Actualtests 642-511
642-511 : Securing Networks with Cisco Routers and Switches Last Updated Friday, August 08, 2008 with 202 Questions
VPN and Security Cisco Secure Virtual Private Networks (CSVPN)
Exam Number: 642-511 Exam
Associated Certifications: VPN and Security Cisco Secure Virtual Private Networks (CSVPN)
Duration: 174 Q&As
Available Language(s): English
Exam Details
The Cisco Secure Virtual Private Networks exam (CSVPN 642-511) is one of the exams associated with the Cisco Certified Security Professional and the Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the CSVPN v4.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify, and manage the Cisco VPN 3000 Concentrator, Cisco VPN Software Client, and Cisco VPN 3002 Hardware Client feature set. CCNA or CCDA recertification candidates who pass the 642-511 CSVPN exam will be considered recertified at the CCNA or CCDA level.
Free 642-511 Exams’s PDF Download
Free Actualtests offers free demo for 642-511 PDF(VPN and Security Cisco Secure Virtual Private Networks (CSVPN)). You can check out the interface, question quality and usability of our practice exams . We are the only one site can offer demo for almost all VPN and Security Cisco Secure Virtual Private Networks (CSVPN).
Recommended Training about 642-511 exam PDF
The following courses are the recommended training for 642-511 exam PDF.
642-511 Q & A with Explanations
642-511 Audio Exam
642-511 Study Guide
642-511 Preparation Lab
642-511 Exam Preparation fromActualtests with FULL explanations include:
Comprehensive questions with complete details
Detailed explanations of all the questions
Questions accompanied by exhibits
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Questions updated on regular basis
These questions and answers are backed by our GUARANTEE.
Like actual certification exams our product is in multiple-choice questions (MCQs).
642-511 Exam: Actualtests’s VPN and Security Cisco Secure Virtual Private Networks (CSVPN) PDF
The VPN and Security Cisco Secure Virtual Private Networks (CSVPN) PDF for preparing for the 642-511 exam - Actualtests’s VPN and Security Cisco Secure Virtual Private Networks (CSVPN). Actualtests is your premier source for practice tests, and true testing environment. Nothing will prepare you for your next exam like a Actualtests. You find it all here at ciscoexams.org.
QUESTION 1:
What is the maximum number of simultaneous sessions that can be supported when
doing encryption in hardware within the Cisco VPN Concentrator series of
products?
A. 100
B. 1500
C. 5000
D. 10000
E. infinite
Answer: D
Explanation:
The Cisco VPN 3000 Series Concentrator comes in a variety of models that can support
small offices of 100 of fewer VPN connections to large enterprises of 10,000 or more
simultaneous VPN connections. Redundant and nonredundant configuration are available
to help ensure the high reliability of these devices.
Reference: Cisco Press CCSP Cisco Secure VPN (Roland, Newcomb) p.30
QUESTION 2:
Which of the following operating systems can run the
software VPN client? Choose all that apply.
A. linux
B. mac
C. windows
D. solaris
Answer: A, B, C,D
Explanation:
There are VPN software clients available for Windows,
Solaris, Linux, and Macintosh.
QUESTION 3:
DRAG DROP
Jason from the security department was given the assignment to match the Cisco
VPN key with its description.
642-511
Actualtests.com - The Power of Knowing
Answer:
642-511
Actualtests.com - The Power of Knowing
Explanation:
The Diffie-Hellman (D-H) key agreement is a public key encryption method that
provides a way for two IPSec peers to establish a shared secret key that only they know,
although they communicating over an insecure channel.
With D-H, each peer generates a public and private key pair. The private key generated
by each peer is kept secret and never shared. The public key is calculated from the
private key by each peer and is exchanged over the insecure channel. Each peer combines
the other’s public key with its own private and computes the shared secret key number
exchanged over the insecure channel.
Reference: Cisco Secure Virtual Private Network (Ciscopress) page 18-20
QUESTION 4:
Johnasked Kathy from the security department about authentication and encryption. John
wants to know when both authentication and encryption are selected in the virtual IP
address, which is performed first at the originating end. What was Kathy’s answer?
