CCNA CCNP Cisco Certification Exam Braindumps

1.Which three steps must you perform to prepare sensor interfaces for inline operations? (Choose three.)
A.Disable all interfaces except the inline pair.
B.Add the inline pair to the default virtual sensor.
C.Enable two interfaces for the pair.
D.Disable any interfaces that are operating in promiscuous mode.
E.Create the interface pair.
F.Configure an alternate TCP-reset interface
Correct:B C E

2.Your Cisco router is hosting an NM-CIDS. The router configuration contains an inbound ACL. Which action does the router take when it receives a packet that should be dropped, according to the inbound ACL?
A.The router forwards the packet to the NM-CIDS for inspection, then drops the packet.
B.The router drops the packet and does not forward it to the NM-CIDS for inspection.
C.The router filters the packet through the inbound ACL, tags it for drop action, and forwards the packet to the NM-CIDS. Then the router drops it if it triggers any signature, even a signature with no action configured.
D.The router filters the packet through the inbound ACL, forwards the packet to the NM-CIDS for inspection only if it is an ICMP packet, and then drops the packet.
Correct:B

3.Which action is available only to signatures supported by the Normalizer engine
A.Produce Verbose Alert
B.Modify Packet Inline
C.Deny Packet Inline
D.Log Pair Packets
E.Request SNMP Trap
F.Reset TCP Connection
Correct:B

642-532:Securing Networks Using Intrusion Prevention Systems Exam (IPS)

4.You would like to have your inline sensor deny attackers inline when events occur that have Risk Ratings over 85. Which two actions will accomplish this? (Choose two.)
A.Create Target Value Ratings of 85 to 100.
B.Create an Event Variable for the protected network.
C.Enable Event Action Overrides.
D.Create an Event Action Filter, and assign the Risk Rating range of 85 to 100 to the filter.
E.Enable Event Action Filters.
F.Assign the Risk Rating range of 85 to 100 to the Deny Attacker Inline event action.
Correct:C F

5.Which two are appropriate installation points for a Cisco IPS sensor? (Choose two.)
A.on publicly accessible servers
B.on critical network servers
C.at network entry points
D.on user desktops
E.on corporate mail servers
F.on critical network segments
Correct:C F

6.In which three ways does a Cisco network sensor protect network devices from attacks? (Choose three.)
A.It uses a blend of intrusion detection technologies to detect malicious network activity.
B.It can generate an alert when it detects traffic that matches a set of rules that pertain to typical intrusion activity.
C.It permits or denies traffic into the protected network that is based on access lists that you create on the sensor.
D.It can take a variety of actions when it detects traffic that matches a set of rules that pertain to typical intrusion activity.
E.It uses behavior-based technology that focuses on the behavior of applications to protect network devices from known attacks and from new attacks for which there is no known signature.
Correct:A B D

#01 solara

As part of my study for CCNA Security I have been making a list of all the commands I need to be adept with. I thought I would share this list of commands with others who may be interested.

For simplicty the list doesn’t offer explanations and in most cases there are a variety of options that could be used with each command that are not shown. It is also not suitable for copy/paste into a router or switch. However, I think it is still a useful quick reference sheet.

#02 B Haines

You are running both RADIUS as well as TACACS+ servers in your example configuration. I was wondering what RAD/TACS you were running on those two servers? FreeRadius? And what Tac Plus? Just trying to determine what software you are using for your lab studies! Thanks!

By the way, thanks for sharing your config!

#03 solara

The previous example isn’t my config but rather just a list of commands to be familiar with and so I’m not actually running TACACS+ and RADIUS on the separate server addresses that I have shown.

I do my lab work using GNS3 with the C3745-ADVENTERPRISEK9_SNA-M IOS and currently I’m using the 90-day trial version of Cisco ACS 4.2 running on a Win2k3 VMWare box.

Just for interest I’ve attached a text file showing a basic config I’ve used for testing TACACS+. I have enabled debugs on aaa authentication and IP packets between the router and the ACS server and then attempted to logon to the router via SSH.

1.What advantage does InfiniBand have over Gigabit Ethernet in HPC environments?
A.lower latency
B.simpler cabling
C.longer distance support
D.more sophisticated traffic management
Correct:A

Data Center Networking Infrastructure Design Specialist

2.Which data center network-architecture change is a result of the adoption of blade and 1-RU server technologies?
A.Layer 3 fault domains growing larger
B.Layer 2 fault domains growing larger
C.Layer 3 fault domains growing smaller
D.Layer 2 fault domains growing smaller
Correct:B

3.A very large blade-server deployment has high throughput requirements for both data and storage networks. Which access layer option would you recommend?
A.blade server Ethernet switch with Cisco SFS 3000 Series Multifabric Switch
B.blade server InfiniBand switch with Cisco SFS 3000 Series Multifabric Switch
C.blade server Ethernet switch that is connected to Cisco Catalyst 4948 top-of-rack switch
D.blade server Ethernet switch that is connected to Cisco Catalyst 6500 Series end-of-rack switch
Correct:B

4.Refer to the exhibit. Each letter (A-D) represents a model for placement of a default gateway. Which model allows the maximum number of application and security services?
A.model A
B.model B
C.model C
D.model D
Correct:C

5.Which three of the following service modules can be deployed in redundant pairs with active/active failover? (Choose three.)
A.ACE
B.CSM
C.NAM
D.IDSM
E.FWSM
F.SSLSM
Correct:A D E

6.Refer to the exhibit. What do you need to configure to prevent spanning-tree loops from occurring between the two FWSMs?
A.FWSMs in transparent mode
B.ethertype ACLs to allow BPDUs
C.FWSMs in multiple-context mode
D.failover and state interfaces on the same VLAN
Correct:B

7.How is FCIP traffic marked with DSCP values?
A.The Cisco MDS 9000 Series Multilayer Switch marks one DSCP value per FCIP tunnel.
B.The Cisco MDS 9000 Series Multilayer Switch marks two DSCP values per FCIP tunnel.
C.The aggregation layer Ethernet switch marks one DSCP value per FCIP tunnel.
D.The aggregation layer Ethernet switch marks two DSCP values per FCIP tunnel.
Correct:B

8.Which two security vulnerabilities does the FWSM application inspection engine mitigate? (Choose two.)
A.DoS attacks
B.DDoS attacks
C.SQL injection
D.cookie altering
E.web server worms
Correct:C D