642-542 - CSI Cisco SAFE Implementation Exam
Go back to
Cisco
Example Questions
You are the administrator at Inc. and you are configuring the PIX Firewall. The ip verify reverse-path command implements which of the following on the PIX Firewall? (Choose two)
The ip verify reverse-path command performs a route lookup based on the source address.
The ip verify reverse-path command provides ingress filtering.
Kathy the security administrator at Inc. is working on security solutions. Which is a component of Cisco security solutions?
Secure connectivity
What type of management provides the highest level of security for devices?
Out of band
You are the administrator at Inc. and you working on shunning attacks to the network. When shunning, why should the shun length be kept short?
You should keep it short to eliminate blocking traffic from a valid address that was spoofed previously.
The security team at Inc. is working on understanding attacks that happen in the network. What type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated?
Application layer
In the SAFE SMR, if the remote users who do not want to establish VPN tunnel when connected to the Internet, they should use ____________ to mitigate against unauthorized access.
Personal Firewall
Jason the security administrator at Inc is working on installing IDS in the network. Which signature actions can be selected on the IDS Sensor in the SAFE SMR medium network design? (Choose two)
Jason can select Block
Jason can select TCP reset
You are the administrator at Inc. and you are working on securing the network. How are password attacks mitigated in the SAFE SMR midsize network design corporate Internet module?
Mitigated by OS and IDS detection.
When shunning, why should the shun length be kept short?
To eliminate blocking traffic from a valid address that was spoofed previously.
no isakmp enable What is the use of the above command on a PIX Firewall?
This command disables ISAKMP which is enabled by default.
Which model is recommended for an IDSwith at least 100 Mbps performance?
4250
NO: 1 Which options can be chosen for TCP session reassembly on the IDS Sensor in the SAFE SMR medium network design? (Choose two)
No reassembly
Loose reassembly
Which two are design alternatives in the SAFE SMR midsize network design corporate Internet module? (Choose two)
Place a URL filtering server on the public services segment.
Eliminate the router between the firewall and the campus module.
Which of the dimensions of AVVID resilience themes represent the migration from the traditional place-centric enterprise structures to people-centric organizations?
Business Resilience
According to SAFE SMR, what type of VPN connectivity is typically used with the Cisco PIX Firewall?
Site-to-site
How are packet sniffers attacks mitigated in the SAFE SMR small network corporate Internet module?
Switched infrastructure and HIDS.
Which type of attack is usually implemented using packet sniffers?
Man-in-the-middle
Which is true about the PIX Firewall in the remote site firewall option in the SAFE SMR remote user design environment?
ISAKMP is enabled by default.
What is the primary function of the VPN Concentrator in the SAFE SMR midsize network design corporate Internet module?
Provide secure connectivity to the midsize network for remote users.
Which method will always compute the password if it is made up of the character set you selected to test?
Brute force computation
What is the function of SMTP inspection?
Monitors SMTP commands for illegal commands.
For the first time you want to set up your IDS Appliance using IDM (IDS Device Manager): Choose the steps that you should take:
Specify list of hosts authorized to managed appliance.
Communications Infrastructure.
Enter network setting.
Which threats are expected in the SAFE SMR remote user network environment? (Choose two)
Man in the middle attacks
Network reconnaissance
The security wheel starts with Secure. What are the initials of the other 3 steps?
MTI
What is the most likely target during an attack?
Host
What can mitigate the chance of a department accessing confidential information on another department's server through the use of access control in the SAFE SMR midsize network design midsize network campus module?
Layer 3 switch
If you need to choose between using integrated functionality in a network device versus using a specialized function appliance, first and foremost you must make your decision based on:
The capacity and functionality of the appliance.
According to SAFE, small network design has how many modules?
2
Following termination of the VPN tunnel, what action is performed on remote user traffic in the SAFE SMR midsize network design corporate Internet module?
Traffic is sent through a firewall.
Which attack is executed by Java applets and ActiveX controls?
Application layer
The security team at Inc. is working on mitigating attacks to the network, Which threats are expected in the SAFE SMR remote user network environment? (Choose two)
The expected threats are man-in-the-middle attacks
The expected threats are Network reconnaissance
What type of attack typically exploits an intrinsic characteristic in the way your network operates?
Network attacks
What is the function of a crypto map on a PIX Firewall?
To filter and classify the traffic to be protected.
You are the security administrator at Inc. and you are working on installing IDS in the network. What IDS guidelines should be allowed according to SAFE SMR?
An IDS guideline is to use shunning on only TCP traffic, as it is more difficult to spoof than UDP.
What is IP logging, as defined for the Cisco IDS appliance?
IDS captures packets from an attacking host.
Why are all providers of Internet connectivity urged to implement the filtering described in RFC 2827?
To prohibit attackers from using source addresses that reside within a range of legitimately advertised prefixes.
You are the administrator at Inc. and you need to checkout syslogs for information. How do you check syslog information to ensure that it has not been altered in transit?
Syslog has no checking to ensure that the packet contents have not been altered in transit.
How are trust exploitation attacks mitigated in the SAFE SMR small network corporate Internet module?
Restrictive trust model and private VLANs.
You are the administrator at Inc. and you are working on extranet VPNs. What service do extranet VPNs provide?
Extranet VPNs provide link network resources with third-party vendors and business partners.
Which command implements UnicastRPF IP spoofing protection?
ip verify reverse-path interface
Which two Cisco components encompass secure management? (Choose two)
CiscoWorks
Web Device Managers
IPSec tunnel mode can only be used when the datagrams are:
Sourced from and destined to non-IPSec systems.
What method helps mitigate the threat of IP spoofing?
Access control
You are the administrator at Inc. working on managing security on the network. Which two Cisco components encompass secure management? (Choose two)
CiscoWorks
Web Device Managers
This program does something undocumented which the programmer intended, but that the user would not approve of if he or she knew about it.
What is a Trojan Horse.
Cisco SAFE Small, Midsize, and Remote-User Networks (SMR) recommends a personal firewall software in the software access option if?
The user does not establish a VPN tunnel.
What version of the Cisco PIX Firewall is required to use the VPN accelerator card?
Version 5.3 or higher.
What is the only way to effectively prevent the Man-in-the-middle attacks?
Encryption
The IPSec receiver (the one who receives the IPSec packets) can detect and reject replayed packets.
True
The security team at Inc. is researching the SAFE SMR White papers. According to SAFE SMR, which Cisco router is best suited for a remote office?
Cisco router 1700 series