Download Free Actualtests 642-552 Dumps | Latest Cisco Certification Exams

Actualtests 642-552

642-552 : Securing Cisco Network Devices Last Updated Wednesday, April 23, 2008 with 128 Questions

Securing Cisco Networking Devices (SND)
Exam Number: 642-552 Exam
Associated Certifications: Securing Cisco Networking Devices (SND)
Duration: 60 Q&A
Available Language(s): English
Exam Details
The Securing Cisco Network Devices 642-552 SND is the exam associated with the Cisco Certified Security Professional, Cisco Firewall Specialist, Cisco IPS Specialist, and Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the Securing Cisco Network Devices v2.0 (SND) course. This exam tests a candidate’s knowledge of securing Cisco routers and switches and their associated networks. Topics covered include; Security threats facing modern network infrastructures, Securing Cisco routers, Implementing basic AAA, Using ACLs to mitigate router and network threats, Implementing secure management and reporting, Mitigating common Layer 2 attacks, and Implementing Cisco IOS Firewall features, Cisco IOS IPS features, and IPsec VPN features using Cisco Security Device Manager
Free 642-552 Exams’s PDF Download
Free Actualtests offers free demo for 642-552 PDF(Securing Cisco Networking Devices (SND)). You can check out the interface, question quality and usability of our practice exams . We are the only one site can offer demo for almost all Securing Cisco Networking Devices (SND).

Recommended Training about 642-552 exam PDF
The following courses are the recommended training for 642-552 exam PDF.
642-552 Q & A with Explanations
642-552 Audio Exam
642-552 Study Guide
642-552 Preparation Lab
642-552 Exam Preparation fromActualtests with FULL explanations include:
Comprehensive questions with complete details
Detailed explanations of all the questions
Questions accompanied by exhibits
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Questions updated on regular basis
These questions and answers are backed by our GUARANTEE.
Like actual certification exams our product is in multiple-choice questions (MCQs).
642-552 Exam: Actualtests’s Securing Cisco Networking Devices (SND) PDF
The Securing Cisco Networking Devices (SND) PDF for preparing for the 642-552 exam – Actualtests ’s Securing Cisco Networking Devices (SND). Actualtests is your premier source for practice tests, and true testing environment. Nothing will prepare you for your next exam like a Actualtests. You find it all here at Actualtests.org.

