Cisco 642-551 Real Exam Questions And Answers, Latest Cisco 642-551 PDF Download Sale

Attention Please:Professional new version Cisco https://www.lead4pass.com/642-551.html PDF and VCE dumps can now free download on lead4pass.com,all are updated timely by our experts covering all Cisco 642-551 new questions and questions.100 percent pass your Cisco 642-551 exam.

QUESTION 53
Which method does the Cisco IDM use to communicate with the sensor?
A. Telnet
B. HTTP
C. SSH
D. SSL

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 54
Which browser-based configuration device can be used to monitor and manage multiple Cisco PIX Security Appliances?
A. Cisco PIX Device Manager
B. Cisco ASA Device Manager
C. Firewall Management Center
D. PIX Management Center

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which protocol does the Cisco Web VPN solution use?
A. SSH
B. Telnet
C. SSL
D. IPSec
E. XML

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Which CSA object contains associations with policies and can accept hosts as members?
A. Groups
B. Policies
C. Variables
D. Agent Kits

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 57
Select two ways to secure hardware from threats. (Choose two.)
A. The room must have steel walls and doors.
B. The room must be static free.
C. The room must be locked, with only authorized people allowed access.
D. The room should not be accessible via a dropped ceiling, raised floor, window, ductwork, or point of entry other that the secured access point.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 58
What is the purpose of the global command on the Cisco PIX Security Appliance?
A. to set up the IP addresses on an interface
B. to enable global configuration mode
C. to create a pool of one or more IP addresses for use in NAT and PAT
D. to enable global NAT

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Drag Drop question

A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 60
What must be configured on a network-based Cisco IDS/IPS to allow it to monitor traffic?
A. Enable rules.
B. Enable signatures.
C. Disable rules.
D. Disable signatures.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Which method of authentication is considered the strongest?
A. S/Key (OTP for terminal login)
B. username and password (aging)
C. token cards or SofTokens using OTP
D. username and password (static)

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 62
LAB This is the
Router(config)#aaa new-model Router(config)#tacacs-server host 10.0.129.3 key aaasafe Router(config)#tacacs-server host 10.0.129.2 key aaacisco A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

Cisco 642-551 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of Cisco https://www.lead4pass.com/642-551.html exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification

Cisco 642-533 Actual Test, Prompt Updates Cisco 642-533 Exam Is Your Best Choice

We are committed on providing you with the latest and most accurate Cisco 642-533 exam preparation products.If you want to pass Cisco 642-533 exam successfully, do not miss to read latest Flydumps Cisco 642-533 brain dumps on Flydumps.

QUESTION 71
Your sensor is detecting a large volume of web traffic because it is monitoring traffic outside the firewall. What is the most appropriate sensor tuning for this scenario?
A. lowering the severity level of certain web signatures
B. raising the severity level of certain web signatures
C. disabling all web signatures
D. disabling the Meta Event Generator

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
QUESTION 72
What would best mitigate the executable-code exploits that can perform a variety of malicious acts, such as erasing your hard drive?
A. assigning deny actions to signatures that are controlled by the Trojan engines
B. assigning the TCP reset action to signatures that are controlled by the Normalizer engine
C. enabling blocking
D. enabling Application Policy Enforcement

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 73
Your network has only one entry point. However, you are concerned about internal attacks. Select the three best choices for your network. (Choose three.)
A. CSA Agents on corporate mail servers
B. CSA Agents on critical network servers and user desktops
C. the network sensor behind (inside) the corporate firewall
D. sensor and CSA Agents that report to management and monitoring servers that are located inside the corporate firewall

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 74
What are three differences between inline and promiscuous sensor functionality? (Choose three.)
A. A sensor that is operating in inline mode can drop the packet that triggers a signature before it reaches its target, but a sensor that is operating in promiscuous mode cannot.
B. A sensor that is operating in inline mode supports more signatures than a sensor that is operating in promiscuous mode.
C. Inline operation provides more protection from Internet worms than promiscuous mode does.
D. Inline operation provides more protection from atomic attacks than promiscuous mode does.

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 75
You are in charge of Securing Networks with Cisco Routers and Switches for PassGuide.com .Which type of signature engine is best suited for creating custom signatures that inspect data at Layer 5 and above?
A. ATOMIC
B. String
C. Sweep
D. Service PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
E. AIC
F. Flood

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 76
Which two management access methods are enabled on a Cisco IPS Sensor defautly?
A. FTP
B. HTTPS
C. IPsec
D. SSH

Correct Answer: BD Section: (none) Explanation Explanation/Reference:
QUESTION 77
Which of these statements is true concerning VLAN Pairs and the GigabitEthernet0/0 interface based on the following information?

