Actualtests 642-551
642-551 : Securing Cisco Network Devices Last Updated Wednesday, April 23, 2008 with 128 Questions
Securing Cisco Network Devices Exam
Exam Number: 642-551 Exam
Associated Certifications: Securing Cisco Network Devices Exam
Duration: 62 Q&As
Available Language(s): English
Exam Details
The Securing Cisco Network Devices 642-551 SND exam forms the foundation of the Cisco Certified Security Professional, Cisco Firewall Specialist, Cisco IPS Specialist, and Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the SND course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, and verify basic security features of Cisco Layer 2 devices, Cisco Routers, Cisco IDS/IPS Sensors, Cisco VPN 3000 Concentrators, and Cisco PIX Security Appliances.
Free 642-551 Exams’s PDF Download
Free Actualtests offers free demo for 642-551 PDF(Securing Cisco Network Devices Exam). You can check out the interface, question quality and usability of our practice exams . We are the only one site can offer demo for almost all Securing Cisco Network Devices Exam.
Recommended Training about 642-551 exam PDF
The following courses are the recommended training for 642-551 exam PDF.
642-551 Q & A with Explanations
642-551 Audio Exam
642-551 Study Guide
642-551 Preparation Lab
642-551 Exam Preparation from Actualtests with FULL explanations include:
Comprehensive questions with complete details
Detailed explanations of all the questions
Questions accompanied by exhibits
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Questions updated on regular basis
These questions and answers are backed by our GUARANTEE.
Like actual certification exams our product is in multiple-choice questions (MCQs).
642-551 Exam: Actualtests’s Securing Cisco Network Devices Exam PDF
The Securing Cisco Network Devices Exam PDF for preparing for the 642-551 exam - Actualtests’s Securing Cisco Network Devices Exam. Actualtests is your premier source for practice tests, and true testing environment. Nothing will prepare you for your next exam like a Actualtests . You find it all here at ciscoexams.org.
QUESTION 1:
What is a reconnaissance attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate
access privileges.
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a
system, replicate itself, or deny service or access to networks, systems, or services
D. when an intruder attacks your network in a way that damages or corrupts your
computer system, or denies you and other access to your networks, systems, or services
E. when an intruder attempts to learn user IDs and passwords that can later be used in
identity theft
Answer: B
Explanation: Attackers and hackers can employ social engineering techniques to pose as
legitimate people seeking out information. A few well structured telephone calls to
unsuspecting employees can provide a significant amount of information
Incorrect:
A - Is called ‘Access attacks’
C - Is called ‘Worms, Viruses and Trojan Horses’
D - Is called ‘Denial of Service (DOS) attacks’
E - This is an example of social engineering
QUESTION 2:
Which communication protocol is used by the administrator workstation to
communicate with the CSA MC?
A. SSH
B. Telnet
C. HTTPS
D. SSL
Answer: D
Explanation: Management Center for Cisco Security Agent (CSA MC) uses a Secure
Sockets Layer (SSL)-enabled web interface.
QUESTION 3:
What should be the first step in migrating a network to a secure infrastructure?
A. developing a security policy
642-551
Actualtests.com - The Power of Knowing
B. securing the perimeter
C. implementing antivirus protection
D. securing the DMZ
Answer: A
Explanation: The development of a security policy is the first step to a secure
infrastructure, without this availability of your network will be compromised.
QUESTION 4:
Select two ways to secure hardware from threats. (Choose two.)
A. The room must have steel walls and doors.
B. The room must be static free.
C. The room must be locked, with only authorized people allowed access.
D. The room should not be accessible via a dropped ceiling, raised floor, window,
ductwork, or point of entry other than the secured access point.
Answer: C, D
Explanation: -
Incorrect:
A - Not a required element.
B - Is called ‘Environment Threat mitigation’
QUESTION 5:
At which layer of the OSI model does a proxy server work?
A. data link
B. physical
C. application
D. network
E. transport
Answer: C
Explanation:
A proxy server is an application
QUESTION 6:
Which command on the Cisco PIX Security Appliance is used to write the current
running config to the Flash memory startup config?
642-551
Actualtests.com - The Power of Knowing
A. write terminal
B. write config
C. write memory
D. write startup config
Answer: C
Incorrect:
A - Shows running configuration on screen, like show running-configuration
B - No such command
D - No such command
QUESTION 7:
What is a description of a promiscuous PVLAN port?
A. It has a complete Layer 2 separation from the other ports within the same PVLAN.
B. It can only communicate with other promiscuous ports.
C. It can communicate with all interfaces within a PVLAN.
D. It cannot communicate with other ports.
Answer: C
Incorrect:
A - This is called ‘Isolated’
B - This is called ‘Community’
D - No such PVLAN
QUESTION 8:
How do you enable a host or a network to remotely access the Cisco IPS/IDS
sensor?
A. Configure static routes.
B. Configure dynamic routing.
C. Configure allowed hosts.
D. Configure DHCP.
Answer: C
Explanation:
The Allowed Hosts option enables you to define which IP addresses are allowed to
access the sensor via its management interface.
QUESTION 9:
In which version did NTP begin to support cryptographic authentication?
642-551
Actualtests.com - The Power of Knowing
A. version 5
B. version 4
C. version 3
D. version 2
Answer: C
Explanation:
Version 3 or above is required to support Cryptographic authentication mechanism
between peers.
QUESTION 10:
What must be configured on a network-based Cisco IDS/IPS to allow to monitor
traffic?
A. Enable rules.
B. Enable signatures.
C. Disable rules.
D. Disable signatures.
Answer: B
Free download:pass4sure 642-551
Free download:testking 642-551
TestKing - TestKing.com Help you pass Cisco exams
Pass4sure -Pass4sure.com The Worldwide Renowned Cisco Certification Material Provider .
Random Posts
