Pass4sure Cisco 642-565 Exam
Security Solutions for Systems Engineers(SSSE) : 642-565 Exam
Exam Number/Code: 642-565
Exam Name: Security Solutions for Systems Engineers(SSSE)
Exam : Cisco 642565
Title :
Cisco. Security Solutions for
Systems Engineers(SSSE)
Update : Demo
1. SomeCompany, Ltd. wants to implement the the PCI Data Security Standard to protect sensitive
cardholder information. They are planning to use RSA to ensure data privacy, integrity, and origin authentication. Which two of these statements describe features of the RSA keys? (Choose two.)
A. The public key only encrypts. B. The public key only decrypts.
C. The public key both encrypts and decrypts. D. The private key only encrypts.
E. The private key only decrypts.
F. The private key both encrypts and decrypts. Answer: CF
2. What are two functions of Cisco Security Agent? (Choose two.) A. authentication
B. control of executable content
C. resource protection
D. spam filtering E. user tracking Answer: BC
3. Which three policy types can be assigned to a network user role in the Cisco NAC Appliance architecture? (Choose three.)
A. allowed IP address ranges
B. session duration
C. minimum password length D. VPN and roaming policies E. inactivity period
F. network port scanning plugins
Answer: BDF
4. Which of these items is a valid method to verify a network security design? A. network audit
B. signoff by the operations team
C. computer simulation
D. analysis of earlier attacks E. pilot or prototype network Answer: E
5. Which two components should be included in a detailed design document for a security solution?
(Choose two.) A. data source
B. existing network infrastructure
C. organizational chart
D. proof of concept
E. traffic growth forecast
F. weaklink description
Answer: BD
6. What are three functions of CSA in helping to secure customer environments? (Choose three.)
A. application control
B. control of executable content
C. identification of vulnerabilities
D. probing of systems for compliance E. realtime analysis of network traffic F. system hardening
Answer: ABF
7. Which two of these features are key elements of the collaborative security approach? (Choose two.)
A. integration of security features in network equipment
B. Network Admission Control
C. coordinated defense of potential entry points
D. automated event and action filters
E. network behavioral analysis
F. device chaining
Answer: BC
8. Drag and Drop
Answer:
9. Which three technologies address ISO 17799 requirements for unauthorized access prevention?
(Choose three.)
A. Cisco Secure Access Control Server
B. SSL VPN C. 802.1X
D. Network Admission Control
E. Cisco Security MARS
F. intrusion prevention system
Answer: ACD
10. Which certificates are needed for a device to join a certificateauthenticated network?
A. the certificates of the certificate authority and the device
B. the certificates of the device and its peer
C. the certificates of the certificate authority and the peer
D. the certificates of the certificate authority, the device, and the peer
Answer: A
11. What allows Cisco Security Agent to block malicious behavior before damage can occur?
A. correlation of network traffic with signatures
B. interception of operating system calls
C. scan of downloaded files for malicious code
D. user query and response
Answer: B
12. What are three advantages of Cisco Security MARS? (Choose three.) A. performs automatic mitigation on Layer 2 devices
B. ensures that the user device is not vulnerable
C. fixes vulnerable and infected devices automatically
D. provides rapid profilebased provisioning capabilities
E. is network topology aware
F. contains scalable, distributed event analysis architecture
Answer: AEF
13. Which encryption protocol is suitable for an enterprise with standard security requirements?
A. MD5
B. 768bit RSA encryption
C. AES128
D. DES
E. SHA256
Answer: C
14. In which two ways do Cisco ASA 5500 Series Adaptive Security Appliances achieve containment and control? (Choose two.)
A. by enabling businesses to create secure connections
B. by preventing unauthorized network access
C. by probing end systems for compliance
D. by tracking the state of all network communications
E. by performing traffic anomaly detection
Answer: BD
15. Which three of these security products complement each other to achieve a secure ebanking solution?
(Choose three.)
A. Cisco IOS DMVPN
B. Cisco Intrusion Prevention System
C. CCA Agent
D. Cisco Adaptive Security Appliance
E. Cisco Security Agent F. Cisco Trust Agent Answer: BDE
16. Which IPS feature models worm behavior and correlates the specific time between events, network behavior, and multiple exploit behavior to more accurately identify and stop worms?
A. Risk Rating
B. Meta Event Generator
C. Security Device Event Exchange support
D. traffic normalization
Answer: B
17. Which three elements does the NAC Appliance Agent check on the client machine? (Choose three.)
A. IP address
B. registry keys
C. presence of Cisco Trust Agent
D. presence of Cisco Security Agent
E. Microsoft hotfixes
Answer: BDE
18. Which of these items is a feature of a systemlevel approach to security management?
A. singleelement management
B. responsibility sharing
C. multiple crossvendor management platforms
D. high availability
E. complex operations
Answer: D
19. In which way do components of the NAC Appliance architecture communicate?
A. NAC Appliance Manager sends checkup instructions to the NAC Appliance Server.
B. NAC Appliance Manager sends remediation instructions to the NAC Appliance Agent. C. NAC Appliance Server sends block instructions to the NAC Appliance Agent.
D. NAC Appliance Agent sends procedure instructions to the NAC Appliance Server.
E. NAC Appliance Agent sends checkup instructions to the NAC Appliance Manager.
F. NAC Appliance Server sends block instructions to the NAC Appliance Manager. Answer: B
20. Which two technologies address ISO 17799 requirements in detecting, preventing, and responding to attacks and intrusions? (Choose two.)
A. Cisco Security MARS B. 802.1X
C. DMVPN
D. Cisco NAC Appliance E. Cisco Security Agent F. Cisco Trust Agent Answer: AE
21. Drag and Drop
Answer:
22. Which two components should be included in a network design document? (Choose two.)
A. complete network blueprint
B. configuration for each device
C. detailed part list
D. operating expense E. risk analysis Answer: AC
23. Which three components should be included in a security policy? (Choose three.) A. identification and authentication policy
B. incident handling procedure
C. security best practice
D. security product recommendation
E. software specifications
F. statement of authority and scope
Answer: ABF
24. Which statement is true regarding Cisco IOS IPS performance and capabilities? A. Cisco IOS IPS signatures have a minimal impact on router memory.
B. Cisco IOS IPS uses a parallel signaturescanning engine to scan for multiple patterns within a signature microengine at any given time.
C. Cisco IOS IPS offers a wider signature coverage than the IDSM2 module.
D. All Cisco IOS IPS signatures should be enabled to maximize the coverage, except for falsepositives reduction.
Answer: B
25. Which IPS platform can operate in inline mode only? A. Cisco IPS 4200 Series Sensor
B. IDSM2
C. Cisco IOS IPS
D. Cisco ASA AIP SSM Answer: C
26. Which of these items describes a benefit of deploying the NAC appliance in inband mode rather than
outofband mode?
A. bandwidth enforcement policy
B. Nessus scanning
C. NAC Appliance Agent deployment
D. higher number of users per NAC Appliance E. support for Layer 2 or Layer 3 deployments Answer: A
27. Drag and Drop
Answer:
28. What are the advantages of IPsecbased sitetosite VPNs over traditional WAN networks?
A. bandwidth guarantees, support for nonIP protocols, scalability, and modular design guidelines
B. bandwidth guarantees, flexibility, security, and low cost
C. span, flexibility, security, and low cost
D. delay guarantees, span, performance, security, and low cost
Answer: C
29. SomeCompany, Ltd. wishes to adopt the Adaptive Threat Defense architecture in their security policy.
Identify three components of the antiX defense pillar. (Choose three.) A. anomaly detection
B. applicationlevel rolebased access control
C. distributed denialofservice mitigation
D. transaction privacy
E. URL filtering
F. network auditing
Answer: ACE
30. Which three of these security products complement each other to achieve a secure remoteaccess solution? (Choose three.)
A. Adaptive Security Appliance
B. Cisco Security MARS C. NAC Appliance
D. Cisco GET VPN
E. Cisco Secure Access Control Server
F. URL filtering server
Answer: ACE
KillTest.com was founded in 2006. The safer,easier way to help you pass any IT
Certification exams . We provide high quality IT Certification exams practice questions and answers(Q&A). Especially Adob e, Apple, Cit rix, Compt ia, EM C,
HP, Hu aW ei, LPI, No rtel, Oracle , SUN, Vmw are and so on. And help you pass any IT Certification exams at the first try.
You can reach us at any of the email addresses listed below. English Customer: Chinese Customer: Sales : sales@Killtest.com sales@Killtest.net
Support: support@Killtest.com support@Killtest.com
“Security Solutions for Systems Engineers(SSSE)”, also known as 642-565 exam, is a Cisco certification.
Preparing for the 642-565 exam? Searching 642-565 Test Questions, 642-565 Practice Exam, 642-565 Dumps?
With the complete collection of questions and answers, Pass4sure has assembled to take you through 70 Q&As to your 642-565 Exam preparation. In the 642-565 exam resources, you will cover every field and category in Others helping to ready you for your successful Cisco Certification.
Questions and Answers : 70 Q&As
Updated: April 3rd , 2008
Market Price: $125.99
Member Price: $99.99
Free down:Pass4sure Cisco 642-565 v2.83
Free down:Testking 642-565
password:www.topcerts.cn
| Cisco Braindumps Free Downloads |
|
Type |
Exam Bible | New Questions & Answers |
Latest Updated |
Download link |
 |
All Cisco 's Exam Pack |
589 |
1 days ago | Download |
[...] download: testking 642-565 Free download: pass4sure 642-565 Free download: actualtest 642-565 Free download: testinside [...]