A. you would need to edit the current configuration before adding another VLAN pair to interface GigabitEthernet0/0,.
B. You would need to click the Add button and enter the appropriate information into the current configuration before adding another VLAN pair to interface GigabitEthernet0/0, y.
C. You cannot delete the default VLAN pair
D. You cannot add another VLAN pair to interface GigabitEthernet0/0

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 78
Please match the inline and inline VLAN pair descriptions to the proper categories. (1)also known as inline on a stick (2)IPS appliance is installed between two network devices (3)two monitoring interfaces are configured as a pair (4)IPS appliance bridges traffic between pairs of VLAN (I)Inline Interface Pair (II)Inline VLAN Pair
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
A. (I)-(1 2);(II)-(3 4)
B. (I)-(1 3);(II)-(2 4)
C. (I)-(2 4);(II)-(1 3)
D. (I)-(2 3);(II)-(1 4)

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 79
Which two protocols does Cisco IEV support for communications with Cisco IPS Sensors?
A. TFTP
B. HTTP
C. HTTPS
D. IPsec

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 80
Refer to the exhibit. Which three statements correctly describe the configuration depicted in this Cisco IDM virtual sensors list? (Choose three.)

A. inline dropping of packets can occur on the Gig0/0.1 sub-interface
B. sub-interfaces Gig0/2.0 and Gig0/3.0 are operating in IPS mode
C. the Cisco IPS Sensor appliance is configured for promiscuous (IDS) and inline (IPS) mode simultaneously
D. the vs1 virtual sensor is misconfigured for inline operations since only one sub-interface is assigned to vs1
E. inline dropping of packets can occur on the Gig0/2.0 sub-interface or Gig0/3.0 sub-interface or both
F. the vs1 virtual sensor is operating inline between VLAN 102 and VLAN 201

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 81
Which two statements correctly describe Cisco ASA AIP-SSM based on Cisco IPS 6.0 and the ASA 7.x software release? (Choose two.)
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
A. It supports up to four virtual sensors.
B. It supports inline VLAN pairs.
C. Its command and control interface is Gig0/0.
D. It requires two physical interfaces to operate in inline mode.
E. It does not have console port access.
F. It has two sensing interfaces.

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 82
A user with which user account role on a Cisco IPS Sensor can log into the native operating system shell for advanced troubleshooting purposes when directed to do so by Cisco TAC?
A. administrator
B. operator
C. viewer
D. service
E. root
F. super

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 83
What are the three roles of the Cisco IPS Sensor interface? (Choose three.)
A. alternate TCP reset
B. blocking
C. command and control
D. sensing (monitoring)
E. logging
F. bypass

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 84
In Cisco IDM, the Configuration > Sensor Setup > SSH > Known Host Keys screen is used for what purpose?
A. to enable communications with the Master Blocking Sensor
B. to enable communications with a blocking device
C. to enable management hosts to access the Cisco IPS Sensor
D. to regenerate the Cisco IPS Sensor SSH host key
E. to regenerate the Cisco IPS Sensor SSL RSA key pair

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 85
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-533
Which three of these steps are used to initialize and verify the Cisco ASA AIP-SSM? (Choose three.)
A. connect a management station directly to the AIP-SSM console port via a serial cable
B. use the ASA#session 1 command to access the AIP-SSM CLI
C. use the ASA#show module command to verify the AIP-SSM status
D. access the Cisco IDM from a management station using http://sensor-ip-address
E. use the sensor#setup command to configure the basic sensor settings
F. use the ASA#telnet sensor-ip-address command to access the AIP-SSM to setup the basic configuration on the sensor

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:

Cisco 642-533 Interactive Testing Engine is an engine that can be downloaded and installed on your PC.This Cisco 642-533 engine is not only advanced and equipped with much more features, it is also not internet dependent, once installed. It enables you to see Interconnecting Cisco Networking Devices Part 1 questions and answers in a simulated Cisco 642-533 exam environment. Working with Cisco 642-533 Interactive Testing Engine is like passing an actual Cisco 642-533 exam.