QUESTION 1:
A malicious program is disguised as another useful program; consequently, when
the user executes the program, files get erased and then the malicious program
spreads itself using emails as the delivery mechanism. Which type of attack best
describes how this scenario got started?
A. DoS
B. worm
C. virus
D. trojan horse
E. DDoS
Answer: D
Explanation:
Denial of Service (DoS) is an attack designed to render a computer or network incapable
of providing normal services. The most common DoS attacks will target the computer’s
network bandwidth or connectivity. Bandwidth attacks flood the network with such a
high volume of traffic, that all available network resources are consumed and legitimate
user requests cannot get through. Connectivity attacks flood a computer with such a high
volume of connection requests, that all available operating system resources are
consumed and the computer can no longer process legitimate user requests.
A “denial-of-service” attack is characterized by an explicit attempt by attackers to
prevent legitimate users of a service from using that service. Examples include
* attempts to “flood” a network, thereby preventing legitimate network traffic
* attempts to disrupt connections between two machines, thereby preventing access to a
service
* attempts to prevent a particular individual from accessing a service
* attempts to disrupt service to a specific system or person
Distributed Denial of Service
* An attacker launches the attack using several machines. In this case, an attacker breaks
into several machines, or coordinates with several zombies to launch an attack against a
target or network at the same time.
* This makes it difficult to detect because attacks originate from several IP addresses.
* If a single IP address is attacking a company, it can block that address at its firewall. If
it is 300 00 this is extremely difficult.
QUESTION 2:
What is the key function of a comprehensive security policy?
A. informing staff of their obligatory requirements for protecting technology and
information assets
B. detailing the way security needs will be met at corporate and department levels
642-552
Actualtests.com – The Power of Knowing
C. recommending that Cisco IPS sensors be implemented at the network edge
D. detailing how to block malicious network attacks
Answer: A
Explanation:
Developing a strong security policy helps to protect your resources only if all staff
members are properly instructed on all facets and processes of the policy. Most
companies have a system in place whereby all employees need to sign a statement
confirming that they have read and understood the security policy. The policy should
cover all issues the employees encounter in their day-to-day work, such as laptop
security, password policy, handling of sensitive information, access levels, tailgating,
countermeasures, photo IDs, PIN codes, and security information delivered via
newsletters and posters. A top-down approach is required if the policy is to be taken
seriously. This means that the security policy should be issued and supported from an
executive level downward.
QUESTION 3:
Which building blocks make up the Adaptive Threat Defense phase of Cisco SDN
strategy?
A. VoIP services, NAC services, Cisco IBNS
B. network foundation protection, NIDS services, adaptive threat mitigation services
C. firewall services, intrusion prevention, secure connectivity
D. firewall services, IPS and network antivirus services, network intelligence
E. Anti-X defense, NAC services, network foundation protection
Answer: D
Explanation:
Computer connected to the Internet without a firewall can be hijacked and added to an
Internet outlaw’s botnet in just a few minutes. A firewall can block malware that could
otherwise scan your computer for vulnerabilities and then try to break in at a weak point.
The real issue is how to make one 99.9% secure when it is connected to in Internet. At a
minimum computers need to have firewall, antivirus and anti-spyware software installed
and kept up-to-date. A home network that uses a wired or wireless router with firewall
features provides additional protection.
A computer virus can be best described as a small program or piece of code that
penetrates into the operating system, causing unexpected and negative events to occur. A
well-known example is a virus, SoBig. Computer viruses reside in the active memory of
the host and try to duplicate themselves by different means. This duplication mechanism
can vary from copying files and broadcasting data on local-area network (LAN) segments
to sending copies via e-mail or an Internet relay chat (IRC). Antivirus software
applications are developed to scan the memory and hard disks of hosts for known viruses.
642-552
Actualtests.com – The Power of Knowing
If the application finds a virus (using a reference database with virus definitions), it
informs the user.
QUESTION 4:
DRAG DROP
You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller
asks you to match the malicious network attack types with the correct definition.
Answer:
642-552
Actualtests.com – The Power of Knowing
Explanation:
1. Reconnaissance:
Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much
information as possible about a target of attack prior to launching an attack. This phase is
also where the attacker draws on competitive intelligence to learn more about the target.
The phase may also involve network scanning either external or internal without
authorization.
This is a phase that allows the potential attacker to strategize his attack. This may spread
over time, as the attacker waits to unearth crucial information. One aspect that gains
prominence here is social engineering. A social engineer is a person who usually smooths
talk’s people into revealing information such as unlisted phone numbers, passwords or
even sensitive information. Other reconnaissance techniques include dumpster diving.
Dumpster diving is the process of looking through an organization’s trash for discarded
sensitive information. Building user awareness of the precautions they must take in order
to protect their information assets is a critical factor in this context.
2. DOS (Denial Of Service)
Denial of Service (DoS) is an attack designed to render a computer or network incapable
of providing normal services. The most common DoS attacks will target the computer’s
network bandwidth or connectivity. Bandwidth attacks flood the network with such a
high volume of traffic, that all available network resources are consumed and legitimate
user requests cannot get through. Connectivity attacks flood a computer with such a high
volume of connection requests, that all available operating system resources are
consumed and the computer can no longer process legitimate user requests.
3. Brute force
642-552
Actualtests.com – The Power of Knowing
The brute force method is the most inclusive – though slow. Usually, it tries every
possible letter and number combination in its automated exploration.
QUESTION 5:
DRAG DROP
You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller
asks you to match signature type with the correct definition.
Answer:
Explanation:
1. DOS (Denial Of Service)
Denial of Service (DoS) is an attack designed to render a computer or network incapable
of providing normal services. The most common DoS attacks will target the computer’s
network bandwidth or connectivity. Bandwidth attacks flood the network with such a
642-552
Actualtests.com – The Power of Knowing
high volume of traffic, which all available network resources are consumed and
legitimate user requests cannot get through. Connectivity attacks flood a computer with
such a high volume of connection requests, that all available operating system resources
are consumed and the computer can no longer process legitimate user requests.
2. Exploit
A defined way to breach the security of an IT system through vulnerability.
QUESTION 6:
Which of these two ways does Cisco recommend that you use to mitigate
maintenance-related threats? (Choose two.)
A. Maintain a stock of critical spares for emergency use.
B. Ensure that all cabling is Category 6.
C. Always follow electrostatic discharge procedures when replacing or working with
internal router and switch device components.
D. Always wear an electrostatic wrist band when handling cabling, including fiber-optic
cabling.
E. Always employ certified maintenance technicians to maintain mission-critical
equipment and cabling.
Answer: A,C
QUESTION 7:
What are two security risks on 802.11 WLANs that implement WEP using a static
40-bit key with open authentication? (Choose two.)
A. The IV is transmitted as plaintext, and an attacker can sniff the WLAN to see the IV.
B. The challenge packet sent by the wireless AP is sent unencrypted.
C. The response packet sent by the wireless client is sent unencrypted.
D. WEP uses a weak-block cipher such as the Data Encryption Algorithm.
E. One-way authentication only where the wireless client does not authenticate the
wireless-access point.
Answer: A,E
Explanation:
The wireless nature and the use of radio frequency for networking makes securing
WLANs more challenging than securing a wired LAN. Originally, the Wired Equivalent
Privacy (WEP) protocol was developed to address this issue. It was designed to provide
the same privacy that a user would have on a wired network. WEP is based on the RC4
symmetric encryption standard and uses either 64-bit or 128-bit key. However, the keys
are not really this many bits because a 24-bit Initialization Vector (IV) is used to provide
randomness. So the “real key” is actually 40 or 104 bits long. There are two ways to
implement the key. First, the default key method shares a set of up to four default keys
642-552
Actualtests.com – The Power of Knowing
with all the wireless access points (WAPs). Second is the key mapping method, which
sets up a key-mapping relationship for each wireless station with another individual
station. Although slightly more secure, this method is more work. Consequently, most
WLANs use a single shared key on all stations, which makes it easier for a hacker to
recover the key. Now, let’s take a closer look at WEP and discuss the way it operates.
To better understand the WEP process, you need to understand the basics of Boolean
logic. Specifically, you need to understand how XORing works. XORing is just a simple
binary comparison between two bytes that produce another byte as a result of the
XORing process. When the two bits are compared, XORing looks to see if they are
different. If they are different, the resulting output is 1. If the two bits are the same, the
result is 0. If you want to learn more about Boolean logic, a good place to start is here:
http://en.wikipedia.org/wiki/Boolean_algebra. All this talk about WEP might leave you
wondering how exactly RC4 and XORing are used to encrypt wireless communication.
To better explain those concepts, let’s look at the seven steps of encrypting a message:
1. The transmitting and receiving stations are
initialized with the secret key. This secret
key must be distributed using an out-ofband
mechanism such as email, posting it
on a website, or giving it to you on a piece
of paper the way many hotels do.
2. The transmitting station produces a seed,
which is obtained by appending the 40-bit
secret key to the 24-bit Initialization
Vector (IV), for input into a Pseudo
Random Number Generator (PRNG).
3. The transmitting station inputs the seed to
the WEP PRNG to generate a key stream
of random bytes.
4. The key stream is XORd with plaintext to
obtain the cipher text.
5. The transmitting station appends the
cipher text to the IV and sets a bit
indicates that it is a WEP-encrypted
packet. This completes WEP
encapsulation, and the results are
transmitted as a frame of data. WEP only
encrypts the data. The header and trailer
are sent in clear text.
6. The receiving station checks to see if the
encrypted bit of the frame it received is
set. If so, the receiving station extracts the
IV from the frame and appends the IV
with the secret key.
642-552
Actualtests.com – The Power of Knowing
7. The receiver generates a key stream that
must match the transmitting station’s key.
This key stream is XORd with the cipher
text to obtain the sent plaintext.
QUESTION 8:
DRAG DROP
You work as a network administrator at Certkiller .com. Your boss Mrs. Certkiller
asks order the steps to mitigate a worm attack.
Answer:
Explanation:
Viruses and worms are part of a larger category of malicious code or malware. Viruses
and worms are programs that can cause a wide range of damage from displaying
messages to making programs work erratically or even destroying data or hard drives.
Viruses accomplish their designed task by placing self-replicating code in other
programs. When these programs execute, they replicate again and infect even more
programs. Closely related to viruses and worms is spyware. Spyware is considered
another type of malicious software. In many ways, spyware is similar to a Trojan, as most
642-552
Actualtests.com – The Power of Knowing
users don’t know that the program has been installed and it hides itself in an obscure
location. Spyware steals information from the user and also eats up bandwidth. If that’s
not enough, it can also redirect your web traffic and flood you with annoying pop-ups.
Many users view spyware as another type of virus.
The following are the recommended steps for worm attack mitigation:
1. Containment: Contain the spread of the worm inside your network and within your
network. Compartmentalize parts of your network that have not been infected.
2. Inoculation: Start patching all systems and, if possible, scanning for vulnerable
systems.
3. Quarantine
: Track down each infected machine inside your network. Disconnect, remove, or block
infected machines from the network.
4. Treatment: Clean and patch each infected system. Some worms may require complete
core system reinstallations to clean the system.
QUESTION 9:
Which method of mitigating packet-sniffer attacks is the most effective?
A. implement two-factor authentication
B. deploy a switched Ethernet network infrastructure
C. use software and hardware to detect the use of sniffers
D. deploy network-level cryptography using IPsec, secure services, and secure protocols
Answer: D
Explanation:
You cannot talk about VPNs without saying something about IP Security (IPSec). IPSec
is a framework of open standards. It is not bound to any specific encryption or
authentication algorithm keying technology. IPSec acts on the network layer, where it
protects and authenticates IP packets between participating peers such as firewalls,
routers, or concentrators. IPSec security provides four major functions:
* Confidentiality The sender can encrypt the packets before transmitting them across the
network. If such a communication is intercepted, it cannot be read by anybody.
* Data integrity The receiver can verify whether the data was changed while traveling the
Internet.
* Origin authenticationThe receiver can authenticate the source of the packet.
* Antireplayprotection The receiver can verify that each packet is unique and is not
duplicated.
QUESTION 10:
What is a reconnaissance attack?
A. when an intruder attacks networks or systems to retrieve data, gain access, or escalate
access privileges.
642-552
Actualtests.com – The Power of Knowing
B. when an intruder attempts to discover and map systems, services, and vulnerabilities
C. when malicious software is inserted onto a host in order to damage a system, corrupt a
system, replicate itself, or deny service or access to networks, systems, or services
D. when an intruder attacks your network in a way that damages or corrupts your
computer system, or denies you and other access to your networks, systems, or services
E. when an intruder attempts to learn user IDs and passwords that can later be used in
identity theft
Answer: B