Exam Number/Code: 642-825
Exam Name:Implementing Secure Converged Wide Area Networks
Questions and Answers: 134 Q&As
Price: $ 69.00
Update Time: 2009-10-22
Download PDF Demo : 642-825 demo
>> Home > Cisco > CCNP >642-825
Cisco Certified Network Associate : 642-825 Exam
Exam Number/Code: 642-825
Exam Name:Implementing Secure Converged Wide Area Networks
Questions and Answers: 134 Q&As
Price: $ 69.00
Update Time: 2009-10-22
Download PDF Demo : 642-825 demo
It is well known that 642-825 exam test is the hot exam of Cisco certification. TestInside offer you all the Q&A of the 642-825 real test . It is the examination of the perfect combination and it will help you pass 642-825 exam at the first time!
TestInside 642-825 Exam Features
 
 
Exam : Cisco 642-825
Title : Implementing Secure Converged Wide Area Networks
1. What three features does Cisco Security Device Manager (SDM) offer? (Choose three.)
A. smart wizards and advanced configuration support for NAC policy features
B. single-step mitigation of Distributed Denial of Service (DDoS) attacks
C. one-step router lockdown
D. security auditing capability based upon CERT recommendations
E. multi-layered defense against social engineering
F. single-step deployment of basic and advanced policy settings
Answer: ACF
2. What are the two main features of Cisco IOS Firewall? (Choose two.)
A. TACACS+
B. AAA
C. Cisco Secure Access Control Server
D. Intrusion Prevention System
E. Authentication Proxy
Answer: DE
3. Refer to the exhibit. Which two statements about the AAA configuration are true? (Choose two.)
A. A good security practice is to have the none parameter configured as the final method used to ensure that no other authentication method will be used.
B. If a TACACS+ server is not available, then a user connecting via the console port would not be able to gain access since no other authentication method has been defined.
C. If a TACACS+ server is not available, then the user Bob could be able to enter privileged mode as long as the proper enable password is entered.
D. The aaa new-model command forces the router to override every other authentication method previously configured for the router lines.
E. To increase security, group radius should be used instead of group tacacs+.
F. Two authentication options are prescribed by the displayed aaa authentication command.
Answer: DF
4. Which three statements are correct about MPLS-based VPNs? (Choose three.)
A. Route Targets (RTs) are attributes attached to a VPNv4 BGP route to indicate its VPN membership.
B. Scalability becomes challenging for a very large, fully meshed deployment.
C. Authentication is done using a digital certificate or pre-shared key.
D. A VPN client is required for client-initiated deployments.
E. A VPN client is not required for users to interact with the network.
F. An MPLS-based VPN is highly scalable because no site-to-site peering is required.
Answer: AEF
5. What are two principles to follow when configuring ACLs with IOS Firewall? (Choose two.)
A. Prevent traffic that will be inspected by IOS Firewall from leaving the network through the firewall.
B. Configure extended ACLs to prevent IOS Firewall return traffic from entering the network through the firewall.
C. Configure an ACL to deny traffic from the protected networks to the unprotected networks.
D. Permit broadcast messages with a source address of 255.255.255.255.
E. Allow traffic that will be inspected by IOS Firewall to leave the network through the firewall.
Answer: BE
6. Which three MPLS statements are true? (Choose three.)
A. Cisco Express Forwarding (CEF) must be enabled as a prerequisite to running MPLS on a Cisco router.
B. Frame-mode MPLS inserts a 32-bit label between the Layer 3 and Layer 4 headers.
C. MPLS is designed for use with frame-based Layer 2 encapsulation protocols such as Frame Relay, but is not supported by ATM because of ATM fixed-length cells.
D. OSPF, EIGRP, IS-IS, RIP, and BGP can be used in the control plane.
E. The control plane is responsible for forwarding packets.
F. The two major components of MPLS include the control plane and the data plane.
Answer: ADF
7. Which statement is true about an IPsec/GRE tunnel?
A. The GRE tunnel source and destination addresses are specified within the IPsec transform set.
B. An IPsec/GRE tunnel must use IPsec tunnel mode.
C. GRE encapsulation occurs before the IPsec encryption process.
D. Crypto map ACL is not needed to match which traffic will be protected.
Answer: C
8. Which two statements about common network attacks are true? (Choose two.)
A. Access attacks can consist of password attacks, trust exploitation, port redirection, and man-in-the-middle attacks.
B. Access attacks can consist of password attacks, ping sweeps, port scans, and man-in-the-middle attacks.
C. Access attacks can consist of packet sniffers, ping sweeps, port scans, and man-in-the-middle attacks.
D. Reconnaissance attacks can consist of password attacks, trust exploitation, port redirection and Internet information queries.
E. Reconnaissance attacks can consist of packet sniffers, port scans, ping sweeps, and Internet information queries.
F. Reconnaissance attacks can consist of ping sweeps, port scans, man-in-middle attacks and Internet information queries.
Answer: AE
+ Quality and Value for the 642-825 Exam
TestInside Practice Exams for Cisco 642-825 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.
+ 100% Guarantee to Pass Your 642-825 Exam
If you prepare for the exam using our TestInside testing engine, we guarantee your success in the first attempt. If you do not pass the CCNP 642-825 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.
+ Cisco 642-825 Downloadable, Printable Exams (in PDF format)
Our Exam 642-825 Preparation Material provides you everything you will need to take your 642-825 Exam. The 642-825 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.
+ 642-825 Downloadable, Interactive Testing engines
We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Cisco 642-825 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 642-825 Exam:100% Guarantee to Pass Your CCNP exam and get your CCNP Certification.
http://www.CertInside.com The safer.easier way to get CCNP Certification.
Cisco News
Popular Cisco Exams
- 646-976
- 642-181
- 642-971
- 350-040
- 642-453
- 642-845
- 646-230
- 642-515
- 642-524
- 642-533
- 642-973
- 650-393
- 642-426
- 642-456
- 642-892
- 642-975
- 650-621
- 642-072
- 642-901
- 640-553
- 642-436
- 350-030
- 642-504
- 642-446
- 350-001
- 640-721
- 642-611
- 640-460
- 642-642
- 646-204
- 646-223
- 640-822
- 642-566
- 642-105
- 642-452
- 350-018
- 640-801
- 642-481
- 646-588
- 640-863
- 642-974
- 646-228
- 642-383
