killtestはCisco認証 の最新問題集を提供いたします、最も標準的な技術を正確的に書き入れ、認証した専門家と作者の出版した新製品だけを使います、Others認証の642-371問題集 は世界のどこでも人気があるんですよ、killtestでその問題集を購入するのは明確の選択でございます。
642-371
1.How does the Cisco IOS IPS feature set monitor the network for malicious activity?
A.passive "bird-on-a-wire" packet inspection
B.deep inline packet inspection
C.Security Device Event Exchange (SDEE) packet inspection
D.out-of-band (OOB) packet inspection
Correct:B
2.What are three benefits that companies gain with intelligent networking based on Cisco IOS
network infrastructure? (Choose three.)
A.a fully integrated network
B.a network requiring fewer networking devices
C.an adaptive network
D.a more resilient network
E.a completely fault-tolerant network
Correct:A C D
3.Your customer has a basic stateful firewall setup that only permits incoming traffic from the
Internet to an internal web server. What are the security risks if the firewall being used does not
perform advanced application inspection and control like the ASA Security Appliance does?
(Choose two.)
A.Allowing all return traffic from the internal web server back out to the Internet may increase the risk of
worm propagation.
B.Peer-to-peer or instant messaging traffic using port 80 may exhaust the network capacity.
C.Not validating port 80 traffic content may increase the risk of malware infection.
D.Denial of service attacks launched against port 80 of the internal web server can bring down the web
server.
E.If the firewall cannot perform deep packet inspection, the firewall cannot properly classify the HTTP and
HTTPS traffic. This may lead to connectivity issues from the Internet to the internal web server.
Correct:B C
4.Refer to the exhibit. Deploying integrated services on the Cisco ISR Router can help reduce
network cost and complexity by integrating which four of these features on the ISR? (Choose four.)
A.firewall and VPN
B.IP telephony and voice mail
C.Secure Access Control Server
D.LAN switching and Wireless LAN
E.IPS
F.Anomaly Guard and Detection
Correct:A B C E
5.Which two of these statements best describe fast secure roaming for the wireless core feature
set using autonomous access points? (Choose two.)
A.It is compatible with all wireless clients.
B.It reduces roaming latency through reduced client RF channel scanning enhancements.
C.It reduces roaming latency to targeted times of less than 75ms.
D.Roaming occurs without reauthentication through a centralized RADIUS server.
E.It is enabled through WLSE deployment.
Correct:B D
6.LAB
Correct:
7.A customer is deploying a wireless core feature set using autonomous access points and
requires Layer 2 roaming. What is a requirement when deploying this solution?
A.a minimum of one Cisco 4100 Series WLAN Controller
B.one WDS per subnet
C.a minimum of one Wireless LAN Services Module
D.all clients using Cisco Aironet Wireless LAN Adapters
Correct:B
8.Which of these is the Cisco IOS Firewall feature that creates specific security policies for each
user with LAN-based, dynamic, per-user authentication and authorization?
A.DDoS Mitigation
B.Cisco Security Agent
C.Intrusion Prevention System
D.Authentication Proxy
E.Context-based Access Control
F.Monitoring, Analysis and Response System
Correct:D
9.What are three components of the wireless core feature set using autonomous access points?
(Choose three.)
A.CiscoWorks WLSE
B.Wireless LAN Controller
C.lightweight access points
D.802.1X authentication server
E.Wireless Control System
F.Cisco autonomous access points running WDS
Correct:A D F
10.A customer plans to implement a wireless core feature set using autonomous access points.
When choosing the access points, what is required for the customer to implement WDS?
A.Client cards must be using Cisco's LEAP authentication.
B.All APs must support 802.1X for registration with WDS.
C.WDS must be enabled on all APs in the WLAN.
D.The customer must have a WLSM blade in their Cisco Catalyst 6000.
Correct:B