Free 642-504 download :cisco CCSP Securing Networks with Cisco Routers and Switches exam
Certification Provider: cisco
Exam Name: 642-504 – Securing Networks with Cisco Routers and Switches
Related Certifications: CCSP
Language: English
Latest update:2010-05-01
Free 642-504 PDF Demo
Download Demo of cisco 642-504 PDF exam for free (in PDF format ) before you decide to purchase it. Thus,you can know better about the quality of our practice exam and then make your right decision.
Free Download:Free 642-504 PDF
642-504 QUESTIONS ANSWERS WITH EXPLANATIONS
Interactive Testing Engine
PREPARATION LABS:20 labs
Duration: 270 Questions
cheap Price : 69.99
Guaranteed pass of CCSP 642-504 exam
What does PassGuide have for you to offer, for cisco 642-504 ?
Practically everything that you will ever need cisco 642-504 is indeed a highly qualified examination, and adequate preparation has to be made too in order to pass the exam. Vigilant exams practice is needed before a professional is qualified to appear in the certification exams. Only with heavy preparation and proper cisco guide certification exams can be attempted and passed.
Choose the CCSP 642-504 program that’s right for you.
you can feel safe with our question and answers that will help you in obtaining your successful completion of your 642-504 exam.
Investing in CCSP certification will help you to head for success
cisco 642-504 SEARCH HELP
Feel free to use search terms below while searching the Net for 642-504 Securing Networks with Cisco Routers and Switches exam:
cisco 642-504 sample questions
cisco 642-504 test answers
cisco 642-504 practice questions
cisco 642-504 vce download
cisco 642-504 discount code
cisco 642-504 guaranteed pass
PassGuide 642-504 exam like testking 642-504 exam pass4sure 642-504 exam transcender 642-504 exam Testinside 642-504 exam and it downlaods from the test center.If you will take 642-504 exam,I suggest you choose PassGuide 642-504.We guarantee that you can pass 642-504 exam at your first try.
Free Download:PassGuide 642-504
IT Certification and Career Paths
642-504 SNRS
Securing Networks with Cisco Routers and Switches
Exam Number: 642-504
Associated Certifications: Cisco Certified Security Professional (CCSP)
Duration: 90 minutes (55 -65 questions)
Available Languages: English and Japanese
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Exam Description Exam Topics Recommended Training Additional Resources
Exam Description
The Securing Networks with Cisco Routers and Switches exam (SNRS 642-504) is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNRS course. This exam includes simulations and tests a candidate’s knowledge and ability to secure networks using Cisco routers and switches.
Exam Topics
The following topics are general guidelines for the content likely to be included on the Remote Access exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Implement Cisco Layer 2 security
Utilize Cisco IOS commands to mitigate Layer 2 attacks
Implement Cisco Identity-Based Networking Services on Cisco Catalyst Switches
Implement Identity Management using ACS as the Authentication Server
Configure Cisco IOS Firewalls to mitigate network threats
Identify and describe the advanced capabilities of the IOS firewall feature set
Configure Classic IOS Firewall (CBAC) and NAT to dynamically mitigate identified threats to the network
Verify Classic IOS Firewall (CBAC) configuration and operation
Configure IOS Zone-Based Firewalls including advanced application inspections and URL filtering
Verify Zone-Based Firewall operations
Configure Cisco IOS-IPS to identify and mitigate threats to network resources
Identify and describe the advanced capabilities of the Cisco IOS-IPS feature set including Signature Event Action Processing
Configure Cisco IOS-IPS features to identify threats and dynamically block them from entering the network
Verify Cisco IOS-IPS operations
Maintain, update and tune Cisco IOS-IPS signatures
Configure Cisco VPNs to provide secure connectivity for site-to-site and remote access communications
Describe IPsec features and functionality
Describe GRE/IPsec features and functionality
Configure secure connectivity for site-to-site VPN using certificate authorities
Describe DMVPN features and functionality
Configure secure connectivity for site-to-site VPN using DMVPN
Verify secure site-to-site VPN operations
Implement IOS SSL VPN
Configure Cisco IOS Easy VPN Server with Dynamic Virtual Tunnel Interface (DVTI)
Configure Cisco IOS Easy VPN remote using both router and VPN software clients
Verify Cisco IOS Easy VPN implementations
Implement IOS GET VPN operations
Describe High Availability IPsec VPNs
Implement Network Foundation Protection using the CLI
Describe NFP features and functionality
Secure the management plane using Cisco IOS security features
Secure the data plane using Cisco IOS security features
Secure the control plane using Cisco IOS security features
CISCO 642-504
Securing Networks with Cisco Routers and Switches
Q&A Demo
www.PassGuide.com
(C) Copyright 2006-2009 CertBible Tech LTD,All Rights Reserved.
Important Note
Please Read Carefully
Study Tips
This product will provide you questions and answers carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions.
Go through the entire document at least twice so that you make sure that you are not
missing anything.
Latest Version
We are constantly reviewing our products. New material is added and old material is
revised. Free updates are available for 120 days after the purchase. You should check your
member zone at PassGuide an update 3-4 days before the scheduled exam date.
Feedback
If you spot a possible improvement then please let us know. We always interested in
improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.
Be Prepared. Be Confident. Get Certified.
————————————————————————————————————————-
Sales and Support Manager
Sales Team: sales@passguide.com Support Team: support@passguide.com
———————————————————————————————————————
Copyright
Each pdf file contains a unique serial number associated with your particular name and
contact information for security purposes. So if we find out that a particular pdf file is
being distributed by you, CertBible reserves the right to take legal action against you
according to the International Copyright Laws.
Question:1
Which two are technologies that secure the control plane of the Cisco router? (Choose two.)
A. Cisco IOS Flexible Packet Matching
B. uRPF
C. routing protocol authentication
D. CPPr
E. BPDU protection
F. role-based access control
Answer: CD
Question:2
What are the two category types associated with 5.x signature use in Cisco IOS IPS? (Choose two.)
A. basic
B. advanced
C. 128MB.sdf
D. 256MB.sdf
E. attack-drop
F. built-in
Answer: AB
Question:3
Refer to the exhibit.
Which optional AAA or RADIUS configuration command is used to support 802.1X guest VLAN functionality?
A. aaa authentication dot1x default group radius
B. aaa authorization network default group radius
C. aaa accounting dot1x default start-stop group radius
D. aaa accounting system default start-stop group radius
E. radius-server host 10.1.1.1 auth-port 1812 acct-port 1813
Answer: B
Question:4
Which is an advantage of implementing the Cisco IOS Firewall feature?
A. provides self-contained end-user authentication capabilities
B. integrates multiprotocol routing with security policy enforcement
C. acts primarily as a dedicated firewall device
D. is easily deployed and managed by the Cisco Adaptive Security Device Manager
E. provides data leakage protection capabilities
Answer: B
Question:5
Which three statements correctly describe the GET VPN policy management? (Choose three.)
A. A central policy is defined at the ACS (AAA) server.
B. A local policy is defined on each group member.
C. A global policy is defined on the key server, and it is distributed to the group members.
D. The key server and group member policy must match.
E. The group member appends the global policy to its local policy.
Answer: BCE
Question:6
The CPU and Memory Threshold Notifications of the Network Foundation Protection feature protects which router plane?
A. control plane
B. management plane
C. data plane
D. network plane
Answer: B
Question:7
In DMVPN, the NHRP process allows which requirement to be met?
A. dynamic physical interface IP address at the spoke routers
B. high-availability DMVPN designs
C. dynamic spoke-to-spoke on-demand tunnels
D. dynamic routing over the DMVPN E. dual DMVPN hub designs
Answer: A
Question:8
Which is correct regarding the Management Plane Protection feature?
A. By default, Management Plane Protection is enabled on all interfaces.
B. Management Plane Protection provides for a default management interface.
C. Only SSH and SNMP management will be allowed on nondesignated management interfaces.
D. All incoming packets through the management interface are dropped except for those from the allowed management protocols.
Answer: D
Question:9
What are the two enrollment options when using the SDM Certificate Enrollment wizard? (Choose two.)
A. SCEP
B. LDAP
C. OCSP
D. Cut-and-Paste/Import from PC
Answer: AD
Question:10
Refer to the exhibit.
Which two configuration commands are used to apply an inspect policy map for traffic traversing from the E0 or 1 interface to the S3 interface? (Choose two.)
A. zone-pair security test source Z1 destination Z2
B. interface E0
C. policy-map myfwpolicy class class-default inspect
D. ip inspect myfwpolicy out
E. ip inspect myfwpolicy in
F. service-policy type inspect myfwpolicy
Answer: AF