Correct Answer: C Section: (none) Explanation
QUESTION 160
Which two of these data encryption AIM modes are found on the 3800 family of Cisco ISR Routers? (Choose two.)
A. BPH
B. BPII-PIUS
C. EPll-Plus
D. HPII-PIUS

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:

QUESTION 161
You are working with a company that has an infrastructure based on lightweight access points using the advanced feature set. A new security requirement demands real-time asset tracking for 800 assets. Which product or solution will provide this function?
A. Wireless Control System
B. Wireless Location Appliance
C. Wireless LAN Solution Engine
D. Wireless LAN Services Module “Pass Any Exam. Any Time.”

Correct Answer: B Section: (none) Explanation
QUESTION 162
Cisco Lifecycle Services approach is a methodology for proactively updating equipment before it reaches the end of its life
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation
QUESTION 163
Which two of these statements best describe the benefits of WPAv2? (Choose two.)
A. SSID broadcast prevention
B. man-in-the-middle attack protection
C. cost reduction through software upgrades in all existing hardware
D. dynamic key generation

Correct Answer: BD Section: (none) Explanation
QUESTION 164
Which of these is an administrative time saving benefit of dynamic signature definition files on a Cisco router running Cisco IOS IPS?

A. dynamically learns new signatures in real time
B. dynamically updates signatures from Cisco.com
C. dynamically configures IPS signature parameters
D. dynamically chooses which signatures to activate based upon network traffic seen

Correct Answer: B Section: (none) Explanation
QUESTION 165
What are three components of the wireless core feature set using autonomous access points? (Choose three.)

A. CiscoWorksWLSE
B. Wireless LAH Controller
C. 802.1X authentication server D. Cisco autonomous access points running WDS

Correct Answer: ACD Section: (none) Explanation
QUESTION 166
When conducting a wireless site survey, you should take notice_____
A. 5 GHz equipment cannot penetrate through walls as well as 2.4 GHz equipment.
B. 2.4 GHz equipment cannot penetrate through walls as well as 5 GHz equipment.
C. Mounting antennas near metal objects will slightly amplify the signal.
D. When determining coverage, you should begin measuring attenuation from the middle of the room

Correct Answer: A Section: (none) Explanation
QUESTION 167
How to correct Cisco IOS images to support a customer’s security design and requirements? (Choose two.)
A. By using Cisco IOS debug tool.
B. By using Cisco Feature Navigator
C. By using Cisco IOS Package Planner
D. By using Cisco IOS Security Planner

Correct Answer: BC Section: (none) Explanation
QUESTION 168
A customer needs approximately 15 to 20 wireless APs for RF coverage. Given that the customer is going to use the 1010 lightweight AP with the advanced feature set, what other product is required to complete this operational functionality?
A. 2700
B. WLSE
C. 4124
D. 2006

Correct Answer: C Section: (none) Explanation
QUESTION 169
What are three advantages of the Cisco Integrated Services Router product family? (Choose three.)
A. provides advanced security such as hardware encryption acceleration
B. provides investment protection through increased modularity
C. contains integrated wireless access using the 802.11 g/b standard
D. contains integrated web-based management tools for easy configuration and maintenance

Correct Answer: ACD Section: (none) Explanation
QUESTION 170
Design phase service component_______includes the development and documentation of the test case or cases used to verify that a deployed infrastructure meets operational, functional, and interface requirements.
A. Security Plan
B. Business Plan
C. Staging Plan
D. Systems Acceptance Test Plan Development

Correct Answer: D Section: (none) Explanation
QUESTION 171
You are Cisco Express Foundation Design Specialist in a company. Your company two primary divisions: Sales and Financial. The Sales division is on network 140.10.64.0/21. The Financial division is on network 140.10.72.0/21. You want to summarize both networks into one routing statement. Which IP address and subnet mask combination would most efficiently accomplish this?
A. 140.10.64.0/21
B. 140.10.64.0/22
C. 140.10.64.0/20
D. 140.10.0.0./16

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

QUESTION 172
Which Cisco PIX and ASA feature provides reliable, comprehensive security against virus and worm propagation, as well as data theft?
A. WebVPN for SSL
B. iPSec
C. AIM
D. stateful packet inspection

Correct Answer: A Section: (none) Explanation
Explanation/Reference:

This volume is part of the Cisco 642-373 Exam Certification Guide Series from FLYDUMPS. Cisco 642-373 exam in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco 642-373 Certification candidates identify weaknesses,concentrate their study efforts,and enhance their confidence as Cisco 642-373 exam day nears.

Welcome to download the newest Examwind 300-075 dumps: http://www.examwind.com/300-075.html

Cisco 642-373 Practise Questions, High Pass Rate Cisco 642-373 Dumps PDF Are Based On The Real Exam

Cisco 642-565 Free Dumps, Money Back Guarantee Cisco 642-565 Guide Provider For Download

Flydumps certification Cisco 642-565 exam is a very important Hitachi certification exam in the IT industry, would like the examination must be fully prepared for the Cisco 642-565 exam is necessary. If you choose to enroll in the Cisco 642-565 exam you should choose a good learning materials or to choose a good training methods to prepare for the Cisco 642-565 exam. The Select Flydumps 100% to help you pass the Cisco 642-565 exam, according to the Cisco 642-565 exam subjects Flydumps Cisco 642-565 test is constantly changing, constantly update will provide the latest content of the Cisco 642-565. Flydumps have real and original Cisco 642-565 exam sample questions for preparing. Flydumps Cisco 642-565 exam sample questions and a close resemblance to the real Cisco 642-565 exam practice questions and answers.

QUESTION 124
Which encryption protocol is suitable for an enterprise with standard security requirements?
A. SHA-256
B. 768-bit RSA encryption
C. DES
D. MD5
E. AES-128

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 125
Which three factors can affect the risk of an IPS alert? (Choose three.)
A. Attacker Location
B. Relevance
C. Signature Fidelity
D. Event Severity
E. Signature Priority
F. Asset Integrity
Correct Answer: BCD Section: (none) Explanation

Explanation/Reference:
QUESTION 126
Which encryption protocol is suitable for an enterprise with standard security requirements?
A. 768-bit RSA encryption
B. SHA-256
C. AES-128
D. MD5
E. DES

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 127
Which three of these items are features of the Cisco Secure Access Control Server? (Choose three.)
A. CA Database
B. LDAP
C. RSA Certificates
D. Kerberos
E. NDS
F. Local OTP

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 128
Which two of these characteristics apply to promiscuous IPS operation? (Choose two.)
A. Invisible to the attacker
B. Impacts connectivity in case of failure or overload
C. Increase latency
D. Can use stream normalization techniques
E. Typically used with SPAN on the Switches
F. Less vulnerable to evasion techniques than inline mode

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 129
Your company whishes to adopt the Adaptive Threat Defense Architecture in their security policy. Identify three components of the anti-X defense paillar. (Choose three.)
A. URL filtering
B. Distributed denial-of-servicemitifation
C. Anomaly detection
D. Application-level role-based access control
E. Network auditing
F. Transaction privacy

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 130
Which three security controls can be provided by digital signatures? (Choose three.)
A. Anti-replay
B. Integrity
C. Authenticity
D. Nonrepudiation

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 131
What are three advantages of Cisco Security MARS? (Choose three.)
A. Performs automatic mitigation on Layer 2 devices
B. Contains scalable, distributed event analysis architecture
C. Is network topologyaware
D. Fixes Vulnerable and infected devices automatically
E. Provides rapid profile-based provisioning capabilities
F. Ensures that he user device is not vulnerable

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 132
Which two of these statements describe feature of the NAC Appliance Architecture? (Choose two.)
A. The standard NAC Appliance Manger can manage up to 40 NAC Appliance Servers failover pairs
B. The NAC Appliance Agent is bundled with the NAC Appliance Server Software
C. NAC Appliance Agent has the auto-upgrade feature
D. NAC Appliance Servers managed by the same NAC Appliance Manager can run in mixed mode (inline or out-of-band)
E. NAC Appliance high availability VRRP

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 133
Which IPS feature models worm behavior and correlates the specific time between events, network behavior and multiple exploit behavior to more accurately identify and stop worms?
A. Meta Event Generator
B. Security Device Event Exchange support
C. Risk Rating
D. Traffic normalization

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 134
Which two are main security drivers? (Choose two.)
A. Business needs
B. Optimal network operation
C. Compliance with company policy
D. Increased productivity
E. Security legislation

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 135
What are the major characteristics for designing a VPN for existing networks?
A. Performance, topology and price
B. Topology, high availability, security, scalability, manageability and performance
C. Intended use, existing installation and desired functionality
D. Vendors and the functionality of the installed equipment

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 136
A. Span, flexibility, security and low cost What are the advantage of IPSec-based Site-to-Site VPNS over traditional WAN networks?
B. Delay guarantees, span, performance, security and low cost
C. Bandwidth guarantees, support for non-IP Protocols, Scalability and modular design guidelines
D. Bandwidth guarantees, flexibility, security and low cost

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 137
Refer to the following Cisco products, which two can provide a captive portal to authenticate wireless users? (Choose two.)
A. Cisco NAC Profiler
B. WLAN Controller
C. Cisco NAC Guest Server
D. Cisco ASA

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 138
Which option is correct about the relationship between the terms and their descriptions? Term
1.
true positives

2.
false positives

3.
ture negatives

4.
false negatives
A. security control has not acted,even though there was malicious activity
B. security control has not acted,as there was no malicious activity
C. security control acted as a consequence of non-malicious activity
D. security control acted as a consequence of malicious activity
E. a-4,b-3,c-2,d-1
F. a-4,b-3,c-1,d-2
G. a-4,b-2,c-1,d-3
H. a-4,b-2,c-3,d-1

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 139
Observe the following Cisco software agents carefully, can you tell me which one uses content scanning to identify sensitive content and controls the transfer of sensitive content off the local endpoint over removable storage, locally or network-attached hardware, or network applications?
A. CiscoIronPort Agent 3.0
B. Cisco Trust Agent 2.0
C. Cisco NAC Appliance Agent 4.1.3
D. Cisco Security Agent 6.0

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 140
Look at the following items carefully, which Cisco ASA’s Unified Communications proxy feature manipulates both the signaling and the media channels?
A. CUMA Proxy
B. TLS Proxy
C. H.323 Proxy
D. Phone Proxy

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 141
Which Cisco product can provide endpoint-based trusted-traffic marking while implementing QoS?
A. Cisco Trust Agent
B. Cisco Secure Services Client
C. Cisco Secure Desktop
D. Cisco Security Agent

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 142
In multi-tier applications and multi-tier firewall designs, which additional security control can be used to force an attacker to compromise the exposed server before the attacker attempts to penetrate the more protected domains?
A. Implement host IPS on the exposed servers in the DMZs.
B. Make exposed servers in the DMZs dual homed.
C. At each tier, implement a transparent proxy component within the firewall system.
D. Implement in-band network admission control at the first tier.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 143
You are the network consultant from Company.com. Please point out three technologies address ISO 17799 requirements for unauthorized access prevention.
A. VPN
B. Cisco Secure Access Control Server
C. 802.1X
D. Network Admission Control

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 144
Which Cisco Catalyst Series switch feature can be used to integrate a tap-mode (promiscuous mode) IDS/IPS sensor into the network?
A. PVLAN Trunk
B. PVLAN Edge
C. Cisco Express Forwarding Switching
D. Switch Port ANalyzer (SPAN)

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

Flydumps.com New Cisco 642-565 dumps are designed to help you to out in a short time. You can get Flydumps Cisco 642-565 dumps to pass your exam. To be a Microsoft professional makes you a better future.

Cisco 642-565 Free Dumps, Money Back Guarantee Cisco 642-565 Guide Provider For Download

Cisco 642-373 PDF Download, The Most Effective Cisco 642-373 Dump Test With The Knowledge And Skills

When deciding to choose Flydumps Cisco 642-373 exam sample questions, you will choose the success in Cisco 642-373 exam. You aren’t planning to purchase a non reusable solution. Cisco 642-373 exam sample questions changes are supplied no cost. It doesn’t matter how shortly you choose grab the specific Cisco 642-373 exam sample questions accreditation, take the real Cisco 642-373 questions qualification, it will be easy just to walk in the screening space as assured as the Certification Administrator. Several Cisco 642-373 study books contain questions at the end of each chapter. Candidates should be able to practice Cisco 642-373 exam sample questions. If you plan for your free using your Flydumps assessment serps, most people ensure making money online within the initial endeavor.

QUESTION 107
Cisco ASDM provides 16 different graphs that help identify security risks by displaying data about potentially malicious activity. What is one kind of data these graphs show?
A. stateful packet statistics
B. ACL statement matches
C. real-time analysis of dropped packets
D. portmap requests

Correct Answer: D Section: (none) Explanation
QUESTION 108
In the design phase, which service component provides the customer with a comprehensive design?
A. High-Level Design
B. Staging Plan
C. Detailed Design Development
D. Implementation Plan ActualTests.com
E. Project Kick-off

Correct Answer: C Section: (none) Explanation
QUESTION 109
Which of these is an accurate list of Cisco Lifecycle Services phases?
A. project planning, site assessment, risk assessment, solution selection and acquisition, testing, and operations
B. analysis, design, deployment, testing, implementation, and production
C. prepare, plan, design, implement, operate, and optimize “Pass Any Exam. Any Time.” -www.actualtests.com 38 Cisco 642-374: Practice Exam
D. initiation, planning, analysis, design, development, implementation, operations and maintenance
E. presales, project planning, development, implementation, operations testing, and operations sign-off

Correct Answer: C Section: (none) Explanation
QUESTION 110
You are planning to connect your three branch offices to the corporate site via Frame Relay. The first branch office has been assigned the network 10.1.0.0/16, the second 10.2.0.0/16, the third 10.3.0.0/16, and the corporate headquarters uses 10.0.0.0/16. You would like to summarize all branch and corporate networks into a single route at the corporate site.
Which network address and subnet mask should you choose?
A. 10.0.0.0/24
B. 10.0.0.0/14
C. 10.0.0.0/16
D. 10.0.0.0/15

Correct Answer: B Section: (none) Explanation
QUESTION 111
Refer the exhibit. Which two methods enable a PC connected to the PartnerNet to connect to a server on DMZ1 but deny it access to both DMZ2 and the Inside network? (Choose two.)
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 39 Cisco 642-374: Practice Exam

A. Disable NAT control on DMZ2 and the Inside interfaces only.
B. Enable static NAT translation for the DMZ1 server, and then use an ACL to permit thePartnerNet PC traffic to the DMZ1 server.
C. Lower the security level of the DMZ2 interface to 30.
D. Enable port address translation for traffic sourced from thePartnerNet PC to the DMZ1 server.
E. Disable NAT control on the DMZ1 interface only.
F. Raise the security level of thePartnerNet interface to 55.

Correct Answer: BF Section: (none) Explanation
QUESTION 112
ActualTests.com
Which of these statements regarding Cisco’s WebVPN support is correct?

A. Cisco security appliances act as a proxy between the end user and the target web server.
B. Cisco’sWebVPN solution supports both TCP and UDP port forwarding for legacy application support.
C. Cisco ISR Routers with the Enhanced Security Bundles supportWebVPN.
D. Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both supportWebVPN.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” – www.actualtests.com 40 Cisco 642-374: Practice Exam
QUESTION 113
In which of these phases is a customer’s network assessed to determine its system readiness?
A. operate
B. plan
C. implement
D. design

Correct Answer: B Section: (none) Explanation
QUESTION 114
Which of these best describes the Cisco Lifecycle Services approach?
A. a methodology for determining total cost of ownership
B. a methodology for creating a business plan
C. a methodology for proactively updating equipment before it reaches the end of its life
D. a methodology for introducing new technologies

Correct Answer: D Section: (none) Explanation
QUESTION 115
What is one thing you should be aware of when conducting a wireless site survey?
A. 2.4 GHz equipment will not be able to penetrate through walls as well as 5 GHz equipment.
B. 5 GHz equipment will not be able to penetrate through walls as well as 2.4 GHz equipment.
C. When determining coverage, you should begin measuring attenuation from the middle of the ActualTests.com room.
D. Mounting antennas near metal objects will slightly amplify the signal.

Correct Answer: B Section: (none) Explanation
QUESTION 116
Which Cisco security tool can best determine if a Cisco ISR router is properly secured?
A. Cisco Security Agent MC
B. Cisco SecurityIntelliShield
C. Cisco Security MARS
D. Cisco SDM Security Audit “Pass Any Exam. Any Time.” – www.actualtests.com 41 Cisco 642-374: Practice Exam
E. CAN

Correct Answer: D Section: (none) Explanation
QUESTION 117
Refer to the exhibit. Deploying integrated services on the Cisco ISR Router can help reduce network cost and complexity by integrating which four of these features on the ISR? (Choose four.)

A. firewall and VPN
B. IP telephony and voice mail
C. Anomaly Guard and Detection
D. Secure Access Control Server ActualTests.com
E. LAN switching and Wireless LAN
F. IPS

Correct Answer: ABEF Section: (none) Explanation
QUESTION 118
In which of these phases is a detailed design of a proposed customer solution developed?
A. operate
B. prepare
C. design “Pass Any Exam. Any Time.” – www.actualtests.com 42 Cisco 642-374: Practice Exam
D. plan

Correct Answer: C Section: (none) Explanation
QUESTION 119
Conducting a project kick-off in the plan phase provides which of the following customer benefits?
A. reduce the risk of downtime due to facilities-related problems
B. confirm project roles and responsibilities, as well as milestone dates
C. ensure that it receives detailed network diagrams
D. ensure end-user support immediately after the launch of a new system

Correct Answer: B Section: (none) Explanation
QUESTION 120
Which definition best describes the implementation service component within the implement phase?
A. installing, configuring, and integrating systems components based on an implementation plan developed in earlier phases
B. providing a step-by-step plan that details the installation and service-commission tasks required in order to create a controlled-implementation environment that emulates a customer network
C. developing and executing proof-of-concept tests, validating high-level infrastructure design, and identifying any design enhancements
D. assessing the ability of site facilities to accommodate proposed infrastructure changes
E. improving a customer’s infrastructure security system ActualTests.com

Correct Answer: A Section: (none) Explanation
QUESTION 121
Refer to the exhibit. What are two Cisco IOS commands that would verify connectivity between routers R1 and R2? (Choose two.)
“Pass Any Exam. Any Time.” – www.actualtests.com 43 Cisco 642-374: Practice Exam

A. showip route
B. show frame-relaylmi
C. showcdp neighbor
D. show running-config
E. show controllers serial

Correct Answer: AC Section: (none) Explanation
QUESTION 122
Cisco ISR Routers offer which three of these security benefits? (Choose three.)
A. events correlation and proactive response
B. onboard VPN accelerator
C. high-performance AIM VPN modules
D. Cisco IOS Firewall and IOS IPS
E. transparent firewall
F. virtual firewall ActualTests.com

Correct Answer: BCD Section: (none) Explanation
QUESTION 123
Which item is a feature of Cisco Compatible Extensions, Version 3?
A. full WPAv2 compliance
B. NAC
C. wireless IDS
D. full 802.11e compliance

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” – www.actualtests.com 44 Cisco 642-374: Practice Exam
QUESTION 124
In which of these phases is a customer’s current network infrastructure assessed?
A. prepare
B. implement
C. design
D. plan

Correct Answer: D Section: (none) Explanation
QUESTION 125
You are about to upgrade a router with a newer IOS version, but you would like to check for known bugs first. Which tool will allow you to do this most easily?
A. Dynamic Configuration Tool
B. Cisco.com Search functionality
C. Cisco Bug Matrix
D. Cisco Bug Toolkit

Correct Answer: D Section: (none) Explanation
QUESTION 126
Which two of these statements describe important aspects of performing a wireless site survey? (Choose two.)
A. Surveys should be done after hours in an office building or during reduced inventory levels in ActualTests.com warehouses.
B. Channel power during testing starts at the default minimum and gradually increases to the maximum.
C. An 802.11g access point with a variety of antennas can be used in all standard site surveys.
D. Site surveys can be performed manually or through assisted site survey.
E. Overlapping access points can create performance problems.

