2-565,最新题库

Number: 2-566 QUESTION 1

You are the network consultant from Your company. Please point out two requirements that call for the deployment of 802.1X.

A. Authenticate users on switch or wireless ports

B. Grant or Deny network access at the port level, based on configured authorization policies C. Allow network access during thequeit period D. Verify security posture using TACAS+

Answer: AB Section: (none)

Explanation/Reference:

QUESTION 2

Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. An OSPF router on the network is running at an abnormally high CPU rate. By use of different OSPF debug commands on Router, the network administrator determines that router is receiving many OSPF link state packets from an unknown OSPF neighbor, thus forcing many

OSPF path recalculations and affecting router's CPU usage. Which OSPF configuration should the administrator enable to prevent this kind of attack on the Router?

A. Multi-Area OSPF B. OSPF stub Area

C. OSPF MD5 Authentication D. OSPF not-so-stubby Area

Answer: C

Section: (none)

Explanation/Reference:

QUESTION 3

Which one of the following Cisco Security Management products is able to perform (syslog) events normalization?

A. Cisco IME

B. Cisco Security Manager C. Cisco ASDM

D. Cisco Security MARS

Answer: D

Section: (none)

Explanation/Reference:

QUESTION 4

Can you tell me which one of the following platforms has the highest IPSec throughput and can support the highest number of tunnels?

A. Cisco 6500/7600 + VPN SPA B. Cisco ASR 1000-5G

C. Cisco 7200 NPE-GE+VSA D. Cisco 7200 NPE-GE+VAM2+

Answer: A

Section: (none)

Explanation/Reference:

QUESTION 5

Which two methods can be used to perform IPSec peer authentication? (Choose two.)

A. One-time Password B. AAA

C. Pre-shared key D. Digital Certificate

Answer: CD Section: (none)

Explanation/Reference:

QUESTION 6

Cisco Security Agent is the first endpoint security solution that combines zero-update attack

protection, data loss prevention, and signature-based antivirus in a single agent. This unique blend of capabilities defends servers and desktops against sophisticated day-zero attacks and enforces acceptable-use and compliance policies within a simple management infrastructure. What are three functions of CSA in helping to secure customer environments?

A. Control of executable content B. Identification of vulnerabilities C. Application Control D. System hardening

Answer: ACD Section: (none)

Explanation/Reference:

QUESTION 7

Cisco Secure Access Control Server (ACS) is an access policy control platform that helps you comply with growing regulatory and corporate requirements. Which three of these items are features of the Cisco Secure Access Control Server?

A. NDS

B. RSA Certificates C. LDAP D. Kerberos

Answer: ABC Section: (none)

Explanation/Reference:

QUESTION 8

Observe the following protocols carefully, which one is used to allow the utilization of Cisco Wide Area Application Engines or Cisco IronPort S-Series web security appliances to localize web traffic patterns I the network and to enable the local fulfillment of content requests?

A. TLS B. DTLS C. WCCP D. HTTPS

Answer: C

Section: (none)

Explanation/Reference:

QUESTION 9

Which one is not the factor can affect the risk rating of an IPS alert?

A. Relevance

B. Attacker location C. Event severity D. Signature fidelity

Answer: B

Section: (none)

Explanation/Reference:

QUESTION 10

For the following items, which two are differences between symmetric and asymmetric encryption algorithms? (Choose two.)

A. Asymmetric encryption is slower than symmetric encryption

B. Asymmetric encryption is more suitable than symmetric encryption for real-time bulk encryption C. Symmetric encryption is used in digital signatures and asymmetric encryption is used in

HMACs

D. Asymmetric encryption requires a much larger key size to achieve the same level of protection

as asymmetric encryption

Answer: AD Section: (none)

Explanation/Reference:

QUESTION 11

Deploying the NAC appliance in in-band mode is better than out-of-band mode. Why?

A. Nessus scanning

B. Higher number of users per NAC Appliance C. Bandwidth enforcement policy D. NAC Appliance Agent deployment

Answer: C

Section: (none)

Explanation/Reference:

QUESTION 12

IPSec-based site-to-site VPNs is better than traditional WAN networks what?

A. Delay guarantees, span, performance, security and low cost

B. Bandwidth guarantees, support for non-IP protocols, scalability and modular design guidelines C. Bandwidth guarantees, flexibility, security and low cost D. Span, flexibility, security and low cost

Answer: D

Section: (none)

Explanation/Reference:

QUESTION 13

Which VPN technology can not be used over the internet?

A. VTI

B. GRE overIPsec

C. IPsec direct encapsulation D. GET VPN

Answer: D

Section: (none)

Explanation/Reference:

QUESTION 14 DRAG AND DROP

Match each IKE component to its supported option:

Answer:

Section: (none)

Explanation/Reference:

QUESTION 15 DRAG AND DROP

Which item is correct about the relationship between the VPN types and their descriptions?

Answer:

Section: (none)

Explanation/Reference:

QUESTION 16 DRAG AND DROP

Select the best security control to minimize the WAN security threats. Not all the security controls are required.

Answer:

Section: (none)

Explanation/Reference:

QUESTION 17

Which is the primary benefit that DTLS offers over TLS?

A. Both the application and TLS can retransmit loss packets B. Improves security

C. Provides low latency for real-time applications

D. Uses TCP instead of UDP to provide a reliable Transport mechanism

Answer: C

Section: (none)

Explanation/Reference:

QUESTION 18 DRAG DROP

Which option is correct about the relationship between the terms and their description?

Answer:

Section: (none)

Explanation/Reference:

QUESTION 19

Cisco AutoSecure is a new Cisco IOS Security Command Line Interface (CLI) command, which two are statements are true regarding the Cisco AutoSecure? (Choose two.)

A. Enabletcp-keeplive-in and tcp-keepalives-out B. Disabletcp-keeplives-in and tcp-keepalives-out

C. Enables log messages to include sequence numbers and time stamps D. Blocks all IANA-reserved IP address blocks

Answer: CD Section: (none)

Explanation/Reference:

QUESTION 20 Exhibit:

In order to support IPSec VPN, which three traffic types should ACL1 permit on the firewall in front of the IPSec VPN gateway? (Choose three.)

A. IP Protocol 50 B. UDP port 4500 C. UDP Port 10000 D. UDP Port 5000

Answer: ABD Section: (none)

Explanation/Reference:

QUESTION 21

Which of these items is a feature of a system-level approach to security management?

A. Multiple cross-vendor management platforms B. Complex Operations C. Responsibility sharing

D. Single-element management E. High Availability

Answer: E

Section: (none)

Explanation/Reference:

QUESTION 22

Which typical design choices should be taken into consideration while designing Cisco solution- based enterprise remote-access solutions?

A. Authentication: one-time passwords, digital certificates

B. EndpointSecurity : Managed endponts versus unmanaged endpoints protection (Cisco Security

Agent, Cisco NAC Agent, Cisco Secure Desktop) C. Traffic protection: IPSec versus SSL

D. Central Site aggregation device: ISR versus Cisco ASA, high-availability options

Answer: ABCD Section: (none)

Explanation/Reference:

QUESTION 23

What can be used to enable IPSec Usage across Port Address Translation (PAT) devices?

A. Port Forwarding B. IPSec Tunnel Mode C. PRI D. NAT-T

Answer: D

Section: (none)

Explanation/Reference:

QUESTION 24

Cisco NAC Appliance, formerly Cisco Clean Access (CCA), is a network access control solution developed by Cisco Systems that helps ensure a secure and clean network environment. Which Cisco NAC Appliance design is the most scalable architecture for campus LANs because it offers

high performance after posture verification?

A. In-band real-ip gateway B. Layer 2 out-of-band C. In-band virtual gateway D. Layer 3 centraldeployment

Answer: B

Section: (none)

Explanation/Reference:

QUESTION 25

Which functionality can be used by the Cisco Security MARS security appliance to achieve events aggregation?

A. Sessionalization B. Events action filters C. Summarization

D. Cisco Security Managerpolicy correlations

Answer: A

Section: (none)

Explanation/Reference:

QUESTION 26

Which one of the following elements is essential to perform events analysis and correlation?

A. Implementation of a centralized provisioning system, such as Cisco Security Manager B. Elimination of all the true positive events

C. Implementation of different security controls and platforms when using the defense-in-depth

approach

D. Time synchronization between all the devices

Answer: D

Section: (none)

Explanation/Reference:

QUESTION 27

You are network engineer at Your company. Please point out two functions of Cisco Security Agent.

A. Spam filtering B. Authentication

C. Resource Protection

D. Control of executable content

Answer: CD Section: (none)

Explanation/Reference:

QUESTION 28

DRAG DROP

Which option is correct about the relationship between the malware type and its description? Make the appropriate matches.

Answer:

Section: (none)

Explanation/Reference:

QUESTION 29

Which one of the following platforms could support the highest number of SSL sessions?

A. Cisco 7200 NPE-GE+VAM2+ B. Cisco ASA 5580

C. Cisco 6500/7600 + VPN SPA D. Cisco ASR 1000-5G

Answer: B

Section: (none)

Explanation/Reference:

QUESTION 30

What will happen if a preconfigured usage threshold is exceeded while using the Cisco IOS Network Foundation Protection (NFP) Memory Thresholding Notification and CPU Thresholding Notification features?

A. The router will send an SNMP trap to a management station B. The router will reboot

C. The router will switch from process switching to Cisco Express Forwarding switching D. The router will switch from Cisco Express Forwarding switching to process switching

Answer: A

Section: (none)

Explanation/Reference:

QUESTION 31

Select the advantage of the Cisco ASA phone proxy feature:

A. Enables advanced H.323 inspection services that support H.323 versions 1 along with Direct

Call Signaling (DCS) and Gatekeeper-Routed Call Signaling (GKRCS) to provide flexible security integration in a variety of H.323-driven VoIP environments

B. Enables inspection of the RTSP protocols that are used to control communications between the

client and server for streaming applications

C. Allows telecommuters to connect their IP phones to the corporate IP telephony network

securely over the Internet, without the need to connect over a VPN tunnel

D. Allows businesses to configure granular policies for SCCP traffic, such as enforcing only

registered phone calls to send traffic through the Cisco ASA security appliance and filtering to message IDs to allow or disallow specific messages

Answer: C

Section: (none)

Explanation/Reference:

QUESTION 32

Which two Cisco products/feature provide the best security controls for a web server having applications running on it that perform inadequate input data validation? (Choose two.)

A. Cisco Application Velocity System (AVS) B. Cisco IOS Flexible Packet Matching (FPM) C. Cisco Security Agent data access controls D. Cisco ACE XML Gateway

Answer: CD Section: (none)

Explanation/Reference:

QUESTION 33

Which two protocols can perform high-availability IPS design by use of the Cisco IPS 4200 Series Sensor appliance?(Choose two.)

A. HSRP

B. Spanning Tree

C. EtherChannel load balancing D. SDEE

Answer: BC Section: (none)

Explanation/Reference:

QUESTION 34

______________ are needed for a device to join a certificate-authenticated network?

A. The certificates of the certificate authority and the peer

B. The certificates of the device and its peer

C. The certificates of the certificate authority, the device and the peer D. The certificates of the certificate authority and the device

Answer: D

Section: (none)

Explanation/Reference:

QUESTION 35

An incident in MARS is _______________.

A. A series of raw message sent to the MARS viasyslog, SNMP

B. A series of events that is correlated to represent a single occurrence using related information

within a given timeframe

C. A series of events that triggered a defined rule in the system

D. A series of behaviors in a session that describe an anomaly, worm or virus

Answer: C

本处有所有IT认证最新题库，考过付款，联系QQ:一0二0二二三一九八 最新题库,保通过,60元一门