Examsoon 640-553.pdf

About Global Documents

Global Documents provides you with documents from around the globe on a variety of topics for your enjoyment.
Global Documents utilizes edocr for all its document needs due to edocr's wonderful content features. Thousands of professionals and businesses around the globe publish marketing, sales, operations, customer service and financial documents making it easier for prospects and customers to find content.
Exam Cisco Cisco IOS image command Answer CCNA IINS implement Cisco
640-553 CCNA Braindump 
ExamSoon 640-553 Exams
Cisco IINS Implementing Cisco IOS Network Security
 
O rder : 640-553 Exam
Practice Exam: 640-553
Exam Number/Code: 640-553
Exam Name: IINS Implementing Cisco IOS Network  Security
Questions and Answers: 133 Q&As 
Free 640-553 Braindumps
  
  
Exam : Cisco 640-553
Title : IINS Implementing Cisco IOS Network Security
1. Refer to the exhibit. Which statement is correct based on the show login command output shown?
A. When the router goes into quiet mode, any host is permitted to access the router via Telnet, SSH, and HTTP, 
since the quiet-mode access list has not been configured.
B. The login block-for command is configured to block login hosts for 93 seconds.
C. All logins from any sources are blocked for another 193 seconds.
D. Three or more login requests have failed within the last 100 seconds.
Answer: D
2. What will be disabled as a result of the no service password-recovery command?
A. changes to the config-register setting
B. ROMMON
C. password encryption service
D. aaa new-model global configuration command
E. the xmodem privilege EXEC mode command to recover the Cisco IOS image
Answer: B
3. Refer to the exhibit. What does the option secret 5 in the username global configuration mode command indicate 
about the enable secret password?
A. It is hashed using SHA.
B. It is encrypted using DH group 5.
C. It is hashed using MD5.
D. It is encrypted via the service password-encryption command.
E. It is hashed using a proprietary Cisco hashing algorithm.
F. It is encrypted using a proprietary Cisco encryption algorithm.
Answer: C
4. Which access list will permit HTTP traffic sourced from host 10.1.129.100 port 3030 destined to host 192.168.1.10?
A. access-list 101 permit tcp any eq 3030
B. access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www
C. access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.1.10 0.0.0.0 eq www
D. access-list 101 permit tcp host 192.168.1.10 eq 80 10.1.0.0 0.0.255.255 eq 3030
 
  
 
  
 

 
  
 
  
E. access-list 101 permit tcp 192.168.1.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255
F. access-list 101 permit ip host 10.1.129.100 eq 3030 host 192.168.1.100 eq 80 
Answer: B
5. Which location is recommended for extended or extended named ACLs?
A. an intermediate location to filter as much traffic as possible
B. a location as close to the destination traffic as possible
C. when using the established keyword, a location close to the destination point to ensure that return traffic is allowed 
D. a location as close to the source traffic as possible
Answer: D
6. What are three common examples of AAA implementation on Cisco routers? (Choose three.)
A. authenticating remote users who are accessing the corporate LAN through IPSec VPN connections
B. authenticating administrator access to the router console port, auxiliary port, and vty ports
C. implementing PKI to authenticate and authorize IPsec VPN peers using digital certificates
D. tracking Cisco Netflow accounting statistics
E. securing the router by locking down all unused services
F. performing router commands authorization using TACACS+
Answer: ABF
7. What is a result of securing the Cisco IOS image using the Cisco IOS image resilience feature?
A. The show version command will not show the Cisco IOS image file location.
B. The Cisco IOS image file will not be visible in the output from the show flash command.
C. When the router boots up, the Cisco IOS image will be loaded from a secured FTP location.
D. The running Cisco IOS image will be encrypted and then automatically backed up to the NVRAM.
E. The running Cisco IOS image will be encrypted and then automatically backed up to a TFTP server.
Answer: B
8. Refer to the exhibit. Which statement about the aaa configurations is true?
A. The authentication method list used by the console port is named test.
B. The authentication method list used by the vty port is named test.
C. If the TACACS+ AAA server is not available, no users will be able to establish a Telnet session with the router.
D. If the TACACS+ AAA server is not available, console access to the router can be authenticated using the local 
database.
E. The local database is checked first when authenticating console and vty access to the router.
Answer: B
9. Which aaa accounting command is used to enable logging of both the start and stop records for user terminal 
sessions on the router?
A. aaa accounting network start-stop tacacs+ 
B. aaa accounting system start-stop tacacs+ 
C. aaa accounting exec start-stop tacacs+ 
D. aaa accounting connection start-stop tacacs+ 
E. aaa accounting commands 15 start-stop tacacs+ 
Answer: C
10. Which characteristic is the foundation of Cisco Self-Defending Network technology? 
A. secure connectivity
B. threat control and containment
C. policy management
D. secure network platform
Answer: D
11. Which four methods are used by hackers? (Choose four.)
 
 
 

 
Select 4 response(s).
A. footprint analysis attack
B. privilege escalation attack
C. buffer Unicode attack
D. front door attacks
E. social engineering attack
F. Trojan horse attack
Answer: ABEF
12. Which of these correctly matches the CLI command(s) to the equivalent SDM wizard that performs similar 
configuration functions?
A. Cisco Common Classification Policy Language configuration commands and the SDM Site-to-Site VPN wizard 
B. auto secure exec command and the SDM One-Step Lockdown wizard 
C. setup exec command and the SDM Security Audit wizard
D. class-maps, policy-maps, and service-policy configuration commands and the SDM IPS wizard 
E. aaa configuration commands and the SDM Basic Firewall wizard
Answer: B
13. What are two characteristics of the SDM Security Audit wizard? (Choose two.)
A. displays a screen with Fix-it check boxes to let you choose which potential security-related configuration changes 
to implement
B. has two modes of operationinteractive and non-interactive 
C. automatically enables Cisco IOS firewall and Cisco IOS IPS to secure the router
D. uses interactive dialogs and prompts to implement role-based CLI 
E. requires users to first identify which router interfaces connect to the inside network and which connect to the 
outside network
Answer: AE
14. What does level 5 in the following enable secret global configuration mode command indicate?
router#enable secret level 5 password
A. The enable secret password is hashed using MD5.
B. The enable secret password is hashed using SHA.
C. The enable secret password is encrypted using Cisco proprietary level 5 encryption.
D. Set the enable secret command to privilege level 5.
E. The enable secret password is for accessing exec privilege level 5.
Answer: E
15. During role-based CLI configuration, what must be enabled before any user views can be created? 
A. multiple privilege levels
B. usernames and passwords
C. aaa new-model command 
D. secret password for the root user
E. HTTP and/or HTTPS server
Answer: C
More 640-553 Braindumps Information 
Exam Description
1. ExamSoon offer free update service for three month.
After you purchase our product, we will offer free update in time for three month. 
2. High quality and Value for the 640-553 Exam. 
 
 
 
  

 
  
 
ExamSoon Practice Exams for 640-553 are written to the highest standards of technical accuracy, provided by our 
certified subject matter experts and published authors for development.
3. 100% Guarantee to Pass Your CCNA exam and get your CCNA Certification.
We guarantee your success in the first attempt. If you do not pass the CCNA "640-553" (IINS Implementing Cisco 
IOS Network Security on your first attempt, send us the official result. We will give you a FULLY REFUND of your 
purchasing fee and send you another same value product for free.
4. ExamSoon CCNA 640-553 Exam Downloadable. 
Our PDF or Testing Engine Preparation Material of CCNA 640-553 exam provides everything which you need to pass 
your exam. The CCNA Certification details are researched and produced by our Professional Certification Experts who 
are constantly using industry experience to produce precise, and logical. You may get "640-553 exam" questions 
from different websites or books, but logic is the key. Our Product will help you not only pass in the first IINS 
Implementing Cisco IOS Network Security( CCNA ) exam try, but also save your valuable time.
Comprehensive questions with complete details about 640-553 exam.  
640-553 exam questions accompanied by exhibits. Verified Answers Researched by Industry Experts and almost 
100% correct. 
Drag and Drop questions as experienced in the Real CCNA exam. 640-553 exam questions updated on regular basis. 
Like actual CCNA Certification exams, 640-553 exam preparation is in multiple-choice questions (MCQs). Tested by 
many real CCNA exams before publishing. 
Try free CCNA exam demo before you decide to buy it in http://www.ExamSoon.com 
High quality and Valued for the 640-553 Exam: 100% Guarantee to Pass Your 640-553 exam and get your CCNA 
Certification. Come to http://www.ExamSoon.com The easiest and quickest way to get your CCNA Certification.
ExamSoon professional provides CCNA 640-553 the newest Q&A, completely covers 640-553 test original topic. With 
our completed CCNA resources, you will minimize your CCNA cost and be ready to pass your 640-553 test on Your 
First Try, 100% Money Back Guarantee included! 
640-553 Exam Study Guide 
640-553 exam is regarded as one of the most favourite CCNA Certifications. Many IT professionals prefer to add 
640-553 exam among their credentials. ExamSoon not only caters you all the information regarding the 640-553 exam 
but also provides you the excellent 640-553 study guide which makes the certification exam easy for you. 
ExamSoon Engine Features
Comprehensive questions and answers about 640-553 exam  
640-553 exam questions accompanied by exhibits 
Verified Answers Researched by Industry Experts and almost 100% correct
640-553 exam questions updated on regular basis 
Same type as the certification exams, 640-553 exam preparation is in multiple-choice questions (MCQs). 
Tested by multiple times before publishing
Try free 640-553 exam demo before you decide to buy it in ExamSoon.com 
ExamSoon Help You Pass Any IT Exam
ExamSoon.com offers incredib le career enhancing opportunities. We are a team of IT professionals that focus on providing 
our customers with the most up to date material for any IT certification exam. This material is so effective that we Guarantee 
you will pass the exam or your money back.
 
  
 
  
 
  

 
640-802  Cisco Certified Network Associate  
640-822  Interconnecting Cisco Networking Devices Part 1  
640-816  Interconnecting Cisco Networking Devices Part 2  
640-801  Cisco Certified Network Associate (CCNA)  
640-553  IINS Implementing Cisco IOS Network Security  
640-721  Implementing Cisco Unified Wireless Networking Essentials (IUWNE)  
640-811  Interconnecting Cisco Networking Devices  
640-821  Introduction to Cisco Networking Technologies  
Related 640-553 Exams
Other Cisco Exams
642-545 
642-961 
642-071 
350-021 
646-276 
642-054 
642-522 
646-230 
642-973 
642-145 
642-359 
642-972 
646-204 
642-871 
640-821 
642-425 
642-983 
350-
001GB2312
-LAB 
650-251 
642-736