100% Pass VCE Dumps–Cisco 642-565 New Version With Free VCE And PDF Download

100% Valid And Pass With latest Cisco 642-565 exam dumps, you will never fail your Cisco 642-565 exam. All the questions and answers are updated and added to the new version timely by our experts. Also now Flydumps is offering free Cisco 642-565 exam VCE player and PDF files for free on their website.

Exam A
QUESTION 1
You are the network consultant from Your company. Please point out two requirements that call for the deployment of 802.1X.
A. Authenticate users on switch or wireless ports
B. Grant or Deny network access at the port level, based on configured authorization policies
C. Allow network access during thequeit period
D. Verify security posture using TACAS+
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. An OSPF router on the network is running at an abnormally high CPU rate. By use of different OSPF debug commands on Router, the network administrator determines that router is receiving many OSPF link state packets from an unknown OSPF neighbor, thus forcing many OSPF path recalculations and affecting router’s CPU usage. Which OSPF configuration should the administrator enable to prevent this kind of attack on the Router?
A. Multi-Area OSPF
B. OSPF stub Area
C. OSPF MD5 Authentication
D. OSPF not-so-stubby Area
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which one of the following Cisco Security Management products is able to perform (syslog) events normalization?
A. Cisco IME
B. Cisco Security Manager
C. Cisco ASDM
D. Cisco Security MARS
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Can you tell me which one of the following platforms has the highest IPSec throughput and can support the highest number of tunnels?
A. Cisco 6500/7600 + VPN SPA
B. Cisco ASR 1000-5G
C. Cisco 7200 NPE-GE+VSA
D. Cisco 7200 NPE-GE+VAM2+
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which two methods can be used to perform IPSec peer authentication? (Choose two.)
A. One-time Password
B. AAA
C. Pre-shared key
D. Digital Certificate
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Cisco Security Agent is the first endpoint security solution that combines zero-update attack protection, data loss prevention, and signature-based antivirus in a single agent. This unique blend of capabilities defends servers and desktops against sophisticated day-zero attacks and enforces acceptable-use and compliance policies within a simple management infrastructure. What are three functions of CSA in helping to secure customer environments?
A. Control of executable content
B. Identification of vulnerabilities
C. Application Control
D. System hardening
Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Cisco Secure Access Control Server (ACS) is an access policy control platform that helps you comply with growing regulatory and corporate requirements. Which three of these items are features of the Cisco Secure Access Control Server?
A. NDS
B. RSA Certificates
C. LDAP
D. Kerberos
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference: QUESTION 8
Observe the following protocols carefully, which one is used to allow the utilization of Cisco Wide Area Application Engines or Cisco IronPort S-Series web security appliances to localize web traffic patterns I the network and to enable the local fulfillment of content requests?
A. TLS
B. DTLS
C. WCCP
D. HTTPS
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which one is not the factor can affect the risk rating of an IPS alert?
A. Relevance
B. Attacker location
C. Event severity
D. Signature fidelity
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 10
For the following items, which two are differences between symmetric and asymmetric encryption algorithms? (Choose two.)
A. Asymmetric encryption is slower than symmetric encryption
B. Asymmetric encryption is more suitable than symmetric encryption for real-time bulk encryption
C. Symmetric encryption is used in digital signatures and asymmetric encryption is used in HMACs
D. Asymmetric encryption requires a much larger key size to achieve the same level of protection as asymmetric encryption
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Deploying the NAC appliance in in-band mode is better than out-of-band mode. Why?
A. Nessus scanning
B. Higher number of users per NAC Appliance
C. Bandwidth enforcement policy
D. NAC Appliance Agent deployment
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 12
IPSec-based site-to-site VPNs is better than traditional WAN networks what?
A. Delay guarantees, span, performance, security and low cost
B. Bandwidth guarantees, support for non-IP protocols, scalability and modular design guidelines
C. Bandwidth guarantees, flexibility, security and low cost
D. Span, flexibility, security and low cost
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which VPN technology can not be used over the internet?
A. VTI
B. GRE overIPsec
C. IPsec direct encapsulation
D. GET VPN
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 14
DRAG AND DROP
Match each IKE component to its supported option:

Select and Place:

Correct Answer:

Section: (none) Explanation
Explanation/Reference:
QUESTION 15
DRAG AND DROP
Which item is correct about the relationship between the VPN types and their descriptions?

Select and Place:

Correct Answer:

Section: (none) Explanation
Explanation/Reference:
QUESTION 16
DRAG AND DROP Select the best security control to minimize the WAN security threats. Not all the security controls are required.
Select and Place:

Correct Answer:

Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which is the primary benefit that DTLS offers over TLS?
A. Both the application and TLS can retransmit loss packets
B. Improves security
C. Provides low latency for real-time applications
D. Uses TCP instead of UDP to provide a reliable Transport mechanism

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 18
DRAG DROP
Which option is correct about the relationship between the terms and their description?

Select and Place:

Correct Answer:

Section: (none) Explanation

Explanation/Reference:
QUESTION 19
Cisco AutoSecure is a new Cisco IOS Security Command Line Interface (CLI) command, which two are statements are true regarding the Cisco AutoSecure? (Choose two.)
A. Enabletcp-keeplive-in and tcp-keepalives-out
B. Disabletcp-keeplives-in and tcp-keepalives-out
C. Enables log messages to include sequence numbers and time stamps
D. Blocks all IANA-reserved IP address blocks

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Exhibit:

In order to support IPSec VPN, which three traffic types should ACL1 permit on the firewall in front of the IPSec VPN gateway? (Choose three.)
A. IP Protocol 50
B. UDP port 4500
C. UDP Port 10000
D. UDP Port 5000

Correct Answer: ABD Section: (none)
Explanation
Explanation/Reference:

Cisco 642-565 Exam Certification Guide presents you with an organized test preparation routine through the use of proven series elements and techniques.“Do I Know This Already?”quizzes open each chapter and allow you to decide how much time you need to spend on each section.Cisco 642-565 lists and Foundation Summary tables make referencing easy and give you a quick refresher whenever you need it.Challenging Cisco 642-565 review questions help you assess your knowledge and reinforce key concepts.Cisco 642-565 exercises help you think about exam objectives in real-world situations, thus increasing recall during exam time.