642-372 - CXFS - Cisco Express Foundation for Systems Engineers
Go back to Cisco
The Cisco SDM can configure most, but not all, routing protocols. Which two of these routing protocols can be configured using SDM? (Choose two.)
Which statement concerning the Active/Active failover feature is correct?
Active/Active failover is supported in "multiple mode" configuration only.
Which component of Cisco ASDM provides administrators with a complete system overview and device health statistics at a glance?
Cisco ASDM provides 16 different graphs that help identify security risks by displaying data about potentially malicious activity. What is one kind of data these graphs show?
Which two of these statements best describe the benefits of WPAv1? (Choose two.)
improved mutual authentication
improved protection against sniffing initialization vectors
On what lower-level transport protocol does CiscoWorks LAN Management Solution rely on and why?
UDP, because CiscoWorks LAN Management is an application that does not require the reliability of TCP
Which two of these statements best describe fast secure roaming? (Choose two.)
available in autonomous and lightweight APs
a feature of WDS in autonomous APs
You are about to upgrade a router with a newer IOS version, but you would like to check for known bugs first. Which tool will allow you to do this most easily?
Cisco Bug Toolkit
Deploying ISRs with integrated security services can help lower the total cost of ownership. Which of these Cisco ISR Routers features illustrate this point?
using the SDM configuration tool to reduce training costs
Which two of these statements describe important aspects of performing a wireless site survey? (Choose two.)
Site surveys can be performed manually or through assisted site survey.
Overlapping access points can create performance problems.
Which of these best describes the Cisco Lifecycle Services approach?
a methodology for introducing new technologies
Your company has two primary divisions: Products and Services. The Products division is on network 22.214.171.124/21. The Services division is on network 126.96.36.199/21. You want to summarize both networks into one routing statement. Which IP address and subnet mask combination would most efficiently accomplish this?
A customer is considering purchasing either a Cisco Catalyst 2960 or Cisco Catalyst Express 500. Which feature can only be found on the Catalyst 2960?
48 Ethernet 10/100 ports
Which Cisco PIX and ASA feature provides reliable, comprehensive security against virus and worm propagation, as well as data theft?
WebVPN for SSL
Wi-Fi Protected Access was an interim step on the way to the more secure WPA2. What was added in WPA2 to make it more secure?
Which two of these statements best describe the benefits of Cisco's wireless IDS functionality? (Choose two.)
2.4GHz RF management can monitor both 802.11 and non-802.11 RF interference.
Cisco or CCX compatible client cards can extend the RF IDS service for autonomous APs.
Which VMS Security Monitor tool allows you to monitor data for patterns of attacks from one machine to a list of targets?
Advanced Correlation Engine
Which Cisco SDM feature allows you to specify whether you want SDM files installed on your PC or on your router?
Which two of these statements best describe fast secure roaming for the wireless core feature set using autonomous access points? (Choose two.)
It reduces roaming latency through reduced client RF channel scanning enhancements.
Roaming occurs without reauthentication through a centralized RADIUS server.
You are planning to connect your three branch offices to the corporate site via Frame Relay. The first branch office has been assigned the network 10.1.0.0/16, the second 10.2.0.0/16, the third 10.3.0.0/16, and the corporate headquarters uses 10.0.0.0/16. You would like to summarize all branch and corporate networks into a single route at the corporate site. Which network address and subnet mask should you choose?
In CiscoWorks LAN Management Solution, what are some of the examples of a managed device (sometimes called network elements)? (Choose three.)
What is the benefit of using the Cisco Easy VPN Server feature along with the Cisco software VPN client for implementing remote-access VPNs?
The Cisco Easy VPN Server feature allows the Cisco software VPN client to receive its security policies from the central site VPN device. This minimizes the configuration requirements at the remote location for large remote access VPN deployments.
A Cisco Catalyst switch can belong to how many VTP domains?
A customer is deploying a wireless core feature set using autonomous access points and requires Layer 2 roaming. What is a requirement when deploying this solution?
one WDS per subnet
Which network management solution performs configuration, monitoring, and management of Cisco Firewall, VPN router, and IPS devices as well as maintains network device inventory and software distribution features?
CiscoWorks VMS/Management Center (VMS/MC)
Which item is a feature of Cisco Compatible Extensions, Version 3?
full WPAv2 compliance
Which of these statements regarding Cisco's WebVPN support is correct?
Cisco security appliances act as a proxy between the end user and the target web server.
Which two of these statements best describe the benefits of WPAv2? (Choose two.)
man-in-the-middle attack protection
dynamic key generation
Which Cisco security tool can best determine if a Cisco ISR router is properly secured?
Cisco SDM Security Audit
The Cisco Lifecycle Services approach is primarily applicable to which type of companies?
All companies, regardless of size
A customer needs approximately 15 to 20 wireless APs for RF coverage. Given that the customer is going to use the 1010 lightweight AP with the advanced feature set, what other product is required to complete this operational functionality?
After properly configuring multiple VLANs, an administrator has decided to secure its VLAN network. Which three steps are required to secure this environment? (Choose three.)
Enable root guard feature to prevent a directly or indirectly connected STP-capable device from affecting the location of the root bridge.
Configure VTP domains appropriately or turn off VTP altogether to limit or prevent possible undesirable protocol interaction with regards to the network-wide VLAN configuration.
Disable all unused ports and place them in an unused VLAN to avoid unauthorized access.
A customer has deployed a wireless core feature set using autonomous access points and now wants to include a satellite building 4,500 feet away from the main campus. The customer also wants to provide wireless access to a courtyard for wireless clients in close proximity to the antenna mounting position. Which Cisco Aironet product is the most applicable solution?
Cisco Aironet 1300 Series
What is the purpose of the Dynamic Configuration Tool?
to verify that hardware such as modules are compatible with your chassis
Which CiscoWorks component would most help you locate end-station connections at the access switch level quickly?
Which tools on Cisco.com could you use to plan for correct Cisco IOS images to support a customer's security design and requirements? (Choose two.)
Cisco Feature Navigator
Cisco IOS Package Planner
Which two of these statements best describe the benefits of the Cisco Compatible Extensions Program? (Choose two.)
accelerates the availability of innovative features while maintaining interoperability
provides an evolving set of specifications for interoperability
What is one reason you might recommend a solution using only autonomous access points to a customer?
The customer wants the option to migrate to LWAPP.
What is one benefit of the Cisco anti-X defense strategy?
malware, virus, and worm mitigation
What are three advantages of the Cisco Integrated Services Router product family? (Choose three.)
provides advanced security such as hardware encryption acceleration
contains integrated wireless access using the 802.11 g/b standard
contains integrated web-based management tools for easy configuration and maintenance
Which of these is a benefit of an integrated security management system?
It provides configuration, monitoring, and troubleshooting capabilities across a wide range of security products.
What is one thing you should be aware of when conducting a wireless site survey?
5 GHz equipment will not be able to penetrate through walls as well as 2.4 GHz equipment.
What are two important approaches to communicate when identifying a customer's security risks? (Choose two.)
Business strategy should directly relate to the security policy and budget.
Security should be a continuous process.
At which stage of the Cisco Lifecycle Services approach should customer education presentations occur?