Cisco 642-533 Dumps PDF, Provide Discount Cisco 642-533 Exam Questions Vce For Sale

100% Valid And Newest–Do not worry about your Cisco 642-533 exam! Just try Flydumps the latest Cisco https://www.lead4pass.com/642-533.html exam dumps.The latest new version with all the official new added Cisco 642-533 questions and answers.High pass rate and money back

QUESTION 26
Refer to the exhibit. Which three statements correctly describe the configuration depicted in this Cisco IDM virtual sensors list? (Choose three.)

A. inline dropping of packets can occur on the Gig0/0.1 sub-interface
B. sub-interfaces Gig0/2.0 and Gig0/3.0 are operating in IPS mode
C. the Cisco IPS Sensor appliance is configured for promiscuous (IDS) and inline (IPS) mode simultaneously
D. the vs1 virtual sensor is misconfigured for inline operations since only one sub-interface is assigned to vs1
E. inline dropping of packets can occur on the Gig0/2.0 sub-interface or Gig0/3.0 sub-interface or both
F. the vs1 virtual sensor is operating inline between VLAN 102 and VLAN 201

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 27
Refer to the exhibit. Which further action must you take in order to create a new virtual sensor?

A. assign a unique name
B. create and assign a unique Signature Definition Policy
C. create and assign a unique Event Action Rule Policy
D. set AD Operational Mode to Inactive as that is a global parameter
E. set Inline TCP Session Tracking Mode to Interface Only as there is only one interface available for assignment
F. assign a description

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 28
Drop A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Which Cisco IPS Sensor feature correlates events for more accurate detection of attacks, such as worms, that exploit a number of different vulnerabilities and can trigger several different signatures?
A. Analysis engine
B. SensorApp
C. Application Policy Enforcement
D. Summarizer
E. Normalizer
F. Meta Event Generator

Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Which three statements accurately describe Cisco IPS 6.0 Sensor Anomaly Detection? (Choose three.)
A. It sub-divides the network into two zones (internal and external).
B. It is used to identify worms which spread by scanning the network.
C. In the Anomaly Detection histograms, the number of source IP addresses is either learned or configured by the user.
D. In the Anomaly Detection histograms, the number of destination IP addresses is predefined.
E. It has three modes: learn mode, detect mode, and attack mode.
F. Anomaly Detection signatures have three sub-signatures (single scanner, multiple scanners, and worms outbreak).

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 31
Drop

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 32
When configuring Passive OS Fingerprinting, what is the purpose of restricting operating system mapping to specific addresses?
A. excludes the defined IP addresses from automatic risk rating calculations so that you can specify the desired risk rating
B. allows you to configure separate OS maps within that IP address range
C. specifies which IP address range to import from the EPI for OS fingerprinting
D. limits the ARR to the defined IP addresses

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 33
Which statement accurately describes what the External Product Interface feature included in the Cisco IPS 6.0 software release allows the Cisco IPS Sensor to do?
A. collaborate with Cisco Security MARS for incident investigations
B. collaborate with Cisco Security Manager for centralized events management
C. have Cisco IEV subscribe to it and receive events from it
D. receive host postures and quarantined IP address events from the CiscoWorks Management Center for Cisco Security Agent
E. perform Anomaly Detection by receiving events from external sources

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 34
When signature 3116 fires, you want your Cisco IPS Sensor to terminate the current packet and future packets on this TCP flow only. Which action should you assign to the signature?
A. Deny Attacker Inline
B. Deny Connection Inline
C. Reset TCP Connection
D. Request Block Connection

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 35
Refer to the exhibit. You are the security administrator for the network in the exhibit. You want your inline Cisco IPS sensor to drop packets that pose the most severe risk to your network, especially to the servers on your DMZ. Which two of the following parameters should you set to protect your DMZ servers in the most time-efficient manner? (Choose two.)

