|
There are no dumps yet for 640-910. Does anyone have experience with this exam?
|
Question 1.
What do you need to consider when installing mezzanine cards in an HP ProLiant BL685c G6 Server Blade? (Select two.)
A. Type 2 mezzanine cards can be installed in slots 2 and/or 3 if they match the interconnect
module type.
B. Type 2 mezzanine cards can be installed in any slot if they match the interconnect module
type.
C. Type 2 mezzanine cards need to be installed in slot 1 and match the interconnect module type.
D. Type 1 mezzanine cards can be installed in any slot if they match the interconnect module
type.
Answer: A, D
Question 2.
You are troubleshooting a performance issue on a BL460c Server Blade with a Linux operating system installed.
Which command should you use to get comprehensive memory information?
A. iostat
B. glance
C. free
D. memdiag
Answer: C
Question 3.
Which HP Insight Control Suite software provides centralized capture, monitor, report, and control of HP BladeSystem power consumption and thermal output?
A. HPProLiant Insight Power Regulator
B. HPProLiant Onboard Administrator
C. HP Insight Power Manager
D. HP Insight Diagnostics Online Edition
Answer: C
Question 4.
Which industry standard management protocols are used by HP SIM? (Select two.)
A. SSH
B. SNMP
C. DMI
D. XML
E. SMTP
Answer: B, C
Question 5.
Which industry standard memory technologies can be used by Intel Xeon-based c-Class server blades to provide additional protection against failed or degrading FB-DIMMs? (Select two.)
A. chip spare
B. mirrored memory
C. parity memory
D. online spare memory
Answer: B, D
Question 6.
Microsoft Cluster Server is an example of which type of clustering architecture?
A. shared-memory
B. High-Performance Computing
C. shared-everything
D. shared-nothing
Answer: D
Question 7.
Which memory slots must be populated first in a ProLiant BL490c G6?
A. blue
B. white
C. black
D. brown
Answer: B
Question 8.
Which feature is used in conjunction with the Trusted Platform Module (TPM)?
A. OpenSSH
B. LDAP
C. BitLocker
D. HP SIM
Answer: C
Question 9.
Which logical extension of the HP Insight Dynamics - VSE Suite provides failure protection for logical servers?
A. Insight Orchestration
B. Insight Rapid Deployment
C. Insight Systems Manager
D. Insight Recovery Software
Answer: D
Question 10.
What is the maximum number of Cisco 3120 Switches that can be combined into a single logical stack?
A. 4
B. 6
C. 8
D. 9
E. 12
Answer: D
|
Question 1. Which of these is a benefit of an integrated security management system? A. It provides configuration, monitoring, and troubleshooting capabilities across a wide range of security products. B. It leverages existing network management systems such as HP Open View to lower the cost of implementation. C. It integrates security management capabilities into the router or switch. D. It integrates security device management products and collects events on an "as needed" Basis to reduce management overhead. E. It provides a single point of contact for all security configuration tasks thereby enhancing the return on investment. Answer: A Question 2. DRAG DROP Drop Answer: Question 3. Which service component within the prepare phase recommends the appropriate technology strategy to address a business requirement of the customer? A. identifying what a customer requires from a proposed solution B. determining what end-user training a customer requires C. analyzes the customer's business requirements and recommends the appropriate Cisco technologies to meet business requirements D. addressing a customer's physical requirements Answer: C Question 4. What are two important approaches to communicate when identifying a customer's security risks? (Choose two.) A. Security should be a continuous process. B. Security solutions should come from multiple vendors to make it easier to coordinate security events from the point of origin. C. The designated security expert should report to the IT department, since that is where the solution will be implemented. D. Business strategy should directly relate to the security policy and budget. E. Smaller companies are at less risk than larger enterprises, so their security needs are not as great. Answer: A, D Question 5. Which of the following best describe the customer benefit of creating a systems acceptance test plan in the design phase? A. reduce operating costs and limit change-related incidents by providing a consistent and Efficient set of processes B. improve the return on investment and hasten migration by identifying and planning for necessary infrastructure changes and resource additions, as well as reduce deployment costs by analyzing gaps early in the planning process to determine what is needed to support the system C. improve its ability to make sound financial decisions by developing a business case based on Its business requirements and establishing a basis for developing a technology strategy D. reduce unnecessary disruption, delays, rework, and other problems by establishing test cases for use in verifying that the system meets operational, functional, and interface requirements Answer: D Question 6. A Cisco Catalyst switch can belong to how many VTP domains? A. 2 B. 1 to 4,096 C. 1 D. 1 to 1,005 E. no limit Answer: C Question 7. The Cisco ASA Security Appliance can offer the benefit of integrating which three security services into one device? (Choose three.) A. PIX firewall B. VPN Concentrator C. IPS D. DDoS Anomaly Guard and Detector E. CSA MC F. ACS server Answer: A, B, C Question 8. A customer has deployed a wireless core feature set using autonomous access points and now wants to include a satellite building 4,500 feet away from the main campus. The customer also wants to provide wireless access to a courtyard for wireless clients in close proximity to the antenna mounting position. Which Cisco Aironet product is the most applicable solution? A. Cisco Aironet 1000 Series B. Cisco Aironet 1300 Series C. Cisco Aironet 1100 Series D. Cisco Aironet 1400 Series E. Cisco Aironet 1200 Series Answer: B Question 9. What is one benefit of the Cisco anti-X defense strategy? A. virtual firewall protection B. malware, virus, and worm mitigation C. applications security D. security events correlation for proactive response Answer: B Question 10. Which two of these statements best describe the benefits of Cisco's wireless IDS functionality? (Choose two.) A. Autonomous APs must be dedicated IDS sensors while lightweight APs can combine client traffic and RF monitoring. B. Cisco or CCX compatible client cards can extend the RF IDS service for autonomous APs. C. 2.4GHz RF management can monitor both 802.11 and non-802.11 RF interference. D. APs only monitor the RF channels that are servicing the clients. E. AirDefense for wireless IDS is required by autonomous APs. Answer: B, C
|
Question 1.
Which of the following best describe the customer benefits of change management in the operate phase?
A. reduce unnecessary disruption, delays, rework, and other problems by establishing test cases for use in verifying that the system meets operational, functional, and interface requirements
B. improve its ability to make sound financial decisions by developing a business case based on its business requirements and establishing a basis for developing a technology strategy
C. reduce operating costs and limit change. related incidents by providing a consistent and efficient set of processes
D. improve the return on investment and hasten migration by identifying and planning for necessary infrastructure changes and resource additions, as well as reduce deployment costs by analyzing gaps early in the planning process to determine what is needed to support the system
Answer: C
Question 2.
Which of these is the best definition of the Cisco Lifecycle Services approach?
A. It defines the minimum set of services required to successfully deploy and operate a set of Cisco technologies.
B. It determines how best to price Cisco products.
C. It provides partners with a useful way to leverage Cisco resources.
D. It consists of these phases: plan, deploy, support, and troubleshoot.
Answer: A
Question 3.
What two types of telephony interfaces are used for PSTN connectivity? (Choose two.)
A. Digital
B. Optical
C. Analog
D. CDMA
Answer: A, C
Question 4.
Which statement correctly describes the keys witch model of deployment for call processing?
A. All IP Phones are able to answer any incoming PSTN call on any line
B. PSTN calls are routed through a receptionist or automated attendant.
C. All IP Phones in the system have a single unique extension number.
Answer: A
Question 5.
Which definition best describes the implementation service component within the implement phase?
A. providing a step-by-step plan that details the installation and service. commission tasks required in order to create a controlled. implementation environment that emulates a customer network
B. assessing the ability of site facilities to accommodate proposed infrastructure changes
C. developing and executing proof-of-concept tests, validating high-level infrastructure design, and identifying any design enhancements
D. Installing, configuring and integrating systems components based on an implementation plan developed in earlier phases E. improving a customer's infrastructure security system
Answer: D
Question 6.
A customer with a small enterprise network of 15 remote sites is trying to optimize its VPN by migrating some remote sites using Frame Relay connections to the Internet to using cable connections to the Internet. Minimizing costs is one of the customer's highest priorities. Only a moderate amount of IP traffic is passing through the network, most of which is from the remote sites to the central site. IPSec should be used to provide VPN functionality and basic confidentiality is desired.
Based on the traffic patterns, which topology would be the easiest for this customer to set up and manage?
A. full mesh
B. partial mesh
C. point-to-multipoint
D. huB. anD.spoke
Answer: D
Question 7.
How can the proper configuration of Voice Mail be tested at an end user's IP phone?
A. Press the "i" button.
B. Press the "Settings" button.
C. Press the "Services" button.
D. Press the "Messages" button
Answer: D
Question 8.
In what location is it recommended that the Cisco Catalyst 6500 Series WLSM be placed?
A. distribution layer
B. core layer
C. access layer
D. network management functional module
Answer: A
Question 9.
Which of these is an accurate list of Cisco Lifecycle Services phases?
A. initiation, planning, analysis, design, development, implementation, operations and
maintenance
B. project planning, site assessment, risk assessment, solution selection and acquisition, testing, and operations
C. Prepare, plan design implement operate, and optimize
D. analysis, design, deployment, testing, implementation, and production I E. presales, project planning, development, implementation, operations testing, and operations signoff
Answer: C
Question 10.
What port role assignment would you make for the Gigabit Ethernet port on the Cisco CE520 used in the Smart Business Communications System?
A. IP Phone and desktop
B. Cisco UC520
C. Cisco CE520
D. Cisco 871W
Answer: B
|
Question 1.
Consider the following customer attributes and choose the correct IP telephony call processing model:
- a large campus that spans two PSAP areas
- a single group of buildings connected via fiber optics
- data VPNs that support multiple contractors and suppliers
- a fully developed three-tier network hierarchy
- connectivity to two different service providers for Internet access
A. single-site call processing
B. centralized call processing
C. hybrid call processing
D. distributed call processing
Answer: A
Question 2.
What information is relevant to choosing an IP telephony centralized call processing model?
A. multiple PRIs to the PSTN
B. a campus of six buildings connected via an ATM backbone
C. three small regional sales offices located in the three Western time zones
D. centralized order processing, shipping, and billing for all customer products
E. connectivity to a single service provider that hosts the company web site and provides for Internet access
F. a single six-story building with an IDF on each floor and an MDF in the computer room on the second floor
Answer: C
Question 3.
In a TDM PBXto Cisco Unified Communications Manager migration, which three things must be verified from the LAN perspective before IP telephony can be deployed? (Choose three.)
A. the type of wiring in the office
B. the number of PSTN connections needed
C. the number of public IP addresses available
D. the amount of rack space in the equipment rack
E. the amount of power that is available to support new LAN switches
Answer: A, D, E
Question 4.
DRAG DROP
The intranet will have three VLAN types to support voice and data traffic; one type for voice, one type for data, and one type for the Cisco Unified Communications Manager cluster. How should inter-VLAN connectivity by deployed? Drag and drop the type of connectivity to each type of connection. Types of connections may be used more than once.
Answer:
Question 5.
Ajax wants to ensure that their employees are safe and that they comply with the law.
What are four general E911 responsibilities of an enterprise telephony system? (Choose four.)
A. Enable PSAP call-back.
B. initiate the update of ALI records.
C. Provide a detailed map of all ERLs.
D. Allow conferencing with internal security personnel.
E. Route calls to the appropriate point (on-net or off-net).
F. Deliver appropriate calling party number digits to LEC
Answer: A, B, E, F
Question 6.
What are two conferencing guidelines for a single-site deployment? (Choose two.)
A. Use hardware conferencing only for small deployments
B. If available, configure DSPs for flex-mode when there are multiple codec types in use.
C. Group any conferencing resources into MRGLs based on their location, to manage Call
Admission Control.
D. Make certain that Meet-Me and Ad-Hoc conference resources each account for a minimum of
5% of the user base.
Answer: B, D
Question 7.
Ajax needs to provide technical support outside of normal operating hours. They would like to deploy a small test call center to develop the skills necessary to provide phone, chat, and e-mail support. Ajax wants to start with five agents.
Which two connection types would be applicable for use with the planned contact center? (Choose two.)
A. PRI
B. CAS DC. ESM
D. QSIG
E. POTS
Answer: A, B
Question 8.
Indicate whether T1s orE1s are available in your area. (Note: If both are available, choose the one with which you are most familiar.)
A. T1
B. E1
Answer: NO CORRECT ANSWER
Question 9.
You have decided to use the MGCP signaling protocol for the PSTN gateway at Ajax.
Which option is true regarding the use of a gatekeeper in their network?
A. One may be used for CAC.
B. One could be used for address resolution.
C. One may be deployed for both CAC and address resolution.
D. A gatekeeper is not applicable in this situation.
Answer: D
Question 10.
Ajax has contacted its LEC to obtain an additional range of DIDs. Their current DID range is 555-6000 through 555-6999. The LEC can provide them with an additional range of numbers, 556-6000 through 556-6999. The LEC is currently sending four digits inbound, so the two DID ranges overlap.
What two things can be done to resolve this solution? (Choose two.)
A. Ask the LEC to send five digits.
B. Change internal calls to five-digit dialing.
C. Move to a six-digit dial plan to provide more dialing granularity for all extension numbers.
D. Contact an alternative carrier to see if it can provide a DID range that does not overlap with the current range.
Answer: A, B
|
Question 1. Which two are technologies that secure the control plane of the Cisco router? (Choose two.) A. Cisco IOS Flexible Packet Matching B. URPF C. routing protocol authentication D. CPPr E. BPDU protection F. role-based access control Answer: C, D Question 2. HOTSPOT This item contains three questions that you must answer. In order to answer the question, you need to examine the SDM screens by clicking on the SDM button to the left. View the question by clicking on the Questions button to the left. Then, choose the correct answer from among the options. Note: Not all SDM screen functions are implemented in this simulation. If a certain method to access the desired SDM is not available, please try to use an alternate method to access the required SDM screen to answer the question. Hotspot question. Click on the correct location or locations in the exhibit. Answer: Question 3. What are the two category types associated with 5.x signature use in Cisco IOS IPS? (Choose two.) A. basic B. advanced C. 128MB.sdf D. 256MB.sdf E. attack-drop F. built-in Answer: A, B Question 4. Refer to the exhibit. Which optional AAA or RADIUS configuration command is used to support 802.1X guest VLAN functionality? A. aaa authentication dot1x default group radius B. aaa authorization network default group radius C. aaa accounting dotlx default start-stop group radius D. aaa accounting system default start-stop group radius E. radius-server host 10.1.1.1 auth-port 1812 acct-port 1813 Answer: B Question 5. Which is an advantage of implementing the Cisco IOS Firewall feature? A. provides self-contained end-user authentication capabilities B. integrates multiprotocol routing with security policy enforcement C. acts primarily as a dedicated firewall device D. is easily deployed and managed by the Cisco Adaptive Security Device Manager E. provides data leakage protection capabilities Answer: B Question 6. Which three statements correctly describe the GET VPN policy management? (Choose three.) A. A central policy is defined at the ACS (AAA) server. B. A local policy is defined on each group member. C. A global policy is defined on the key server, and it is distributed to the group members. D. The key server and group member policy must match. E. The group member appends the global policy to its local policy. Answer: B, C, E Question 7. HOTSPOT This Item contains three questions that you must answer. You can view the question by clicking on the Questions button to the left. In order to answer the question, you need to examine the SDM screens by clicking on the SDM button to the left. View the question by clicking on the Questions button to the left. Then, choose the correct answer from among the options. Note: Not all the SDM screen functions are implemented in this simulation. If a certain method to access the desired SDM screen is not available, please try to use an alternate method to access the required SDM screen to answer the question. Hotspot question. Click on the correct location or locations in the exhibit. Answer: Question 8. DRAG DROP Drop Match the Cisco IOS IPS SEAP feature on the left to its description on the right. Not all the features on the left are used. Drag and drop question. Drag the items to the proper locations. Answer: Question 9. The CPU and Memory Threshold Notifications of the Network Foundation Protection feature protect which router plane? A. control plane B. management plane C. data plane D. network plane Answer: B Question 10. DRAG DROP Drop Match the Network Foundation Protection (NFP) feature on the left to where it is applied on the right. Drag and drop question. Drag the items to the proper locations. Answer:
|
Question 1.
Which two statements correctly describe configuring active/active failover? (Choose two.)
A. You must assign contexts to failover groups from the admin context.
B. Both units must be in multiple mode.
C. You must configure two failover groups: group 1 and group 2.
D. You must use a crossover cable to connect the failover links on the two failover peers.
Answer: B, C
Question 2.
Observe the following exhibit carefully. When TCP connections are tunneled over another TCP connection and latency exists between the two endpoints, each TCP session would trigger a retransmission, which can quickly spiral out of control when the latency issues persist. This issue is often called TCP-over-TCP meltdown.
According to the presented Cisco ASDM configuration, which Cisco ASA security appliance configuration will most likely solve this problem?
A. Compression
B. MTU size of 500
C. Keepalive Messages
D. Datagram TLS
Answer: D
Question 3.
The IT department of your company must perform a custom-built TCP application within the clientless SSL VPN portal configured on your Cisco ASA security appliance. The application should be run by users who have either guest or normal user mode privileges.
In order to allow this application to run, how to configure the clientless SSL VPN portal?
A. configure a smart tunnel for the application
B. configure a bookmark for the application
C. configure the plug-in that best fits the application
D. configure port forwarding for the application
Answer: A
Question 4.
According to the following exhibit. When a host on the inside network attempted an HTTP connection to a host at IP address 172.26.10.100, which address pool will be used by the Cisco ASA security appliance for the NAT?
A. 192.168.8.101 - 192.168.8.105
B. 192.168.8.20 - 192.168.8.100
C. 192.168.8.106 - 192.168.8.110
D. 192.168.8.20 - 192.168.8.110
Answer: B
Question 5.
Study the following exhibit carefully. You are asked to configure the Cisco ASA security appliance with a connection profile and group policy for full network access SSL VPNs. During a test of the configuration using the Cisco AnyConnect VPN Client, the connection times out. In the process of troubleshooting, you determine to make configuration changes.
According to the provided Cisco ASDM configuration, which configuration change will you begin with?
A. Require a client certificate on the interface.
B. Enable an SSL VPN client type on the interface.
C. Enable DTLS on the interface.
D. Enable a different access port that doesn't conflict with Cisco ASDM.
Answer: B
Question 6.
You are the network security administrator for the ITCERTKEYS company. You create an FTP inspection policy including the strict option, and it is applied to the outside interface of the corporate adaptive security appliance. How to handle FTP on the security appliance after this policy is applied? (Choose three.)
A. FTP inspection is applied to traffic entering the inside interface.
B. Strict FTP inspection is applied to traffic entering the outside interface.
C. FTP inspection is applied to traffic exiting the inside interface.
D. Strict FTP inspection is applied to traffic exiting the outside interface.
Answer: A, B, D
Question 7.
Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)
A. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client-server connections through the security appliance.
B. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection.
C. If inspection for a protocol is not enabled, traffic for that protocol may be blocked.
D. If you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy.
Answer: A, C, D
Question 8.
An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. After configuring port forwarding for a clientless SSL VPN connection, if port forwarding is to work, which end user privilege level is required at the endpoint?
A. system level
B. guest level
C. user level
D. administrator level
Answer: D
Question 9.
Which two methods can be used to decrease the amount of time it takes for an active Cisco ASA adaptive security appliance to fail over to its standby failover peer in an active/active failover configuration? (Choose two.)
A. decrease the interface failover poll time
B. decrease the unit failover poll time
C. use the special serial failover cable to connect the security appliances
D. use single mode
Answer: A, B
Question 10.
Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)
A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not
need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. It supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.
Answer: A, C, D
|
Question 1. Tom works as a network administrator. The primary adaptive security appliance in an active/standby failover configuration failed, so the secondary adaptive security appliance was automatically activated. Tom then fixed the problem. Now he would like to restore the primary to active status. Which one of the following commands can reactivate the primary adaptive security appliance and restore it to active status while issued on the primary adaptive security appliance? A. failover reset B. failover primary active C. failover active D. failover exec standby Answer: C Question 2. For the following commands, which one enables the DHCP server on the DMZ interface of the Cisco ASA with an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2? A. dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ B. dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable DMZ C. dhcpd range 10.0.1.100-10.0.1.108 DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ D. dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable Answer: A Question 3. Look at the following exhibit carefully, which one of the four diagrams displays a correctly configured network for a transparent firewall? A. 1 B. 2 C. 3 D. 4 Answer: D Question 4. What is the effect of the per-user-override option when applied to the access-group command syntax? A. The log option in the per-user access list overrides existing interface log options. B. It allows for extended authentication on a per-user basis. C. Hallows downloadable user access lists to override the access list applied to the interfacE. D. It increases security by building upon the existing access list applied to the interfacE. All subsequent users are also subject to the additional access list entries. Answer: C Question 5. John works as a network administrator. According to the exhibit, the only traffic that John would like to allow through the corporate Cisco ASA adaptive security appliance is inbound HTTP to the DMZ network and all traffic from the inside network to the outside network. John also has configured the Cisco ASA adaptive security appliance, and access through it is now working as expected with one exception: contractors working on the DMZ servers have been surfing the Internet from the DMZ servers, which (unlike other Company XYZ hosts) are using public, routable IP addresses. Neither NAT statements nor access lists have been configured for the DMZ interface. What is the reason that the contractors are able to surf the Internet from the DMZ servers? (Note: The 192.168.X.XIP addresses are used to represent routable public IP addresses even though the 192.168.1.0 network is not actually a public routable network.) A. An access list on the outside interface permits this traffic. B. NAT control is not enabled. C. The DMZ servers are using the same global pool of addresses that is being used by the inside hosts. D. HTTP inspection is not enabled. Answer: B Question 6. In order to recover the Cisco ASA password, which operation mode should you enter? A. configure B. unprivileged C. privileged D. monitor Answer: D Question 7. Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.) A. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection. B. if you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy. C. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client-server connections through the security appliance. D. if inspection for a protocol is not enabled, traffic for that protocol may be blocked. Answer: B, C, D Question 8. Observe the following commands, which one verifies that NAT is working normally and displays active NAT translations? A. showip nat all B. show running-configuration nat C. showxlate D. show nat translation Answer: C Question 9. Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose threE.) A. it dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports. B. It supports SIP with NAT but not with PAT. C. it supports multimedia with or without NAT. D. It supports RTSP, H.323, Skinny, and CTIQBE. Answer: A, C, D Question 10. What is the result if the WebVPN url-entry parameter is disabled? A. The end user is unable to access pre-defined URLs. B. The end user is unable to access any CIFS shares or URLs. C. The end user is able to access CIFS shares but not URLs. D. The end user is able to access pre-defined URLs. Answer: D
|
Question 1.
The Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS) is an appliance-based, all-inclusive solution that provides unmatched insight and control of your existing security deployment.
Which three items are correct with regard to Cisco Security MARS rules? (Choose three.)
A. There are three types of rules.
B. Rules can be deleted.
C. Rules can be created using a query.
D. Rules trigger incidents.
Answer: A, C, D
Question 2.
Which three benefits are of deploying Cisco Security MARS appliances by use of the global and local controller architecture? (Choose three.)
A. A global controller can provide a summary of all local controllers information (network topologies, incidents, queries, and reports results).
B. A global controller can provide a central point for creating rules and queries, which are applied simultaneously to multiple local controllers.
C. A global controller can correlate events from multiple local controllers to perform global sessionizations.
D. Users can seamlessly navigate to any local controller from the global controller GUI.
Answer: A, B, D
Question 3.
Which item is the best practice to follow while restoring archived data to a Cisco Security MARS appliance?
A. Use Secure FTP to protect the data transfer.
B. Use "mode 5" restore from the Cisco Security MARS CLI to provide enhanced security During the data transfer.
C. Choose Admin > System Maintenance > Data Archiving on the Cisco Security MARS GUI to perform the restore operations on line.
D. To avoid problems, restore only to an identical or higher-end Cisco Security MARS appliance.
Answer: D
Question 4.
A Cisco Security MARS appliance can't access certain devices through the default gateway. Troubleshooting has determined that this is a Cisco Security MARS configuration issue.
Which additional Cisco Security MARS configuration will be required to correct this issue?
A. Use the Cisco Security MARS GUI to configure multiple default gateways
B. Use the Cisco Security MARS GUI or CLI to configure multiple default gateways
C. Use the Cisco Security MARS GUI or CLI to enable a dynamic routing protocol
D. Use the Cisco Security MARS CLI to add a static route
Answer: D
Question 5.
Which two options are for handling false-positive events reported by the Cisco Security MARS appliance? (Choose two.)
A. mitigate at Layer 2
B. archive to NFS only
C. drop
D. log to the database only
Answer: C, D
Question 6.
What is the reporting IP address of the device while adding a device to the Cisco Security MARS appliance?
A. The source IP address that sends syslog information to the Cisco Security MARS appliance
B. The pre-NAT IP address of the device
C. The IP address that Cisco Security MARS uses to access the device via SNMP
D. The IP address that Cisco Security MARS uses to access the device via Telnet or SSH
Answer: A
Question 7.
Which statement best describes the case management feature of Cisco Security MARS?
A. It is used to conjunction with the Cisco Security MARS incident escalation feature for incident reporting
B. It is used to capture, combine and preserve user-selected Cisco Security MARS data within a specialized report
C. It is used to automatically collect and save information on incidents, sessions, queries and reports dynamically without user interventions
D. It is used to very quickly evaluate the state of the network
Answer: B
Question 8.
Which two configuration tasks are needed on the Cisco Security MARS for it to receive syslog messages relayed from a syslog relay server? (Choose two.)
A. Define the syslog relay collector.
B. Add the syslog relay server application to Cisco Security MARS as Generic Syslog Relay Any.
C. Define the syslog relay source list.
D. Add the reporting devices monitored by the syslog relay server to Cisco Security MARS.
Answer: B, D
Question 9.
Here is a question that you need to answer. You can click on the Question button to the left to view the question and click on the MARS GUI Screen button to the left to capture the MARS GUI screen in order to answer the question. While viewing the GUI screen capture, you can view the complete screen by use of the left/right scroll bar on the bottom of the GUI screen. Choose the correct answer from among the options.
What actions will you take to configure the MARS appliance to send out an alert when the system rule fires according to the MARS GUI screen shown?
A. Click "Edit" to edit the "Operation" field of the rule, select the appropriate alert option(s), then apply.
B. Click on "None" in the "Action" field, select the appropriate alerts, then apply.
C. Click "Edit" to edit the "Reported User" field of the rule, select the appropriate alert
option(s),then apply.
D. Click on "Active" in the "Status" field, select the appropriate alerts, then apply.
Answer: B
Question 10.
Which action enables the Cisco Security MARS appliance to ignore false-positive events by either dropping the events completely or by just logging them to the database?
A. Inactivating the rules
B. Creating system inspection rules using the drop operation
C. Deleting the false-positive events from the events management page
D. Creating drop rules
Answer: D
|
Question 1. You are the network consultant from Your company. Please point out two requirements call for the deployment of 802.1X. A. Authenticate users on switch or wireless ports B. Grant or Deny network access at the port level, based on configured authorization policies C. Allow network access during the queit period D. Verify security posture using TACAS+ Answer: A, B Question 2. Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. An OSPF router on the network is running at an abnormally high CPU rate. By use of different OSPF debug commands on Router, the network administrator determines that router is receiving many OSPF link state packets from an unknown OSPF neighbor, thus forcing many OSPF path recalculations and affecting router's CPU usage. Which OSPF configuration should the administrator enable to preent this kind of attack on the Router? A. Multi-Area OSPF B. OSPF stub Area C. OSPF MD5 Authentication D. OSPF not-so-stubby Area Answer: C Question 3. Which one of the following Cisco Security Management products is able to perform (syslog) events normalization? A. Cisco IME B. Cisco Security Manager C. Cisco ASDM D. Cisco Security MARS Answer: D Question 4. Can you tell me which one of the following platforms has the highest IPSec throughput and can support the highest number of tunnels? A. Cisco 6500/7600 + VPN SPA B. Cisco ASR 1000-5G C. Cisco 7200 NPE-GE+VSA D. Cisco 7200 NPE-GE+VAM2+ Answer: A Question 5. Which two methods can be used to perform IPSec peer authentication? (Choose two.) A. One-time Password B. AAA C. Pre-shared key D. Digital Certificate Answer: C, D Question 6. Cisco Security Agent is the first endpoint security solution that combines zero-update attack protection, data loss prevention and signature-based antivirus in a single agent. This unique blend of capabilities defends servers and desktops against sophisticated day-zero attacks and enforces acceptable-use and compliance policies within a simple management infrastructure. What are three functions of CSA in helping to secure customer environments? A. Control of executable content B. Identification of vulnerabilities C. Application Control D. System hardening Answer: A, C, D Question 7. Cisco Secure Access Control Server (ACS) is an access policy control platform that helps you comply with growing regulatory and corporate requirements. Which three of these items are features of the Cisco Secure Access Control Server? A. NDS B. RSA Certificates C. LDAP D. Kerberos Answer: A, B, C Question 8. Observe the following protocols carefully, which one is used to allow the utilization of Cisco Wide Area Application Engines or Cisco IronPort S-Series web security appliances to localize web traffic patterns I the network and to enable the local fulfillment of content requests? A. TLS B. DTLS C. WCCP D. HTTPS Answer: C Question 9. Which one is not the factor can affect the risk rating of an IPS alert? A. Relevance B. Attacker location C. Event severity D. Signature fidelity Answer: B Question 10. For the following items, which two are differences between symmetric and asymmetric encryption algorithms? (Choose two.) A. Asymmetric encryption is slower than symmetric encryption B. Asymmetric encryption is more suitable than symmetric encryption for real-time bulk encryption C. Symmetric encryption is used in digital signatures and asymmetric encryption is used in HMACs D. Asymmetric encryption requires a much larger key size to achieve the same level of protection as asymmetric encryption Answer: A, D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.