Download New Updated (Spring 2015) Cisco 640-554 Actual Tests 121-130

Ensurepass

 

QUESTION 121

DRAG DROP

clip_image002

 

Correct Answer:

clip_image004

 

 

QUESTION 122

DRAG DROP

clip_image006

 

Correct Answer:

clip_image008

 

 

 

 

 

 

 

 

QUESTION 123

DRAG DROP

clip_image010

 

Correct Answer:

clip_image012

 

 

QUESTION 124

DRAG DROP

clip_image014

 

Correct Answer:

clip_image016

 

 

 

 

 

 

QUESTION 125

DRAG DROP

clip_image018

 

Correct Answer:

clip_image020

 

 

QUESTION 126

Which statement is true when you have generated RSA keys on your Cisco router to prepare for

secure device management?

 

A.      You must then zeroize the keys to reset secure shell before configuring other parameters.

B.      The SSH protocol is automatically enabled.

C.      You must then specify the general-purpose key size used for authentication with the crypto

key generate rsa general-keys modulus command.

D.      All vty ports are automatically enabled for SSH to provide secure management.

 

Correct Answer: B

 

 

QUESTION 127

Which of these correctly matches the CLI command(s) to the equivalent SDM wizard that

performs similar configuration functions?

 

A.      Cisco Common Classification Policy Language configuration commands and the SDM

Site-to-Site VPN wizard

B.      auto secure exec command and the SDM One-Step Lockdown wizard

C.      setup exec command and the SDM Security Audit wizard

D.      class-maps, policy-maps, and service-policy configuration commands and the SDM IPS wizard

E.       aaa configuration commands and the SDM Basic Firewall wizard

 

Correct Answer: B

 

 

QUESTION 128

What is the key difference between host-based and network-based intrusion prevention?

 

A.      Network-based IPS is better suited for inspection of SSL and TLS encrypted data flows.

B.      Network-based IPS provides better protection against OS kernel-level attacks against hosts

and servers.

C.      Network-based IPS can provide protection to desktops and servers without the need of

installing specialized software on the end hosts and servers.

D.      Host-based IPS can work in promiscuous mode or inline mode.

E.       Host-based IPS is more scalable then network-based IPS.

F.       Host-based IPS deployment requires less planning than network-based IPS.

 

Correct Answer: C

 

 

QUESTION 129

Refer to the exhibit. You are a network manager for your organization. You are looking at your

Syslog server reports. Based on the Syslog message shown, which two statements are true?

(Choose two.)

 

clip_image022

 

A.      Service timestamps have been globally enabled.

B.      This is a normal system-generated information message and does not require further

investigation.

C.      This message is unimportant and can be ignored.

D.      This message is a level 5 notification message.

 

Correct Answer: AD

 

 

QUESTION 130

What is a result of securing the Cisco IOS image using the Cisco IOS image resilience feature?

 

A.      The show version command will not show the Cisco IOS image file location.

B.      The Cisco IOS image file will not be visible in the output from the show flash command.

C.      When the router boots up, the Cisco IOS image will be loaded from a secured FTP location.

D.      The running Cisco IOS image will be encrypted and then automatically backed up to the

NVRAM.

E.       The running Cisco IOS image will be encrypted and then automatically backed up to a TFTP

server.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 640-554 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …