New Questions--Flydumps Recently Updated Cisco 642-591 Real Exam Questions Ensure 100 Percent Pass
Flydumps just published the newest Cisco 642-591 brain dumps with all the new updated exam questions and answers.Flydumps provide the latest version of Cisco 642-591 PDF and VCE files with up-to-date questions and answers to ensure your exam 100% pass, on our website you will get the free new newest Cisco 642-591 version VCE Player along with your VCE dumps.
Exam A
QUESTION 1
The NAS is configured to autogenerate an IP address pool of 30 subnets with a netmask of /30, beginning at address 192.168.10.0. Which IP address is leased to the end-user host on the second subnet?
A. 192.168.10.4
B. 192.168.10.5
C. 192.168.10.6
D. 192.168.10.7
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Which default administrator group has delete permissions?
A. admin
B. help-desk
C. add-edit
D. full-control
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 3
What is the result when the condition statement in a Cisco NAA check for required software evaluates to false on a client machine?
A. The required software is automatically downloaded to the user device.
B. The required software is made available after the user is quarantined.
C. The user is put in the unauthenticated role and the software is considered missing.
D. The user is placed in the temporary role and the software is made available.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Which three components comprise a Cisco NAC Appliance solution? (Choose three.)
A. a NAC-enabled Cisco router
B. a Linux server for in-band or out-of-band network admission control
C. a Linux server for centralized management of network admission servers
D. a Cisco router to provide VPN services
E. a read-only client operating on an endpoint device
F. a NAC-enabled Cisco switch
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Drop
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 6
Drop A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 7
When configuring the Cisco NAM to implement Cisco NAA requirement checking on client machines, what is the next step after configuring checks and rules?
A. retrieve updates
B. require the use of the Cisco NAA
C. configure session timeout and traffic policies
D. map rules to requirement
E. configure requirements
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Refer to the exhibit. When logging in to a Cisco NAC Appliance solution, an end user is prompted for a username, password, and provider. What should be entered in the Provider drop-down field shown in the exhibit?
A. the authenticating NAS
B. the authorizing NAM
C. the name of the ISP
D. the external authenticating server
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 9
What are the two types of traffic policies that apply to user roles? (Choose two.)
A. IP-based
B. peer-based
C. host-based
D. manager-based
E. server-based
F. VLAN-based
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 10
After you implement a network scan and view the report, you notice that a plug-in did not access any of its dependent plug-ins. What did you forget to do?
A. enable the Dependent Plug-in check box on the General Tab form
B. configure dependent plug-in support when you mapped the Nessus scan check to the Nessus plug-in rule
C. install dependent plug-ins when you updated the Cisco NAC Appliance plug-in library
D. load the dependent plug-ins for that plug-in in the Plug-in Updates form
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 11
A client has a network with wireless and wired users. The wired users run mission-critical bandwidth-sensitive applications. The wireless users access web-based support portals within the central office.
Given only this information, which Cisco NAC Appliance solution would provide the most fault-tolerant option for this client?
A. one Cisco NAM and one in-band highly available Cisco NAS cluster
B. one load-balanced highly available Cisco NAM cluster and one out-of-band highly available Cisco NAS cluster
C. one highly available Cisco NAM cluster, one out-of-band highly available Cisco NAS cluster, and one in-band Cisco NAS
D. one highly available Cisco NAM cluster and one in-band highly available Cisco NAS cluster
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Based on the Boolean order of precedence, how would Cisco NAC Appliance evaluate the following rule?
AdAwareLogRecent&(NorAVProcessIsActiveymAVProcessIsActive)
A. (The Norton Antivirus is active and there is a recent Ad Aware log entry) or (the Symantec antivirus process is active).
B. There is a recent Ad Aware log entry, the Norton Antivirus is active, and the Symantec antivirus process is active.
C. (Either the Norton Antivirus or the Symantec antivirus process is active) and (there is a recent Ad Aware log entry).
D. There is a recent Ad Aware log entry or the Norton Antivirus is active, or the Symantec antivirus process is active.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 13
How do you ensure that the Cisco NAS has the most recent version of the Cisco NAA to install on user devices?
A. Each time the Cisco NAA is upgraded, the Cisco NAM automatically downloads the new version of Cisco NAA to all Cisco NAS servers.
B. From the Cisco NAS Web Admin Console, enable Cisco NAA autoupdate on the Administration > Software Update form.
C. The Cisco NAA is upgraded directly to each Cisco NAS using the Upgrade Server form available on the Cisco NAM web console GUI.
D. Configure the Cisco NAS by selecting which Cisco NAA to upgrade in the Cisco NAA Upgrade form.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 14
LAB A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 15
A search of available switches has been performed and a list of switches is presented. Which two SNMP attributes need to match what is configured in the Cisco switch profile for a listed switch to be added to the Cisco NAM? (Choose two.)
A. SNMP read community string
B. SNMP write community string
C. SNMP read version
D. SNMP write version
E. SNMP trap
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 16
In a Cisco NAC Appliance Windows Active Directory SSO deployment, what are the cached credentials and Kerberos TGT from the client-machine Windows login used for?
A. They are used to validate the user with the Cisco NAS.
B. They are used to validate the user authentication with the backend Windows Active Directory server.
C. They are used to validate user access with the Cisco NAA.
D. They are used to validate the user authentication and access with the Cisco NAM.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Drop
A.
B.
C.
D.
Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 18
What must you check on the switches for an out-of-band Cisco NAC Appliance deployment?
A. The Cisco or non-Cisco switch must support port security and SNMPv2 or SNMPv3.
B. The Cisco switch must support VACL (VLAN ACL).
C. If you have stacked Cisco Catalyst 3750 Series Switches, you are using Cisco IOS Release 12.1(25) SEC or above.
D. The Cisco switch must use at least the minimum supported version of Cisco IOS or Catalyst OS supporting mac-notification or linkup-linkdown SNMP traps.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 19
When using Windows Active Directory Single-Sign-ON (SSO), the Cisco NAA on the client machine will ask the client machine for a Service Ticket (ST) with which username to communicate with the Cisco NAS?
A. the Cisco NAA username
B. the Microsoft Windows Active Directory server username
C. the Cisco NAS username
D. the client username
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 20
A small public library wants to implement network admission control for their public wireless network and their internal wired network. Their network contains switches from a variety of vendors. Which Cisco NAC Appliance solution would best suit this client?
A. an out-of-band Cisco NAS deployment with a Cisco NAM cluster
B. a combination of an out-of-band and an in-band Cisco NAS deployment with a Cisco NAM cluster
C. an in-band Cisco NAS deployment and a Cisco NAM
D. a hybrid solution using in-band Cisco NAS for the wireless and out-of-band Cisco NAS for the wired deployment
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
This volume is part of the Exam Certification Guide Series from Cisco 642-591.Cisco 642-591 in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco 642-591 Certification candidates identify weaknesses,concentrate their study efforts, and enhance their confidence as Cisco 642-591 exam day nears.