Download New Updated (Spring 2015) Cisco 640-554 Actual Tests 11-20

Ensurepass

 

QUESTION 11

Which two characteristics of the TACACS+ protocol are true? (Choose two.)

 

A.      uses UDP ports 1645 or 1812

B.      separates AAA functions

C.      encrypts the body of every packet

D.      offers extensive accounting capabilities

E.       is an open RFC standard protocol

 

Correct Answer: BC

 

 

QUESTION 12

Refer to the exhibit. Which statement about this output is true?

 

clip_image002

 

A.      The user logged into the router with the incorrect username and password.

B.      The login failed because there was no default enable password.

C.      The login failed because the password entered was incorrect.

D.      The user logged in and was given privilege level 15.

 

Correct Answer: C

 

 

QUESTION 13

Refer to the exhibit. Which traffic is permitted by this ACL?

 

clip_image004

 

A.      TCP traffic sourced from any host in the 172.26.26.8/29 subnet on any port to host

192.168.1.2 port 80 or 443

B.      TCP traffic sourced from host 172.26.26.21 on port 80 or 443 to host 192.168.1.2 on any port

C.      any TCP traffic sourced from host 172.26.26.30 destined to host 192.168.1.1

D.      any TCP traffic sourced from host 172.26.26.20 to host 192.168.1.2

 

Correct Answer: C

 

 

QUESTION 14

Refer to the exhibit. Which statement about this partial CLI configuration of an access control list

is true?

 

clip_image006

 

A.      The access list accepts all traffic on the 10.0.0.0 subnets.

B.      All traffic from the 10.10.0.0 subnets is denied.

C.      Only traffic from 10.10.0.10 is allowed.

D.      This configuration is invalid. It should be configured as an extended ACL to permit the

associated wildcard mask.

E.       From the 10.10.0.0 subnet, only traffic sourced from 10.10.0.10 is allowed; traffic sourced

from the other 10.0.0.0 subnets also is allowed.

F.       The access list permits traffic destined to the 10.10.0.10 host on FastEthernet0/0 from any

source.

 

Correct Answer: E

 

 

 

 

QUESTION 15

Which type of Cisco ASA access list entry can be configured to match multiple entries in a single

statement?

 

A.      nested object-class

B.      class-map

C.      extended wildcard matching

D.      object groups

 

Correct Answer: D

 

 

QUESTION 16

Which statement about an access control list that is applied to a router interface is true?

 

A.      It only filters traffic that passes through the router.

B.      It filters pass-through and router-generated traffic.

C.      An empty ACL blocks all traffic.

D.      It filters traffic in the inbound and outbound directions.

 

Correct Answer: A

 

 

QUESTION 17

You have been tasked by your manager to implement syslog in your network. Which option is an

important factor to consider in your implementation?

 

A.      Use SSH to access your syslog information.

B.      Enable the highest level of syslog function available to ensure that all possible event

messages are logged.

C.      Log all messages to the system buffer so that they can be displayed when accessing the

router.

D.      Synchronize clocks on the network with a protocol such as Network Time Protocol.

 

Correct Answer: D

 

 

QUESTION 18

Which protocol secures router management session traffic?

 

A.      SSTP

B.      POP

C.      Telnet

D.      SSH

Correct Answer: D

 

 

QUESTION 19

Which two considerations about secure network management are important? (Choose two.)

 

A.      log tampering

B.      encryption algorithm strength

C.      accurate time stamping

D.      off-site storage

E.       Use RADIUS for router commands authorization.

F.       Do not use a loopback interface for device management access.

 

Correct Answer: AC

 

 

QUESTION 20

Which command enables Cisco IOS image resilience?

 

A.      secure boot-<IOS image filename>

B.      secure boot-running-config

C.      secure boot-start

D.      secure boot-image

 

Correct Answer: D

 

Free VCE & PDF File for Cisco 640-554 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …