examsoon 642-542 exam dumps.pdf

About Global Documents

Global Documents provides you with documents from around the globe on a variety of topics for your enjoyment.
Global Documents utilizes edocr for all its document needs due to edocr's wonderful content features. Thousands of professionals and businesses around the globe publish marketing, sales, operations, customer service and financial documents making it easier for prospects and customers to find content.
Exam Answer Cisco CCSP Cisco SAFE Implementation SAFE Implementation Exam secure network SAFE SMR Exam Questions
642-542 CCSP Braindump 
ExamSoon 642-542 Exams
Cisco Cisco SAFE Implementation Exam
 
O rder : 642-542 Exam
Practice Exam: 642-542
Exam Number/Code: 642-542
Exam Name: Cisco SAFE Implementation Exam
Questions and Answers: 224 Q&As 
Free 642-542 Braindumps
  
  
Exam : Cisco 642-542
Title : Cisco SAFE Implementation Exam
1. Which IDS guidelines should be followed, according to SAFE SMR?
A. use TCP shunning as opposed to TCP resets
B. use shunning no longer than 15 minutes
C. use shunning on only UDP traffic, as it is more difficult to spoof than TCP
D. use shunning on only TCP traffic, as it is more difficult to spoof than UDP
Answer: D
2. Which model is recommended for an IDS with at least 100 Mbps performance?
A. 4210
B. 4220
C. 4250
D. 4260
Answer: C
3. What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. brute force password
C. IP spoofing
D. unauthorized access
Answer: D
4. If split tunneling is disabled, how do remote users access the Internet when they have a VPN tunnel established in 
the software access option in the SAFE SMR remote user design environment?
A. access to the Internet is not allowed
B. the user must disable the VPN tunnel to access the Internet
C. access to the Internet is provided via the corporate connection
D. access to the Internet is provided via the ISP connection
Answer: C
5. When using PC-based IP phones, which threat is expected between data and voice segments if not protected by a 
stateful firewall?
 
 

 
  
 
A. TCP flood DoS attack
B. IP spoofing attack
C. UDP flood DoS attack
D. application layer attack
Answer: C
6. Which techniques does SAFE recommend to mitigate MAC spoofing attacks? (Select two.)
A. Use port security.
B. Implement IP Source Guard feature.
C. Set all user ports to nontrunking mode.
D. Implement BPDU guard enhancement command.
E. Implement authentication for DHCP messages.
F. Use DHCP snooping along with DAI.
Answer: AF
7. What are the radio frequency bands used by IEEE 802.11 standards? Choose two.
A. 2.8 MHz
B. 2.4 GHz
C. 2.2 MHz
D. 5 GHz
E. 900 GHz
F. 900 MHz
Answer: BD
8. What does CBAC dynamically create and delete?
A. TCP sessions
B. crypto maps
C. access control lists
D. security control lists
Answer: C
9. How are packet sniffer attacks mitigated in the SAFE SMR small network corporate Internet module?
A. RFC 2827 and 1918 filtering at ISP edge and local firewall
B. switched infrastructure and HIDS
C. protocol filtering
D. restrictive trust model and private VLANs
E. restrictive filtering and HIDS
Answer: B
10. The VPN acceleration module (VAM) is available on what series of VPN optimized routers? Choose two.
A. 1700 Series
B. 2600 Series
C. 3600 Series
D. 7100 Series
E. 7200 Series
Answer: DE
11. What are three steps of the Security Wheel? Choose three.
A. improve
B. log
C. maintain
D. test
E. secure
F. report
Answer: ADE
 

 
 
12. How does Java applet filtering distinguish between trusted and untrusted applets?
A. examines the applet for suspicious code
B. relies on a list of applets that you designate as hostile
C. relies on a list of applets that you designate as friendly
D. relies on a list of external sites that you designate as friendly
Answer: D
13. What are the three modules in the SAFE SMR midsize network design? Choose three.
A. frame/ATM module
B. campus module
C. ISP edge module
D. corporate Internet module
E. WAN module
F. PSTN module
Answer: BDE
14. Which are key devices in the SAFE SMR remote user network? Choose three.
A. Layer 2 switch
B. router with firewall and VPN support
C. Layer 3 switch
D. firewall with VPN support
E. NIDS
F. personal firewall software
Answer: BDF
15. What is the function of a crypto map on a PIX Firewall?
A. to define the policy that will be applied to the traffic
B. to specify which algorithms will be used with the selected security protocol
C. to configure a pre-shared authentication key and associate the key with an IPSec peer address or host name 
D. to map transforms to transform sets
Answer: A
16. Which command implements Unicast RPF IP spoofing protection?
A. access-list 
B. access-group 
C. ip verify reverse-path interface 
D. tcp verify reverse-path interface 
E. udp verify reverse-path interface 
Answer: C
17. Which three models of the Cisco 3000 Series Concentrator can have redundant power supplies? Choose three.
A. 3005
B. 3020
C. 3030
D. 3060
E. 3080
F. 3090
Answer: CDE
18. What threats are expected for the SAFE SMR small network campus module? Choose two.
A. IP spoofing
B. packets sniffers
C. denial of service
 
