Issuu on Google+

640-553

Cisco

IINS Implementing Cisco IOS Network Security Click the link below to buy full version as Low as $25 http://www.examkill.com/640-553.html

ExamKill is team of experienced and educated professionals working day and night to develop preparation material for different fields in IT. These industries are including HP, IBM, Comptia, Orcale, Apple, Adobe, Nortel, Novell, Checkpoint etc with the following features.

Free Samples:

Free samples download are available for almost every product to check before

buy.

Complete Course Coverage: Experienced professionals are making sure to cover complete course so that you pass final exam.

Updated Material: Preparation material is updated and new; you can compare us with other providers in the same industry.

Privacy Protection:

Examkill team makes sure not to reveal your private information

including your credit card and other secret information.

Excellent Customer Support: You will get reply from examkill support within 8 hours for all your questions/concerns about anything.

www.examkill.com


Question: 1 Which access list will permit HTTP traffic sourced from host 10.1.129.100 port 3030 destined to host 192.168.1.10? A. access-list 101 permit tcp any eq 3030 B. access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www C. access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.1.10 0.0.0.0 eq www D. access-list 101 permit tcp host 192.168.1.10 eq 80 10.1.0.0 0.0.255.255 eq 3030 E. access-list 101 permit tcp 192.168.1.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255 F. access-list 101 permit ip host 10.1.129.100 eq 3030 host 192.168.1.100 eq 80

Answer: B

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

2


Question: 2 DRAG DROP Drag three proper statements about the IPsec protocol on the above to the list on the below.

Answer: A

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

3


Question: 3 In a brute-force attack, what percentage of the keyspace must an attacker generally search through until he or she finds the key that decrypts the data? A. Roughly 50 percent B. Roughly 66 percent C. Roughly 75 percent D. Roughly 10 percent

Answer: A

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

4


Question: 4 The information of Cisco Router and Security Device Manager(SDM) is shown below:

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

5


http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

6


http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

7


http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

8


http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

9


http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

10


Within the "sdm-permit" policy map, what is the action assigned to the traffic class "class-default"? A. inspect B. drop C. police D. pass

Answer: B

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

11


Question: 5 DRAG DROP On the basis of the description of SSL-based VPN, place the correct descriptions in the proper locations.

A. Answer Pending

Answer: A

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

12


Question: 6 Refer to the exhibit and partial configuration. Which statement is true?

A. All traffic destined for network 172.16.150.0 will be denied due to the implicit deny all. B. All traffic from network 10.0.0.0 will be permitted. C. Access-list 101 will prevent address spoofing from interface E0. D. This is a misconfigured ACL resulting in traffic not being allowed into the router in interface S0. E. This ACL will prevent any host on the Internet from spoofing the inside network address as the source address for packets coming into the router from the Internet.

Answer: C

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

13


Question: 7 Which of these can be used to authenticate the IPsec peers during IKE Phase 1? A. Diffie-Hellman Nonce B. pre-shared key C. XAUTH D. integrity check value E. ACS F. AH

Answer: B Question: 8 Which description about asymmetric encryption algorithms is correct? A. They use the same key for encryption and decryption of data. B. They use different keys for decryption but the same key for encryption of data. C. They use different keys for encryption and decryption of data. D. They use the same key for decryption but different keys for encryption of data.

Answer: C Question: 9 For the following items, which management topology keeps management traffic isolated from production traffic? A. OTP B. OOB C. SAFE D. MARS

Answer: B

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

14


Question: 10 You work as a network engineer, do you know an IPsec tunnel is negotiated within the protection of which type of tunnel? A. L2F tunnel B. L2TP tunnel C. GRE tunnel D. ISAKMP tunnel

Answer: D

http://www.examkill.com/640-553.html

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

15


Cisco

640-553

IINS Implementing Cisco IOS Network Security

Click the link below to buy full version as Low as $25

http://www.examkill.com/640-553.html

We also provide PDF Training Material for: Hot Exam 650-667

650-663

650-304

350-060

642-995

650-196

642-780

642-874

642-994

650-665

650-032

642-627

650-179

650-395

642-647

642-637

650-158

650-256

642-457

650-042

642-785

642-188

650-473

640-893

640-864

642-437

642-263

642-992

http://www.examkill.com/640-553.html

www.examkill.com

Adobe Apple Cisco CompTIA HP EMC IBM Microsoft Oracle Juniper

16


IINS Implementing Cisco IOS Network Security