Adobe certification Adobe
Apple certification Apple
Avaya certification Avaya
BlackBerry certification BlackBerry
Checkpoint certification Checkpoint
Cisco certification Cisco
Citrix certification Citrix
CIW certification CIW
COGNOS certification COGNOS
CompTIA certification CompTIA
CWNP certification CWNP
ECCouncil certification ECCouncil
EMC certification EMC
Exam Express certification Exam Express
Exin certification Exin
F5 Networks certification F5 Networks
HP certification HP
IBM certification IBM
ISC certification ISC
ISEB certification ISEB
Juniper certification Juniper
Lotus certification Lotus
LPI certification LPI
Microsoft certification Microsoft
Nortel certification Nortel
Oracle certification Oracle
PMI certification PMI
RedHat certification RedHat
Sun certification Sun
Sybase certification Sybase
Symantec certification Symantec
Tibco certification Tibco
VMware certification VMware
All Exams

Cisco 642-502 Exam - Testking

Free 642-502 Sample Questions:

1.What are the two functions that crypto ACLs perform on outbound traffic? Choose two.
A.byXXYYinc.comes outbound traffic that should be protected by IPSec B.selects inbound traffic that should be protected by IPSec C.selects outbound traffic that should be protected by IPSec
D.sends outbound traffic that should not be protected by IPSec as clear text
E.discards outbound traffic that should not be protected by IPSec F.discards outbound traffic that requires protection by IPSec Answer: C, D

2.Select the maximum number of routers SDM can manage simultaneously?
A.1
B.5
C.50
D.100
E.1000
F.determined by router model
Answer: A

3.Which three thresholds does CBAC on the Cisco IOS Firewall provide against DoS attacks? Choose three.
A.number of half­open sessions based upon time
B.total number of half­open TCP or UDP sessions
C.number of fully open sessions based upon time
D.number of half­open TCP­only sessions per host
E.total number of fully open TCP or UDP sessions
F.number of fully open TCP­only sessions per host
Answer: A, B, D

4.Refer to the LAN Wizard screen in the exhibit. How many bits would you input to configure this host for a subnet consisting of two hosts on subnet 172.26.26.0?

A.3
B.4
C.24
D.30
E.128
F.255
Answer: D

5.Refer to the Cisco Router and Security Device Manager page in the exhibit. What would be the result of clicking the "Launch the selected task" button in the VPN configuration screen?

A.to start the GRE site­to­site VPN connection configuration
B.to edit the site­to­site VPN connection
C.to start the security audit
D.to start the Easy VPN Server configuration
E.to start the default site­to­site VPN connection configuration
F.to start the Easy VPN Remote configuration
Answer: E

6.Where are access profiles stored with the authentication proxy features of the Cisco IOS Firewall?
A.PIX Firewall
B.Cisco router
C.Cisco VPN Concentrator
D.Cisco Secure ACS authentication server
Answer: D

7.Choose the correct command to allow IKE to establish the IPSec security associations.
A.crypto map 10 isakmp
B.crypto map 10 manual
C.crypto map MYMAP ipsec­isakmp
D.crypto map MYMAP ipsec­manual
E.crypto map MYMAP 10 ipsec­isakmp
F.crypto map MYMAP 10 ipsec­manual
Answer: E

8.Choose the correct command to generate two RSA key pairs for use with certificate authority.
A.key generate rsa general­keys
B.key generate rsa usage­keys
C.crypto key generate rsa general­keys
D.crypto key generate rsa usage­keys
E.enable crypto key generate rsa general­keys
F.enable crypto key generate rsa usage­keys
Answer: D

9.Which command is required to specify the authorization protocol for authentication proxy?
A.auth­proxy group tacacs+
B.aaa auth­proxy default group tacacs+
C.authorization auth­proxy default group tacacs+
D.aaa authorization auth­proxy default group tacacs+
E.aaa authorization auth­proxy group tacacs+
F.aaa authorization auth­proxy default group
Answer: D

10.Which Cisco Catalyst IOS command can be used to mitigate a CAM table overflow attack?
A.switch(config­if)# port­security maximum 1
B.switch(config)# switchport port­security
C.switch(config­if)# port­security
D.switch(config­if)# switchport port­security maximum 1
E.switch(config­if)# switchport access
F.switch(config­if)# access maximum 1
Answer: D

11.An authentication attempt to a Cisco Secure ACS for Windows server failed, yet no log entries are in the reports. What are two possible causes of this problem? (Choose two.)
A.user is not defined
B.user belongs to the wrong group
C.CSAUTH service is down on the Cisco Secure ACS server
D.XXYYinc.comword has expired
E.user entered an incorrect password
F.communication path between the NAS and Cisco Secure ACS server is down
Answer: C, F

12.What are three main components of the Cisco IOS Firewall feature set? (Choose three.)
A.Context­based Access Control
B.port security
C.authentication proxy
D.authentication, authorization, and accounting
E.Intrusion Prevention System
F.neighbor router authentication
Answer: A, C, E

13.The SDF uses which type of file format, with a definition of each signature along with relevant configurable actions?
A.ASCII
B.HTML
C.JPEG
D.Word
E.text
F.XML
Answer: F

14.Which two are typical Layer 2 attacks? (Choose two.)
A.MAC spoofing
B.CAM table overflow
C.route poisoning
D.DHCP Starvation
E.ARP Starvation
F.spam
Answer: A, B

15.What kind of signatures trigger on a single packet? (Choose one.)
A.regenerative
B.cyclical
C.atomic
D.dynamic
E.compound
Answer: C

16.What does authentication proxy on the Cisco IOS Firewall do?
A.creates specific authorization policies for each user with Cisco Secure ACS, dynamic, per­user security and authorization
B.provides additional visibility at intranet, extranet, and Internet perimeters
C.creates specific security policies for each user with Cisco Secure ACS, dynamic, per­user
authentication and authorization
D.provides secure, per­application access control across network perimeters
Answer: C

17.Select the two protocols used to provide secure communications between SDM and the target router. (Choose two.)
A.HTTPS
B.RCP
C.Telnet
D.SSH
E.HTTP
F.AES
Answer: A, D

18.Which one of the following actions is used to send SDM generated commands to the target router?
A.Refresh
B.Save
C.Deliver
D.Download
E.Copy­config
Answer: C