 

 
 
D. applications layer attacks
Answer: BD
19. Which threats are expected in the SAFE SMR remote user network environment? Choose two.
A. trust exploitation
B. port redirection attacks
C. man in the middle attacks
D. network reconnaissance
Answer: CD
20. What is the primary identity component in a Cisco security solution?
A. Cisco VPN Concentrators
B. Cisco PIX Firewalls
C. Cisco IDS Sensors
D. Cisco Access Control servers
E. Cisco IOS Firewalls
Answer: D
More 642-542 Braindumps Information 
Exam Description
1. ExamSoon offer free update service for three month.
After you purchase our product, we will offer free update in time for three month. 
2. High quality and Value for the 642-542 Exam. 
ExamSoon Practice Exams for 642-542 are written to the highest standards of technical accuracy, provided by our 
certified subject matter experts and published authors for development.
3. 100% Guarantee to Pass Your CCSP exam and get your CCSP Certification.
We guarantee your success in the first attempt. If you do not pass the CCSP "642-542" (Cisco SAFE Implementation 
Exam on your first attempt, send us the official result. We will give you a FULLY REFUND of your purchasing fee and 
send you another same value product for free.
4. ExamSoon CCSP 642-542 Exam Downloadable. 
Our PDF or Testing Engine Preparation Material of CCSP 642-542 exam provides everything which you need to pass 
your exam. The CCSP Certification details are researched and produced by our Professional Certification Experts who 
are constantly using industry experience to produce precise, and logical. You may get "642-542 exam" questions 
from different websites or books, but logic is the key. Our Product will help you not only pass in the first Cisco SAFE 
Implementation Exam( CCSP ) exam try, but also save your valuable time.
Comprehensive questions with complete details about 642-542 exam.  
642-542 exam questions accompanied by exhibits. Verified Answers Researched by Industry Experts and almost 
100% correct. 
Drag and Drop questions as experienced in the Real CCSP exam. 642-542 exam questions updated on regular basis. 
Like actual CCSP Certification exams, 642-542 exam preparation is in multiple-choice questions (MCQs). Tested by 
many real CCSP exams before publishing. 
Try free CCSP exam demo before you decide to buy it in http://www.ExamSoon.com 
High quality and Valued for the 642-542 Exam: 100% Guarantee to Pass Your 642-542 exam and get your CCSP 
Certification. Come to http://www.ExamSoon.com The easiest and quickest way to get your CCSP Certification.
 
 
 
  
  

 
  
  
 
 
 
 
 
ExamSoon professional provides CCSP 642-542 the newest Q&A, completely covers 642-542 test original topic. With 
our completed CCSP resources, you will minimize your CCSP cost and be ready to pass your 642-542 test on Your 
First Try, 100% Money Back Guarantee included! 
642-542 Exam Study Guide 
642-542 exam is regarded as one of the most favourite CCSP Certifications. Many IT professionals prefer to add 642 
542 exam among their credentials. ExamSoon not only caters you all the information regarding the 642-542 exam but 
also provides you the excellent 642-542 study guide which makes the certification exam easy for you. 
ExamSoon Engine Features
Comprehensive questions and answers about 642-542 exam  
642-542 exam questions accompanied by exhibits 
Verified Answers Researched by Industry Experts and almost 100% correct
642-542 exam questions updated on regular basis 
Same type as the certification exams, 642-542 exam preparation is in multiple-choice questions (MCQs). 
Tested by multiple times before publishing
Try free 642-542 exam demo before you decide to buy it in ExamSoon.com 
ExamSoon Help You Pass Any IT Exam
ExamSoon.com offers incredib le career enhancing opportunities. We are a team of IT professionals that focus on providing 
our customers with the most up to date material for any IT certification exam. This material is so effective that we Guarantee 
you will pass the exam or your money back.
642-515  Securing Networks with ASA Advanced  
642-542  Cisco SAFE Implementation Exam  
642-545  Implementing Cisco Security Monitoring, Analysis and Response System  
642-552  Securing Cisco Network Devices Exam  
642-513  Securing Hosts Using Cisco Security Agent Exam (HIPS)  
642-503  Securing Networks with Cisco Routers and Switches  
642-502  Securing Networks with Cisco Routers and Switches Exam(SNRS)  
642-522  Securing Networks with PIX and ASA Exam(SNPA)  
642-523  Securing Networks with PIX and ASA  
642-521  Cisco Secure PIX Firewall Advanced  
642-532  Securing Networks Using Intrusion Prevention Systems Exam (IPS)  
642-551  Securing Cisco Network Devices Exam(SND)  
Related 642-542 Exams
Other Cisco Exams
646-976 
642-691 
642-515 
642-631 
646-227 
642-587 
640-863 
642-426 
642-964 
646-223 
646-563 
642-352 
646-272 
642-591 
642-176 
640-821 
642-053 
646-003 
650-393 
642-456