exam1passzy's picture
From exam1passzy rss RSS  subscribe Subscribe

Exam1pass free dumps 642-503 exam braindumps 

642-503 exam,Cisco CCSP 642-503 braindumps training materials - exam1pass

 

 
 
Tags:  642-503 exam  dumps  study guides  trainning materials  questions and answers 
Views:  115
Published:  July 13, 2010
 
0
download

Share plick with friends Share
save to favorite
Report Abuse Report Abuse
 
Related Plicks
Exam1pass free dumps BH0-006 exam braindumps

Exam1pass free dumps BH0-006 exam braindumps

From: exam1passzy
Views: 584 Comments: 0
BH0-006 exam,ISEB ISEB Certification BH0-006 braindumps training materials - exam1pass
 
Exam1pass freedumps 000-m47exambraindum ps

Exam1pass freedumps 000-m47exambraindumps

From: exam1passzy
Views: 183 Comments: 0
000-M47 exam,IBM Lotus Certification 000-M47 braindumps training materials - exam1pass
 
Exam1pass free dumps 000-m47 exambraindumps

Exam1pass free dumps 000-m47 exambraindumps

From: exam1passzy
Views: 188 Comments: 0
000-M47 exam,IBM Lotus Certification 000-M47 braindumps training materials - exam1pass
 
Exam1pass free dumps 642-359 exam braindumps

Exam1pass free dumps 642-359 exam braindumps

From: exam1passzy
Views: 235 Comments: 0
642-359 exam,Cisco Storage Networking 642-359 braindumps training materials - exam1pass
 
Exam1pass free dumps 000-935 exam braindumps

Exam1pass free dumps 000-935 exam braindumps

From: exam1passzy
Views: 241 Comments: 0
000-935 exam,IBM IBM certifications I 000-935 braindumps training materials - exam1pass
 
Exam1pass free dumps 642-542 exam braindumps

Exam1pass free dumps 642-542 exam braindumps

From: exam1passzy
Views: 204 Comments: 0
642-542 exam,Cisco CCSP 642-542 braindumps training materials - exam1pass
 
Exam1pass free dumps 642-551 exam braindumps

Exam1pass free dumps 642-551 exam braindumps

From: exam1passzy
Views: 213 Comments: 0
642-551 exam,Cisco CCSP 642-551 braindumps training materials - exam1pass
 
See all 
 
More from this user
Exam1pass free dumps 70-235 exam braindumps

Exam1pass free dumps 70-235 exam braindumps

From: exam1passzy
Views: 565
Comments: 0

Exam1pass free dumps BH0-006 exam braindumps

Exam1pass free dumps BH0-006 exam braindumps

From: exam1passzy
Views: 584
Comments: 0

Exam1pass free dumps MB5-845 exam braindumps

Exam1pass free dumps MB5-845 exam braindumps

From: exam1passzy
Views: 559
Comments: 0

Exam1pass free dumps GB0-540 exam braindumps

Exam1pass free dumps GB0-540 exam braindumps

From: exam1passzy
Views: 640
Comments: 0

Exam1pass free dumps 646-590 exam braindumps

Exam1pass free dumps 646-590 exam braindumps

From: exam1passzy
Views: 460
Comments: 0

Exam1pass free dumps 70-228 exam braindumps

Exam1pass free dumps 70-228 exam braindumps

From: exam1passzy
Views: 485
Comments: 0

See all 
 
 
 URL:          AddThis Social Bookmark Button
Embed Thin Player: (fits in most blogs)
Embed Full Player :
 
 

Name

Email (will NOT be shown to other users)

 

 
 
Comments: (watch)
 
 
Notes:
 