A. event action filter
B. signature fidelity rating
C. alert severity
D. event action override
E. application policy
F. target value rating

Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
QUESTION 36
In Cisco IDM, the Configuration > Sensor Setup > SSH > Known Host Keys screen is used for what purpose?
A. to enable communications with the Master Blocking Sensor
B. to enable communications with a blocking device
C. to enable management hosts to access the Cisco IPS Sensor
D. to regenerate the Cisco IPS Sensor SSH host key
E. to regenerate the Cisco IPS Sensor SSL RSA key pair

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 37
Which three of these steps are used to initialize and verify the Cisco ASA AIP-SSM? (Choose three.)
A. connect a management station directly to the AIP-SSM console port via a serial cable
B. use the ASA#session 1 command to access the AIP-SSM CLI
C. use the ASA#show module command to verify the AIP-SSM status
D. access the Cisco IDM from a management station using http://sensor-ip-address E. use the sensor#setup command to configure the basic sensor settings
F. use the ASA#telnet sensor-ip-address command to access the AIP-SSM to setup the basic configuration on the sensor

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 38
How should you create a custom signature that will fire when a series of pre-defined signatures occur and you want the Cisco IPS Sensor to generate alerts only for the new custom signature, not for the individual signatures?
A. Use the Normalizer engine and remove the Produce Alert action from the component signatures.
B. Use the Meta engine and remove the Produce Alert action from the component signatures.
C. Use the Trojan engine and remove the Produce Alert action from the component signatures.
D. Use the ATOMIC engine and set the summary mode to Global Summarize.
E. Use the Normalizer engine and set the summary mode to Global Summarize.
F. Use the Service engine and set the summary mode to Global Summarize.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 39
Select the two correct general Cisco IPS Sensor tuning recommendations if the environment consists exclusively of Windows servers. (Choose two.)
A. use “NT” IP fragment reassembly mode
B. use “Windows” TCP stream reassembly mode
C. disable deobfuscation for all HTTP signatures
D. enable all IIS signatures
E. enable all NFS signatures
F. enable all RPC signatures

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 40
What two steps must you perform to initialize a Cisco IPS Sensor appliance? (Choose two.)
A. connect a serial cable to the console port of the sensor
B. connect to the sensor via SSH
C. use the Cisco IDM Setup Wizard
D. issue the setup command via the CLI
E. enable Telnet and then configure basic sensor parameters
Correct Answer: AD Section: (none) Explanation

Explanation/Reference:
QUESTION 41
Refer to the exhibit. As an administrator, you need to change the Event Action and Event Count settings for signature 1108 in the sig1 instance. Which of the following should you select to view and change the required parameters?

A. Edit button
B. Actions button
C. Miscellaneous tab
D. Signature Variables tab

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 42
You have configured your sensor to use risk ratings to determine when to deny traffic into the network. How could you best leverage this configuration to provide the highest level of protection for the mission-critical web server on your DMZ?
A. Create a risk rating for the web server and assign a value of High to the risk rating.
B. Assign deny actions to all signatures with risk ratings, and specify the IP address of the web server as the Destination Address parameter for each of those signatures.
C. Assign a target value rating of Mission Critical to the web server.
D. Create an event action filter for the web server.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

Whenever Cisco candidates take a tour of sample questions of Cisco https://www.lead4pass.com/642-533.html exam they find their training to be matchless to great extent.Passing the Cisco 642-533 on your own can be a difficult task,but with Cisco 642-533 preparation products,many candidates who appeared online passed Cisco 642-533 easily.

Cisco 642-532 Exam Guide, Offer Cisco 642-532 PDF Exams UP To 50% Off

Free sharing of new updated Cisco https://www.lead4pass.com/642-532.html exam practice test. If you are looking to get certified in short possible time, better try Flydumps latest new version Cisco 642-532 with all new questions and answers added,visit Flydumps.com to free Cisco 642-532 download vce and pdf files.

QUESTION 36
Drag Drop question

A.

B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 37
Which two are necessary to take into consideration when preparing to tune your sensor? (Choose two.)
A. the security policy
B. the network topology
C. which outside addresses are statically assigned to the servers and which are DHCP addresses
D. the IP addresses of your inside gateway and outside gateway
E. which traffic the sensor denies by default
F. the current configuration for each virtual sensor

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 38
Which statement is true about automatic signature and service pack updates?
A. The sensor can automatically download service pack and signature updates from Cisco.com.
B. The sensor can download signature and service pack updates only from an FTP or HTTP server.
C. You must download service pack and signature updates from Cisco.com to a locally accessible server before they can be automatically applied to your sensor.
D. When you configure automatic updates, the sensor checks Cisco.com for updates hourly.
E. If multiple signature or service pack updates are available when the sensor checks for an update, the sensor installs the first update it detects.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 39
Which command resets all signature settings back to the factory defaults?
A. default signatures
B. reset signatures
C. default service signature-definition
D. reset signatures all
E. default service virtual-sensor
Correct Answer: C Section: (none)

Explanation Explanation/Reference:
QUESTION 40
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 41
Which command provides a snapshot of the current internal state of a sensor service, enabling you to check the status of automatic upgrades and NTP?
A. show settings
B. show statistics
C. show statistics host
D. show service statistics
E. show ntp
F. show inventory

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 42
Which two statements accurately describe the software bypass mode? (Choose two.)
A. When it is set to on, all Cisco IPS processing subsystems are bypassed and traffic is allowed to flow between the inline port or VLAN pairs directly.
B. When it is set to on, traffic inspection ceases without impacting network traffic.
C. The default setting is off.
D. If power to the sensor is lost, network traffic is not interrupted.
E. It can be used for redundancy in the event of hardware failure.
F. When it is set to off, traffic stops flowing if the sensor is down.

Correct Answer: BF Section: (none) Explanation
Explanation/Reference:
QUESTION 43
In which scenario are an AIC engine and the Application Policy Enforcement feature needed?
A. You think some users with operator privileges have been misusing their privileges. You want the sensor to detect this activity and revoke authentication privileges.
B. You think users on your network are disguising the use of file-sharing applications by tunneling the traffic through port 80. You want your sensor to identify and stop this activity.
C. You have been experiencing attacks on your voice gateways. You want to implement advanced VoIP protection.
D. You believe that hackers are evading the Cisco IPS. You want the sensor to eradicate anomalies in the IP and TCP layers that allow an IPS to be evaded.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 44
Which user account role on a Cisco IPS sensor must you specifically create in order to allow special root access for troubleshooting purposes only?
A. Operator
B. Viewer
C. Service
D. Administrator

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 45
When performing a signature update on a Cisco IDS Sensor, which three server types are supported for retrieving the new software? (Choose three.)
A. FTP
B. SCP
C. RCP
D. NFS
E. TFTP
F. HTTP

Correct Answer: ABF Section: (none) Explanation
Explanation/Reference:

Whenever Cisco candidates take a tour of sample questions of Cisco https://www.lead4pass.com/642-532.html exam they find their training to be matchless to great extent.Passing the Cisco 642-532 on your own can be a difficult task,but with Cisco 642-532 preparation products,many candidates who appeared online passed Cisco 642-532 easily.

Cisco 642-515 Certification Exam, Sale Best Cisco 642-515 New Questions Latest Version PDF&VCE

Good News! With Cisco 642-515 exam dumps, you will never worry about your Cisco https://www.lead4pass.com/642-515.html exam, all the questions and answers are updated timely by our experts.Also now  Flydumps.com is offering free Cisco 642-515 exam VCE player and PDF files for free on their website.

QUESTION 45
Refer to the exhibit. You have been tasked with configuring split tunneling to use the ACL split- tunnel for remote access IPsec VPNs. Based on the exhibit, which two of these Cisco ASDM configurations would tunnel traffic to the inside network and allow connected users to access their local network and the Internet? (Select two.)

A. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 46
An administrator wants to add SSL VPN Cisco AnyConnect VPN Client for use by remote users. Upon checking the Cisco software download site, the administrator notices that there are a number of different versions of Cisco AnyConnect VPN Client Software available for
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
download. If the administrator knows the Cisco ASA Adaptive Security Appliance Software version and the remote user’s PC operating system, how can the administrator determine the appropriate version of Cisco AnyConnect VPN Client to download?
A. The version of Cisco AnyConnect VPN Client Software and the compatible version of Cisco ASA Adaptive Security Appliance Software are based on release notes.
B. The version of Cisco AnyConnect VPN Client Software must only be compatible with the operating system.
C. All versions of the Cisco AnyConnect VPN Client Software are compatible with all releases of Cisco ASA Adaptive Security Appliance Software.
D. Newer versions of the Cisco AnyConnect VPN Client Software are backward compatible with earlier versions.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 47
Refer to the exhibit. You have configured the Cisco ASA security appliance with a connection profile and group policy for full network access SSL VPNs. During a test of the configuration using the Cisco AnyConnect VPN Client, the connection times out. During your troubleshooting, you determine that you must make configuration changes. Based on the Cisco ASDM configuration that is shown, which configuration change should you start with?

