Cisco 640-553 Exam Q&As, Useful Cisco 640-553 Questions And Answers Latest Version PDF&VCE

Attention Please:Professional new version Cisco 640-553 PDF and VCE dumps can now free download on Flydumps.com,all are updated timely by our experts covering all Cisco 640-553 new questions and questions.100 percent pass your exam.

QUESTION 50
Which three items are Cisco best-practice recommendations for securing a network? (Choose three.)
A. Deploy HIPS software on all end-user workstations.
B. Routinely apply patches to operating systems and applications.
C. Disable unneeded services and ports on hosts.
D. Require strong passwords, and enable password expiration.

Correct Answer: BCD QUESTION 51
Which key method is used to detect and prevent attacks by use of IDS and/or IPS technologies?
A. Signature-based detection
B. Anomaly-based detection
C. Honey pot detection
D. Policy-based detection

Correct Answer: A QUESTION 52
Based on the following items, which two types of interfaces are found on all network-based IPS sensors? (Choose two.)
A. Loopback interface
B. Monitoring interface
C. Command and control interface
D. Management interface

Correct Answer: BC
QUESTION 53
With which three tasks does the IPS Policies Wizard help you? (Choose three.)
A. Selecting the interface to which the IPS rule will be applied
B. Selecting the direction of traffic that will be inspected
C. Selecting the inspection policy that will be applied to the interface
D. Selecting the Signature Definition File (SDF) that the router will use
Correct Answer: ABD
QUESTION 54
Examine the following options ,when editing global IPS settings, which one determines if the IOS-based IPS feature will drop or permit traffic for a particular IPS signature engine while a new signature for that engine is being compiled?
A. Enable Engine Fail Closed
B. Enable Fail Opened
C. Enable Signature Default
D. Enable Default IOS Signature
Correct Answer: A

QUESTION 55
Regarding constructing a good encryption algorithm, what does creating an avalanche effect indicate?
A. Changing only a few bits of a plain-text message causes the ciphertext to be completely different.
B. Changing only a few bits of a ciphertext message causes the plain text to be completely different.
C. Altering the key length causes the plain text to be completely different.
D. Altering the key length causes the ciphertext to be completely different.
Correct Answer: A
QUESTION 56
With the increasing development of network, various network attacks appear. Which statement best describes the relationships between the attack method and the result?

A. Ping Sweep – TIS1 and TIS3 Port Scan – TIS2, TIS4 and TIS5
B. Ping Sweep – TIS2 and TIS4 Port Scan – TIS1, TIS3 and TIS5
C. Ping Sweep – TIS1 and TIS5 Port Scan – TIS2, TIS3 and TIS4
D. Ping Sweep – TIS2 and TIS3 Port Scan – TIS1, TIS4 and TIS5
Correct Answer: B QUESTION 57
Stream ciphers run on which of the following?
A. Individual blocks, one at a time, with the transformations varying during the encryption
B. Individual digits, one at a time, with the transformations varying during the encryption
C. Fixed-length groups of digits called blocks
D. Fixed-length groups of bits called blocks

Correct Answer: B QUESTION 58
Which description is true about ECB mode?
A. ECB mode uses the same 64-bit key to serially encrypt each 56-bit plain-text block.
B. In ECB mode, each 56-bit plain-text block is exclusive ORed (XORed) bitwise with the previous ciphertext block.
C. ECB mode uses the same 56-bit key to serially encrypt each 64-bit plain-text block.
D. In ECB mode, each 64-bit plain-text block is exclusive ORed (XORed) bitwise with the previous ciphertext block.

Correct Answer: C QUESTION 59
In a brute-force attack, what percentage of the keyspace must an attacker generally search through until he or she finds the key that decrypts the data?
A. Roughly 66 percent
B. Roughly 10 percent
C. Roughly 75 percent
D. Roughly 50 percent

Correct Answer: D QUESTION 60
Which example is of a function intended for cryptographic hashing?
A. SHA-135
B. MD65
C. XR12
D. MD5

Correct Answer: D QUESTION 61
Which one of the following items may be added to a password stored in MD5 to make it more secure?
A. Rainbow table
B. Cryptotext
C. Ciphertext
D. Salt

Correct Answer: D QUESTION 62
The information of Cisco Router and Security Device Manager(SDM) is shown below:

Which poicy map is associated to the “adm-zp-in-out” security zone pair?
A. sdm-permit-icmpreply
B. adm-permit
C. sdm-inspect
D. sdm-insp-traffic
Correct Answer: B Exam C QUESTION 1

HOTSPOT

A.
B.
C.
D.

Correct Answer:
QUESTION 2
CORRECT TEXT
input answer here:
A.
B.
C.
D.
Correct Answer: QUESTION 3
CORRECT TEXT input answer here:
A.
B.
C.
D.
Correct Answer: QUESTION 4
HOTSPOT

A.
B.
C.
D.

Correct Answer:
QUESTION 5
HOTSPOT A.

B.
C.
D.
Correct Answer:
QUESTION 6
CORRECT TEXT
input answer here:
A.
B.
C.
D.
Correct Answer: QUESTION 7
HOTSPOT

A.
B.
C.
D.

Correct Answer:
QUESTION 8
HOTSPOT A.

B.
C.
D.
Correct Answer: QUESTION 9
HOTSPOT ..

ActualTests.com
A.
B.
C.
D.

Correct Answer: QUESTION 10
CORRECT TEXT LAB

A.
B.
C.
D.

Correct Answer: QUESTION 11
HOTSPOT ..

A.
B.
C.
D.
Correct Answer:
QUESTION 12
CORRECT TEXT
input answer here:
A.
B.
C.
D.
Correct Answer: QUESTION 13
Drag three proper statements about the IPsec protocol on the above to the list on the below.

A.
B.
C.
D.

Correct Answer:
QUESTION 14
LAB Click here to input the answer. Switch1>enable Switch1#config t Switch1(config)#interface fa0/12 Switch1(config-if)#switchport mode access Switch1(config-if)#switchport port-security maximum 2 Switch1(config-if)#switchport port-security violation shutdown Switch1(config-if)#no shut Switch1(config-if)#end Switch1#copy run start
A.
B.
C.
D.
Correct Answer:
QUESTION 15

A.
B.
C.
D.
Correct Answer:
QUESTION 16

A.
B.
C.
D.
Correct Answer:
QUESTION 17

A.
B.
C.
D.
Correct Answer:
QUESTION 18
A.
B.
C.
D.
Correct Answer:
QUESTION 19
On the basis of the description of SSL-based VPN, place the correct descriptions in the proper locations.

A.
B.
C.
D.
Correct Answer:
QUESTION 20
Which three common examples are of AAA implementation on Cisco routers? Please place the correct descriptions in the proper locations.

A.
B.
C.
D.
Correct Answer:
QUESTION 21
Drag two characteristics of the SDM Security Audit wizard on the above to the list on the below.

A.
B.
C.
D.
Correct Answer:
QUESTION 22
On the basis of the Cisco IOS Zone-Based Policy Firewall, by default, which three types of traffic are
permitted by the router when some interfaces of the routers are assigned to a zone?
Drag three proper characterizations on the above to the list on the below.
A.
B.
C.
D.
Correct Answer:

Flydumps is ready to provide Cisco 640-553 candidates with Cisco 640-553 training materials which can be very much helpful for getting Cisco 640-553 certification, which means that candidates.Cisco 640-553 can easily get access to the services of Cisco 640-553 for practice exam,which will assure them 100% Cisco 640-553 success rate.Though Cisco 640-553 tests are not easy at all, but they do not make Cisco 640-553 things complicated.