Cisco 640-722 Actual Questions, Buy Best Cisco 640-722 Study Guide Book With New Discount

Need The Newest Cisco 640-722 Exam Dumps? Why not try Cisco 640-722 vce or pdf exam dumps? You can get all the new Cisco 640-722 exam questions and answers you need, we ensure high pass rate and money back guarantee.

QUESTION 45
Which syslog level is associated with LOG_WARNING?
A. 1
B. 2
C. 3
D. 4
E. 5
F. 6
Correct Answer: D
QUESTION 46
Which security measure must you take for native VLANs on a trunk port?
A. Native VLANs for trunk ports should never be used anywhere else on the switch.
B. The native VLAN for trunk ports should be VLAN 1.
C. Native VLANs for trunk ports should match access VLANs to ensure that cross-VLAN traffic from multiple switches can be delivered to physically disparate switches.
D. Native VLANs for trunk ports should be tagged with 802.1Q.

Correct Answer: A
QUESTION 47
Refer to the exhibit.
Which switch is designated as the root bridge in this topology?

A. It depends on which switch came on line first.
B. Neither switch would assume the role of root bridge because they have the same default priority.
C. switch X
D. switch Y

Correct Answer: C
QUESTION 48
Which type of NAT is used where you translate multiple internal IP addresses to a single global, routable IP address?
A. policy NAT
B. dynamic PAT
C. static NAT
D. dynamic NAT
E. policy PAT

Correct Answer: B
QUESTION 49
Which Cisco IPS product offers an inline, deep-packet inspection feature that is available in integrated services routers?
A. Cisco iSDM
B. Cisco AIM
C. Cisco IOS IPS
D. Cisco AIP-SSM
Correct Answer: C
QUESTION 50
During role-based CLI configuration, what must be enabled before any user views can be created?
A. multiple privilege levels
B. usernames and passwords
C. aaa new-model command
D. secret password for the root user
E. HTTP and/or HTTPS server
F. TACACS server group

Correct Answer: C
QUESTION 51
When port security is enabled on a Cisco Catalyst switch, what is the default action when the configured maximum number of allowed MAC addresses value is exceeded?
A. The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out.
B. The port is shut down.
C. The MAC address table is cleared and the new MAC address is entered into the table.
D. The violation mode of the port is set to restrict.

Correct Answer: B
QUESTION 52
Which three statements about the Cisco ASA appliance are true? (Choose three.)
A. The DMZ interface(s) on the Cisco ASA appliance most typically use a security level between 1 and 99.
B. The Cisco ASA appliance supports Active/Active or Active/Standby failover.
C. The Cisco ASA appliance has no default MPF configurations.
D. The Cisco ASA appliance uses security contexts to virtually partition the ASA into multiple virtual firewalls.
E. The Cisco ASA appliance supports user-based access control using 802.1x.
F. An SSM is required on the Cisco ASA appliance to support Botnet Traffic Filtering.

Correct Answer: ABD
QUESTION 53
Refer to the exhibit.
This Cisco IOS access list has been configured on the FA0/0 interface in the inbound direction. Which four
TCP packets sourced from 10.1.1.1 port 1030 and routed to the FA0/0 interface are permitted? (Choose
four.)
A. destination ip address: 192.168.15.37 destination port: 22
B. destination ip address: 192.168.15.80 destination port: 23
C. destination ip address: 192.168.15.66 destination port: 8080
D. destination ip address: 192.168.15.36 destination port: 80
E. destination ip address: 192.168.15.63 destination port: 80
F. destination ip address: 192.168.15.40 destination port: 21

Correct Answer: BCDE
QUESTION 54
Which statement describes how the sender of the message is verified when asymmetric encryption is used?
A. The sender encrypts the message using the sender’s public key, and the receiver decrypts the www.test-inexam.com 20 / 38 The safer , easier way to help you pass any IT exams. message using the sender’s private key.
B. The sender encrypts the message using the sender’s private key, and the receiver decrypts the message using the sender’s public key.
C. The sender encrypts the message using the receiver’s public key, and the receiver decrypts the message using the receiver’s private key.
D. The sender encrypts the message using the receiver’s private key, and the receiver decrypts the message using the receiver’s public key.
E. The sender encrypts the message using the receiver’s public key, and the receiver decrypts the message using the sender’s public key.

Correct Answer: B
QUESTION 55
Which type of security control is defense in depth?
A. threat mitigation
B. risk analysis
C. botnet mitigation
D. overt and covert channels
Correct Answer: A
QUESTION 56
Which two options are two of the built-in features of IPv6? (Choose two.)
A. VLSM
B. native IPsec
C. controlled broadcasts
D. mobile IP
E. NAT
Correct Answer: BD
QUESTION 57
Refer to the below.
14:00:09:

TAC+: Opening TCP/IP connection to 192.168.60.15 using source 10.116.0.79

14:00:09:

TAC+: Sending TCP/IP packet number 383258052-1 to 192.168.60.15 (AUTHEN/START)

14:00:09:

TAC+: Receiving TCP/IP packet number 383258052-2 from 192.168.60.15

14:00:09:

TAC+ (383258052): received authen response status = GETUSER
14:00:10:

TAC+: send AUTHEN/CONT packet

14:00:10:

www.test-inexam.com 22 / 38
The safer , easier way to help you pass any IT exams.
TAC+: Sending TCP/IP packet number 383258052-3 to 192.168.60.15 (AUTHEN/CONT)
14:00:10:

TAC+: Receiving TCP/IP packet number 383258052-4 from 192.168.60.15

14:00:10:

TAC+ (383258052): received authen response status = GETPASS
14:00:14:

TAC+: send AUTHEN/CONT packet

14:00:14:

TAC+: Sending TCP/IP packet number 383258052-5 to 192.168.60.15 (AUTHEN/CONT)

14:00:14:

TAC+: Receiving TCP/IP packet number 383258052-6 from 192.168.60.15

14:00:14:

TAC+ (383258052): received authen response status = PASS

14:00:14:

TAC+: Closing TCP/IP connection to 192.168.60.15
Which statement about this debug output is true?

A.
The requesting authentication request came from username GETUSER.
B.
The TACACS+ authentication request came from a valid user.
C.
The TACACS+ authentication request passed, but for some reason the user’s connection was closed immediately.

D.
The initiating connection request was being spoofed by a different source address.

Correct Answer: B
QUESTION 58
Which type of Cisco IOS access control list is identified by 100 to 199 and 2000 to 2699?
A. standard
B. extended
C. named
D. IPv4 for 100 to 199 and IPv6 for 2000 to 2699
Correct Answer: B
QUESTION 59
Which step is important to take when implementing secure network management?
A. Implement in-band management whenever possible.
B. Implement telnet for encrypted device management access.
C. Implement SNMP with read/write access for troubleshooting purposes.
D. Synchronize clocks on hosts and devices.
E. Implement management plane protection using routing protocol authentication.

Correct Answer: D
QUESTION 60
Which Layer 2 protocol provides loop resolution by managing the physical paths to given network segments?
A. root guard
B. port fast
C. HSRP
D. STP

Correct Answer: D

Cisco 640-722 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of Cisco 640-722 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification