|
Question 1. Examine the following options, which access list will permit HTTP traffic sourced from host 10.1.129.100 port 3030 destined to host 192.168.1.10? A. access-list 101 permit tcp host 192.168.1.10 eq 80 10.1.0.0 0.0.255.255 eq 3030 B. access-list 101 permit tcp any eq 3030 C. access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.1.10 0.0.0.0 eq www D. access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www Answer: D Question 2. DRAG DROP Drag three proper statements about the IPsec protocol on the above to the list on the below. Answer: Question 3. In a brute-force attack, what percentage of the keyspace must an attacker generally search through until he or she finds the key that decrypts the data? A. Roughly 50 percent B. Roughly 66 percent C. Roughly 75 percent D. Roughly 10 percent Answer: A Question 4. The information of Cisco Router and Security Device Manager(SDM) is shown below: Within the "sdm-permit" policy map, what is the action assigned to the traffic class "class-default"? A. inspect B. drop C. police D. pass Answer: B Question 5. DRAG DROP On the basis of the description of SSL-based VPN, place the correct descriptions in the proper locations. Answer: Question 6. Which description is correct based on the exhibit and partial configuration? A. All traffic destined for network 172.16.150.0 will be denied due to the implicit deny all. B. All traffic from network 10.0.0.0 will be permitted. C. Access-list 101 will prevent address spoofing from interface E0. D. This ACL will prevent any host on the Internet from spoofing the inside network address as the source address for packets coming into the router from the Internet. Answer: C Question 7. For the following items ,which one can be used to authenticate the IPsec peers during IKE Phase 1? A. pre-shared key B. integrity check value C. XAUTH D. Diffie-Hellman Nonce Answer: A Question 8. Which description about asymmetric encryption algorithms is correct? A. They use the same key for encryption and decryption of data. B. They use different keys for decryption but the same key for encryption of data. C. They use different keys for encryption and decryption of data. D. They use the same key for decryption but different keys for encryption of data. Answer: C Question 9. For the following items, which management topology keeps management traffic isolated from production traffic? A. OTP B. OOB C. SAFE D. MARS Answer: B Question 10. You work as a network engineer, do you know an IPsec tunnel is negotiated within the protection of which type of tunnel? A. L2F tunnel B. L2TP tunnel C. GRE tunnel D. ISAKMP tunnel Answer: D Question 11. As a candidate for CCNA examination, when you are familiar with the basic commands, if you input the command "enable secret level 5 password" in the global mode , what does it indicate? A. Set the enable secret command to privilege level 5. B. The enable secret password is hashed using MD5. C. The enable secret password is for accessing exec privilege level 5. D. The enable secret password is hashed using SHA. E. The enable secret password is encrypted using Cisco proprietary level 5 encryption. Answer: C
|
Question 1. With Cisco WAAS advanced compression DRE, which three functions are performed during the DRE process? (Choose three.) A. Pattern matching B. Synchronization C. LZ compression D. Fingerprint and chunk identification Answer: A, B, D Question 2. Do you know how often the Cisco WAAS automatic discovery takes place? A. Once per user B. Every hour C. On a Connection-by-Connection basis D. Once per office Answer: C Question 3. What is the status of Cisco WAAS optimization after completing the quick start process on all devices and installing the enterprise license? (Choose two.) A. Cisco WAAS is ready for the Central Manager to be configured to optimized traffic B. Cisco WAAS is ready for bandwidth settings to be defined for communication C. Cisco WAAS application optimizers are enabled D. Default optimizations are applied traffic passing through the Cisco WAE devices Answer: C, D Question 4. Which two statements describe what is required for read-only disconnected mode to be automatically activated during a prolonged WAAS disconnect? (Choose two.) A. The WAE must be configured for Windows Authentication B. The Windows server must be configured for operating in disconnected mode C. The WAE must be able to access a Window Domain Controller D. The WAE must be joined to the same workgroup as the Windows Server Answer: A, C Question 5. Which three are high-availability Cisco WAE solutions for a branch office? (Choose three.) A. PBR B. WCCP C. Multiple Cisco WAE devices with inline cards D. Firewall load-balancing Cisco WAE devices Answer: A, B, C Question 6 The Cisco WAAS design of your customer calls for the Central Manager to be deployed on the Core WAE, which is a WAE-612 with 2 GB of RAM. The customer initially configured the WAE as an application accelerator and then issued the device mode central-manager command to enable Central Manager Service. Now the customer complains that the WAE is no longer accelerating traffic why? A. The Central Manager and application accelerator cannot be deployed on the same WAE B. The device mode central-manager command must be issued before the device mode application-accelerator command C. At least 4 GB of RAM must be installed for the WAE to serve as both Central Manager and application accelerator D. Central Manager is consuming too much CPU time on the WAE. The Central Manager service should be implemented on a less-utilized edge WAE Answer: A Question 7. Which two benefits can we get by using Cisco WAAS with Cisco security devices such as Cisco PIX, Cisco ASA and Cisco IOS Firewalls? (Choose two.) A. The security devices will speed Cisco WAAS transport B. The security devices support the TCP sequence number jump that Cisco WAAS uses C. Cisco WASS requires Cisco Security devices to be installed D. The security devices can be configured to support Cisco WAAS automatic discovery Answer: B, D Question 8. In Order to ensure Cisco WAAS Mobile transport and management, which three protocols and ports need to be allowed through corporate firewalls? (Choose three.) A. TCP 80 B. TCP 8080 C. UDP 8080 D. UDP 1182 Answer: A, B, D Question 9. SACK improves performance for which type of traffic? A. Short-lived TCP connections B. Traffic on high-BDP networks C. Traffic on lossy networks D. Traffic on low-BDP networks Answer: C Question 10. Which parameter should be taken into consideration while selecting a Cisco WAE model for a Cisco WAAS deployment? A. Bandwidth of the largest WAN Link B. Total WAN throughput C. Concurrent TCP sessions to be optimized D. Bandwidth of the smallest WAN link Answer: C
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.