Latest Cisco 640-554 IINS Real Exam Download 61-70

Ensurepass

QUESTION  61

Which option represents a step that should be taken when a security policy is developed?

 

A.      Perform penetration testing.

B.      Determine device risk scores.

C.      Implement a security monitoring system.

D.      Perform quantitative risk analysis.

 

Correct Answer: D

 

 

QUESTION  62

Which type of network masking is used when Cisco IOS access control lists are configured?

 

A.      extended subnet masking

B.      standard subnet masking

C.      priority masking

D.      wildcard masking

 

Correct Answer: D

 

 

QUESTION  63

How are Cisco IOS access control lists processed?

 

A.      Standard ACLs are processed first.

B.      The best match ACL is matched first.

C.      Permit ACL entries are matched first before the deny ACL entries.

D.      ACLs are matched from top down.

E.       The global ACL is matched first before the interface ACL.

 

Correct Answer: D

 

 

QUESTION  64

Which type of management reporting is defined by separating management traffic from production traffic?

 

A.      IPsec encrypted

B.      in-band

C.      out-of-band

D.      SSH

 

Correct Answer: C

 

 

QUESTION  65

Which syslog level is associated with LOG_WARNING?

 

A.      1

B.      2

C.      3

D.      4

E.       5

F.       6

G.      7

H.      0

 

Correct Answer: D

 

 

QUESTION  66

In which type of Layer 2 attack does an attacker broadcast BDPUs with a lower switch priority?

 

A.      MAC spoofing attack

B.      CAM overflow attack

C.      VLAN hopping attack

D.      STP attack

 

Correct Answer: D

 

 

QUESTION  67

Which security measure must you take for native VLANs on a trunk port?

 

A.      Native VLANs for trunk ports should never be used anywhere else on the switch.

B.      The native VLAN for trunk ports should be VLAN 1.

C.      Native VLANs for trunk ports should match access VLANs to ensure that cross-VLAN traffic from multiple switches can be delivered to physically disparate switches.

D.      Native VLANs for trunk ports should be tagged with 802.1Q.

 

Correct Answer: A

 

 

QUESTION  68

Refer to the exhibit. Which switch is designated as the root bridge in this topology?

 

clip_image002

 

A.      It depends on which switch came on line first.

B.      Neither switch would assume the role of root bridge because they have the same default priority.

C.      switch X

D.      switch Y

 

Correct Answer: C

 

 

QUESTION  69

Which type of firewall technology is considered the versatile and commonly used firewall technology?

 

A.      static packet filter firewall

B.      application layer firewall

C.      stateful packet filter firewall

D.      proxy firewall

E.       adaptive layer firewall

 

Correct Answer: C

 

 

QUESTION  70

Which type of NAT is used where you translate multiple internal IP addresses to a single global, routable IP address?

 

A.      policy NAT

B.      dynamic PAT

C.      static NAT

D.      dynamic NAT

E.       policy PAT

 

Correct Answer: B

 

 



Download Latest Cisco 640-554 IINS Real Free Tests , help you to pass exam 100%.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.