Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Cisco 642-511 Exam - Cheat-Test.com

Free 642-511 Sample Questions:

1.Which of the following are valid authentication options for the Hardware Client? (Choose two)
A.User Authentication
B.Unit Authentication
C.IP Address Authentication
D.Interactive Group Authentication
Answer: A, B

2.What is the default configuration of the Cisco VPN 3002 public interface?
A.DHCP server is enabled
B.DHCP client is enabled
C.static IP address of 192.168.10.1
D.no configuration
Answer: B

3.For network extension RRI, which IP address does the Cisco VPN Concentrator advertise?
A.Cisco VPN Client NIC IP address
B.Cisco VPN 3002 assigned IP address
C.Cisco VPN 3002 public interface IP address
D.Cisco VPN 3002 private interface network address
Answer: D

4.When configuring group attributes in the Cisco VPN Concentrator, which three parameters are configurable group attributes? Choose three.
A.access hours
B.idle timeout
C.connection priority
D.maximum connect time
E.access level
F.TACACS+ server IP address
Answer: A, B, D

5.To troubleshoot SCEP enrollment, the administrator should scrutinize what event class in the event log?
A.IKE
B.IPSec
C.SCEP
D.Cert
Answer: D

6.For the Cisco VPN Concentrator, what are the two types of certificate enrollment? Choose two.
A.file­based enrollment process
B.SCEP
C.PKCS#15 enrollment process
D.automated enrollment process E.out­of­band enrollment process F.certified enrollment process
Answer: A, B

7.For the Cisco VPN Client to interoperate with a PIX Firewall, what is the minimum version of the
PIX Firewall?
A.5.2
B.5.3
C.6.0
D.6.1
Answer: C

8.Which of the following predefined administrators allows the administrator all rights except
SNMP access?
A.User
B.MIS
C.Config
D.ISP
Answer: C

9.In the GUI, what happens if you reboot without saving the configuration changes?
A.configuration changes are lost
B.configuration changes remain
C.system does not allow you to reboot without saving
D.system warns you that the configuration changes will be lost, do you still want to proceed
Answer: A

10.What type of keys does RSA use for encryption and decryption?
A.symmetrical keys
B.asymmetrical keys
C.exponentiation keys
D.elliptical curve keys
Answer: B

11.Which feature enables the Concentrator administrator to centrally define a set of rules for the
Cisco VPN Client firewall?
A.AYT
B.CPP
C.Stateful Firewall
D.CIC Firewall
Answer: B

12.When completing an enrollment request form, which enrollment request field must match a group name configured in the remote Cisco VPN Concentrator?
A.common name
B.organizational unit
C.organization
D.subject alternative name
Answer: B

13.Within the Cisco VPN Concentrator series of products, what is the maximum number of simultaneous sessions supported when doing encryption in hardware?
A.100
B.1500
C.5000
D.10000
Answer: D

14.Which feature will not allow the Cisco VPN Client to connect without a firewall running?
A.AYT
B.Connectionless Firewall
C.Stateful Firewall
D.CIC Firewall
Answer: A

15.Which of the following are valid backup server options? (Choose two)
A.use list configured on Radius Server
B.use list configured on Client
C.use list configured on TACACS+ Server
D.use list configured on Concentrator
Answer: B, D

16.What are three steps in the file­based certificate enrollment process? Choose three.
A.The identity certificate is loaded into the Cisco VPN Concentrator first.
B.The CA generates the root and identity certificates.
C.The root certificate is loaded into the Cisco VPN Concentrator second.
D.The root certificate is loaded into the Cisco VPN Concentrator first.
E.Cisco VPN Concentrator generates a PKCS#7.
F.The Cisco VPN Concentrator generates a PKCS#10.
Answer: B, D, F

17.Which feature allows automatic certificate enrollment with the CA?
A.Mode Configuration
B.SCEP
C.Quick Configuration
D.VRRP E.RRI
Answer: B

18.What is the maximum number of users the Cisco VPN 3002 can support?
A.1
B.8
C.32
D.253
Answer: D

19.In the local network section of the IPSec LAN­to­LAN screen, what IP address is entered in the IP address field?
A.network, subnet, and host IP address of the remote Cisco VPN Concentrator's private interface
B.network and subnet IP address of the remote private LAN
C.network, subnet, and host IP address of the local Cisco VPN Concentrator's private interface
D.network and subnet IP address of the local private LAN
Answer: D

20.What auto­initiation parameters are defined by the AutoInitiationList?
A.a list of auto­initiation related section names within the INI file
B.a list of auto­initiation related section names within the PCF file
C.a list of networks that should be auto­initiated
D.a list of groups that should be auto­initiated
E.a list of users that should be auto­initiated
Answer: A

28.When configuring IPSec client­to­LAN, the Cisco VPN Concentrator and the PC need which two certificates? Choose two.
A.private certificate
B.root certificate
C.CA
D.identity certificate
E.public certificate
F.DSA certificate
Answer: B, D

21.Which client RRI statement is true?
A.host route is deleted when the client RRI is disabled
B.host route is added when the option is enabled
C.host route can be advertised with both OSPF and RIP
D.host route is advertised out the public interface
Answer: C

22.Which of the following are valid authentication options for the Hardware Client? (Choose two)
A.Unit authentication
B.Interactive group authentication
C.Interactive unit authentication
D.MAC address authentication
Answer: A, C

23.What happens if both NAT­T and IPSec over UDP are enabled on the Concentrator and Client?
A.IPSec over UDP takes precedence.
B.NAT­T takes precedence.
C.User chooses which protocol takes precedence.
D.An election occurs between the negotiating peers for which protocol takes precedence.
Answer: B

24.What are the two bandwidth management features available on the VPN Concentrator? Choose two.
A.traffic shaping
B.weighted fair queuing
C.bandwidth policing
D.custom queuing
E.bandwidth shaping
F.bandwidth reservation
Answer: C, F

25.What does the auto­initiate retry timer do?
A.specifies the time (in minutes) to wait before retrying a failed connection
B.specifies the time (in seconds) to wait before retrying a failed connection
C.specifies the number of retries before auto­initiate is suspended
D.specifies the number of retries before auto­initiate Are You There polling commences
Answer: A


© 2014 Cheat-Test.com, All Rights Reserved