642-542 - CSI Cisco SAFE Implementation Exam

Go back to Cisco

Example Questions

You are the administrator at Inc. and you are configuring the PIX Firewall. The ip verify reverse-path command implements which of the following on the PIX Firewall? (Choose two) Kathy the security administrator at Inc. is working on security solutions. Which is a component of Cisco security solutions? What type of management provides the highest level of security for devices? You are the administrator at Inc. and you working on shunning attacks to the network. When shunning, why should the shun length be kept short? The security team at Inc. is working on understanding attacks that happen in the network. What type of attack is characterized by exploitation of well-known weaknesses, use of ports that are allowed through a firewall, and can never be completely eliminated? In the SAFE SMR, if the remote users who do not want to establish VPN tunnel when connected to the Internet, they should use ____________ to mitigate against unauthorized access. Jason the security administrator at Inc is working on installing IDS in the network. Which signature actions can be selected on the IDS Sensor in the SAFE SMR medium network design? (Choose two) You are the administrator at Inc. and you are working on securing the network. How are password attacks mitigated in the SAFE SMR midsize network design corporate Internet module? When shunning, why should the shun length be kept short? no isakmp enable What is the use of the above command on a PIX Firewall? Which model is recommended for an IDSwith at least 100 Mbps performance? NO: 1 Which options can be chosen for TCP session reassembly on the IDS Sensor in the SAFE SMR medium network design? (Choose two) Which two are design alternatives in the SAFE SMR midsize network design corporate Internet module? (Choose two) Which of the dimensions of AVVID resilience themes represent the migration from the traditional place-centric enterprise structures to people-centric organizations? According to SAFE SMR, what type of VPN connectivity is typically used with the Cisco PIX Firewall? How are packet sniffers attacks mitigated in the SAFE SMR small network corporate Internet module? Which type of attack is usually implemented using packet sniffers? Which is true about the PIX Firewall in the remote site firewall option in the SAFE SMR remote user design environment? What is the primary function of the VPN Concentrator in the SAFE SMR midsize network design corporate Internet module? Which method will always compute the password if it is made up of the character set you selected to test? What is the function of SMTP inspection? For the first time you want to set up your IDS Appliance using IDM (IDS Device Manager): Choose the steps that you should take: Which threats are expected in the SAFE SMR remote user network environment? (Choose two) The security wheel starts with Secure. What are the initials of the other 3 steps? What is the most likely target during an attack? What can mitigate the chance of a department accessing confidential information on another department's server through the use of access control in the SAFE SMR midsize network design midsize network campus module? If you need to choose between using integrated functionality in a network device versus using a specialized function appliance, first and foremost you must make your decision based on: According to SAFE, small network design has how many modules? Following termination of the VPN tunnel, what action is performed on remote user traffic in the SAFE SMR midsize network design corporate Internet module? Which attack is executed by Java applets and ActiveX controls? The security team at Inc. is working on mitigating attacks to the network, Which threats are expected in the SAFE SMR remote user network environment? (Choose two) What type of attack typically exploits an intrinsic characteristic in the way your network operates? What is the function of a crypto map on a PIX Firewall? You are the security administrator at Inc. and you are working on installing IDS in the network. What IDS guidelines should be allowed according to SAFE SMR? What is IP logging, as defined for the Cisco IDS appliance? Why are all providers of Internet connectivity urged to implement the filtering described in RFC 2827? You are the administrator at Inc. and you need to checkout syslogs for information. How do you check syslog information to ensure that it has not been altered in transit? How are trust exploitation attacks mitigated in the SAFE SMR small network corporate Internet module? You are the administrator at Inc. and you are working on extranet VPNs. What service do extranet VPNs provide? Which command implements UnicastRPF IP spoofing protection? Which two Cisco components encompass secure management? (Choose two) IPSec tunnel mode can only be used when the datagrams are: What method helps mitigate the threat of IP spoofing? You are the administrator at Inc. working on managing security on the network. Which two Cisco components encompass secure management? (Choose two) This program does something undocumented which the programmer intended, but that the user would not approve of if he or she knew about it. Cisco SAFE Small, Midsize, and Remote-User Networks (SMR) recommends a personal firewall software in the software access option if? What version of the Cisco PIX Firewall is required to use the VPN accelerator card? What is the only way to effectively prevent the Man-in-the-middle attacks? The IPSec receiver (the one who receives the IPSec packets) can detect and reject replayed packets. The security team at Inc. is researching the SAFE SMR White papers. According to SAFE SMR, which Cisco router is best suited for a remote office?