A. Encryption was Kathy’s answer
B. Tunnel was Kathy’s answer.
C. Transport was Kathy’s answer
D. Authentication was Kathy’s answer
Answer: A
642-511
Actualtests.com - The Power of Knowing
Explanation:
When both encryption and authentication are selected, encryption is performed frist,
before authentication. One reason for this order of processing is that it facilitates rapid
detection and rejection of replayed or bogus packets by the receiving node.
Reference: Cisco Secure Virtual Private Networks (Ciscopress) page 15
QUESTION 5:
James the security administrator at Certkiller Inc. is working on encryption. He needs to
know what type of keys does DES and 3DES require for encryption and decryption.
A. DES and 3DES require Elliptical curve keys for encryption and decryption
B. DES and 3DES require Exponentiation keys for encryption and decryption
C. DES and 3DES require Symmetrical keys for encryption and decryption
D. DES and 3DES require Asymmetrical keys for encryption and decryption
Answer: C
Explanation:
des
3des
Specifies the symmetric encryption algorithm used to protect user data transmitted
between two IPSec peers. The default is 56-bit DES-CBC, which is less secure and faster
than the alternative.
QUESTION 6:
Which of the following are the types of keys RSA use for encryption and
decryption?
A. exponentiation keys
B. symmetrical keys
C. asymmetrical keys
D. elliptical curve keys
Answer: C
Explanation: There are two types of cryptographic keys; public keys — sometimes
called asymmetric key — and symmetric keys. RSA and Diffie-Hellman are common
public key algorithms and RC4, DES and IDEA common symmetric key algorithms.
You cannot directly compare public key lengths (for example RSA keys) with
symmetric key lengths (DES, RC4); this is an important point which confuses many
people
642-511
Actualtests.com - The Power of Knowing
QUESTION 7:
Which Cisco VPN feature will permit the sender to encrypt packets before
transmitting them across a network?
A. The anti-replay feature
B. The data confidentially feature
C. The data integrity feature
D. The data original authentication feature
Answer: B
Explanation:
Data Confidentiality.The IPSec sender can encrypt packets before transmitting them
across a network.
* Data Integrity-The IPSec receiver can authenticate packets sent by the IPSec sender to
ensure that the data has not been altered during transmission.
* Data Origin Authentication-The IPSec receiver can authenticate the source of the IPSec
packets sent. This service is dependent upon the data integrity service.
* Anti-Replay-The IPSec receiver can detect and reject replayed packets.
With IPSec, data
QUESTION 8:
What AES encryption bits lengths can you use on your
Concentrator ESP IPSEC VPN? Choose all that apply.
A. 56
B. 128
C. 192
D. 256
E. 1024
Answer: B,C,D
Explanation:
Advanced Encryption Standard (AES) can be used in 128,
192, and 256 bit encryption lengths in ESP when using
IPSEC on your Concentrator.
QUESTION 9:
Which of the following are ISAKMP hash protocols?
Choose all that apply.
A. NAT
642-511
Actualtests.com - The Power of Knowing
B. IKE
C. DES
D. SHA
E. MD5
Answer: D,E
Explanation:
You can use SHA and MD5 for HMAC authentication.
QUESTION 10:
Which of the following can be IPSEC termination
endpoints? Choose all that apply.
A. IOS Router
B. PIX Firewall
C. Concentrator
D. IDS Sensor
Answer: A,B,C
Explanation:
These Cisco products can all terminate IPSEC, meaning
they are actually involved in the IPSEC
encryption/decryption process, not just passing VPN
encrypted traffic.
Free download:pass4sure 642-511
Free download:testking 642-511
TestKing - TestKing.com Help you pass Cisco exams
Pass4sure -Pass4sure.com The Worldwide Renowned Cisco Certification Material Provider .
Random Posts
[...] and Security Cisco Secure Virtual Private Networks (CSVPN)”, also known as 642-511 exam, is a Cisco certification. Preparing for the 642-511 exam? Searching 642-511 Test Questions, [...]