web analytics
  • RSS

  • Polls

    What Cisco Cert Are You Currently Studying?

    View Results

    Loading ... Loading ...
  • Search on CiscoBibles

  • Popular Posts

  • Recent Comments

  • Archives

  • « | Main | »

    [New Exam Dumps] PassLeader Supply Free Real 640-554 Exam Braindump Ensure 100 Percent Pass

    By admin | June 9, 2015

    How to pass the newest 640-554 exam? What new questions are on the latest 640-554 exam? PassLeader’s best 640-554 VCE and PDF exam dumps will tell you all about the 640-554 exam. For all PassLeader’s 265q 640-554 exam questions are the newest and covered all new added questions and answers, which will help you 100% passing exam. And we PassLeader will continue update 640-554 exam questions and answers, you will never fail the exam 640-554. Hurry up and get the free VCE Player with your premium 640-554 VCE dumps from passleader.com now!

    keywords: 640-554 exam,265q 640-554 exam dumps,265q 640-554 exam questions,640-554 pdf dumps,640-554 vce dumps,640-554 braindumps,Implementing Cisco IOS Network Security (IINS v2.0)

    QUESTION 188
    Which statement about the role-based CLI access views on a Cisco router is true?

    A.    The maximum number of configurable CLI access views is 10, including one lawful intercept view and excluding the root view.
    B.    The maximum number of configurable CLI access views is 10, including one superview.
    C.    The maximum number of configurable CLI access views is 15, including one lawful intercept view and excluding the root view.
    D.    The maximum number of configurable CLI access views is 15, including one lawful intercept view.

    Answer: C

    QUESTION 189
    Which three protocols are supported by management plane protection? (Choose three.)

    A.    SNMP
    B.    SMTP
    C.    SSH
    D.    OSPF
    E.    HTTPS
    F.    EIGRP

    Answer: ACE

    QUESTION 190
    Which statement about rule-based policies in Cisco Security Manager is true?

    A.    Rule-based policies contain one or more rules that are related to a device’s security and operations parameters.
    B.    Rule-based policies contain one or more rules that control how traffic is filtered and inspected on a device.
    C.    Rule-based policies contain one or more user roles that are related to a device’s security and operations parameters.
    D.    Rule-based policies contain one or more user roles that control how user traffic is filtered and inspected on a device.

    Answer: B

    QUESTION 191
    Which Cisco Security Manager feature enables the configuration of unsupported device features?

    A.    Deployment Manager
    B.    FlexConfig
    C.    Policy Object Manager
    D.    Configuration Manager

    Answer: B

    QUESTION 192
    Which statement about IPv6 address allocation is true?

    A.    IPv6-enabled devices can be assigned only one IPv6 IP address.
    B.    A DHCP server is required to allocate IPv6 IP addresses.
    C.    IPv6-enabled devices can be assigned multiple IPv6 IP addresses.
    D.    ULA addressing is required for Internet connectivity.

    Answer: C

    QUESTION 193
    Which command will configure a Cisco ASA firewall to authenticate users when they enter the enable syntax using the local database with no fallback method?

    A.    aaa authentication enable console LOCAL SERVER_GROUP
    B.    aaa authentication enable console SERVER_GROUP LOCAL
    C.    aaa authentication enable console local
    D.    aaa authentication enable console LOCAL

    Answer: D

    QUESTION 194
    Which command will configure a Cisco router to use a TACACS+ server to authorize network services with no fallback method?

    A.    aaa authorization exec default group tacacs+ none
    B.    aaa authorization network default group tacacs+ none
    C.    aaa authorization network default group tacacs+
    D.    aaa authorization network default group tacacs+ local

    Answer: C

    QUESTION 195
    Which three statements about RADIUS are true? (Choose three.)

    A.    RADIUS uses TCP port 49.
    B.    RADIUS uses UDP ports 1645 or 1812.
    C.    RADIUS encrypts the entire packet.
    D.    RADIUS encrypts only the password in the Access-Request packet.
    E.    RADIUS is a Cisco proprietary technology.
    F.    RADIUS is an open standard.

    Answer: BDF


    http://www.passleader.com/640-554.html

    QUESTION 196
    Which command will configure AAA accounting using the list of all RADIUS servers on a device to generate a reload event message when the device reloads?

    A.    aaa accounting network default start-stop group radius
    B.    aaa accounting auth-proxy default start-stop group radius
    C.    aaa accounting system default start-stop group radius
    D.    aaa accounting exec default start-stop group radius

    Answer: C

    QUESTION 197
    Which two accounting notices are used to send a failed authentication attempt record to a AAA server? (Choose two.)

    A.    start-stop
    B.    stop-record
    C.    stop-only
    D.    stop

    Answer: AC

    QUESTION 198
    What is the first command you enter to configure AAA on a new Cisco router?

    A.    aaa configuration
    B.    no aaa-configuration
    C.    no aaa new-model
    D.    aaa new-model

    Answer: D

    QUESTION 199
    Which three TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.)

    A.    EAP
    B.    ASCII
    C.    PAP
    D.    PEAP
    E.    MS-CHAPv1
    F.    MS-CHAPv2

    Answer: BCE

    QUESTION 200
    What is the default privilege level for a new user account on a Cisco ASA firewall?

    A.    0
    B.    1
    C.    2
    D.    15

    Answer: C

    QUESTION 201
    Which statement about ACL operations is true?

    A.    The access list is evaluated in its entirety.
    B.    The access list is evaluated one access-control entry at a time.
    C.    The access list is evaluated by the most specific entry.
    D.    The default explicit deny at the end of an access list causes all packets to be dropped.

    Answer: B

    QUESTION 202
    Which three statements about access lists are true? (Choose three.)

    A.    Extended access lists should be placed as near as possible to the destination.
    B.    Extended access lists should be placed as near as possible to the source.
    C.    Standard access lists should be placed as near as possible to the destination.
    D.    Standard access lists should be placed as near as possible to the source.
    E.    Standard access lists filter on the source address.
    F.    Standard access lists filter on the destination address.

    Answer: BCE

    QUESTION 203
    Which command configures a device to actively watch connection requests and provide immediate protection from DDoS attacks?

    A.    router(config)# ip tcp intercept mode intercept
    B.    router(config)# ip tcp intercept mode watch
    C.    router(config)# ip tcp intercept max-incomplete high 100
    D.    router(config)# ip tcp intercept drop-mode random

    Answer: A

    QUESTION 204
    Which command will block external spoofed addresses?

    A.    access-list 128 deny ip 10.0.0.0 0.0.255.255 any
    B.    access-list 128 deny ip 192.168.0.0 0.0.0.255 any
    C.    access-list 128 deny ip 10.0.0.0 0.255.255.255 any
    D.    access-list 128 deny ip 192.168.0.0 0.0.31.255 any

    Answer: C


    http://www.passleader.com/640-554.html

             

    Topics: 640-554 Braindumps, 640-554 Exam Dumps, 640-554 Exam Questions, 640-554 PDF Dumps, 640-554 Practice Test, 640-554 Study Guide, 640-554 VCE Dumps, All Cisco Exam Dumps | No Comments »

    Comments

    You must be logged in to post a comment.