Welcome to download the newest Examwind 70-177 VCE dumps: http://www.examwind.com/70-177.html
New VCE and PDF– If you want to pass Cisco 642-825 exam successfully,do not miss to test Cisco latest Cisco 642-825 dumps. All Cisco 642-825 the new questions and answers were timely added, visit Flydumps.com to free download VCE player and PDF files.
QUESTION 100
Refer to the exhibit. Assume that a signature can identify an IP address as the source of an attack. Which action would automatically create an ACL that denies all traffic from an attacking IP address?
A. alarm
B. drop
C. reset
D. denyFlowInline
E. denyAttackerInline
F. deny-connection-inline
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 101
What are three features in the SDM that role-based access provides? (Choose three.)
A. provides configuration wizards for all routing protocols (like RIP, OSPF, EIGRP, BGP, IS-IS)
B. provides to end customers multiservice switching platforms (MSSPs) with a graphical, read-only view of the customer premises equipment (CPE) services
C. provides advanced troubleshooting using debug output analysis
D. provides secure access to the SDM user interface and Telnet interface specific to the profile of each administrator
E. provides logical separation of the router between different router administrators and users
F. provides dynamic update of new IPS signatures for administrator, firewall administrator, easy VPN client, and read-only users
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 102
Refer to the exhibit. Of the numbered items in the exhibit, which combination is required to implement only SSH?
A. 1, 3, 5, 6, 7, and 9
B. 5, 6, and 7 C. 5, 6, 7, and 9
D. 1, 4, 5, and 9
E. 2, 3, 5, and 9
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 103
Which procedure is recommended to protect SNMP from application layer attacks?
A. Configure SNMP with only read-only community strings.
B. Implement RFC 2827 filtering.
C. Use SNMP version 2.
D. Create an access list on the SNMP server.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 104
What actions can be performed by the Cisco IOS IPS when suspicious activity is detected? (Choose four.)
A. send an alarm to a syslog server or a centralized management interface
B. initiate antivirus software to clean the packet
C. drop the packet
D. reset the connection
E. request packet to be resent
F. deny traffic from the source IP address associated with the connection
Correct Answer: ACDF Section: (none) Explanation
Explanation/Reference:
QUESTION 105
Which three configuration steps must be taken to connect a DSL ATM interface to a service provider? (Choose three.)
A. Enable VPDN.
B. Configure PPPoE on the VPDN group.
C. Configure the ATM PVC.
D. Assign a VPDN group name.
E. Configure a dialer interface.
F. Configure the correct PPP encapsulation on the ATM virtual circuit.
Correct Answer: CEF Section: (none) Explanation Explanation/Reference:
QUESTION 106
Which two network attack statements are true? (Choose two.)
A. Access attacks can consist of password attacks, trust exploitation, port redirection, and man-in-the-middle attacks.
B. Access attacks can consist of UDP and TCP SYN flooding, ICMP echo-request floods, and ICMP directed broadcasts.
C. DoS attacks can be reduced through the use of access control configuration, encryption, and RFC 2827 filtering.
D. DoS attacks can consist of IP spoofing and DDoS attacks.
E. IP spoofing can be reduced through the use of policy-based routing.
F. IP spoofing exploits known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 107
How can application layer attacks be mitigated?
A. Install the latest patches.
B. Implement RFC 2827 filtering.
C. Implement traffic rate limiting.
D. Implement Anti-DoS features.
E. Disable port redirection.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 108
Which three statements are true about Cisco Intrusion Detection System (IDS) and Cisco Intrusion Prevention System (IPS) functions? (Choose three.)
A. Only IDS systems provide real-time monitoring that includes packet capture and analysis of network packets.
B. Both IDS and IPS systems provide real-time monitoring that involves packet capture and analysis of network packets.
C. The signatures on the IDS devices are configured manually whereas the signature on the IPS devices are configured automatically.
D. IDS can detect misuse, abuse, and unauthorized access to networked resources but can only respond after an attack is detected.
E. IPS can detect misuse, abuse, and unauthorized access to networked resources and respond before network security can be compromised.
F. IDS can deny malicious traffic from the inside network whereas IPS can deny malicious traffic from outside the network.
Correct Answer: BDE Section: (none)
Explanation
Explanation/Reference:
QUESTION 109
A router interface is configured with an inbound access control list and an inspection rule. How will an inbound packet on this interface be processed?
A. The packet is processed by the inbound ACL. If the packet is dropped by the ACL, it is processed by the inspection rule.
B. The packet is processed by the inbound ACL. If the packet is not dropped by the ACL, it is processed by the inspection rule.
C. The packet is processed by the inspection rule. If the packet matches the inspection rule, the inbound ACL is invoked.
D. The packet is processed by the inspection rule. If the packet does not match the inspection rule, the inbound ACL is invoked.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 110
Refer to the exhibit. Which three statements describe the steps that are required to configure an IPsec site-to-site VPN using a GRE tunnel? (Choose three.)
A. The command access-list 110 permit gre must be configured to specify which traffic will be encrypted.
B. The command access-list 110 permit ip must be configured to specify which hosts can use the tunnel.
C. The tunnel destination 172.17.63.18 command must be configured on the Tunnel0 interface.
D. The tunnel mode gre command must be configured on the Tunnel0 interface.
E. The tunnel source Ethernet1 command must be configured on the Tunnel0 interface.
F. The tunnel source Tunnel0 command must be configured on the Tunnel0 interface.
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 111
If an edge Label Switch Router (LSR) is properly configured, which three combinations are possible? (Choose three.)
A. A received IP packet is forwarded based on the IP destination address and the packet is sent as an IP packet.
B. An IP destination exists in the IP forwarding table. A received labeled packet is dropped because the label is not found in the LFIB table.
C. There is an MPLS label-switched path toward the destination. A received IP packet is dropped because the destination is not found in the IP forwarding table.
D. A received IP packet is forwarded based on the IP destination address and the packet is sent as a labeled packet.
E. A received labeled IP packet is forwarded based upon both the label and the IP address.
F. A received labeled packet is forwarded based on the label. After the label is swapped, the newly labeled packet is sent.
Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 112
What are the four steps, in their correct order, to mitigate a worm attack?
A. contain, inoculate, quarantine, and treat
B. inoculate, contain, quarantine, and treat
C. quarantine, contain, inoculate, and treat
D. preparation, identification, traceback, and postmortem
E. preparation, classification, reaction, and treat
F. identification, inoculation, postmortem, and reaction
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 113
Which statement is correct about Security Device Event Exchange (SDEE) messages?
A. SDEE messages can be viewed in real time using SDM.
B. SDEE messages displayed at the SDM window cannot be filtered.
C. SDEE messages are the SDM version of syslog messages.
D. SDEE specifies the IPS/IDS message exchange format between an IPS/IDS device and IPS the management/monitoring station.
E. For SDEE messages to be viewed, the show ip ips all or show logging commands must be given first.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 114
Which statement is true about the SDM IPS Policies wizard?
A. In order to configure the IPS, the wizard requires that customized signature files be created.
B. The IPS Policies wizard only allows the use of default signatures which cannot be modified.
C. The IPS Policies wizard can be used to modify, delete, or disable signatures that have been deployed on the router.
D. When initially enabling the IPS Policies wizard, SDM automatically checks and downloads updates of default signatures available from CCO (cisco.com).
E. The wizard verifies whether the command is correct but does not verify available router resources before the signatures are deployed to the router.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 115
Refer to the exhibit. What is one of the objectives accomplished by the default startup configuration file created by the SDM?
A. blocks both Telnet and SSH
B. prevents the router from ever being used as an HTTP server
C. encrypts all HTTP traffic to prevent man-in-the-middle attacks
D. enables local logging to support the log monitoring function
E. requires access authentication by a TACACS+ server
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 116
Which two statements are true about the Cisco IOS Firewall set? (Choose two.)
A. It protects against denial of service (DoS) attacks
B. An ACL entry is statically created and added to the existing, permanent ACL.
C. Traffic originating within the router is not inspected.
D. Temporary ACL entries are created and persist for the duration of the communication session.
Correct Answer: AD Section: (none) Explanation Explanation/Reference:
QUESTION 117
What is one benefit of AutoSecure?
A. By default, all passwords are encrypted with level 7 encryption.
B. By default, a password is enabled on all ports.
C. Command line questions are created that automate the configuration of security features.
D. A multiuser logon screen is created with different privileges assigned to each member.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 118
Refer to the exhibit. What are the ramifications of Fail Closed being enabled under Engine Options?
A. The router will drop all packets that arrive on the affected interface.
B. If the IPS engine is unable to scan data, the router will drop all packets.
C. If the IPS detects any malicious traffic, it will cause the affected interface to close any open TCP connections.
D. The IPS engine is enabled to scan data and drop packets depending upon the signature of the flow.
Correct Answer: B Section: (none)
Explanation
Explanation/Reference:
QUESTION 119
Which two statements are true about the configuration of the Cisco IOS Firewall using the SDM? (Choose two.)
A. Cisco IOS Firewall features may be configured by choosing the Additional Tasks wizard.
B. Firewall policies can be viewed from the Home screen of the SDM.
C. To simplify the Firewall configuration task, the SDM provides Basic Firewall, Intermediate Firewall, and Advanced Firewall wizards.
D. The Basic Firewall Configuration wizard applies default access rules to the inside (trusted), outside (untrusted) and DMZ interfaces.
E. The Advanced Firewall Configuration wizard applies access rules to the inside (trusted), outside (untrusted) and DMZ interfaces.
Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 120
Which two statements about the Cisco AutoSecure feature are true? (Choose two.)
A. All passwords entered during the AutoSecure configuration must be a minimum of 8 characters in length.
B. Cisco123 would be a valid password for both the enable password and the enable secret commands.
C. The auto secure command can be used to secure the router login as well as the NTP and SSH protocols.
D. For an interactive full session of AutoSecure, the auto secure login command should be used.
E. If the SSH server was configured, the 1024 bit RSA keys are generated after the auto secure command is enabled.
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 121
Which two statements about worms, viruses, or Trojan horses are true? (Choose two.)
A. A Trojan horse has three components: an enabling vulnerability, a propagation mechanism, and a payload.
B. A Trojan horse virus propagates itself by infecting other programs on the same computer.
C. A virus cannot spread to a new computer without human assistance.
D. A virus has three components: an enabling vulnerability, a propagation mechanism, and a payload.
E. A worm can spread itself automatically from one computer to the next over an unprotected network.
F. A worm is a program that appears desirable but actually contains something harmful.
Correct Answer: CE Section: (none) Explanation Explanation/Reference:
QUESTION 122
Which two statements about the AutoSecure feature are true? (Choose two.)
A. AutoSecure automatically disables the CDP feature.
B. If you enable AutoSecure, the minimum length of the login and enable passwords is set to 6 characters.
C. The auto secure full command automatically configures the management and forwarding planes without any user interaction.
D. To enable AutoSecure, the auto secure global configuration command must be used.
E. Once AutoSecure has been configured, the user can launch the SDM Web interface to perform a security audit.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 123
Refer to the exhibit. What function does the access list serve?
A. It allows TCP traffic from any destination to reach the 16.1.1.0/24 network if the request originated from the Internet.
B. It allows TCP traffic from any destination to reach the 16.1.1.0/24 network if the request originated from the inside network and has a port number greater than 1024.
C. It allows TCP traffic from the 16.1.1.0/24 network to reach any destination if the request originated from the Internet and has a port number less than 1024.
D. It allows TCP traffic from any destination to reach the 16.1.1.0/24 network if the request originated from the inside network.
E. It allows TCP traffic from the 16.1.1.0/24 network to reach any destination if the request originated from the Internet.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cisco 642-825 exam Questions & Answers with explanations is all what you surely want to have before taking Cisco 642-825 exam. Cisco 642-825 exam Interactive Testing Engine is ready to help you to get your Cisco 642-825 exam by saving your time by preparing you quickly for the Cisco exam. If you are worried about getting your Cisco 642-825 exam certification passed and are in search of some best and useful material, Cisco 642-825 Q&A will surely serve you to enhance your Cisco 642-825 study.
Welcome to download the newest Examwind 70-177 VCE dumps: http://www.examwind.com/70-177.html
Cisco 642-825 Practice Exam, Download Latest Cisco 642-825 Exam Guide Covers All Key Points