Free Cisco 642-542 Study Guide With The All New Exam Questions Download

Your worries about Cisco 642-542 exam complexity no more exist because Flydumps is here to serves as a guide to help you to pass the exam. All the exam questions and answers is the latest and covering each and every aspect of Cisco 642-542 exam.It 100% ensure you pass the exam without any doubt.

Exam A QUESTION 1
drag drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 2
If split tunneling is disabled, how do remote users access the Internet when they have a VPN tunnel established in the software access option in the SAFE SMR remote user design environment?
A. access to the Internet is not allowed
B. the user must disable the VPN tunnel to access the Internet
C. access to the Internet is provided via the corporate connection
D. access to the Internet is provided via the ISP connection
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 3
What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. brute force password
C. IP spoofing
D. unauthorized access
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Which command implements Unicast RPF IP spoofing protection?
A. access-list
B. access-group
C. ip verify reverse-path interface
D. tcp verify reverse-path interface
E. udp verify reverse-path interface
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 5
What does CBAC dynamically create and delete?
A. TCP sessions
B. crypto maps
C. access control lists
D. security control lists
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 6
What is the function of a crypto map on a PIX Firewall?
A. to define the policy that will be applied to the traffic
B. to specify which algorithms will be used with the selected security protocol
C. to configure a pre-shared authentication key and associate the key with an IPSec peer address or host name
D. to map transforms to transform sets
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 7
The VPN acceleration module (VAM) is available on what series of VPN optimized routers? Choose two.
A. 1700 Series
B. 2600 Series
C. 3600 Series
D. 7100 Series
E. 7200 Series
Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which model is recommended for an IDS with at least 100 Mbps performance?
A. 4210
B. 4220
C. 4250
D. 4260
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 9
How does Java applet filtering distinguish between trusted and untrusted applets?
A. examines the applet for suspicious code
B. relies on a list of applets that you designate as hostile
C. relies on a list of applets that you designate as friendly
D. relies on a list of external sites that you designate as friendly
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 10
What are three steps of the Security Wheel? Choose three.
A. improve
B. log
C. maintain
D. test
E. secure
F. report
Correct Answer: ADE Section: (none) Explanation
Explanation/Reference:
QUESTION 11
What is the primary identity component in a Cisco security solution?
A. Cisco VPN Concentrators
B. Cisco PIX Firewalls
C. Cisco IDS Sensors
D. Cisco Access Control servers
E. Cisco IOS Firewalls

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Which threats are expected in the SAFE SMR remote user network environment? Choose two.
A. trust exploitation
B. port redirection attacks
C. man in the middle attacks
D. network reconnaissance
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which techniques does SAFE recommend to mitigate MAC spoofing attacks? (Select two.)
A. Use port security.
B. Implement IP Source Guard feature.
C. Set all user ports to nontrunking mode.
D. Implement BPDU guard enhancement command.
E. Implement authentication for DHCP messages.
F. Use DHCP snooping along with DAI.
Correct Answer: AF Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Which are key devices in the SAFE SMR remote user network? Choose three.
A. Layer 2 switch
B. router with firewall and VPN support
C. Layer 3 switch
D. firewall with VPN support
E. NIDS
F. personal firewall software
Correct Answer: BDF Section: (none)
Explanation Explanation/Reference:
QUESTION 15
How are packet sniffer attacks mitigated in the SAFE SMR small network corporate Internet module?
A. RFC 2827 and 1918 filtering at ISP edge and local firewall
B. switched infrastructure and HIDS
C. protocol filtering
D. restrictive trust model and private VLANs
E. restrictive filtering and HIDS
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 16
drag drop

A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which three models of the Cisco 3000 Series Concentrator can have redundant power supplies? Choose three.
A. 3005
B. 3020
C. 3030
D. 3060
E. 3080
F. 3090
Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 18
What are the three modules in the SAFE SMR midsize network design? Choose three.
A. frame/ATM module
B. campus module
C. ISP edge module
D. corporate Internet module
E. WAN module
F. PSTN module
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 19
What threats are expected for the SAFE SMR small network campus module? Choose two.
A. IP spoofing
B. packets sniffers
C. denial of service
D. applications layer attacks
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 20
When using PC-based IP phones, which threat is expected between data and voice segments if not protected by a stateful firewall?
A. TCP flood DoS attack
B. IP spoofing attack
C. UDP flood DoS attack
D. application layer attack
Correct Answer: C Section: (none) Explanation
Explanation/Reference:

If you fail in Cisco 642-542 exam test with Cisco 642-542exam dumps, we promise to give you full refund! You only need to scan your Cisco 642-542 test score report to us together with your receipt ID. After our confirmation, we will give you full refund in time.Or you can choose to charge another IT exam Q&As instead of Cisco 642-542 exam dumps. Useful Cisco certifications exam dumps are assured with us.If our Cisco 642-542 exam dumps can’t help you pass Cisco 642-542 exam, details will be sent before we send the exam to you.We don’t waste our customers’ time and money! Trusting Passtcert is your best choice!