642-825 - ISCW - Implementing Secure Converged Wide Area Networks

Go back to Cisco

Example Questions

What are two steps that must be taken when mitigating a worm attack? (Choose two.) Which two statements are true about the configuration of the Cisco IOS Firewall using the SDM? (Choose two.) What is an MPLS forwarding equivalence class? Select the best response. If you disable Cisco Express Forwarding on a P router in an MPLS network, what will the router do? Select the best response. This item contains several questions that you must answer. You can view these questions by clicking on the Questions button to the left. Changing questions can be accomplished by clicking the numbers to the left of each question. In order to complete the questions, you will need to refer to the SDM and the topolgy, neither of which is currently visible. To gain access to either the topology or the SDM, click on the button to left side of the screen that corresponds to the section you wish to access. When you have finished viewing the topolgy or the SDM, you can return to your questions by clicking on the Questions button to the left. Off Shore Industries is a large worldwide sailing charter. The company has recently upgraded its Internet connectivity. As a recent addition to the network engineering team, you have been tasked with documenting the active Firewall configurations on the Annapolis router using the Cisco Router and Security Device Manager (SDM) utility. Using the SDM output from Firewall and ACL Tasks under the Configure tab, answer the following questions: Which two statements would specify a permissible incoming TCP packet on a trusted interface in this configuration? (Choose two.) Which statement is true about the SDM Basic Firewall wizard? A router interface is configured with an inbound access control list and an inspection rule. How will an inbound packet on this interface be processed? Select the best response. Which two statements are true about signatures in a Cisco IOS IPS? (Choose two.) Which two statements are true about the Cisco Classic (CBAC) IOS Firewall set? (Choose two.) Select 2 response(s). Which two statements are true about broadband cable (HFC) systems? (Choose two.) Which statement describes the Authentication Proxy feature? Select the best response. Which two statements are true about the Cisco lOS Firewall set? (Choose two.) Which two devices serve as the main endpoint components in a DSL data service network? (Choose two.) What is one benefit of AutoSecure? When configuring backup IPsec VPNs with Cisco IOS Release 12.2(8)T or later, what are the default parameters? Which IPsec mode will encrypt a GRE tunnel to provide multiprotocol support and reduced overhead? Which two of following belong to reconnaissance attacks? (Choose two.) Which two statements about the AutoSecure feature are true? (Choose two.) To implement Easy VPN Remote capabilities, which requirement must be met? Which action can be taken by Cisco IOS IPS when a packet matches a signature pattern? Select the best response. Which Cisco SDM feature expedites the deployment of the default IPS settings and provides configuration steps for interface and traffic flow selection, SDF location, and signature deployment? Select the best response. What are two possible actions an IOS IPS can take if a packet in a session matches a signature? (Choose two.) Select 2 response(s). Which three DSL technologies support an analog POTS channel and utilize the entire bandwidth of the copper to carry data? (Choose three.) Which two actions will take place when One-Step Lockdown is implemented? (Choose two.) Which three methods are of network reconnaissance? (Choose three.) Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site VPNs? (Choose three.) Select 3 response(s). With MPLS, what is the function of the protocol ID (PID) in a Layer 2 header? What is a reason for implementing MPLS in a network? Select the best response. In an MPLS VPN implementation, how are overlapping customer prefixes propagated? Select the best response. This item contains several questions that you must answer. You can view these questions by clicking on the Questions button to the left. Changing questions can be accomplished by clicking the numbers to the left of each question. In order to complete the questions, you will need to refer to the SDM and the topolgy, neither of which is currently visible. To gain access to either the topology or the SDM, click on the button to left side of the screen that corresponds to the section you wish to access. When you have finished viewing the topolgy or the SDM, you can return to your questions by clicking on the Questions button to the left. Off Shore Industries is a large worldwide sailing charter. The company has recently upgraded its Internet connectivity. As a recent addition to the network engineering team, you have been tasked with documenting the active Firewall configurations on the Annapolis router using the Cisco Router and Security Device Manager (SDM) utility. Using the SDM output from Firewall and ACL Tasks under the Configure tab, answer the following questions: Which statement is true? Which statement is correct about Security Device Event Exchange (SDEE) messages? Which two statements about Cisco Easy VPN are true? (Choose two.) When configuring the Cisco VPN Client, what action is required prior to installing Mutual Group Authentication? Which two statements about an IDS are true? (Choose two.) What is a reason for implementing MPLS in a network? What are the four steps that occur with an IPsec VPN setup? Which three of these are required before you can configure your routers for SSH server operations? (Choose three.) Select 3 response(s). Which IOS command will display IPS default values that may not be displayed using the show running-config command? Select the best response. Which three descriptions are correct about frame-mode MPLS? (Choose three.) Which approach for identifying malicious traffic involves looking for a fixed sequence of bytes in a single packet or in predefined content? Select the best response. Which two mechanisms can be used to detect IPsec GRE tunnel failures? (Choose two). How can virus and Trojan horse attacks be mitigated? What is required when configuring IOS Firewall using the CLI? What is meant by the attack classification of "false positive" on a Cisco IPS device? What should a security administrator who uses SDM consider when configuring the firewall on an interface that is used in a VPN connection? Which two features can be implemented using the Cisco SDM Advanced Firewall wizard? (Choose two.) Select 2 response(s). What is required when configuring IOS Firewall using the CLI? Select the best response. What phrase best describes a Handler in a distributed denial of service (DDoS) attack? What are two possible actions Cisco IOS IPS can take if a packet in a session matches a signature? (Choose two.) Select 2 response(s). Which statement about an IPS is true? Select the best response.

Study Guides