This page was exported from All The Latest MCTS Exam Questions And Answers For Free Share [ https://www.mctsdump.com ] Export date:Thu Nov 21 11:29:46 2024 / +0000 GMT ___________________________________________________ Title: [New Exam Dumps] 640-554 New Questions and Answers -- Everybody Needs To Download For 100% Passing Exam --------------------------------------------------- How to pass the newest 640-554 exam? What new questions are on the latest 640-554 exam? PassLeader's best 640-554 VCE and PDF exam dumps will tell you all about the 640-554 exam. For all PassLeader's 265q 640-554 exam questions are the newest and covered all new added questions and answers, which will help you 100% passing exam. And we PassLeader will continue update 640-554 exam questions and answers, you will never fail the exam 640-554. Hurry up and get the free VCE Player with your premium 640-554 VCE dumps from passleader.com now! keywords: 640-554 exam,265q 640-554 exam dumps,265q 640-554 exam questions,640-554 pdf dumps,640-554 vce dumps,640-554 braindumps,Implementing Cisco IOS Network Security (IINS v2.0) QUESTION 188Which statement about the role-based CLI access views on a Cisco router is true? A.    The maximum number of configurable CLI access views is 10, including one lawful intercept view and excluding the root view.B.    The maximum number of configurable CLI access views is 10, including one superview.C.    The maximum number of configurable CLI access views is 15, including one lawful intercept view and excluding the root view.D.    The maximum number of configurable CLI access views is 15, including one lawful intercept view. Answer: C QUESTION 189Which three protocols are supported by management plane protection? (Choose three.) A.    SNMPB.    SMTPC.    SSHD.    OSPFE.    HTTPSF.    EIGRP Answer: ACE QUESTION 190Which statement about rule-based policies in Cisco Security Manager is true? A.    Rule-based policies contain one or more rules that are related to a device's security and operations parameters.B.    Rule-based policies contain one or more rules that control how traffic is filtered and inspected on a device.C.    Rule-based policies contain one or more user roles that are related to a device's security and operations parameters.D.    Rule-based policies contain one or more user roles that control how user traffic is filtered and inspected on a device. Answer: B QUESTION 191Which Cisco Security Manager feature enables the configuration of unsupported device features? A.    Deployment ManagerB.    FlexConfigC.    Policy Object ManagerD.    Configuration Manager Answer: B QUESTION 192Which statement about IPv6 address allocation is true? A.    IPv6-enabled devices can be assigned only one IPv6 IP address.B.    A DHCP server is required to allocate IPv6 IP addresses.C.    IPv6-enabled devices can be assigned multiple IPv6 IP addresses.D.    ULA addressing is required for Internet connectivity. Answer: C QUESTION 193Which command will configure a Cisco ASA firewall to authenticate users when they enter the enable syntax using the local database with no fallback method? A.    aaa authentication enable console LOCAL SERVER_GROUPB.    aaa authentication enable console SERVER_GROUP LOCALC.    aaa authentication enable console localD.    aaa authentication enable console LOCAL Answer: D QUESTION 194Which command will configure a Cisco router to use a TACACS+ server to authorize network services with no fallback method? A.    aaa authorization exec default group tacacs+ noneB.    aaa authorization network default group tacacs+ noneC.    aaa authorization network default group tacacs+D.    aaa authorization network default group tacacs+ local Answer: C QUESTION 195Which three statements about RADIUS are true? (Choose three.) A.    RADIUS uses TCP port 49.B.    RADIUS uses UDP ports 1645 or 1812.C.    RADIUS encrypts the entire packet.D.    RADIUS encrypts only the password in the Access-Request packet.E.    RADIUS is a Cisco proprietary technology.F.    RADIUS is an open standard. Answer: BDF http://www.passleader.com/640-554.html QUESTION 196Which command will configure AAA accounting using the list of all RADIUS servers on a device to generate a reload event message when the device reloads? A.    aaa accounting network default start-stop group radiusB.    aaa accounting auth-proxy default start-stop group radiusC.    aaa accounting system default start-stop group radiusD.    aaa accounting exec default start-stop group radius Answer: C QUESTION 197Which two accounting notices are used to send a failed authentication attempt record to a AAA server? (Choose two.) A.    start-stopB.    stop-recordC.    stop-onlyD.    stop Answer: AC QUESTION 198What is the first command you enter to configure AAA on a new Cisco router? A.    aaa configurationB.    no aaa-configurationC.    no aaa new-modelD.    aaa new-model Answer: D QUESTION 199Which three TACACS+ server-authentication protocols are supported on Cisco ASA firewalls? (Choose three.) A.    EAPB.    ASCIIC.    PAPD.    PEAPE.    MS-CHAPv1F.    MS-CHAPv2 Answer: BCE QUESTION 200What is the default privilege level for a new user account on a Cisco ASA firewall? A.    0B.    1C.    2D.    15 Answer: C QUESTION 201Which statement about ACL operations is true? A.    The access list is evaluated in its entirety.B.    The access list is evaluated one access-control entry at a time.C.    The access list is evaluated by the most specific entry.D.    The default explicit deny at the end of an access list causes all packets to be dropped. Answer: B QUESTION 202Which three statements about access lists are true? (Choose three.) A.    Extended access lists should be placed as near as possible to the destination.B.    Extended access lists should be placed as near as possible to the source.C.    Standard access lists should be placed as near as possible to the destination.D.    Standard access lists should be placed as near as possible to the source.E.    Standard access lists filter on the source address.F.    Standard access lists filter on the destination address. Answer: BCE QUESTION 203Which command configures a device to actively watch connection requests and provide immediate protection from DDoS attacks? A.    router(config)# ip tcp intercept mode interceptB.    router(config)# ip tcp intercept mode watchC.    router(config)# ip tcp intercept max-incomplete high 100D.    router(config)# ip tcp intercept drop-mode random Answer: A QUESTION 204Which command will block external spoofed addresses? A.    access-list 128 deny ip 10.0.0.0 0.0.255.255 anyB.    access-list 128 deny ip 192.168.0.0 0.0.0.255 anyC.    access-list 128 deny ip 10.0.0.0 0.255.255.255 anyD.    access-list 128 deny ip 192.168.0.0 0.0.31.255 any Answer: C http://www.passleader.com/640-554.html --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2015-06-09 06:23:12 Post date GMT: 2015-06-09 06:23:12 Post modified date: 2015-06-09 06:23:13 Post modified date GMT: 2015-06-09 06:23:13 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com