Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Cisco 642-502 Exam - Cheat-Test.com

Free 642-502 Sample Questions:

1.Two abcdInchosts need to securely pass data between them. Which ESP mode is used to provide end-to-end protection of message payload between two hosts?
A. Transport mode
B. Encrypted mode
C. ESP mode
D. Tunnel mode
E. None of the above
Answer: A

2.Select the maximum number of routers SDM can manage simultaneously?
A.1
B.5
C.50
D.100
E.1000
F.determined by router model
Answer: A

3.Which three thresholds does CBAC on the Cisco IOS Firewall provide against DoS attacks? Choose three.
A.number of half­open sessions based upon time
B.total number of half­open TCP or UDP sessions
C.number of fully open sessions based upon time
D.number of half­open TCP­only sessions per host
E.total number of fully open TCP or UDP sessions
F.number of fully open TCP­only sessions per host
Answer: A, B, D

4.Select the two protocols used to provide secure communications between SDM and the target router. (Choose two.)
A.HTTPS
B.RCP
C.Telnet
D.SSH
E.HTTP
F.AES
Answer: A, D

5.Which one of the following actions is used to send SDM generated commands to the target router?
A.Refresh
B.Save
C.Deliver
D.Download
E.Copy­config
Answer: C

6.Where are access profiles stored with the authentication proxy features of the Cisco IOS Firewall?
A.PIX Firewall
B.Cisco router
C.Cisco VPN Concentrator
D.Cisco Secure ACS authentication server
Answer: D

7.Choose the correct command to allow IKE to establish the IPSec security associations.
A.crypto map 10 isakmp
B.crypto map 10 manual
C.crypto map MYMAP ipsec­isakmp
D.crypto map MYMAP ipsec­manual
E.crypto map MYMAP 10 ipsec­isakmp
F.crypto map MYMAP 10 ipsec­manual
Answer: E

8.Choose the correct command to generate two RSA key pairs for use with certificate authority.
A.key generate rsa general­keys
B.key generate rsa usage­keys
C.crypto key generate rsa general­keys
D.crypto key generate rsa usage­keys
E.enable crypto key generate rsa general­keys
F.enable crypto key generate rsa usage­keys
Answer: D

9.Which command is required to specify the authorization protocol for authentication proxy?
A.auth­proxy group tacacs+
B.aaa auth­proxy default group tacacs+
C.authorization auth­proxy default group tacacs+
D.aaa authorization auth­proxy default group tacacs+
E.aaa authorization auth­proxy group tacacs+
F.aaa authorization auth­proxy default group
Answer: D

10.Which Cisco Catalyst IOS command can be used to mitigate a CAM table overflow attack?
A.switch(config­if)# port­security maximum 1
B.switch(config)# switchport port­security
C.switch(config­if)# port­security
D.switch(config­if)# switchport port­security maximum 1
E.switch(config­if)# switchport access
F.switch(config­if)# access maximum 1
Answer: D

11.An authentication attempt to a Cisco Secure ACS for Windows server failed, yet no log entries are in the reports. What are two possible causes of this problem? (Choose two.)
A.user is not defined
B.user belongs to the wrong group
C.CSAUTH service is down on the Cisco Secure ACS server
D.XXYYinc.comword has expired
E.user entered an incorrect password
F.communication path between the NAS and Cisco Secure ACS server is down
Answer: C, F

12.What are three main components of the Cisco IOS Firewall feature set? (Choose three.)
A.Context­based Access Control
B.port security
C.authentication proxy
D.authentication, authorization, and accounting
E.Intrusion Prevention System
F.neighbor router authentication
Answer: A, C, E

13.The SDF uses which type of file format, with a definition of each signature along with relevant configurable actions?
A.ASCII
B.HTML
C.JPEG
D.Word
E.text
F.XML
Answer: F

14.Which two are typical Layer 2 attacks? (Choose two.)
A.MAC spoofing
B.CAM table overflow
C.route poisoning
D.DHCP Starvation
E.ARP Starvation
F.spam
Answer: A, B

15.What kind of signatures trigger on a single packet? (Choose one.)
A.regenerative
B.cyclical
C.atomic
D.dynamic
E.compound
Answer: C

16.What does authentication proxy on the Cisco IOS Firewall do?
A.creates specific authorization policies for each user with Cisco Secure ACS, dynamic, per­user security and authorization
B.provides additional visibility at intranet, extranet, and Internet perimeters
C.creates specific security policies for each user with Cisco Secure ACS, dynamic, per­user
authentication and authorization
D.provides secure, per­application access control across network perimeters
Answer: C


© 2014 Cheat-Test.com, All Rights Reserved