Cisco Security Solutions for Systems Engineers (SSSE) Practice Test. Version

Similar documents
Exam : Title : Security Solutions for Systems Engineers. Version : Demo

Question: 1 The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

CISCO EXAM QUESTIONS & ANSWERS

ITdumpsFree. Get free valid exam dumps and pass your exam test with confidence

Implementing Cisco Network Security (IINS) 3.0

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

ExamTorrent. Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you

CISCO EXAM QUESTIONS & ANSWERS

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Exam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo

ASA/PIX Security Appliance

CSA for Mobile Client Security

Cisco Passguide Exam Questions & Answers

S.No. CCIE Security Written Exam Topics v4.0 Part I Infrastructure, Connectivity, Communications, Network Security

Cisco 5921 Embedded Services Router

Cisco Exam Questions & Answers

Exam Questions Demo Cisco. Exam Questions

Fundamentals of Network Security v1.1 Scope and Sequence

Cisco Group Encrypted Transport VPN

Configuring L2TP over IPsec

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

Cisco ASA Next-Generation Firewall Services

Cisco Exam Questions & Answers

Cisco Exam. Volume: 223 Questions. Question No: 1 Which three commands can be used to harden a switch? (Choose three.)

Cisco 5921 Embedded Services Router

Symbols. Numerics I N D E X

Cisco CISCO Securing Networks with ASA Advanced. Practice Test. Version

Firewalls for Secure Unified Communications

Cisco Exam Implementing Cisco Network Security Version: 12.0 [ Total Questions: 186 ]

Security+ SY0-501 Study Guide Table of Contents

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Configuring WAN Backhaul Redundancy

SYLLABUS. DIVISION: Business and Engineering Technology REVISED: FALL 2015 CREDIT HOURS: 4 HOURS/WK LEC: 4 HOURS/WK LAB: 0 LEC/LAB COMB: 4

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title.

Enterasys. Design Guide. Network Access Control P/N

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

The Bomgar Appliance in the Network

CCNA Security. 2.0 Secure Access. 1.0 Security Concepts

T E C H N I C A L S A L E S S E R V I C E S

Hillstone IPSec VPN Solution

Cisco Exam Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) Version: 6.0 [ Total Questions: 79 ]

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL II. VERSION 2.0

ASACAMP - ASA Lab Camp (5316)

Cisco.Actualtests v New Questions.by.Nev.32q.vce

CIH

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Cisco Exam Questions & Answers

Viewing Router Information

Cisco Network Admission Control (NAC) Solution

SONICWALL SECURITY HEALTH CHECK SERVICE

Configuring VPN from Proventia M Series Appliance to Proventia M Series Appliance

Get Success in Passing Your Certification Exam at first attempt!

Secure Mobility. Klaus Lenssen Senior Business Development Manager Security

Palo Alto Networks PCNSE7 Exam

SONICWALL SECURITY HEALTH CHECK SERVICE

Chapter 3 Network Foundation Protection (NFP) Overview 39. Configuring and Implementing Switched Data Plane Security Solutions 57

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Implementing Cisco Edge Network Security Solutions ( )

New Features for ASA Version 9.0(2)

Russian Cyber Attack Warning and Impact on AccessEnforcer UTM Firewall

Wireless and Network Security Integration Solution Overview

Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0)

Cisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant

The Privileged Remote Access Appliance in the Network

Understanding Cisco Cybersecurity Fundamentals

Top-Down Network Design

DumpsFree. DumpsFree provide high-quality Dumps VCE & dumps demo free download

Exam Questions Demo Cisco. Exam Questions CCIE Security Written Exam.

Exam Name: Implementing Cisco Edge Network Security Solutions

SonicOS 5.6 Feature Overview

Numerics I N D E X. 3DES (Triple Data Encryption Standard), 48

Scalability Considerations

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

SONICWALL SECURITY HEALTH CHECK PSO 2017

This course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N

This primer covers the following major topics: 1. Getting Familiar with ACS. 2. ACS Databases and Additional Server Interaction

Packet Tracer - Configure and Verify a Site-to-Site IPsec VPN Using CLI

Reviewer s guide. PureMessage for Windows/Exchange Product tour

Identity Firewall. About the Identity Firewall. This chapter describes how to configure the ASA for the Identity Firewall.

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

Identity Firewall. About the Identity Firewall

The Privileged Access Appliance in the Network

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

Cisco Wireless LAN Controller Module

ISE Primer.

A Unified Threat Defense: The Need for Security Convergence

KillTest. 半年免费更新服务

Securing Remote Access to IT Resources

NETWORK THREATS DEMAN

Configuring OpenVPN on pfsense

Security in Bomgar Remote Support

CISCO QUAD Cisco CCENT/CCNA/CCDA/CCNA Security (QUAD)

Network Security Platform 8.1

Monitoring Remote Access VPN Services

Question No : 1 Which three options are basic design principles of the Cisco Nexus 7000 Series for data center virtualization? (Choose three.