Correct Answer: DE Section: (none) Explanation
QUESTION 127
At which stage of the Cisco Lifecycle Services approach would you test for system acceptance?
“Pass Any Exam. Any Time.” – www.actualtests.com 45 Cisco 642-374: Practice Exam
A. Implementation
B. Operation
C. Optimization
D. Design
E. Preparation
F. Planning

Correct Answer: A Section: (none) Explanation
QUESTION 128
Which Cisco SDM feature allows you to specify whether you want SDM files installed on your PC or on your router?
A. Cisco SDM Express Wizard
B. Create Connection Wizard
C. Cisco SDM Image Manager
D. InstallShield Wizard

Correct Answer: D Section: (none) Explanation
QUESTION 129
What is the benefit of using the Cisco Easy VPN Server feature along with the Cisco software VPN client for implementing remote-access VPNs?
A. The Cisco Easy VPN Server feature allows the Cisco software VPN client to receive its security policies from the central site VPN device. This minimizes the configuration requirements at the remote location for large remote access VPN deployments. ActualTests.com
B. The Cisco Easy VPN Server feature and the Cisco software VPN client enable scalable remote- access VPNs deployment by using a thick client/thin server model where the central site VPN router can handle thousands of incoming VPN connections.
C. The Cisco Easy VPN Server feature and the Cisco software VPN client use the same GUI configuration tool to simplify remote-access VPN configurations.
D. The Cisco Easy VPN Server feature and the Cisco software VPN client use hardware-based encryption to reduce the CPU overhead of the central site VPN router.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
NEW Questions: 45

“Pass Any Exam. Any Time.” – www.actualtests.com 46
Cisco 642-374: Practice Exam

QUESTION 130
Cisco Software Advisor allows you to search either for software that is compatible with your hardware or for software with the specific features you need Identify two items that are only available for selection when searching for specific features? (Choose two.)
A. Category
B. Type
C. os
D. Engine/CPU

Correct Answer: CD Section: (none) Explanation
QUESTION 131
In the plan phase, network readiness assessment addresses an assessment of the preparedness of the customer’s existing system infrastructure to support a proposed solution
A. TRUE
B. FALSE

Correct Answer: A Section: (none) Explanation
QUESTION 132
In the plan phase, network readiness assessment addresses a comprehensive design that has been customized based on the operations processes, network management processes, and tools of its system
ActualTests.com
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation
QUESTION 133
Wi-Fi Protected Access was an interim step on the way to the more secure WPA2. What was added in WPA2 to make it more secure?
A. PEAP
B. EAP-FAST
C. AES encryption “Pass Any Exam. Any Time.” – www.actualtests.com 47 Cisco 642-374: Practice Exam
D. Rivest Cipher 4 encryption

Correct Answer: C Section: (none) Explanation
QUESTION 134
In the plan phase, network readiness assessment addresses an in-depth assessment of the operational environment required to support the operation of both the current and planned solutions
A. TRUE
B. FALSE

Correct Answer: B Section: (none) Explanation

The last segment is related to the basic inferential statistics that require your knowledge of chi-square, correlations, regression, samples, statistical errors, t-test and statistics. Command of these segments will help you in obtaining this certification. It will help you to understand the Cisco 642-373 exam questions and answer them appropriately.

Cisco 642-373 PDF Download, The Most Effective Cisco 642-373 Dump Test With The Knowledge And Skills

Cisco 642-983 Dumps, Most Popular Cisco 642-983 Practice On Our Store

Your worries about Cisco 642-983 exam complexity no more exist because Flydumps is here to serves as a guide to help you to pass the exam.All the exam questions and answers is the latest and covering each and every aspect of Cisco 642-983 exam.It 100% ensure you pass the Cisco 642-983 exam without any doubt.

QUESTION 36
The Cisco UCS VIC M81KR supports up to how many virtual network interface cards?
A. sixteen
B. thirty-two
C. sixty-four
D. One hundred and twenty-eight

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 37
Which statement about a Service Profile is most accurate?
A. associated with a pool of blades
B. represents a group of physical blades
C. stores connectivity requirements

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 38
Which two statements about MAC addresses in the Cisco UCS are true?(Choose two.)
A. The first 2 octets represent the manufacturer OUI
B. The first 3 octets represent the manufacturer OUI
C. The last 3 octets are assigned by the organization itseIf.
D. The last 4 octets are assigned by the organization itseIf.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 39
The Cisco Nexus 1000V requires which of the following VLANs to be configured :(choose 3)
A. Control
B. Supervisor
C. Packet
D. Management Correct Answer: ACD

Section: (none) Explanation
Explanation/Reference:
QUESTION 40
Which statement ab0ut VLANs in a Cisco UCS is true?
A. Fabric interconnect can never participate in VTP
B. Fabric interconnect supports ISL and 802.1Q trunking
C. The supported range of VLANs is auto-configured by UCS
D. VLANs are configured through the Cisco UCS manager. (fabric interconnect may be set up in switch mode)

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 41
Which two benefits result from I/O consolidation using FCoE within the Cisco UCS? (choose two)
A. increases the number of vsans without limit
B. reduces power consumption per rack
C. cuts the number of network cards and cables
D. simplifies the management of san domains

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 42
Which tow statements are most correct regarding opt-in models?(Choose two)
A. A based opt-in model uses virtualized identifiers
B. A based opt-in model uses hardware values as identifiers
C. A logical server opt-in model uses virtualized identifiers
D. A logical server opt-in model uses hardware values as identifiers

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 43
What are the 2 types of interfaces in an NPIV mode network topology?(Choose two)
A. Local
B. Server
C. Network
D. Border

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 44
Which feature allows users to be granted granular permission sets based on their responsibilities?
A. organization
B. AAA
C. RBAC
D. Groups

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 45
Which component of the Cisco nexus 1000v monitors the migration of virtual machine during vmotion events
A. UCS Manger
B. virtual supervisor module
C. virtual ethernet module
D. distributed virtual switch

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 46
Which two items does a user object in the UCS system contain?(Choose two)
A. Authentication and Authorization credentials
B. Microsoft Active Directory credentials
C. LDAP assignment
D. Role assignment

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 47
Refer to thee exhibit what does unassociated imply in the Overall Status field?
A. The physical server has not loaded the NX OS operating system
B. The service profile is not associated with a physical compute node
C. The physical server is not connected to an IOM
D. Neither the physical server nor the specified Service Profile are communicating with the CMC

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Which two aspects of a UCS solution enable fast response to growth requirements in the data center? (Choose two)
A. UCS Manager
B. fabric interconnect
C. service profiles
D. expansion modules
E. virtual interface cards

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 49
A particular UCS system has 8 fiber channel uplinks configured. How many VSANs are supports by this configuration?
A. four
B. eight
C. sixteen
D. thirty-two

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 50
The Cisco 6100 XP Fabric Interconnect is available in Which two configurations?(Choose two)
A. 20 port+expansion module
B. 24 port+expansion module
C. 40 port+expansion module
D. 48 port+expansion module

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Due to the internal Fiber Channel over Ethernet architecture of the Cisco UCS ,what does each VSAN require?
A. it is carried on only 1 vhba per ucs system
B. it has a qos policy in order to maintain traffic priority
C. there is a supporting vsan to carry the fcoe traffic
D. there is a dedicated VLAN to carry the FCoEtraffic

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 52
In UCSM, where are Call Home conditions for monitoring configured?
A. Call Home Service Profiles
B. Call Home Policies
C. Call Home Events
D. Call Home Traps

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 53
A network administrator is viewing the control plane traffic flowing through their network in real-time. What built-in feature enabled this ability?
A. call home
B. wireshark
C. ethanalyzer
D. NX-OS

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 54
A service profile is created using vHBAs. What will happen if the profile is applied to a server with a mezzanine card without storage capability?
A. The blade association will fail
B. The storage adapter will not be visible to the OS
C. A virtual storage adapter will be created
D. A WWNN/WWPN will be auto-selected from the default pool

Correct Answer: A Section: (none) Explanation Explanation/Reference:
QUESTION 55
Which two factors determine the recommended maximum number of virtual interfaces on a Cisco UCS system? (Choose two)
A. the number of computer blades in the system
B. the number of interfaces sharing the uplinks
C. the driver version on the OS running on the computer blade
D. the number of uplinks between I/O Module and Fabric Interconnect

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which Cisco product is a storage comp0nent of the Cisco data center Unified Computing Solution?
A. Nexus 1000
B. UCS5 5100
C. Catalyst 6500
D. MDS 9000

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 57
Which Cisco product is a storage component of the Cisco data center Unified Computing Solution?
A. Nexus 1000
B. UCS5 100
C. Catalyst 6500
D. MDS 9000

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 58
The Cisco 6100 XP Fabric interconnect is available in which two configurations? (Choose two)
A. 20 port + expansion module
B. 24 port + expansion module
C. 40 port + expansion module
D. 48 port + expansion module
Correct Answer: AC Section: (none) Explanation

Explanation/Reference:
QUESTION 59
The cluster IP address of the UCS Fabric interconnects is used to access which three entities?(Choose three)
A. CMC
B. CLI
C. API
D. VSM
E. UI

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:

With the complete collection of Cisco 642-983 Questions and Answers, Flydumps.com has assembled to take you through Questions and Answers to your Cisco 642-983 Exam preparation. In the Exam Oracle 1Z0-102 exam resources, you will cover every field of Cisco 642-983 exam helping to ready you for your successful Cisco Certification.

Cisco 642-983 Dumps, Most Popular Cisco 642-983 Practice On Our Store

Cisco 642-565 PDF, New Updated Cisco 642-565 Vce & PDF Is Your Best Choice

Flydumps bring you the best Cisco 642-565 Certification exam preparation materials which will make you pass in the first attempt.And we also provide you all the Cisco 642-565 exam updates as Microsoft announces a change in its Cisco 642-565 exam syllabus,we inform you about it without delay.

QUESTION 101
When implementing a Cisco Integrated Services Router, which feature would you apply to achieve application security?
A. Access control lists
B. Alerts and audit trails
C. Lock-and-key (dynamic access control lists)
D. Context-based Access Control

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: CBAC intelligently filters TCP and UDP packets based on application-layer protocol session information and can be used for intranets, extranets and the Internet. CBAC is implemented on Cisco IOS routers via the firewall feature set. Without CBAC, traffic filtering is limited to access list implementations that examine packets at the networklayer, or at most, the transportlayer. However, CBAC examines not only networklayer and transportlayer information but also examines the application-layer protocol information (such as FTP connection information) to learn about the state of the TCP or UDP session. This allows support of protocols that involve multiple channels created as a result of negotiations in the control channel. Most of the multimedia protocols as well as some other protocols (such as FTP, RPC, and SQL*Net) involve multiple channels. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/ products_configuration_guide_chapter09186a00800 c
QUESTION 102
Which statement is true about the built-in hardware-based encryption that is included with Cisco Integrated Services Routers?
A. It supports SRTP
B. It supports 256-bit AES encryption
C. It is two times faster than previous modules
D. It stores VPN credentials

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
The ISR router series provides built-in VPN encryption acceleration for IPSec DES, 3DES, and AES 128,
192, and 256.
Reference: Security Solutions for SE (SSSE) v1.0 Student Guide, Module 1, page 2-13.

QUESTION 103
Certkiller is a network administrator at Certkiller .com. Certkiller .com wants to implement command authorization for tighter control of user access rights. Which combination of authentication server and authentication protocol is able to best meet this requirement?
A. Cisco Secure ACS server and RADIUS
B. Cisco Secure ACS server and TACACS+
C. Microsoft IAS server and RADIUS
D. Microsoft Windows Domain Controller and Kerberos

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco Secure Access Control Server (ACS) for Windows provides a centralized identity networking solution and simplified user management experience across all Cisco devices and security management applications. Cisco Secure ACS helps to ensure enforcement of assigned policies by allowing network administrators to control:
*
Who can log into the network

*
The privileges each user has in the network

*
Recorded security audit or account billing information

*
Access and command controls that are enabled for each configuration’s administrator Cisco Secure ACS is a major component of Cisco trust and identity networking security solutions. It extends access security by combining authentication, user and administrator access, and policy control from a centralized identity networking framework, thereby allowing greater flexibility and mobility, increased security, and user productivity gains. The TACACS+ protocol provides authentication between the network access server and the TACACS+ daemon, and it ensures confidentiality because all protocol exchanges between a network access server and a TACACS+ daemon are encrypted. TACACS+ was designed by Cisco to overcome some of the imitations of RADIUS and is therefore considered to be more secure. RADIUS combines authentication and authorization. The access-accept packets sent by the RADIUS server to the client contain authorization information, making it difficult to decouple authentication and authorization. RADIUS also encrypts only the password in the access-request packet from the client to the server. The remainder of the packet is in the clear. Other information, such as username, authorized services, and accounting, can be captured by a third party. Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c1.htm#1034907
QUESTION 104
DRAG DROP
You work as a network technician at Certkiller .com. Your boss, Mrs Certkiller, is curious about secure
features. Match the features with the appropriate description.
Use each feature once and only once.
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation:
Allows control of web traffic based on sec policy – URL filtering Can control protocol misuse – Application-
based filtering (NBAR – Network Based Application Recognition)
Can proactively stop Net Attacks – unmatched (This describes IPS, which is not an option)
Leads to smaller holes in ACL – State full inspection (No need to authorize return traffic) Allows designated
users to gain temporary access- Lock-and-Key

QUESTION 105
DRAG DROP
You work as a network technician at Certkiller .com. Your boss, Mrs Certkiller, is curious about secure
Cisco IOS VPN technology. Match the technology with the appropriate benefit.
Use each technology once and only once.
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 106

DRAG DROP
You work as a network technician at Certkiller .com. Your boss, Mrs Certkiller, is curious about firewall
features. Match the features with the appropriate descriptions.
Use each feature once and only once.
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

QUESTION 107
Cisco MARS is being used in the Certkiller network. What is a feature or function of Cisco Security MARS?
A. MARS enforces authorization policies and privileges
B. MARS determines security incidents based on device messages, events, and sessions
C. MARS configures, monitors, and troubleshoots Cisco security products
D. MARS supports AAA user login authentication
E. None of the above

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: With MARS, as events and data messages are received, the information is normalized against the topology, discovered device configurations, same source and destination applications (across Network Address Translation [NAT] boundaries), and similar attack types. Similar events are grouped into sessions in real time. System- and user-defined correlation rules are then applied to multiple sessions to identify incidents.
QUESTION 108
Cisco Clean Access has been implemented in the Certkiller network. What are the two main reasons for customers to implement Cisco Clean Access? (Choose two)
A. Enforcement of security policies by making compliance a condition of access
B. Focus on validated incidents, not investigating isolated events
C. Integrated network intelligence for superior event aggregation, reduction, and correlation
D. Provision of secure remote access
E. Significant cost savings by automating the process of repairing and updating user machines
F. Implementation of NAC phase 1

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco NAC Appliance (formerly Cisco Clean Access) is an easily deployed Network Admission Control (NAC) product that uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources. With NAC Appliance, network administrators can authenticate, authorize, evaluate, and remediate wired, wireless, and remote users and their machines prior to network access. It identifies whether networked devices such as laptops, IP phones, or game consoles are compliant with your network’s security policies and repairs any vulnerabilities before permitting access to the network. Networks with Cisco NAC Appliance can realize benefits such as:
*
Minimized network outages

*
Enforcement of security policies

*
Significant cost savings with automated device repairs and updates Reference: http://www.cisco.com/en/ US/products/ps6128/index.html
QUESTION 109
DRAG DROP
You work as a network technician at Certkiller .com. Your boss, Mrs Certkiller, is curious about Cisco
Security modules. Match the modules with the appropriate descriptions.
Not all descriptions are used.
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 110

A new MARS appliance has been installed in the Certkiller network. What is the purpose of SNMP community strings when adding reporting devices into a newly installed Cisco Security MARS appliance?
A. To discover and display the full topology
B. To import the device configuration
C. To pull the log information from devices
D. To reconfigure managed devices

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: Cisco routers and switches that are running Cisco IOS Software release 12.2 can be configured to provide different types of data to MARS: Syslog messages. The syslog messages provide information about activities on the network, including accepted and rejected sessions. SNMP traffic. SNMP RO community strings support the discovery of your network’s topology. NAC-specific data. NAC logs events that are specific to its configuration, including Extensible Authentication Protocol (EAP) over UDP messages and 802.1x accounting messages. Access lists or NAT statements. You must enable SSH or Telnet access if the configuration on the Cisco router or swtich includes access lists or NAT statements. Spanning tree messages (Switch only). You must have STP (spanning tree protocol) configured correctly on the switches to enable L2 discovery and mitigation. STP provides MARS with access to the L2 MIB, which is required to identify L2 re-routes of traffic and to perform L2 mitigation. MARS also uses the MIB to identify trunks to other switches, which are used to populate VLAN information used in L2 path calculations. STP, which is enabled by default on Cisco Switches, should remain enabled, as it is required for L2 mitigation. Reference: http://www.cisco.com/en/US/products/ps6241/products_user_guide_chapter09186a008074f215.html
QUESTION 111
What could be a reason to implement Cisco Security Agent?
A. To prevent Day Zero attacks
B. To communicate the host posture validation to a policy server
C. To track the Internet usage of employees
D. To validate policy compliance

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Current supported versions of Cisco Security Agent 4.0.3.x, 4.5.1.x, 5.0.0.x, and 5.1.0.x are effective in
stopping all known exploits seen to date, thus providing “Zero-Day” protection at the end host. CSA host
intrusion prevention system software effectively stops both the initial buffer overflow attempt and any
subsequent steps to exploit the Microsoft Windows VML document arbitrary code execution vulnerability.
Reference:
http://www.cisco.com/en/US/products/sw/secursw/ps5057/
tsd_products_security_response09186a008074f075.h t

QUESTION 112
Which two are parts of the Network Security Lifecycle? (Choose two)
A. Purchase
B. Operate
C. Integrate
D. Design
E. Develop

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
The Network Security lifecycle is based on the lifecycle of the network itself as shown in the figure below. It
includes the Preparation, Planning, Design, Implementation, Operation, and Optimization components..
QUESTION 113
A new MARS appliance has been installed in the Certkiller network. On the Cisco Security MARS appliance, what is used to facilitate the management of Event, IP, Service and User management?
A. Groups
B. Custom parser
C. Rules
D. Signatures
E. Audit trail log

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Using a creating event groups is one of the most powerful ways to leverage rules. You can take any event
or series of events, group them, and use them with rules to concentrate your searches for attacks. Groups
are also used to facilitate the IP management, Service Management, and User Management tabs within
the MARS local and Global Controllers. Reference: Security Solutions for SE (SSSE) v1.0 Student Guide,
Module 6, page 4-35 through 4-36.

QUESTION 114
Which two features work together to provide Anti-X defense? (Choose two)
A. Enhanced application inspection engines
B. Enhanced security state assessment
C. Cisco IPS version 5.0 technology
D. Network security event correlation
E. Cisco IOS AutoSecure

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation: The Cisco Intrusion Prevention System (IPS) Version 5.0 Solutions deliver a new generation of highly accurate and intelligent in-line prevention services complemented by new network anti-virus, anti-spyware and worm mitigation capabilities for improved threat defense across multiple form factors including appliances, switch-integrated modules, and Cisco IOSSoftware-based solutions using enhanced application inspection engines.
QUESTION 115
Which three components should be included in a security policy? (Choose three)
A. Identification and authentication policy
B. Incident handling procedure
C. Security best practice
D. Security product recommendation
E. Software specifications
F. Statement of authority and scope

Correct Answer: ABF Section: (none) Explanation
Explanation/Reference:
Explanation:
A Security policy is used to define and set a good foundation for securing the network, including:
Definition: Define the data assets to be covered by the security policy (statement of authority and scope).
Identity: How do you identify the hosts and applications affected by this policy. Trust: Under what
conditions is communication allowed between hosts. Enforceability: How will the policies implementation
be verified. Risk Assessment: What is the impact of a policy violation and how to detect them. Incident
Response: What actions are required upon violation of a security policy. Reference: Security Solutions for
SE (SSSE) v1.0 Student Guide, Module 1, page 1-25.

QUESTION 116
A new MARS appliance has been installed in the Certkiller network. Which statement is true about the Cisco Security MARS Global Controller?
A. The Global Controller receives detailed incidents information from the Local Controllers, and correlates the incidents between multiple Local Controllers.
B. The Global Controller centrally manages a group of Local Controllers.
C. Rules that are created on a Local Controller can be pushed to the Global Controller.
D. Most data archiving is done by the Global Controller.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The MARS GlobalController is a security threat mitigation (STM) appliance. Once you deploy multiple LocalControllers, you can deploy a GlobalController that summarizes the findings of two or more LocalControllers. In this way, the GlobalController enables you to scale your network monitoring without increasing the management burden. The GlobalController provides a single user interface for defining new device types, inspection rules, and queries, and it enables you to manage LocalControllers under its control. This management includes defining administrative accounts and performing remote, distributed upgrades of the LocalControllers. Reference: http://www.cisco.com/en/US/products/ps6241/products_user_guide_chapter09186a008053fdeb.html
QUESTION 117
Which Cisco IOS feature uses multipoint GRE and the Next Hop Resolution Protocol to create dynamic IPSec tunnels between spoke (branch) sites?
A. Easy VPN
B. V3PN
C. DMVPN
D. Web VPN

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: The Dynamic Multipoint VPN (DMVPN) feature allows users to better scale large and small IP Security (IPsec) Virtual Private Networks (VPNs) by combining generic routing encapsulation (GRE) tunnels, IPsec encryption, and Next Hop Resolution Protocol (NHRP). With DMVPN, The Dynamic Creation for Spoke-to-Spoke Tunnels feature eliminates the need for spoke-to-spoke configuration for direct tunnels. When a spoke router wants to transmit a packet to another spoke router, it can now use NHRP to dynamically determine the required destination address of the target spoke router. (The hub router acts as the NHRP server, handling the request for the source spoke router.) The two spoke routers dynamically create an IPsec tunnel between them so data can be directly transferred. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/ products_feature_guide09186a0080110ba1.html
QUESTION 118
When a FWSM is operating in transparent mode, what is true?
A. Each interface must be on the same VLAN.
B. The FWSM does not support multiple security contexts.
C. Each directly connected network must be on the same subnet.
D. The FWSM supports up to 256 VLANs.
Correct Answer: C Section: (none) Explanation

Explanation/Reference:
Explanation: In transparent mode, the FWSM acts like a “bump in the wire,” or a “stealth firewall,” and is not a router hop. The FWSM connects the same network on its inside and outside interfaces, but each interface must be on a different VLAN (only 2 VLANs). No dynamic routing protocols or NAT are required. However, like routed mode, transparent mode also requires ACLs to allow any traffic through aside from ARP packets. Transparent mode can allow certain types of traffic in an ACL that are blocked by routed mode, including unsupported routing protocols and multicast traffic. Transparent mode can also optionally use EtherType ACLs to allow non-IP traffic. Transparent mode only supports two interfaces, an inside interface and an outside interface, with each interface in the same IP subnet. Reference: http://www.cisco.com/en/US/partner/products/hw/switches/ps708/ products_module_configuration_guide_chapt e
QUESTION 119
Which three are included with the Cisco Security Agent? (Choose three)
A. Buffer overflow protection
B. Day Zero virus and worm protection
C. Cisco Easy VPN Client
D. Host-based intrusion prevention
E. Plug-in interface to query posture providers
F. Packet sniffer

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
Explanation: The Cisco Security Agent resides between the applications and the kernel, enabling maximum application visibility with minimal impact to the stability and performance of the underlying operating system. The software’s unique architecture intercepts all operating system calls to file, network, and registry sources, as well as to dynamic run-time resources such as memory pages, shared library modules, and COM objects. The agent applies unique intelligence to correlate the behaviors of these system calls, based on rules that define inappropriate or unacceptable behavior for a specific application or for all applications. This correlation and subsequent understanding of an application’s behavior is what allows the software-as directed by the security staff-to prevent new intrusions on the individual hosts. The Cisco Security Agent provides numerous benefits, including: The ability to aggregate and extend multiple endpoint security functions-the Cisco Security Agent provides host intrusion prevention, distributed firewall, malicious mobile code protection, operating system integrity assurance, and audit log consolidation, all within a single agent Preventive protection against entire classes of attacks, including port scans, buffer overflows, Trojan horses, malformed packets, malicious HTML requests, and e-mail worms “Zero update” prevention for known and unknown attacks Reference: http://www.cisco.com/en/US/partner/products/sw/secursw/ps5057/ products_data_sheet0900aecd80440398.html
QUESTION 120
A new MARS appliance has been installed in the Certkiller network. What is a valid step when setting up the Cisco Security MARS appliance for data archiving?
A. Specify the remote CIFS server.
B. Specify the remote FTP server.
C. Specify the remote NFS server.
D. Specify the remote TFTP server.
Correct Answer: C Section: (none) Explanation

Explanation/Reference:
Explanation:
You can archive data from a MARS Appliance and use that data to restore the operating system (OS),
system configuration settings, dynamic data (event data), or the complete system. The appliance archives
and restores data to and from an external network-attached storage (NAS) system using the network file
system (NFS) protocol. Only a NFS or a NAS using the NFS protocol is supported on the Cisco MARS.

Flydumps.com Cisco 642-565 practice tests hold the key importance and provide a considerable gain for your knowledge base. You can rely on our products with unwavering confidence; Get the profound knowledge and become a pro with Flydumps.com assistance.

Cisco 642-565 PDF, New Updated Cisco 642-565 Vce & PDF Is Your Best Choice

Cisco 642-426 Practice Exam, 50% Discount Cisco 642-426 Exam Questions And Answers For Sale

Flydumps Cisco 642-426 exam questions which contain almost 100% correct answers are tested and approved by senior Microsoft lecturers and experts.They have been devoting themselves to providing candidates with the best study materials to make sure what they get are valuable.Get a complete hold on Cisco 642-426 exam dumps on Flydumps, you will pass the exam absolutely.

QUESTION 101
DRAG DROP Your work as a network engineer at Certkiller .com. Your boss, Mrs. Certkiller, is interested in inbound POTS calls. In particular she is interested in matching criteria. Arrange them in the correct order.

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

QUESTION 102
You have received a trouble ticket stating that users are no longer hearing a second dial tone after pressing 9 to initiate an external call. The trouble ticket states that the second dial tone is played only after several additional are dialed. What is the mostly likely cause of this problem?
A. The Cisco Unified CallManager server is experiencing CPU spikes, causing a delay in playing the second dial tone
B. The first gateway in the route group is not available, causing a delay in playing the second dial tone while Cisco Unified CallManager queries the second gateway
C. A route pattern beginning with the digit “9” has been added to the route plan with the call Classification parameter set toe OnNet
D. A route pattern beginning with the digit “9” has been added to the route plan without the provide outside dial tone check box selected

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 103
Which CTI device allows queuing of calls to an unlimited depth?
A. hunt group
B. route point
C. peer
D. port
Correct Answer: B Section: (none) Explanation

Explanation/Reference:
QUESTION 104
The outbound access code from the CallManager is not being stripped. The following configurations are set: Route Pattern / Hunt Pilot Configuration Discard Digits = PreDot Route / Hunt List Detail Discard Digits to NoDigits What is the most likely solution?
A. Set Called Party Transformations under Route / Hunt List Detail to PreDot.
B. Set Calling Party Transformations under Route / Hunt List Detail to <NONE>.
C. Set Called Party Transformations under Route Pattern to NoDigits Change.
D. Set Calling Party Transformation under Route Pattern to <NONE>.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 105
You have received a trouble ticket for a recently installed MGCP gateway. It appears that under testing the gateway, it is not switching to the secondary call agent when the primary call agent is unreachable. Use the following configuration output to resolve the problem: ! mgcp mgcp call-agent 10.1.44.4 2427 service-type mgcp version 1.0 mgcp dtmf-relay voip codec all mode out-of-band mgcp rtp unreachable timeout 1000 action notify mgcp modem passthrough voice mode cisco mgcp sdp simple mgcp package-capability rtp-package mgcp package-capability sst-packateno mgcp timer receive-rtcp no mgcp explicit hookstate ! ccm-manager mgcp ccm-manager config server 10.1.44.7 ccm-manager config ! What command needs to be added to this configuration to allow the MGCP gateway to use a different call agent if the primary fails?
A. ccm-manager fallback-mgcp
B. ccm-manager switchback
C. ccm-manager switchover-to-backup
D. ccm-manager redundant-host

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
ccm-manager redundant-host To configure the IP address or the Domain Name System (DNS) name of one or two backup CiscoCallManager servers, use the ccm-manager redundant-host command in global configuration mode. To disable the use of backup Cisco CallManager servers as call agents, use the no form of this command. ccm-managerredundant-host {ip-address | dns-name} [ip-address | dns-name] no ccm-manager redundant-host {ip-address | dns-name} [ip-address | dns-name] Syntax Description
IP address of the ip-address backup
CiscoCallManager server.
DNS name of the dns-name backup
CiscoCallManager server.
Defaults If you do not configure a backup CiscoCallManager, the redundancy is disabled. Command Modes Global configuration Command History
Release Modification
12.1(3)T This command was introduced with CiscoCallManager Version3.0 and the CiscoVoiceGateway200 (VG200).
12.2(2)XA The command was implemented on Cisco2600 series and Cisco3600 series. The DNS-name argument was added.
12.2(4)T The command was integrated into Cisco IOS Release 12.2(4)T.
12.2(2)XN Support for enhanced MGCP voice gateway interoperability was added to Cisco CallManager Version3.1 for the Cisco2600 series, 3600 series, and the CiscoVG200.
12.2(11)T This command was integrated into the Cisco IOS Release 12.2(11)T and Cisco CallManager Version 3.2 and implemented on the Cisco IAD2420 series routers.
Usage Guidelines You can configure one or two backup CiscoCallManager servers. The list of IP addresses or DNS names is an ordered and prioritized list. The CiscoCallManager server that was defined with the mgcp call-agent command has the highest priority (that is, it is the primary CiscoCallManager server). The gateway selects a CiscoCallManager server on the basis of the order of its appearance in this list. Examples In the following example, the IP address of the backup CiscoCallManager is 10.0.0.50: ccm-manager redundant-host 10.0.0.50 http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122tcr/122tvr/ vrg_c2.htm#wp1095
QUESTION 106
You have recently installed IP Phones on a centralized model. At a remote branch using a H.323 gateway, users are complaining they cannot call some internal numbers. After dialing the last digit, they get a
reorder tone.
What is the most likely cause?

A. Partition/CSS configuration issue
B. Gateway dial-peer configuration issue
C. Codec mismatch
D. Call Admission Control

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
In centralized processing environment, the locations feature in Cisco CallManager lets you specify the maximum amount of audio bandwidth (for audio calls) that is available for calls to and from each location. This limits the number of active calls and limits oversubscription of the bandwidth on the IP WAN links. If any additional calls try to exceed the bandwidth limit, the system rejects them, the calling party receives reorder tone, and a text message displays on the phone.
QUESTION 107

permit tcp any any eq 2000
permit icmp any any echo-reply
!
ip route 0.0.0.0 0.0.0.0 192.168.12.1
Pinging Phone B from PC A yields the following:
ping 172.16.6.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.4, timeout is 2
seconds:
…..
Success rate is 0 percent (0/5)
What is a likely cause of the problem?

A. There is no IP route to Phone B.
B. There is no IP route to the CallManager.
C. Access list 101 will not permit PC A to ping Phone B.
D. Access list 101 will not permit the IP phones to communicate with each other.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 108

A Cisco CallManager installation is unable to connect to the PSTN. Calls cannot be placed or received on
the T1 circuit. You have verified that the Cisco CallManager is correctly configured. Determine that root
causes of the problem by using appropriate debug and show commands.
Which of the following will correct the issue with outbound calls from IP Phone 4001 to 9195551234?

A. Change the destination-pattern for dial-peer 1 to 91[2-9]..[2-9]……
B. Add prefix 1 to dial-peer 1 configuration to send the expected digits o the PSTN.
C. Add the commands direct-inward-dial to dial-peer 1.
D. Configure clocking on controller T1 2/0 to connect physical layer issue.
E. Change the destination-pattern for dial-peer 5 to 14085554…

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 109

A Cisco CallManager installation is unable to connect to the PSTN. Calls cannot be placed or received on
the T1 circuit. You have verified that the Cisco CallManager is correctly configured. Determine that root
causes of the problem by using appropriate debug and show commands.
Calls from PSTN (9195551234) to IP Phone (14085554001) get dial-tone after entering the digits instead
of ringing phone 4001.
Which of the following will correct this issue?

A. Change the destination-pattern for dial-peer 5 to 14085554…
B. Add the command translate-outgoing called 1 under dial-peer 5.
C. Add the command direct-inward-dial to dial-peer 1.
D. Configure clocking on controller T1 2/0 to correct physical layer issue.
E. Change the destination-pattern for dial-peer 1 to 91[2-9]..[2-9]……

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 110
A gateway attempts to match the following inbound dial peers:
The called number (DNIS) with the incoming called number.
The calling number (ANI) with answer address.
The calling number (ANI) with destination address.
The configured dial peer port to the voice port.
If none of these dial peers can be matched, which dial peer is selected?

A. The first dial peer configured.
B. The dial peer with the longest match.
C. The default dial peer.
D. The incoming called-number portion of the dial peer.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Inbound Dial Peers Matching Process When the Cisco IOS router or gateway receives a call set-up request, a dial-peer match is made for the incoming call in order to facilitate routing the call to different session applications. This is not a digit-by-digit match, rather the full digit string received in the set-up request is used to match against configured dial peers. The router or gateway matches the information elements in the set-up message with the dial peer attributes to select an inbound dial peer. The router or gateway matches these items in this order:
1.
Called number (DNIS) with incoming called-number First, the router or gateway attempts to match the called number of the call set-up request with the configured incoming called-number of each dial-peer. Since call setups always include DNIS information, it is recommended to use the incoming called-number command for inbound dial peer matching. This attribute has matching priority over answer-address and destination-pattern.

2.
Calling Number (ANI) with answer-address If no match is found in step 1, the router or gateway attempts to match the calling number of the call set-up request with the answer-address of each dial-peers. This attribute may be useful in situations where you want to match calls based on the calling number (originating).

3.
Calling Number (ANI) with destination-pattern If no match is found in step 2, the router or gateway attempts to match the calling number of the call set-up request to the destination-pattern of each dial-peer. For more information about this, refer to the first bullet in the Dial Peer Additional Information section of this document.

4.
Voice-port (associated with the incoming call set-up request) with configured dial peer port (applicable for inbound POTS call legs) If no match is found in the step 3, the router or gateway attempts to match the configured dial-peer port to the voice-port associated with the incoming call. If multiple dial-peers have the same port configured, the dial-peer first added in the configuration is matched.

5.
If no match is found in the first four steps, then default dial peer 0 (pid:0) is used. http://www.cisco.com/ en/US/partner/tech/ CK6 52/ CK9 0/technologies_tech_note09186a008010fed1.shtml
QUESTION 111
DRAG DROP
Put the following transformation rules in the correct order of operation.
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation Explanation/Reference:

QUESTION 112
You are troubleshooting an issue where a user cannot make calls to the PSTN. You are reviewing trace
files and you have found where the user’s IP phone initiates the call but you never see the call go out to the
gateway.
What is the next valid step in troubleshooting this issue?

A. Look in the SDL trace file to see if there is a signal to another CallManager node with the same tcp-handle.
B. Look in the SDL trace file to see if there is a signal to another CallManager node with the same time-stamp.
C. Look in the IP Voice Media Streaming App trace file to see if an MTP was invoked.
D. Look in the MGCP trace file to determine which MGCP gateway the call was sent to.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 113
When dialing 1136, which of the following patterns will be selected?
A. 1[14]XX
B. 1[1-4]XX
C. 11XX!
D. 1[^2-8]XX

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
All the options are potential match. The Cisco CallManager will apply closest match rule to select the best
match. The best match is the route pattern in matching table that has the fewest number of route patterns.
1[14]XX matches 200 digit strings;
1[1-4]XX matches 400 digit strings;
11XX! matches infinite digit strings;
1[^2-8]XX matches 300 digit strings.
As such 1[14]XX will be selected.

QUESTION 114

Referring to the exhibit, which phone rings when Bob dials 1000?
A. Phone A
B. Phone B
C. Phone C
D. Phone D

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cisco CallManager has applied the translation pattern rule to the number dialed(1000) into new number
and
discard digit(pre-dot) and make Bob calls phone D.
Note: The called party information & Discard digit information are missing in the exhibit.

QUESTION 115
Refer to the exhibit. Your users cannot complete calls to the PSTN. After working with the Telco, you have
determined that you are not stripping the access-code before setting up the call with the Telco.
What is a possible cause of this issue?

A. A dial-peer is modifying the called number.
B. The route list configuration is over-riding route pattern configuration.
C. A translation pattern is modifying the called number.
D. The external phone number mask is incorrect.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 116
Exhibit: You have received a trouble ticket from an employee. The employee is reporting that he can call his manager but his manager cannot call him. The employee is calling from extension 2003 at site 2. His manager is at extension 2002 in site 1. You have verified that both DNs are in the Phones partition. What is the cause of the issue?

A. The manager’s CSS does not include Phones partition.
B. The location configuration is resulting in insufficient bandwidth for this call.
C. The manager’s CSS does not include Employee partition.
D. The region configuration is resulting in codec negotiation issue.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 117
You are a network engineer at Certkiller . The Finance Manager reports that long-distance charges have
increased dramatically in the past month while total calls have NOT increased.
What is a likely cause of this increase?

A. Calls are routing to the PSTN instead of the WAN link.
B. Local calls are being sent over long distance by the route plan.
C. Off-net calls are being routed first to another cluster, causing higher costs.
D. Telephones at the local site are using the long distance lines for local calls.
E. Telephones at the remote site are using the long distance lines for local calls.

Correct Answer: A Section: (none) Explanation Explanation/Reference:
QUESTION 118
You are a network engineer at Certkiller . Your newly appointed Certkiller trainee wants to know how
CallManager knows that a user has finished dialing a number.
What would your reply be?

A. It waits for the dialer to match a pattern or a route.
B. It waits for the inter-digit timeout and then begins call processing.
C. The IP phone sends an “end of string” to the CallManager indicating dialing is complete.
D. The IP phone counts the number of digits dialed then begins call processing when a specified number of digits has been met.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 119
You are a network engineer at Certkiller . Your newly appointed Certkiller trainee wants to know what the most widely available 911 PBX PSTN interface is. What would your reply be?
A. CLID with ESN and ALI.
B. POTS with ESN and ALI.
C. CLID with CAM conversion.
D. A gateway used for handling call setup and call clearing.
E. A gateway to handle the media-negotiations of the RTP streams between station devices.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
http://www.cisco.com/en/US/partner/products/sw/voicesw/ps556/ products_implementation_design_guide_chap t
QUESTION 120
Certkiller ‘s long distance access code is 95922. Certkiller has a branch office in Seattle that has the
number 959-20xx.
How can the Certkiller branch office avoid the Cisco CallManager (CCM) second dial tone from playing too
early?

A. Enter 95920xx in the dial plan.
B. Enter 95920xxxxxxxxx in the dial plan.
C. Enter 95922xxxxxxxxx in the dial plan.
D. Uncheck “Provide Outside Dial Tone” for the pattern 9592.
E. Check the “Provide Outside Dial Tone” for the pattern 95922.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:

Static ANI (Line Connection)
Static ANI provides a line (rather than a trunk) connection to the PSTN, and the ANI of the line is
associated with all 911 calls made on that line, regardless to the CPN of the calling phone. A plain old
telephone service (POTS) line is used for this purpose. POTS lines are one of the simplest and most
widely supported PSTN interfaces. A POTS line usually comes fully configured to accept 911 calls. In
addition, the existing E911 infrastructure supports 911 calls from POTS lines very well.
The POTS approach has the following attributes:
The operational costs associated with a POTS line are low.
The POTS line can even serve as a backup line in case of power failure. The POTS line number can be
used as the callback number entered into the ALI database.
POTS lines represent the lowest cost 911 support for locations where user density does not justify local
PRI or CAMA access into the PSTN.
POTS lines are ubiquitous in PSTN installations.
All outgoing 911 calls through this type of interface are treated the same by the E911 network, and the
tools that enable CiscoCallManager to control the ANI presented to the E911 network (such as calling
party transformation masks) are irrelevant because the ANI can be only the POTS line’s number.
http://www.cisco.com/en/US/partner/products/sw/voicesw/ps556/
products_administration_guide_chapter09186 a

QUESTION 121
On the Certkiller IP Telephony system, all the necessary digits on an incoming call are contained in the setup message. The voice gateway does not perform subsequent digital collection and does not use digit-by-digit matching. With regard to this system, which of the following statements is true?
A. The call is DID.
B. The call is non-DID.
C. The call is not properly formed.
D. There is not enough information to determine if the call is DID.
E. None of the above.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: On DID calls (also referred to as one-stage dialing), the setup message contains all the digits necessary to route the call and the router/gateway should not do subsequent digit collection. When the router/gateway searches for an outbound dial-peer, it uses the entire incoming dial string. This matching is by default variable-length. It is not done digit-by-digit because by DID definition, all digits have been received. Source: http://www.cisco.com/warp/public/788/voip/in_dial_peer_match.html#topic8
QUESTION 122
What must the Calling Party Number must be when a phone is calling 911?
A. Encrypted
B. E.164 compliant
C. At least 4 digits long
D. Exactly 10 digits long
E. Not more than 7 digits long

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 123
You are a network engineer at Certkiller . Your newly appointed Certkiller trainee wants to know how Cisco CallManager (CCM) performs digit analysis. What will your reply be?
A. It searches all route lists in the route group and chooses the best possible match.
B. It searches the route lists in the route group and selects the first possible match.
C. It searches all partitions in the Calling Search Space and chooses the best possible match.
D. It searches the partitions in the Calling Search Space and chooses the first possible match.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 124
You are a network engineer at Certkiller . Certkiller ‘s main supplier is a long-distance phone call away. Certkiller users complain that sometimes when they dial the supplier’s number they reach a local number. What is the most likely cause of this problem?
A. PSTN trunk saturation
B. Overlapping dial plans
C. Incorrectly defined gateway
D. Overlapping gateway access lists
E. Incorrectly defined Calling Search Spaces

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 125
Which protocol does Cisco CallManager (CCM) use to establish calls between station devices?
A. SDL
B. RTP
C. SCCP
D. MGCP
E. H.450

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Skinny Overview Skinny enables voice communication between two Skinny clients through the use of a CM. Typically, the CM provides service to the Skinny clients on TCP Port 2000. Initially, a Skinny client connects to the CM by establishing a TCP connection; the client will also establish a TCP connection with a secondary CM, if available. After the TCP connection is established, the client will register with the primary CM, which will be used as the controlling CM until it reboots or there is a keepalive failure. Thus, the Skinny TCP connection between the client and the CM exists forever and is used to establish calls coming to or from the client. If a TCP connection failure is detected, the secondary CM is used. All data channels established with the previous CM remain active and will be closed after the end parties hang up the call.

Flydumps.com provides you with the most reliable practice exams to master Cisco 642-426 Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These test questions provide you with the experience of taking the actual Cisco 642-426 test.

Cisco 642-426 Practice Exam, 50% Discount Cisco 642-426 Exam Questions And Answers For Sale

Cisco 642-565 Practice Questions, Latest Upload Cisco 642-565 Certification Material Provider On Sale

Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html

Attention Please:Professional new version Cisco 642-565 PDF and VCE dumps can now free download on Flydumps.com,all are updated timely by our experts covering all Cisco 642-565 new questions and questions.100 percent pass your exam.

QUESTION 64
How does CSA protect endpoints?
A. uses signatures to detect and stop attacks
B. uses deep-packet application inspections to control application misuse and abuse
C. uses file system, network, registry, and execution space interceptors to stop malicious activity
D. works in conjunction with antivirus software to lock down the OS
E. works at the application layer to provide buffer overflow protection

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 65
How is Cisco IOS Control Plane Policing achieved?
A. by adding a service-policy to virtual terminal lines and the console port
B. by applying a QoS policy in control plane configuration mode
C. by disabling unused services
D. by rate-limiting the exchange of routing protocol updates
E. by using AutoQoS to rate-limit the control plane traffic

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 67
When a FWSM is operating in transparent mode, what is true?
A. Each interface must be on the same VLAN.
B. The FWSM does not support multiple security contexts.
C. Each directly connected network must be on the same subnet.
D. The FWSM supports up to 256 VLANs.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 68
Which of these characteristics is a feature of AES?
A. It has a variable key length.
B. It provides strong encryption and authentication.
C. It should be used with key lengths greater than 1024 bits.
D. It is not supported by hardware accelerators but runs very fast in software.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which three Cisco security products help to prevent application misuse and abuse? (Choose three.)
A. Cisco ASA 5500 Series Adaptive Security Appliances
B. NAC Appliance (Cisco Clean Access)
C. Cisco Traffic Anomaly Detector
D. Cisco Security Agent
E. Cisco Trust Agent
F. Cisco IOS FW and IPS

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 70
Identify two ways to create a long-duration query on the Cisco Security MARS appliance. (Choose two.)
A. by modifying an existing report
B. by saving a query as a report
C. by submitting a query in line
D. by submitting a batch query
E. by saving a query as a rule

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:

Flydumps.com never believes in second chances and hence bring you the best Cisco 642-565 exam preparation materials which will make you pass in the first attempt. Flydumps.com experts have complied the fail proof Cisco 642-565 exam content to help you pass your Cisco 642-565 certification exam in the first attempt and score the top possible grades too.

Pass4itsure hp0-m52 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/hp0-m52.html

Cisco 642-565 Practice Questions, Latest Upload Cisco 642-565 Certification Material Provider On Sale

Cisco 642-374 Exam Test, Valid and updated Cisco 642-374 PDF Exams Online Store

Welcome to download the newest Pass4itsure eada10 VCE dumps: http://www.pass4itsure.com/eada10.html

Attention Please:Professional new version Cisco 642-374 PDF and VCE dumps can now free download on Flydumps.com,all are updated timely by our experts covering all Cisco 642-374 new questions and questions.100 percent pass your Cisco 642-374 exam.

QUESTION 76
A Cisco Catalyst switch can belong to how many VTP domains?
A. 1 to 4,096
B. 2
C. 1
D. 1 to 1,005
E. no limit

Correct Answer: C Section: (none) Explanation
QUESTION 77
In the design phase, which service component provides the customer with a comprehensive design?
A. Project Kick-off
B. Staging Plan
C. Detailed Design Development
D. Implementation Plan
E. High-Level Design

Correct Answer: C Section: (none) Explanation
QUESTION 78
The Cisco Lifecycle Services approach is primarily applicable to which type of companies?
A. the small- or medium-sized business
B. All companies, regardless of size
C. the large enterprise with a single campus
D. the large enterprise with a global presence

Correct Answer: B Section: (none) Explanation
QUESTION 79
Drag and Drop Questions A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 80

Which of the following best describe the customer benefit of creating a systems acceptance test plan in the design phase?
A. reduce operating costs and limit change-related incidents by providing a consistent and efficient set of processes
B. improve its ability to make sound financial decisions by developing a business case based on its business requirements and establishing a basis for developing a technology strategy
C. reduce unnecessary disruption, delays, rework, and other problems by establishing test cases for use in verifying that the system meets operational, functional, and interface requirements
D. improve the return on investment and hasten migration by identifying and planning for necessary infrastructure changes and resource additions, as well as reduce deployment costs by analyzing gaps early in the planning process to determine what is needed to support the system

Correct Answer: C Section: (none) Explanation
QUESTION 81
What is one thing you should be aware of when conducting a wireless site survey?
A. 5 GHz equipment will not be able to penetrate through walls as well as 2.4 GHz equipment.
B. When determining coverage, you should begin measuring attenuation from the middle of the room.
C. 2.4 GHz equipment will not be able to penetrate through walls as well as 5 GHz equipment.
D. Mounting antennas near metal objects will slightly amplify the signal.

Correct Answer: A Section: (none) Explanation
QUESTION 82
You are planning to connect your three branch offices to the corporate site via Frame Relay. The first branch office has been assigned the network 10.1.0.0/16, the second 10.2.0.0/16, the third 10.3.0.0/16, and the corporate headquarters uses 10.0.0.0/16. You would like to summarize all branch and corporate networks into a single route at the corporate site. Which network address and subnet mask should you choose?
A. 10.0.0.0/14
B. 10.0.0.0/16
C. 10.0.0.0/15
D. 10.0.0.0/24

Correct Answer: A Section: (none) Explanation
QUESTION 83
Which item is a feature of Cisco Compatible Extensions, Version 3?
A. full WPAv2 compliance
B. full 802.11e compliance
C. NAC
D. wireless IDS

Correct Answer: A Section: (none) Explanation
QUESTION 84
Which Cisco security tool can best determine if a Cisco ISR router is properly secured?
A. Cisco Security IntelliShield
B. Cisco SDM Security Audit
C. Cisco Security Agent MC
D. Cisco Security MARS
E. CAN

Correct Answer: B Section: (none) Explanation
QUESTION 85

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 86

What are three benefits of the Cisco Adaptive Threat Defense strategy? (Choose three.)
A. using QoS techniques such as Traffic Policing to rate limit suspected traffic to prevent DoS attacks
B. virtual firewall
C. application security
D. automatic reconfigurations of the security devices based on current security threats
E. containment and control of security threats
F. anti-x defense

Correct Answer: CEF Section: (none) Explanation
QUESTION 87
Which of these statements regarding Cisco’s WebVPN support is correct?
A. Cisco’s WebVPN solution supports both TCP and UDP port forwarding for application support.
B. Cisco ISR Routers with the Enhanced Security Bundles support WebVPN.
C. Cisco security appliances act as a proxy between the end user and the target web server.
D. Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both support WebVPN.

Correct Answer: C Section: (none) Explanation
QUESTION 88
Which three of these items can a wireless assisted site survey optimize? (Choose three.)
A. channel selection
B. radio transmit power setting
C. beacon interval
D. IDS settings
E. security selection
F. IPS auto-response settings

Correct Answer: ABC Section: (none) Explanation
QUESTION 89
Which definition best describes the implementation service component within the implement phase?
A. developing and executing proof-of-concept tests, validating high-level infrastructure design, and identifying any design enhancements
B. improving a customer’s infrastructure security system
C. providing a step-by-step plan that details the installation and service-commission tasks required in order to create a controlled-implementation environment that emulates a customer network
D. installing, configuring, and integrating systems components based on an implementation plan developed in earlier phases
E. assessing the ability of site facilities to accommodate proposed infrastructure changes

Correct Answer: D Section: (none) Explanation
QUESTION 90
What is one key objective of the operations readiness assessment performed in the plan phase?
A. align business requirements with technical requirements
B. install and test system components in a non-production environment
C. evaluate the readiness of a customer’s current operations and network management infrastructure to support a new technology
D. create a plan to recycle used equipment

Correct Answer: C Section: (none) Explanation

Flydumps.com provides you with the most reliable practice exams to master Cisco 642-374 Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These test questions provide you with the experience of taking the Cisco 642-374 actual test.

Pass4itsure eada10 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/eada10.html

Cisco 642-374 Exam Test, Valid and updated Cisco 642-374 PDF Exams Online Store

Cisco 642-374 Exam Dumps, 50% Discount Cisco 642-374 Real Exam Questions And Answers Online Store

Welcome to download the newest Pass4itsure C2180-374 VCE dumps: http://www.pass4itsure.com/C2180-374.html

New Questions! Now more new added Cisco 642-374 exam questions and answers are available at Flydumps In Flydumps new Cisco 642-374 vce or pdf braindump file, you can get all Cisco 642-374 new questions and answers.We guarantee the 100% pass rate.

QUESTION 76
W hat is the purpose of the Dynamic Configuration Tool?
A. To determine the correct IOS image to support your modules or blades
B. To allow for the mass deployment of devices with minimal configurations your production network
C. To test router configurations virtually prior to implementing them in
D. To provide an easy way to check for known bugs in IOS releases
E. To verify that hardware such as modules are compatible with your chassis
Correct Answer: Section: (none) Explanation

Explanation/Reference:
QUESTION 77
After properly configuring multiple VLANs, an administrator has decided to secure its V LAN n etwork. Which three steps are required to secure this environment? (Choose three.)
,
A. If a port is connected to a foreign device make sure to disable CDP, DTP, RPR, PAgP UDLP, and any other unnecessary protocols, and enable UplinkFast/BPDU guard on it.
B. Enable root guard feature to prevent a dire ctly or indirectly connected STP-capable device from affecting the location of the root bridge.
C. Configure VTP domains appropriately or turn off VTP altogether to limit or prevent p ossible undesirable protocol interaction with regards to the network-wide VLAN configuration.
D. Set the native VLAN ID to match the port VLAN ID of any 802.1q trunk to prevent spoofing.
E. Disable all unused ports and place them in an unused VLAN to avoid unauthorized access.

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 78
What is one benefit of the Cisco anti-X defense strategy?
A. Applications security
B. Virtual firewall protection
C. Security events correlation for proacti ve response
D. Malware, virus, and worm mitigation

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 79
Which two of these statem ents best describe the benefits of the Cisco Compatible Extensions P rogram? (Choose two.)
A. Offers a feature-rich implementation alternative to Wi-Fi certification
B. Accelerates the availability of innovative features while maintaining int eroperability
C. Provides innovative features only on Cisco’s wireless client ad apters
D. Provides an evolving set of specifications for interoperability
E. Eliminates the need for testin g by providing innovative features to wireless client vendors th rough a one-time license fee

Correct Answer: BD Section: (none) Explanation
Explanation/Reference: QUESTION 80
W hich three of these service components are in the design phase? (Choose three.)
A. Staging Plan Development
B. Site Readiness Assessment
C. Staff Training
D. Detailed Design Development
E. Account Qualification and Planning
F. Systems Acceptance Test Plan Development

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 81
A Cisco Catalyst switch can belong to how many VTP domains?
A. 1
B. 2
C. 1 to 1,005
D. 1 to 4,09 6
E. No limit

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 82
Which two of th ese statements best describe the benefits of Cisco’s wireless IDS functionality? (C hoose two.)
A. AirDefense for wireless IDS is required by autonomous APs.
B. 2.4GHz RF management can monitor both 802.11 and non-802.11 RF interfe rence.
C. APs only monitor the RF channels that are servicing the clients.
D. Cisco or CCX compatible client cards can extend the RF IDS service for autonomous APs.
E. Autonomous APs must b e dedicated IDS sensors while lightweight APs can combine client tr affic and RF monitoring.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 83
Conductin g a project kick-off in the plan phase provides which of the following customer b enefits?
A. Ensure that it receives detailed network diagrams
B. Reduce the risk of downtime due to facilities-related problems
C. Ensure end-user support immediately after the launch of a new system
D. Confirm project roles and responsibilities, as well as milestone dates

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 84
W hat are three benefits of the Cisco Adaptive Threat Defense strategy? (Choose three.)
A. Using QoS techniques such as Traffic Policing to rate limit suspected traffic to prevent DoS attacks
B. Automatic reconfigurations of the security d evices based on current security threats
C. Cntainment and con trol of security threats rity
D. Aplication secu
E. Ati-x defense
F. Vrtual firewall

Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 85
T he Cisco Lifecycle Services approach is primarily applicable to which type of companies?
A. Te large enterprise with a global presence
B. Te large enterprise with a single campus PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-374
C. Te small- or medium-sized business
D. All companies, regardless of size

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 86
Your company has two primary divisions: Products and Services. The Products division is on network 150.10.64.0/21. The Services division is on network 150.10.72.0/21. You want to summarize both networks into one routing statement. Which IP address and subnet mask c ombination would most efficiently accomplish this?
A. 150.10.64.0/21
B. 150.10.64.0/22
C. 150.10.64.0/20
D. 150.10.0.0./16

Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 87
W hich of these is a benefit of an integrated security management system?
A. It provides configur ation, monitoring, and troubleshooting capabilities across a wide range of security products. ent products and collects events on an “as needed”
B. It integrates security device managem basis to reduce management overhead.
C. It integrates security management capabilities into the router or switch.
D. It provides a single p oint of contact for all security configuration tasks thereby enhancing the return on investment. ing network management systems such as HP OpenView to lower the cost
E. It leverages exist
o f implementation.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 88
W hich of these statements regarding Cisco’s WebVPN support is correct?
A. Cisco ISR Routers with the Enhanced Security Bundles support WebVPN.
B. Cisco security appliances act as a proxy between the end user and the target web server. ances (running release 7.0) and Adaptive Security Appliances both
C. Cisco PIX Security Appli support WebVPN.
D. Cisco’s WebVPN solution supports both TCP and UDP port forwarding for legacy a pplication support.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 89
Which component of Cisco ASDM provides administrators with a completem system overview a nd device health statistics at a glance?
A. Dashboard
B. AIP SSM
C. Resource Manager
D. Cisco ASDM Launcher

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Which two of these statements best describe fast secu re roaming for the wireless core feature s et using autonomous access points? (Choose two.)
A. It is compatible with all wireless clients.
B. It reduces roaming latency through reduced client RF channel sc anning enhancements.
C. It reduces roaming latency to targeted times of less than 75ms.
D. Roaming occurs without reauthentication through a centralized RADIUS server.
E. It is enabled through WLSE deployment.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 91
W hich item is a feature of Cisco Compatible Extensions, Version 3?
A. Fll 802.11e compliance mpliance
B. Full WPAv2 co
C. Wrele ss IDS
D. NAC

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 92
W hich of these statements about CiscoWorks is true?
A. The LMS interface can manage a maximum of four C iscoWorks servers. POV.
B. CiscoWorks SNMS supports integration with H
C. CiscoWorks does not require TCP reliability.
D. CiscoWorks Restricted is the recommended choice for large enterprise.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 93
Which service component within the prepare phase recommends the appropriate technology s trategy to address a business requirement of the customer?
A. Lentifying what a customer requires from a proposed solution
B. Aalyzes the customer’s business requireme nts and recommends the appropriate Cisco Technologies to meet business requirements
C. Dtermining what end-user training a customer r equires
D. Adressing a customer’s physical requirements

Correct Answer: B Section: (none) Explanation Explanation/Reference:
QUESTION 94
hich statement concerning the Active/Active failover feature is correct? W
A. ASA Security Appliance failover pair must have either an Unrestri cted and UR license or a UR and FO-A/A license to be able to support Active/Active failover.
B. If an active security context within the primary security appliance “fails”, the status of t he es to “failed” while the secondary failover security primary security appliance unit chang appliance unit transitions to “active.”
C. Active/Active failover is supported in “multiple mode” configuration only .
D. Active/Active failover supports site-to-site IPSec VPN stateful failover.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 95
Deploying ISRs with integrated security services can help lower the total cost of ownership. W hich of these Cisco ISR Routers features illustrate this point?
A. Using built-in on-board VPN acceleration to reduce the amoun t of VPN configuration tasks
B. Using the USB port to perform fast Cisco IOS image upgrade
C. Using the security audit feature to implement inline Intrusio n Prevention System
D. Using the SDM configuration tool to reduce training costs .
E. Using the high performance AIM to increase the Cisco IOS Firewall performance

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 96
Which network management solution performs configuration, monitoring, and management of Cisco Firewall, VPN router, and IPS devices as well as maintains network device inventory and software distribution features?
A. CiscoWorks Security Device Man agement Center (SD/MC)
B. Security Device Manager (SDM) PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-374
C. Adaptive Security Device Manager (ASDM)
D. CiscoWorks VMS/Management Center (VMS/MC)

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 97
At which stage of the Cisco Lifecy cle Services approach would you recommend supporting a nd troubleshooting the system?
A. Preparatio
B. Planning
C. Design
D. Implementation
E. Operation
F. Optimization

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 98
Which design phase service component includes the development and documentation of the test case or cases used to verify that a deployed infrastructure meets operational, functional, and interface requirements?
A. Implementation
B. Business Plan
C. Staging Plan
D. Detailed Design Development
E. Systems Acceptance Test Plan Development

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 99
C isco ISR Routers offer which three of these security benefits? (Choose three.)
A. Oboard VPN accelerator
B. Ents correlation and proactive respons e
C. Hgh-performan ce AIM VPN modules
D. Vrtual firewall
E. Cisco IOS Firewall and IOS IPS
F. Tansparent firewall

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 100
The PIX Security Appliance feature set is a subset of the ASA Security Appliance feature set.
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-374
Which two of these features are only supported by an ASA Security Appliance? (Choose two.)
A. Scurity contexts
B. Tansparen t firewall
C. WebVPN
D. Active/Active failover
E. Lw latency queuing
F. AIP-SSM intrusion prevention

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 101
What are two importa nt approaches to communicate when identifying a customer’s security sks? (Choose two.)
A. Smaller companies are at less risk than larger enterprises, so their security needs are not as great.
B. Business strategy should directly relate to the security policy and budget. pert should report to the IT department, since that is where the
C. The designated security ex solution will be implemented.
D. Security should be a continuous process.
E. Security solutions should come from multiple vend ors to make it easier to coordinate s ecurity events from the point of origin.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 102
You are about to upgrade a router with a newer IOS version, but yo u would like to check for nown bugs first. Which tool will allow you to do this most easily? k
A. Cisco Bug Toolkit
B. Cisco Bug Matrix
C. Cisco.com Search functionali ty
D. Dynamic Configuration Tool

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 103
2960 or Cisco Catalyst Express A customer is considering purchasing either a Cisco Catalyst 5 00. Which feature can only be found on the Catalyst 2960?
A. 48 Ethernet 10/100 ports
B. Fast Ethernet and Gigabit Ethernet co nnectivity
C. Dual-purpose copper or fiber uplinks PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-374
D. Standalone fixed-configuration Layer 2 switching

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 104
W hich of these is an accurate list of Cisco Lifecycle Services phases?
A. Litiation, pla nning, analysis, design, development, implementation, operations and maintenance
B. Poject planning, site a ssessment, risk assessment, solution selection and acquisition, testing, and operations
C. Pepare, plan, design, implement, operate, and optimize
D. Aalysis, design, deployment, testing, implementation, and production es, project planning, development, implementation, operations testing, and operations
E. Pesales, project planning, development, implementation, operations testing, and operations sign-off

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 105
What is one re ason you might recommend a solution using only autonomous access points to a customer?
A. The customer requires Layer 3 roaming. with a Catalyst 6500 switch.
B. The customer requires immediate wireline integration
C. The customer needs an outdoor-ready access point.
D. The customer wants the option to migrate to LWAPP.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 106
List three benefits of implementing an integrate d security solution based on the Cisco Self- D efending Network strategy? (Choose three.)
A. Integrated security
B. Collaborative secu rity system
C. Self provisioning
D. Adaptive Threat Defense
E. Programmable security AS ICs
F. Cisco IOS-based security

Correct Answer: ABD Section: (none) Explanation Explanation/Reference:
QUESTION 107
Cisco ASDM provides 16 different graphs that help identify security risks by displaying data about potentially malicious activity. What is one kind of data these graphs show?
A. Stateful packet statistics
B. Real-time analysis of drop ped packets
C. ACL statement mat ches
D. Portmap requests

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 108
In which of these phases is a detailed design of a proposed customer solution developed?
A. Plan
B. Design
C. Prepare
D. Operate

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 109
W hat is one thing you should be aware of when conducting a wireless site survey?
A. 5 GHz equipment will not be able to penetrate through walls as well as 2.4 GHz equipment. as 5 GHz equipment.
B. 2.4 GHz equipment will not be able to penetrate through walls as well
C. Mounting antennas near metal objects will slightly amplify the signal.
D. When d etermining coverage, you should begin measuring attenuation from the middle of th e room.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 110
In which of t hese phases is a customer’s network assessed to determine its system re adiness?
A. Plan
B. Design
C. Operate
D. Implement

Correct Answer: A Section: (none) Explanation
Explanation/Reference:

Flydumps.com takes in the latest Cisco 642-374 questions in the Cisco 642-374 exam materials so that our material should be always the latest and the most relevant. We know that Cisco 642-374 examination wouldn’t repeat the same set of questions all the time. Microsoft certification examinations are stringent and focus is often kept on updated technology trends. The Cisco 642-374 exam questions organized by the professionals will help to condition your mind to promptly grasp what you could be facing in the Cisco 642-374 cert examination.

Pass4itsure C2180-374 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/C2180-374.html

Cisco 642-374 Exam Dumps, 50% Discount Cisco 642-374 Real Exam Questions And Answers Online Store