A. Enable an SSL VPN client type on the interface.
B. Enable DTLS on the interface.
C. Require a client certificate on the interface.
D. Enable a different access port that doesn’t conflict with Cisco ASDM.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 48
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
In which three ways can a Cisco ASA security appliance obtain a certificate revocation list from a certificate authority? (Choose three.)
A. SCEP
B. FTP
C. TFTP
D. HTTP
E. Telnet
F. SCP
G. LDAP

Correct Answer: ADG Section: (none) Explanation
Explanation/Reference:
QUESTION 49
Refer to the exhibit. You have configured a Cisco ASA 5505 Adaptive Security Appliance as an Easy VPN hardware client. When the telecommuter that uses the ASA 5505 Adaptive Security Appliance for remote access first attempts to connect to resources on the corporate network, he is prompted for authentication. Which two group policy features would require authentication, even though a username and password are configured on the Easy VPN hardware client? (Select two.)

A. Individual User Authentication
B. Remote User Authentication
C. Group Authentication PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
D. Extended Authentication
E. Secure Unit Authentication
F. Certificate Authentication

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 50
Refer to the exhibit. You have configured your Cisco ASA security appliance for SSL VPNs. Based on the configuration that is shown, what will happen when the remote user has successfully authenticated?

A. The Cisco ASA security appliance will wait indefinitely for the user to select clientless SSL VPN portal or an SSL VPN client to use for the SSL VPN connection.
B. The Cisco ASA security appliance will open the clientless SSL VPN portal if no Cisco AnyConnect VPN Client is installed on the remote system.
C. The Cisco ASA security appliance will push the Cisco AnyConnect VPN Client down to the remote system, install the client, and use it to complete the SSL VPN connection.
D. The Cisco ASA security appliance will push the Cisco AnyConnect VPN Client down to the remote system, install the client, and ask the user to authenticate again.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Refer to the exhibit. You have configured two SSL VPN certificate-to-connection profile mappings for all users and Sales users. The connection profiles for the Sales users are not being applied when the users connect. Based on the configuration that is shown, what would cause this issue? ***Exhibit Missing***
A. The priority of the RASSL4SALES mapping is too high and needs to be lower than the priority of the RASSL4ALL mapping.
B. The priority of the RASSL4ALL mapping is too low and it needs to be increase but not more than the priority of the RASSL4SALES mapping.
C. The priority of the RASSL4ALL mapping is not low enough and it needs to be lowered to 1.
D. The matching criteria for the RASSL4SALES mapping is too specific and should match something more generic. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 52
Your IT department needs to run a custom-built TCP application within the clientless SSL VPN portal that is configured on your Cisco ASA security appliance. The application will need to be run by users who have either guest or normal user mode privileges. How would you configure the clientless SSL VPN portal to allow this application to run?
A. Configure port forwarding for the application
B. Configure a bookmark for the application
C. Configure the plug-in that best fits the application
D. Configure a smart tunnel for the application

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Which major benefit do digital certificates provide when deploying IPsec VPN tunnels?
A. Resiliency
B. Obfuscation
C. Simplification
D. Scalability

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 54
Refer to the exhibit. As the administrator of a Cisco ASA security appliance for remote access IPsec VPNs, you are assisting a user who has a digital certificate that is configured for the Cisco VPN Client. Based on the exhibit, how would you find the MD5 and SHA-1 thumb print of the certificate?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515

A. Choose the certificate and then click the Certificate drop-down menu.
B. Choose the certificate and then click Options > Properties.
C. Choose the certificate and then click the View button.
D. Choose the certificate and then click the Verify button.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Refer to the exhibit. You are configuring a laptop with the Cisco VPN Client, which will use digital certificates for authentication. Which protocol will the Cisco VPN client use to retrieve the digital certificate from the CA server?

PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
A. FTP
B. HTTPS
C. TFTP
D. LDAP
E. SCEP

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Refer to the exhibit. A junior Cisco ASA security appliance administrator has asked for your help in configuring a Cisco ASA security appliance for an identity certificate to be used for IPsec VPNs. Based on the two Cisco ASDM configuration screens that are shown, what is needed to configure the Cisco ASA security appliance for an identity certificate?

A. To retrieve an identity certificate, a new pair of RSA keys must be created.
B. To retrieve an identity certificate, the Cisco ASA security appliance must have the certificate of the CA.
C. To retrieve an identity certificate, the common name must be an FQDN.
D. The Cisco ASA security appliance doesn’t need to retrieve an identity certificate. It can use a self-signed identity certificate for IPsec.
E. Because of the lack of a CA certificate, the administrator must import the identity certificate from a file.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 57
SSL VPNs can provide increased flexibility over IPsec VPNs, based on the location of the client and ownership of the endpoint. However, security of the endpoint is a potential problem.
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515 Which three of these potential security issues can the Cisco ASA security appliance address through SSL VPN policies or features? (Select three.)
A. SSL attacks
B. Malware
C. Phishing
D. Spoofing
E. Viruses
F. Spyware

Correct Answer: BEF Section: (none) Explanation
Explanation/Reference:
QUESTION 58
You have been tasked with configuring access for development partners using the clientless SSL VPN portal on your Cisco ASA security appliance. These partners need access to the desktop of internal development servers. Which three of these configurations for the clientless SSL VPN portal would allow these partners to access the desktop of remote servers? (Choose three.)
A. RDP bookmark using the RDP plug-in
B. Xwindows bookmark using the Xwindows plug-in
C. Telnet bookmark using the Telnet plug-in
D. Citrix plugin using the Citrix plug-in
E. SSH bookmark using the SSH plug-in
F. VNC bookmark using the VNC plug-in

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Section 1: Sec One (59to 63)
Details: Scenerio:
You have been tasked with examining the current Cisco Modular Policy Framework configurations on the
LA-ASA Cisco Adaptive Security Appliance (ASA) using the Cisco Adaptive Security Device Manager
(ASDM). Answer the multiple-choice questions in this simulation using the appropriate Cisco ASDM
configuration screens.

Topology:

PassGuide.com-Make You Succeed To Pass IT Exams
PassGuide 642-515
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 60
Which two actions does the Cisco Adaptive Security Applicance take on HTTP traffic entering its outside interface? (Choose two.)
A. Drops HTTP request messages whose request method is post.
B. Logs HTTP request messages whose request method is post or whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.
C. Drops HTTP request messages whose user-agent field contains the string Some_New_P2P_Client1 and the string Some_New_P2P_Client2.
D. Drops HTTP request messages whose request method is post and whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.
E. Logs HTTP request messages whose request method is post and whose user-agent field contains either the string Some_New_P2P_Client1 or the string Some_New_P2P_Client2.
F. Forwards all HTTP request messages that are permitted by access control lists (ACLs) on the outside interface. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 61
What is the effect of the FTP inspection policy named MY-FTP-MAP on FTP traffic entering the partnernet interface?
A. Prevents web browsers from sending embedded commands in FTP requests.
B. Prevents all users except “root” from accessing the path /root.
C. Blocks the FTP request commands PUT, RNFR, RNTO, DELE, MKD, and RMD.
D. Has no effect on the behavior of the Cisco Adaptive Security Appliance.
E. Tracks each FTP command and response sequence for certain anomalous activity.
F. Masks the FTP banner.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 62
What are the two effects of the policy map named PARTNERNET-POLICY on FTP traffic entering the partnernet interface?
A. Resets connections that send embedded commands.
B. Prevents all users except “root” from accessing the path /root.
C. Prevents all users except “root” from using the FTP request commands PUT, RNFR, RNTO, DELE, MKD, and RMD.
D. Logs all attempts to download files from the FTP server on the inside interface.
E. Has no effect on FTP traffic entering the partnernet interface (affects only FTP traffic exiting the partnernet interface.)
F. Blocks the FTP request commands DELE, MKD, PUT, RMD, RNFR, and RNTO.

Correct Answer: AF Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Which statement is true about HTTP inspection on the Cisco Adaptive Security Appliance?
A. HTTP traffic is inspected as it enters or exits any interface.
B. HTTP traffic is inspected as it enters or exits the outside interface.
C. HTTP traffic is inspected only as it enters any interface.
D. Advanced HTTP inspection is applied to traffic entering the outside interface, and basic HTTP inspection is applied to traffic entering any interface.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Which action does the Cisco Adaptive Security Appliance take on FTP traffic entering its
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
outside interface?
A. Blocks the FTP request commands APPE, GET, RNFR, RNTO, DELE, MKD, and RMD.
B. Translates embedded IP addresses.
C. None (FTP is inspected only on the partnernet interface.)
D. Masks the FTP greeting banner.
E. Prevents all users except “root” from accessing the path/root.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 65
While setting up a remote access VPN, which three items does the Cisco ASDM IPsec VPN Wizard require you to configure? (Choose three.)
A. tunnel group name
B. a pool of addresses to be assigned to remote users
C. peer IP address
D. IPsec encryption and authentication parameters

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 66
You are the network security administrator for the PG company. You create an FTP inspection policy including the strict option, and it is applied to the outside interface of the corporate adaptive security appliance. How to handle FTP on the security appliance after this policy is applied? (Choose three.)
A. FTP inspection is applied to traffic entering the inside interface.
B. FTP inspection is applied to traffic exiting the inside interface.
C. Strict FTP inspection is applied to traffic exiting the outside interface.
D. Strict FTP inspection is applied to traffic entering the outside interface.

