642-542 CCSP Braindump
ExamSoon 642-542 Exams
Cisco Cisco SAFE Implementation Exam
O rder : 642-542 Exam
Practice Exam: 642-542
Exam Number/Code: 642-542
Exam Name: Cisco SAFE Implementation Exam
Questions and Answers: 224 Q&As
Free 642-542 Braindumps
Exam : Cisco 642-542
Title : Cisco SAFE Implementation Exam
1. Which IDS guidelines should be followed, according to SAFE SMR?
A. use TCP shunning as opposed to TCP resets
B. use shunning no longer than 15 minutes
C. use shunning on only UDP traffic, as it is more difficult to spoof than TCP
D. use shunning on only TCP traffic, as it is more difficult to spoof than UDP
2. Which model is recommended for an IDS with at least 100 Mbps performance?
3. What is not a specific type of attack, but refers to most attacks that occur today?
B. brute force password
C. IP spoofing
D. unauthorized access
4. If split tunneling is disabled, how do remote users access the Internet when they have a VPN tunnel established in
the software access option in the SAFE SMR remote user design environment?
A. access to the Internet is not allowed
B. the user must disable the VPN tunnel to access the Internet
C. access to the Internet is provided via the corporate connection
D. access to the Internet is provided via the ISP connection
5. When using PC-based IP phones, which threat is expected between data and voice segments if not protected by a
A. TCP flood DoS attack
B. IP spoofing attack
C. UDP flood DoS attack
D. application layer attack
6. Which techniques does SAFE recommend to mitigate MAC spoofing attacks? (Select two.)
A. Use port security.
B. Implement IP Source Guard feature.
C. Set all user ports to nontrunking mode.
D. Implement BPDU guard enhancement command.
E. Implement authentication for DHCP messages.
F. Use DHCP snooping along with DAI.
7. What are the radio frequency bands used by IEEE 802.11 standards? Choose two.
A. 2.8 MHz