Cisco - ASA Lab Camp v9.0

Transcription:

Cisco 642-566 642-566 Security Solutions for Systems Engineers (SSSE) Practice Test Version 3.10

QUESTION NO: 1 You are the network consultant from Your company. Please point out two requirements call for the deployment of 802.1X. A. Authenticate users on switch or wireless ports B. Grant or Deny network access at the port level, based on configured authorization policies C. Allow network access during thequeit period D. Verify security posture using TACAS+ Answer: A,B QUESTION NO: 2 Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. An OSPF router on the network is running at an abnormally high CPU rate. By use of different OSPF debug commands on Router, the network administrator determines that router is receiving many OSPF link state packets from an unknown OSPF neighbor, thus forcing many OSPF path recalculations and affecting router's CPU usage. Which OSPF configuration should the administrator enable to preent this kind of attack on the Router? A. Multi-Area OSPF B. OSPF stub Area C. OSPF MD5 Authentication D. OSPF not-so-stubby Area Answer: C QUESTION NO: 3 Which one of the following Cisco Security Management products is able to perform (syslog) events normalization? A. Cisco IME B. Cisco Security Manager C. Cisco ASDM D. Cisco Security MARS Answer: D QUESTION NO: 4 2

Can you tell me which one of the following platforms has the highest IPSec throughput and can support the highest number of tunnels? A. Cisco 6500/7600 + VPN SPA B. Cisco ASR 1000-5G C. Cisco 7200 NPE-GE+VSA D. Cisco 7200 NPE-GE+VAM2+ Answer: A QUESTION NO: 5 Which two methods can be used to perform IPSec peer authentication? (Choose two.) A. One-time Password B. AAA C. Pre-shared key D. Digital Certificate Answer: C,D QUESTION NO: 6 Cisco Security Agent is the first endpoint security solution that combines zero-update attack protection, data loss prevention and signature-based antivirus in a single agent. This unique blend of capabilities defends servers and desktops against sophisticated day-zero attacks and enforces acceptable-use and compliance policies within a simple management infrastructure. What are three functions of CSA in helping to secure customer environments? A. Control of executable content B. Identification of vulnerabilities C. Application Control D. System hardening Answer: A,C,D QUESTION NO: 7 Cisco Secure Access Control Server (ACS) is an access policy control platform that helps you comply with growing regulatory and corporate requirements. Which three of these items are features of the Cisco Secure Access Control Server? 3

A. NDS B. RSA Certificates C. LDAP D. Kerberos Answer: A,B,C QUESTION NO: 8 Observe the following protocols carefully, which one is used to allow the utilization of Cisco Wide Area Application Engines or Cisco IronPort S-Series web security appliances to localize web traffic patterns I the network and to enable the local fulfillment of content requests? A. TLS B. DTLS C. WCCP D. HTTPS Answer: C QUESTION NO: 9 Which one is not the factor can affect the risk rating of an IPS alert? A. Relevance B. Attacker location C. Event severity D. Signature fidelity Answer: B QUESTION NO: 10 For the following items, which two are differences between symmetric and asymmetric encryption algorithms? (Choose two.) A. Asymmetric encryption is slower than symmetric encryption B. Asymmetric encryption is more suitable than symmetric encryption for real-time bulk encryption C. Symmetric encryption is used in digital signatures and asymmetric encryption is used in HMACs D. Asymmetric encryption requires a much larger key size to achieve the same level of protection as asymmetric encryption 4

Answer: A,D QUESTION NO: 11 Deploying the NAC appliance in in-band mode is better than out-of-band mode. Why? A. Nessus scanning B. Higher number of users per NAC Appliance C. Bandwidth enforcement policy D. NAC Appliance Agent deployment Answer: C QUESTION NO: 12 IPSec-based site-to-site VPNs is better than traditional WAN networks what? A. Delay guarantees, span, performance, security and low cost B. Bandwidth guarantees, support for non-ip protocols, scalability and modular design guidelines C. Bandwidth guarantees, flexibility, security and low cost D. Span, flexibility, security and low cost Answer: D QUESTION NO: 13 Which VPN technology can not be used over the internet? A. VTI B. GRE overipsec C. IPsec direct encapsulation D. GET VPN Answer: D QUESTION NO: 14 DRAG DROP Match each IKE component to its supported option: 5

Answer: Explanation: best security controls for a web server having 6

QUESTION NO: 15 DRAG DROP Which item is correct about the relationship between the VPN types and their descriptions? Answer: 7

Explanation: QUESTION NO: 16 DRAG DROP Select the best security control to minimize the WAN security threats. Not all the security controls are required. 8

Answer: QUESTION NO: 17 Which is the primary benefit that DTLS offers over TLS? A. Both the application and TLS can retransmit loss packets B. Improves security C. Provides low latency for real-time applications D. Uses TCP instead of UDP to provide a reliable Transport mechanism 9

Answer: C QUESTION NO: 18 DRAG DROP Which option is correct about the relationship between the terms and their description? Answer: Explanation: 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback