Page 1

Exam 642­591 study material Made available by


Free 642­591 Exam Preparation Questions  Exam  642­591    : Implementing Cisco NAC Appliance

For Latest 642­591 Exam Questions and study guides­ visit­­591.html

Question:1 In the process of deploying an out-of-band Cisco NAC Appliance high-availability, what is the reason that port security needs to be disabled between the switch interfaces to which the Cisco NAS and Cisco NAM are connected? A. Port security can interfere with Cisco NAS high availability and DHCP delivery. B. Port security interferes with UDP heartbeat signals. C. Port security creates time-based latency, causing erratic SSL communication. D. Port security interferes with SNMP message delivery between Cisco NAM failover peers. Answer: A Question:2 If configuring interfaces E0, E1, and S0 to support NAM high-availability failover, which information will be modified over these interfaces? A. NAM run-time data activities and IP-based heartbeat signals B. NAM run-time data activities and UDP heartbeat signals C. NAM run-time data activities, UDP heartbeat signals and backup and recover database snapshots D. NAM run-time data activities, UDP heartbeat signals, redundant heartbeat signals Answer: D Question:3 In Cisco NAC Appliance solutions, which statement best describes devices on the certified list? A. To remove an exempt device from the certified list, click the Clear Certified Device button. B. Devices that pass the Cisco NAA requirements are automatically added to the exempt device list. C. A device is not required to be rescanned at the next login as long as its MAC address is in the certified list. D. Devices manually added to the certified device list are automatically deleted when the device list-clearing timer expires. Answer: C Question:4 On the basis of the exhibit below. From a drop-down menu, profiles are deployed to each managed port. Before applying a profile, where should the client access and authentication VLAN profile parameters be configured?

A. Switch profile B. Controlled VLAN profile C. Port profile D. VLAN mapping profile Answer: C Question:5 Which two pairs of key attributes belong to traffic policies? (Choose two.) A. Directional and hierarchical B. Global and local C. Stateful and stateless For Latest 642­591 Exam Questions and study guides­ visit­­591.html

D. Rule- and requirement-based Answer: A, B Question:6 In the process of deploying an out-of-band real IP gateway, how to limit access to the network for certain types of users after they have been authenticated? A. By using SNMP to control client devices directly from the Cisco NAM B. By assigning ports to specific VLANs and then assigning users to specific roles that map to those VLANs C. By limiting the amount of bandwidth that is assigned to their user role D. By using traffic policy to restrict the network access Answer: B Question:7 In the process of deploying a Layer 3 out-of-band, which Cisco NAC Appliance component offers the client-machine IP address to MAC address mapping? A. Cisco Security Agent B. Cisco NAA C. Cisco Trust Agent D. Cisco NAS Answer: B Question:8 Which advantage belongs to a Layer 2 out-of-band virtual gateway deployment by use of port-based VLAN assignment? A. Supports wireless LAN networks providing bandwidth throttling B. Manages bandwidth and session time for users during authentication C. Supports IP telephony for end users who are multi-hops away D. Simplifies implementation as client IP addresses are not changed Answer: D

For Latest 642­591 Exam Questions and study guides­ visit­­591.html

For complete Exam 642-591 Training kits and Self-Paced Study Material Visit:

For Latest 642­591 Exam Questions and study guides­ visit­­591.html

Exam 642-591 Preparation Questions  

Certsking the leading source in certification preparation services, all certification guaranteed study material, question and answers, pract...

Read more
Read more
Similar to
Popular now
Just for you