Free 642-825 download :cisco CCNP Implementing Secure Converged Wide Area Networks exam
Certification Provider: cisco
Exam Name: 642-825 – Implementing Secure Converged Wide Area Networks
Related Certifications: CCNP
Language: English
Latest update:2010-05-01
Free 642-825 PDF Demo
Download Demo of cisco 642-825 PDF exam for free (in PDF format ) before you decide to purchase it. Thus,you can know better about the quality of our practice exam and then make your right decision.
Free Download:Free 642-825 PDF
642-825 QUESTIONS ANSWERS WITH EXPLANATIONS
Interactive Testing Engine
PREPARATION LABS:20 labs
Duration: 270 Questions
cheap Price : 69.99
Guaranteed pass of CCNP 642-825 exam
What does PassGuide have for you to offer, for cisco 642-825 ?
Practically everything that you will ever need cisco 642-825 is indeed a highly qualified examination, and adequate preparation has to be made too in order to pass the exam. Vigilant exams practice is needed before a professional is qualified to appear in the certification exams. Only with heavy preparation and proper cisco guide certification exams can be attempted and passed.
Choose the CCNP 642-825 program that’s right for you.
you can feel safe with our question and answers that will help you in obtaining your successful completion of your 642-825 exam.
Investing in CCNP certification will help you to head for success
cisco 642-825 SEARCH HELP
Feel free to use search terms below while searching the Net for 642-825 Implementing Secure Converged Wide Area Networks exam:
cisco 642-825 sample questions
cisco 642-825 test answers
cisco 642-825 practice questions
cisco 642-825 vce download
cisco 642-825 discount code
cisco 642-825 guaranteed pass
PassGuide 642-825 exam like testking 642-825 exam pass4sure 642-825 exam transcender 642-825 exam Testinside 642-825 exam and it downlaods from the test center.If you will take 642-825 exam,I suggest you choose PassGuide 642-825.We guarantee that you can pass 642-825 exam at your first try.
Free Download:PassGuide 642-825
IT Certification and Career Paths
642-825 ISCW
Implementing Secure Converged Wide Area Networks
Exam Number: 642-825
Associated Certifications: CCNP
Duration: 90 minutes (50-60 questions)
Available Languages: English, Japanese
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Exam Description Exam Topics Recommended Training Additional Resources
Exam Description
The Implementing Secure Converged Wide Area Networks (ISCW 642-825) is a qualifying exam for the Cisco Certified Network Professional CCNP®. The ISCW 642-825 exam will certify that the successful candidate has important knowledge and skills necessary to secure and expand the reach of an enterprise network to teleworkers and remote sites with focus on securing remote access and VPN client configuration. The exam covers topics on Cisco hierarchical network model as it pertains to the WAN, teleworker configuration and access, frame mode MPLS, site-to-site IPSEC VPN, Cisco EZVPN, strategies used to mitigate network attacks, Cisco device hardening and IOS firewall features.
Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Implement basic teleworker services.
Describe Cable (HFC) technologies.
Describe xDSL technologies.
Configure ADSL (i.e., PPPoE or PPPoA).
Verify basic teleworker configurations.
Implement Frame-Mode MPLS.
Describe the components and operation of Frame-Mode MPLS (e.g., packet-based MPLS VPNs).
Configure and verify Frame-Mode MPLS.
Implement a site-to-site IPSec VPN
Describe the components and operations of IPSec VPNs and GRE Tunnels.
Configure a site-to-site IPSec VPN/GRE Tunnel with SDM (i.e., preshared key).
Verify IPSec/GRE Tunnel configurations (i.e., IOS CLI configurations).
Describe, configure, and verify VPN backup interfaces.
Describe and configure Cisco Easy VPN solutions using SDM.
Describe network security strategies.
Describe and mitigate common network attacks (i.e., Reconnaissance, Access, and Denial of Service).
Describe and mitigate Worm, Virus, and Trojan Horse attacks.
Describe and mitigate application-layer attacks (e.g., management protocols).
Implement Cisco Device Hardening
Describe, Configure, and verify AutoSecure/One-Step Lockdown implementations (i.e., CLI and SDM).
Describe, configure, and verify AAA for Cisco Routers.
Describe and configure threat and attack mitigation using ACLs.
Describe and configure IOS secure management features (e.g., SSH, SNMP, SYSLOG, NTP, Role-Based CLI, etc.)
Implement Cisco IOS firewall.
Describe the functions and operations of Cisco IOS Firewall (e.g., Stateful Firewall, CBAC, etc.).
Configure Cisco IOS Firewall with SDM.
Verify Cisco IOS Firewall configurations (i.e., IOS CLI configurations, SDM Monitor).
Describe and configure Cisco IOS IPS.
Describe the functions and operations of IDS and IPS systems (e.g., IDS/IPS signatures, IPS Alarms, etc.)
Configure Cisco IOS IPS using SDM.
Cisco 642-825
Implementing Secure Converged Wide Area Networks Certification
Q&A Demo
www.PassGuide.com
(C) Copyright 2006-2009 CertBible Tech LTD,All Rights Reserved.
Important Note
Please Read Carefully
Study Tips
This product will provide you questions and answers carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions.
Go through the entire document at least twice so that you make sure that you are not
missing anything.
Latest Version
We are constantly reviewing our products. New material is added and old material is
revised. Free updates are available for 120 days after the purchase. You should check your
member zone at PassGuide an update 3-4 days before the scheduled exam date.
Feedback
If you spot a possible improvement then please let us know. We always interested in
improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.
Be Prepared. Be Confident. Get Certified.
————————————————————————————————————————-
Sales and Support Manager
Sales Team: sales@passguide.com Support Team: support@passguide.com
———————————————————————————————————————
Copyright
Each pdf file contains a unique serial number associated with your particular name and
contact information for security purposes. So if we find out that a particular pdf file is
being distributed by you, CertBible reserves the right to take legal action against you
according to the International Copyright Laws.
Question:1
Which two statements about common network attacks are true? (Choose two.)
Select 2 response(s).
A. Access attacks can consist of password attacks, trust exploitation, port redirection, and maninthemiddle attacks.
B. Access attacks can consist of password attacks, ping sweeps, port scans, and maninthemiddle attacks.
C. Access attacks can consist of packet sniffers, ping sweeps, port scans, and maninthemiddle attacks.
D. Reconnaissance attacks can consist of password attacks, trust exploitation, port redirection and
Internet information queries.
E. Reconnaissance attacks can consist of packet sniffers, port scans, ping sweeps, and Internet information queries.
F. Reconnaissance attacks can consist of ping sweeps, port scans, maninmiddle attacks and Internet information queries.
Answer: AE
Question:2
Which two statements about the Cisco AutoSecure feature are true? (Choose two.) Select 2 response(s).
A. All passwords entered during the AutoSecure configuration must be a minimum of 8 characters in length.
B. Cisco123 would be a valid password for both the enable password and the enable secret commands.
C. The auto secure command can be used to secure the router login as well as the NTP and SSH protocols.
D. For an interactive full session of AutoSecure, the auto secure login command should be used.
E. If the SSH server was configured, the 1024 bit RSA keys are generated after the auto secure command is enabled.
Answer: CE
Question:3
Which three statements are correct about MPLSbased VPNs? (Choose three.) Select 3 response(s).
A. Route Targets (RTs) are attributes attached to a VPNv4 BGP route to indicate its VPN membership.
B. Scalability becomes challenging for a very large, fully meshed deployment. C. Authentication is done using a digital certificate or preshared key.
D. A VPN client is required for clientinitiated deployments
E. A VPN client is not required for users to interact with the network.
F. An MPLSbased VPN is highly scalable because no sitetosite peering is required.
Answer: AEF
Question:4
Which two statements are true about broadband cable (HFC) systems? (Choose two.) Select 2 response(s).
A. Cable modems only operate at Layer 1 of the OSI model.
B. Cable modems operate at Layers 1 and 2 of the OSI model.
C. Cable modems operate at Layers 1, 2, and 3 of the OSI model.
D. A function of the cable modem termination system (CMTS) is to convert the modulated signal from the cable modem into a digital signal.
E. A function of the cable modem termination system is to convert the digital data stream from the end
user host into a modulated RF signal for transmission onto the cable system.
Answer: BD
Question:5
Which form of DSL technology is typically used as a replacement for T1 lines? Select the best response.
A. VDSL
B. HDSL
C. ADSL
D. SDSL
E. G.SHDSL
F. IDSL
Answer: B
Question:6
Refer to the exhibit. Which two statements about the AAA configuration are true? (Choose two.) Select 2 response(s).
A. A good security practice is to have the none parameter configured as the final method used to ensure that no other authentication method will be used.
B. If a TACACS+ server is not available, then a user connecting via the console port would not be able to
gain access since no other authentication method has been defined.
C. If a TACACS+ server is not available, then the user Bob could be able to enter privileged mode as long
as the proper enable password is entered.
D. The aaa newmodel command forces the router to override every other authentication method
previously configured for the router lines.
E. To increase security, group radius should be used instead of group tacacs+.
F. Two authentication options are prescribed by the displayed aaa authentication command.
Answer: DF
Question:7
Which two Network Time Protocol (NTP) statements are true? (Choose two.) Select 2 response(s).
A. A stratum 0 time server is required for NTP operation.
B. NTP is enabled on all interfaces by default, and all interfaces receive NTP packets. C. NTP operates on IP networks using User Datagram Protocol (UDP) port 123.
D. The ntp server global configuration is used to configure the NTP master clock to which other peers synchronize themselves.
E. The show ntp status command displays detailed association information of all NTP peers.
F. Whenever possible, configure NTP version 5 because it automatically provides authentication and encryption services.
Answer: BC
Question:8
What are the two main features of Cisco IOS Firewall? (Choose two.) Select 2 response(s).
A. TACACS+
B. AAA
C. Cisco Secure Access Control Server
D. Intrusion Prevention System
E. Authentication Proxy
Answer: DE
Question:9
What are three objectives that the no ip inspect command achieves? (Choose three.) Select 3 response(s).
A. removes the entire CBAC configuration
B. removes all associated static ACLs
C. turns off the automatic audit feature in SDM
D. denies HTTP and Java applets to the inside interface but permits this traffic to the DMZ
E. resets all global timeouts and thresholds to the defaults
F. deletes all existing sessions
Answer: AEF
Question:10
Which three MPLS statements are true? (Choose three.) Select 3 response(s).
A. Cisco Express Forwarding (CEF) must be enabled as a prerequisite to running MPLS on a Cisco router.
B. Framemode MPLS inserts a 32bit label between the Layer 3 and Layer 4 headers.
C. MPLS is designed for use with framebased Layer 2 encapsulation protocols such as Frame Relay, but
is not supported by ATM because of ATM fixedlength cells.
D. OSPF, EIGRP, ISIS, RIP, and BGP can be used in the control plane.
E. The control plane is responsible for forwarding packets.
F. The two major components of MPLS include the control plane and the data plane.
Answer: ADF