642-541 Exam

Quality and Value for the 642-541 Exam

Test4pass Practice Exams for Cisco 642-541 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.

100% Guarantee to Pass Your 642-541 Exam

If you prepare for the exam using our Test4pass testing engine, we guarantee your success in the first attempt. If you do not pass the VPN and Security 642-541 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.

Cisco 642-541 Downloadable, Printable Exams (in PDF format)

Our Exam 642-541 Preparation Material provides you everything you will need to take your 642-541 Exam. The 642-541 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.

642-541 Downloadable, Interactive Testing engines

We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Cisco 642-541 Exam will provide you with free 642-541 dumps questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 642-541 Exam:100% Guarantee to Pass Your VPN and Security exam and get your VPN and Security Certification.

Hot KeyWords On 642-541 test

We collect some hot keywords about this exam:
Test4pass , Pass 4 Sure , Test in Side ,Pass Guide ,Test King 642-541 exam | 642-541 pdf exam | 642-541 braindumps | 642-541 study guides | 642-541 trainning materials | 642-541 simulations | 642-541 testing engine | 642-541 vce | 642-541 torrent | 642-541 dumps | free download 642-541 | 642-541 practice exam | 642-541 preparation files | 642-541 questions | 642-541 answers.

How to pass your 642-541 exam

You can search on Search Engine and Find Best IT Certification site: Test4pass.com - Find the Method to succeed 642-541 test,The safer.easier way to get VPN and Security Certification .

��
��
Exam : Cisco 642-541
Title : VPN and Security Cisco SAFE Implementation Exam (CSI)


1. Which model is recommended for an IDS with at least 100 Mbps performance?
A. 4210
B. 4220
C. 4250
D. 4260
Answer: C

2. In which module does the firewall exist in the SAFE SMR small network design?
A. Internet
B. campus
C. corporate Internet
D. edge
Answer: C

3. Which is a key server found in SAFE Enterprise network design edge corporate internet module?
A. database server
B. application server
C. URL filtering server
D. proxy server
Answer: C

4. What is an assumption of SAFE SMR?
A. implementing SAFE SMR guarantees a secure environment
B. the security policy is already in place
C. network contains only Cisco devices
D. SAFE SMR does not assume application and OS security
Answer: B

5. Which two devices in the SAFE SMR small network campus module should have HIDS installed? Choose two.
A. Layer 2 switches
B. firewalls
C. management hosts
D. desktop workstations
E. corporate servers
F. lab workstations
Answer: CE

6. What is the NIDS primary function in the SAFE SMR midsize network design corporate Internet module?
A. provide connectivity to the campus module
B. provide connectivity to the WAN module
C. provide connectivity to the LAN module
D. provides detection of attacks on ports that the firewall is configured to permit
E. provide the demarcation point between the ISP and the medium network
F. provide connection state enforcement and detailed filtering for sessions initiated through the firewall
Answer: D

7. Why are all providers of Internet connectivity urged to implement the filtering described in RFC 2827?
A. to prohibit attackers from using source addresses that reside within a range of legitimately advertised prefixes
B. to prohibit attackers from using forged source addresses that do not reside within a range of legitimately advertised prefixes
C. to filter Java applications that come from a source that is not trusted
D. to stop internal users from reaching web sites that violate the established security policy
Answer: B

8. What is the purpose of BGP TTL Security Hash (BTSH)?
A. encrypts private network data when it is being passed through a public network
B. prevents attacker from creating a routing black hole
C. helps to prevent information overload from causing a network to melt
D. prevents attackers from disrupting peering sessions between routers
E. reduces the change rate in the Internet's routing tables
Answer: D

9. In the SAFE SMR midsize network design, which module does dial-in traffic terminate?
A. campus module
B. WAN module
C. ISP edge module
D. corporate Internet module
E. PSTN module
F. frame/ATM module
Answer: D

10. Which type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
A. network reconnaissance
B. application layer
C. man-in-the-middle
D. trust exploitation
Answer: B

11. Which routing protocol does not support the use of MD5 authentication?
A. BGP
B. IGRP
C. EIGRP
D. OSPF
E. IS-IS
Answer: C

12. The VPN acceleration module (VAM) is available on what series of VPN optimized routers? Choose two.
A. 1700 Series
B. 2600 Series
C. 3600 Series
D. 7100 Series
E. 7200 Series
Answer: DE

13. What are two characteristics of a packet sniffer designed for attack purposes? Choose two.
A. captures first 300 to 400 bytes
B. typically captures login sessions
C. captures the last 300 to 400 bytes
D. deciphers encrypted passwords
E. unable to capture UDP packets
Answer: AB

14. Which two general IP spoofing techniques does a hacker use? Choose two.
A. an IP address within the range of trusted IP addresses
B. an unknown IP address which cannot be traced
C. an RFC 1918 address
D. an authorized external IP address that is trusted
Answer: AD