640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 161-170

By on July 27, 2015
Ensurepass="cursor: auto; margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left">      QUESTION 161 Which option describes the purpose of Diffie-Hellman?   A. used between the initiator and the responder to establish a basic security policy B. used to verify the identity of the peer C. used for asymmetric public key encryption D. used to establish a symmetric shared key via a public key exchange process   Correct Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 151-160

By on
Ensurepass  QUESTION 151 Which type of intrusion prevention technology is the primary type used by the Cisco IPS security appliances?   A. profile-based B. rule-based C. protocol analysis-based D. signature-based E. NetFlow anomaly-based   Correct Answer: D Explanation: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/gt_fwids.html   The Signature Definition File A Signature Definition file (SDF) has definitions for each signature it contains. After Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 131-140

By on
Ensurepass  QUESTION 131 Which type of NAT is used where you translate multiple internal IP addresses to a single global, routable IP address?   A. policy NAT B. dynamic PAT C. static NAT D. dynamic NAT E. policy PAT   Correct Answer: B Explanation: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/nat_dynamic.html   Task Flow for Configuring Dynamic NAT and PAT Use the following guidelines to configure either Dynamic NAT or PAT: First configure Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 121-130

By on
Ensurepasshttp://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/sec-zone-pol-fw.html   Zone Pairs A zone pair allows you to specify a unidirectional firewall policy between two security zones. To define a zone pair, use the zone-pair security command. The direction of the traffic is specified by source and destination zones. The source and destination zones of a zone pair must be security zones.   You can select the default or self zone as either the source or the Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 111-120

By on
Ensurepass  QUESTION 111 Which Layer 2 protocol provides loop resolution by managing the physical paths to given network segments?   A. root guard B. port fast C. HSRP D. STP   Correct Answer: D Explanation: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_configuration_example09186a008009467c.shtml   Introduction Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 101-110

By on
Ensurepass    QUESTION 101 Which statement describes a best practice when configuring trunking on a switch port?   A. Disable double tagging by enabling DTP on the trunk port. B. Enable encryption on the trunk port. C. Enable authentication and encryption on the trunk port. D. Limit the allowed VLAN(s) on the trunk to the native VLAN only. E. Configure an unused VLAN as the native VLAN.   Correct Answer: E Explanation: http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 91-100

By on
Ensurepass  QUESTION 91 Which two considerations about secure network management are important? (Choose two.)   A. log tampering B. encryption algorithm strength C. accurate time stamping D. off-site storage E. Use RADIUS for router commands authorization. F. Do not use a loopback interface for device management access.   Correct Answer: AC Explanation: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/best/practices/recommend ations.html   Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 81-90

By on
Ensurepass  QUESTION 81 Refer to the exhibit and partial configuration. Which statement is true?     A. All traffic destined for network 172.16.150.0 will be denied due to the implicit deny all. B. All traffic from network 10.0.0.0 will be permitted. C. Access-list 101 will prevent address spoofing from interface E0. D. This is a misconfigured ACL resulting in traffic not being allowed into the router in interface S0. E. This ACL will prevent any host on the Internet Read more [...]

Continue Reading

640-554 Real Tests (July)

Download New Updated (July) Cisco 640-554 Actual Test 71-80

By on
Ensurepass A. standard B. extended C. named D. IPv4 for 100 to 199 and IPv6 for 2000 to 2699   Correct Answer: B Explanation: http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/swacl.html   ACL Numbers The number you use to denote your ACL shows the type of access list that you are creating. Table 23-2 lists the access list number and corresponding type and shows whether or not they are supported by the switch. The Catalyst Read more [...]

Continue Reading