Cisco 642-541 Exam, Latest Release Cisco 642-541 Demo Download With The Knowledge And Skills

Cisco, VPN and Security Comments Off

New VCE and PDF – You can prepare Cisco 642-541 exam in an easy way with Cisco 642-541 questions and answers.By training our Cisco 642-541 vce dumps with all the latest questions, you can pass the exam in the first attempt.

QUESTION 122
Which IEEE standards are supported by Cisco Aironet 1200 Series access point? Choose three.
A. 802.11a
B. 802.11b
C. 802.11c
D. 802.11g
E. 802.11h
F. 802.11j

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 123
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 124
The ip verify reverse-path command implements which of the following on the PIX Firewall? Choose two.
A. performs a route lookup based on the source address
B. performs a route lookup based on the destination address
C. provides session state information based on destination address
D. provides ingress filtering

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 125
How do you check syslog information to ensure that it has not been altered in transit?
A. packets use CRC to ensure data has not been altered in transit
B. host IDS inspects the packet to ensure time stamps are concurrent
C. the firewall inspects the packet to ensure time stamps are concurrent
D. IPSec inspects the packet to ensure time stamps are concurrent
E. Syslog has no checking to ensure that the packet contents have not been altered in transit

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 126
According to SAFE IPSec VPN, which of these are recommended design guidelines for maintaining high availability? (Select three.)
A. When using VPN routers at the headend, use IKE keepalives for high availability.
B. When using VPN Concentrators or VPN firewalls at the headend, use IKE keepalives for high availability.
C. Regardless of the high-availability mechanism chosen, a headend device should not be deployed in a configuration that results in CPU utilization higher than 50 percent after failure.
D. Regardless of the high-availability mechanism chosen, a headend device should not be deployed in a configuration that results in CPU utilization higher than 75 percent after failure.
E. Cisco recommends running IKE keepalives in combination with routing protocols for resilience to assist in keeping the state current.
F. Cisco does not recommend running IKE keepalives in combination with routing protocols for resilience to assist in keeping the state current.

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 127
Which is a component of Cisco security solutions?
A. secure connectivity
B. secure solution
C. secure availability
D. secure productivity

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 128
Which statements define exponential backoff technique? (Select two.)
A. helps mitigate CAM table overflow attacks
B. deployed for BGP and OSPF protocols
C. determines the validity of an ARP packet
D. deployed for OSPF and IS-IS protocols
E. allows network to react quickly to topology changes
F. reduces the change rate in the Internet’s routing tables

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 129
According to SAFE, what is the expected behavior in a medium, single-site campus module sensor?
A. Review and tune as necessary the signatures specific to vulnerabilities in Web, DNS, FTP, and mail servers.
B. Generally, automatic blocking on this sensor should be avoided.
C. The number of alarms that these sensors generate is very high
D. This sensor detects and analyzes attacks originating from within the campus network as well as those that get through the WAN module.
E. The traffic that this sensor sees is not dependent upon the corporate security policy.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 130
According to SAFE, which statement is true about IPSec tunneling protocols?
A. L2TP supports data encryption and packet integrity.
B. GRE is better suited for site-to-site VPNs.
C. IPSec standard supports IP unicast and multicast traffic
D. GRE supports data encryption and packet integrity.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 131
How many options exist for remote user connectivity in the SAFE SMR remote user network?
A. 1
B. 2
C. 3
D. 4
E. 5

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 132
Which is a key server found in SAFE Enterprise network design edge corporate internet module?
A. database server
B. application server
C. URL filtering server
D. proxy server

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 133
What are the SAFE guidelines when routing information is exchanged with an outside routing domain? (Select two.)
A. Use exterior gateway protocols only
B. Use exterior gateway protocols that operate between routing domains and do not allow administrators to build and act on policies.
C. Use exterior gateway protocols because they allow administrators to build and act on policies rather than just on reachability information.
D. Use exterior gateway protocols or static routes.
E. Make certain that your outside peer advertises your routes to other peers for maximum reachability.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 134
What is the primary function of the firewall in the SAFE SMR midsize network design corporate Internet module?
A. provide connectivity to the Internet or ISP network
B. provide connectivity to the campus module
C. provide connectivity to the WAN module
D. provide connectivity to the LAN module
E. provide the demarcation point between the ISP and the midsize network
F. provide connection state enforcement and detailed filtering for sessions initiated through the firewall

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 135
What can mitigate the chance of a department accessing confidential information on another department’s server through the use of access control in the SAFE SMR midsize network design midsize network campus module?
A. Layer 2 switch
B. Layer 3 switch
C. general Layer 4 through 7 analysis
D. general Layer 1 through 3 analysis

Correct Answer: B Section: (none) Explanation
Explanation/Reference:

Cisco 642-541 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of Cisco 642-541 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification.

Author

Back to Top