Cisco 642-591 Preparation Materials, 100% Real Cisco 642-591 Dumps With New Discount

Cisco, others Comments Off

Flydumps provides the guaranteed preparation material to boost up your confidence in Cisco 642-591 exam. Successful candidates have provided their reviews about our guaranteed Cisco 642-591 preparation material,you can come to realize the real worth of our featured products through overviewing the reviews and testimonials.

QUESTION 62
When the Cisco NAS is configured for Windows Active Directory SSO to which component in a Cisco NAC Appliance solution does the client make a request for a Kerberos Service ticket?
A. Microsoft Windows Active Directory Server
B. Cisco NAM
C. Cisco NAS
D. Cisco NAA

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 63
A college network administrator wants to restrict access to specific; targeted subnets by role such as student, administration, faculty and guest roles. How would this be accomplished using the Cisco NAM?
A. Define a bandwidth policy for each role that specifies the target subnets
B. Define extended Access-Control-list templates and apply each template to a specific user role
C. Define a host-based traffic control policy for each role that specifies the target subnets
D. Define an IP-Based traffic Control Policy for each role that specifies the target subnets

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 64
What is an exempt device?
A. A device that does not require posture assessment each time it logs in to the network
B. A device that does not have to go through certification while its MAC address remains on the certified list
C. A multiuser device that is configured as a floating device so that recertification is not required at each login
D. A single or multiuser device that is only recertified when another user of the device logs out and accesses the network

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which Cisco NAS Appliance out-of-band solution statement is correct?
A. The switchport access and authentication VLAN information is sent to the Access switch from the Cisco NAM
B. As a laptop device accesses the Cisco NAC Appliance network, the access switch sends the device MAC address to the Cisco NAS
C. Access switch to Cisco NAM configuration and status change messages are communicated via a proprietary protocol
D. All Client traffic flows through the CAS while access switch VLAN management is performed out of band

Correct Answer: A Section: (none) Explanation Explanation/Reference:
QUESTION 66
The NAS is configured to autogenerate an IP Address pool of 30 subnets with a netmask of /30, beginning at address 192.168.10.0. Which IP Address is leased to the end-user host on the second subnet?
A. 192.168.10.6
B. 192.168.10.5
C. 192.168.10.4
D. 192.168.10.7

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 67
Which Cisco NAC appliance out-of-band solution statement is correct?
A. Access switch to Cisco NAM configuration and status change messages are communicated via a proprietary protocol
B. The Swichport Access and authentication VLAN information is sent to the access switch from the Cisco NAM
C. As a laptop device accesses the Cisco NAC Appliance network, the access switch sends the device MAC address to the Cisco NAS
D. All client traffic flows through the CAS while access switch VLAN management is performed out of band

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 68
When trying to restrict a guest role to a specific library server using a specific protocol, such as HTTP, the administrator would create which type of policy?
A. Application-based Access Policy
B. IP-Based Traffic Control Policy
C. Role-Based Access Policy
D. Host-Based Control Policy
E. Host-Based Traffic Policy

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Exhibit: Your work as an network engineer at Certkiller .com. Please study the exhibit carefully. From a Drop-Down menu, profiles are applied to each managed port. Before a profile can be applied, where are the client access and authentication VLAN profile parameters to configured?

A. Controlled VLAN profile
B. Access Control profile
C. Switch Profile
D. VLAN Mapping Profile
E. Port Profile

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 70
A college network administrator wants to restrict access to specific; targeted subnets by role such as student, administration, faculty and guest roles. How would this be accomplished using the Cisco NAM?
A. Define a bandwidth policy for each role that specifies the target subnets
B. Define extended Access-Control-list templates and apply each template to a specific user role
C. Define a host-based traffic control policy for each role that specifies the target subnets
D. Define an IP-Based traffic Control Policy for each role that specifies the target subnets

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 71
SIMULATION
Network topology exhibit:
Cisco Clean Access Manager Exhibit:

You work as a network engineer at Certkiller .com. Please study the topology exhibit carefully. Also examine the Cisco Clean Access Manager Exhibit. Certkiller .com has implemented a Cisco NAC Appliance solution. The internal server Certkiller C has been set up to provide HTTP and HTTPS services only. These services are only available for Certkiller .com internal users. Your boss, Mrs. Certkiller, has asked you to provide the following configuration tasks:
*
define a NAC Appliance IP-based traffic policy for the “Temporary Role”

*
configure the policy so that it is able to access this remediation server over HTTP and HTTPS for clients on the 10.158.10.0, 255.255.255.0 subhet.

*
after the configuration has been completed you must be able to launch the link to access the remediation server from the Certkiller B client computer.

A.

B.

C.

D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation:
1.) Select “User Roles”
2.) At “Temporary Role” klick “Add Policy”
3.) Enter the Following Values:
Priority: 1
Action: Allow
State: Enabled
Category: IP
Protocol: TCP / 6 ( see
http://www.iana.org/assignments/protocol-numbers/ ) Untrusted: 10.158.10.0 / 255.255.255.0 / *
Trusted: 172.162.7.100 / 255.255.255.255 / 80,443 Klick “Add Policy”

QUESTION 72
You are implementing switch management in a Cisco NAM for out-of-band deployment. Once communication between the switch and the Cisco NAM has been verified, what is configured next?
A. Configure the Switches to use the appropriate SNMP settings
B. Configure group, switch and port profiles on the Cisco NAM
C. Add the switches that you want to control to the Cisco NAM domain
D. Configure the Cisco NAM SNMP receiver settings

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 73
A CA-signed certificate is returned from the CA authority and the private key on which the CA certificate is based no longer matches the one in the Cisco NAS. What should the administrator do?
A. Regenerate the certificates based on the FQDN rather than using the service ip address of the NAM
B. Import the single root CA or intermediate CA to .chain.crt in the admin console
C. Edit the Certificate files directly in the file system
D. Reimport the old private key and then install the CA-signed certificate

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 74
Where is a local user validated?
A. At the authentication Server
B. At the Cisco NAA
C. At the Cisco NAS
D. At the Cisco NAM

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 75
Which Cisco NAS Appliance out-of-band solution statement is correct?
A. The switchport access and authentication VLAN information is sent to the Access switch from the Cisco NAM
B. As a laptop device accesses the Cisco NAC Appliance network, the access switch sends the device MAC address to the Cisco NAS
C. Access switch to Cisco NAM configuration and status change messages are communicated via a proprietary protocol
D. All Client traffic flows through the CAS while access switch VLAN management is performed out of band

Correct Answer: A Section: (none) Explanation
Explanation/Reference:

Ensure that you are provided with only the best and most updated Cisco 642-591 Certification training materials, we also want you to be able to access Cisco 642-591 easily, whenever you want.We provide all our Cisco 642-591 Certification exam training material in PDF format, which is a very common format found in all computers and gadgets. Now we add the latest Cisco 642-591 content and to print and share content.

Author

Back to Top