Slide 1: Exam1pass Easiest way to pass IT exams Exam Title : : Cisco 642-503 Cisco® Securing Networks with Cisco Routers and Switches Version : Demo Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com
Slide 2: Exam1pass Easiest way to pass IT exams 1. Which two statements are true regarding classic Cisco IOS Firewall configurations? (Choose two.) A. You can apply the IP inspection rule in the inbound direction on the trusted interface. B. You can apply the IP inspection rule in the outbound direction on the untrusted interface. C. For temporary openings to be created dynamically by Cisco IOS Firewall, the access list for the returning traffic must be a standard ACL. D. For temporary openings to be created dynamically by Cisco IOS Firewall, you must apply the IP inspection rule to the trusted interface. E. For temporary openings to be created dynamically by Cisco IOS Firewall, the inbound access list on the trusted interface must be an extended ACL. Answer: AB 2. Refer to the exhibit. Why is the Cisco IOS Firewall authentication proxy not working? A. The aaa authentication auth-proxy default group tacacs+ command is missing in the configuration. B. The router local username and password database is not configured. C. Cisco IOS authentication proxy only supports RADIUS and not TACACS+. D. HTTP server and AAA authentication for the HTTP server is not enabled. E. The AAA method lists used for authentication proxy should be named "pxy" rather than "default" to match the authentication proxy rule name. Answer: D 3. Refer to the exhibit. What additional configuration is required for the Cisco IOS Firewall to reset the TCP connection if any peer-to-peer, tunneling, or instant messaging traffic is detected over HTTP? A. class-map configuration for matching peer-to-peer, tunneling, and instant messaging traffic over HTTP, and a policy map specifying the reset action B. the port-misuse default action reset alarm command in the HTTP application firewall policy configuration C. the PAM configuration for mapping the peer-to-peer, tunneling, and instant messaging TCP ports to the HTTP application D. the ip inspect name firewall im, ip inspect name firewall p2p, and ip inspect name firewall tunnel commands E. the service default action reset command in the HTTP application firewall policy configuration Answer: B 4. Refer to the exhibit. Why is the Total Active Signatures count zero? A. The 128MB.sdf file in flash is corrupted. B. IPS is in fail-open mode. Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com
Slide 3: Exam1pass C. IPS is in fail-closed mode. D. IPS has not been enabled on an interface yet. Easiest way to pass IT exams E. The flash:/128MB.sdf needs to be merged with the built-in signatures first. Answer: D 5. Which three configurations are required to enable the Cisco IOS Firewall to inspect a user-defined application which uses TCP ports 8000 and 8001? (Choose three.) A. access-list 101 permit tcp any any eq 8000 access-list 101 permit tcp any any eq 8001 class-map user-10 match access-group 101 B. policy-map user-10 class user-10 inspect C. ip port-map user-10 port tcp 8000 8001 description "TEST PROTOCOL" D. ip inspect name test appfw user-10 E. ip inspect name test user-10 F. int {type|number} ip inpsect name test in Answer: CEF 6. What are two benefits of using an IPsec GRE tunnel? (Choose two.) A. It allows dynamic routing protocol to run over the tunnel interface. B. It has less overhead than running IPsec in tunnel mode. C. It allows IP multicast traffic. D. It requires a more restrictive crypto ACL to provide finer security control. E. It supports the use of dynamic crypto maps to reduce configuration complexity. Answer: AC 7. Refer to the DMVPN topology diagram in the exhibit. Which two statements are correct? (Choose two.) A. The hub router needs to have EIGRP split horizon disabled. B. At the Spoke A router, the next hop to reach the 192.168.2.0/24 network is 10.0.0.1. C. Before a spoke-to-spoke tunnel can be built, the spoke router needs to send an NHRP query to the hub to resolve the remote spoke router physical interface IP address. D. At the Spoke B router, the next hop to reach the 192.168.1.0/24 network is 172.17.0.1. E. The spoke routers act as the NHRP servers for resolving the remote spoke physical interface IP address. F. At the Spoke A router, the next hop to reach the 192.168.0.0/24 network is 172.17.0.1. Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com
Slide 4: Exam1pass Answer: AC Easiest way to pass IT exams 8. Referring to a DMVPN hub router tunnel interface configuration, what can happen if the ip nhrp map multicast dynamic command is missing on the tunnel interface? A. The NHRP request and response between the spoke router and hub router will fail. B. The GRE tunnel between the hub router and the spoke router will be down. C. The IPsec peering between the hub router and the spoke router will fail. D. The dynamic routing protocol between the hub router and the spoke router will fail. E. The NHRP mappings at the spoke routers will be incorrect. F. The NHRP mappings at the hub router will be incorrect. Answer: D 9. Which three of these statements are correct regarding DMVPN configuration? (Choose three.) A. If running EIGRP over DMVPN, the hub router tunnel interface must have "next hop self" enabled: ip next-hop-self eigrp AS-Number B. If running EIGRP over DMVPN, the hub router tunnel interface must have split horizon disabled: no ip split-horizon eigrp AS-Number C. The spoke routers must be configured as the NHRP servers: ip nhrp nhs spoke-tunnel-ip-address D. At the spoke routers, static NHRP mapping to the hub router is required: ip nhrp map hub-tunnel-ip-address hub-physical-ip-address E. The GRE tunnel mode must be set to point-to-point mode: tunnel mode gre point-to-point F. The GRE tunnel must be associated with an IPsec profile: tunnel protection ipsec profile profile-name Answer: BDF 10. When you configure Cisco IOS WebVPN, you can use the port-forward command to enable which function? A. web-enabled applications B. Cisco Secure Desktop C. full-tunnel client D. thin client E. CIFS F. OWA Answer: D 11. Refer to the exhibit. What additional configuration is required to enable split tunneling? A. the reverse-route command under "crypto dynamic-map mode 1" B. the include-local-lan under "crypto dynamic-map mode 1" C. the match address 199 command under "crypto dynamic-map mode 1" Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com
Slide 5: Exam1pass Easiest way to pass IT exams D. the acl 199 command under "crypto isakmp client configuration group cisco" E. the include-local-lan command under "crypto isakmp client configuration group cisco" F. the reverse-route command under "crypto isakmp client configuration group cisco" Answer: D 12. Refer to the exhibit. Which two statements are true about the configurations shown? (Choose two.) A. The clickable links will have a heading entitled "MYLINKS". B. The home page will have three clickable links on it. C. ACS will be used for remote-user authentication by default. D. This is an example of a clientless configuration. E. Thin client (port forwarding) has been enabled using the url-text command. Answer: BD 13. Which two commands are used to only allow SSH traffic to the router Eth0 interface and deny other management traffic (BEEP, FTP, HTTP, HTTPS, SNMP, Telnet, TFTP) to the router interfaces? (Choose two.) A. interface eth0 B. control-plane host C. policy-map type port-filter policy-name D. service-policy type port-filter input policy-name E. management-interface eth0 allow ssh F. line vty 0 5 transport input ssh Answer: BE 14. Refer to the exhibit. Which optional AAA or RADIUS configuration command is used to support 802.1x guest VLAN functionality? A. aaa authentication dot1x default group radius B. aaa authorization network default group radius C. aaa accounting dot1x default start-stop group radius D. aaa accounting system default start-stop group radius E. radius-server host 10.1.1.1 auth-port 1812 acct-port 1813 Answer: B 15. When configuring FPM, what should be the next step after the PHDFs have been loaded? A. Define a stack of protocol headers. B. Define a traffic policy. Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com
Slide 6: Exam1pass C. Define a service policy. E. Reload the router. F. Save the PHDFs to startup-config. Answer: A Easiest way to pass IT exams D. Define a class map of type "access-control" for classifying packets. Exam1pass Help You Pass Any IT Exam http://www.exam1pass.com

   
Time on Slide Time on Plick
Slides per Visit Slide Views Views by Location