Correct Answer: ACD Section: (none) Explanation Explanation/Reference:
QUESTION 67
In the default global policy, which three traffic types are inspected by default? (Choose three.)
A. FTP
B. ICMP
C. TFTP
D. ESMTP

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
QUESTION 68
Which two methods can be used to decrease the amount of time it takes for an active Cisco ASA adaptive security appliance to fail over to its standby failover peer in an active/active failover configuration? (Choose two.)
A. use the special serial failover cable to connect the security appliances
B. use single mode
C. decrease the unit failover poll time
D. decrease the interface failover poll time

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 69
Which two statements correctly describe configuring active/active failover? (Choose two.)
A. You must configure two failover groups: group 1 and group 2.
B. You must use a crossover cable to connect the failover links on the two failover peers.
C. You must assign contexts to failover groups from the admin context.
D. Both units must be in multiple mode.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 70
What does the redundant interface feature of the security appliance accomplish?
A. to allow a VPN client to send IPsec-protected traffic to another VPN user by allowing such traffic in and out of the same interface
B. to increase the number of interfaces available to your network without requiring you to add additional physical interfaces or security appliances
C. to increase the reliability of your security appliance
D. to facilitate out-of-band management

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 71
You are the network security administrator for PG Corporation. You are asked to configure active/standby failover using Cisco ASDM between two Cisco ASA adaptive security appliances at corporate headquarters. You deploy the Cisco ASDM High Availability and Scalability Wizard and feels confident that the configuration is correct on both security appliances. But, the show failover command output indicates that one interface remains constantly in the waiting state and never normalizes. Which two troubleshooting steps should be taken? (Choose two.)
A. Verify that EtherChanneling is enabled on any switch port that connects to the security PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515 appliances.
B. Verify that the line and protocol of the interface are up on the primary and secondary security appliance interfaces.
C. Verify that PortFast is enabled on any switch port that connects to the security appliances.
D. Verify that the security appliances have the same feature licenses.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 72
Which two statements correctly describe the local user database in the security appliance? (Choose two.)
A. You can create user accounts with or without passwords in the local database.
B. You cannot use the local database for network access authentication.
C. You can configure the security appliance to lock a user out after the user meets a configured maximum number of failed authentication attempts.
D. The default privilege level for a new user is 15.

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 73
In an active/active failover configuration, which event triggers failover at the failover group level?
A. The no failover active command is entered in the system configuration.
B. The unit has a software failure.
C. Two monitored interfaces in the group fail.
D. The no failover active group group_id command is entered in the system configuration.

Correct Answer: D Section: (none) Explanation Explanation/Reference:
QUESTION 74
The security department of the PG company wants to configure cut-through proxy authentication via RADIUS to require users to authenticate before accessing the corporate DMZ servers. Which three tasks are needed to achieve this goal? (Choose three.)
A. Specify a AAA server group.
B. Designate an authentication server.
C. Configure per-user override.
D. Configure a rule that specifies which traffic flow to authenticate.

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 75
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
During a stateful active/standby failover, which two events will happen? (Choose two.)
A. The user authentication (uauth) table is passed to the standby unit.
B. SIP signaling sessions are lost.
C. The standby unit becomes the active unit.
D. The secondary unit inherits the IP addresses of the primary unit.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 76
For the following items, which three types of information could be found in the syslog output for an adaptive security appliance? (Choose three.)
A. time stamp and date
B. logging level
C. hostname of the packet sender
D. message text

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 77
For configuring VLAN trunking on a security appliance interface, which three actions are mandatory? (Choose three.)
A. specifying the maximum transmission unit for a subinterface
B. specifying a name for a subinterface
C. associating a logical interface with a physical interface
D. specifying a VLAN ID for a subinterface

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 78
You have just cleared the configuration on your Cisco ASA adaptive security appliance, which contains in its flash memory one ASA image file (asa802-k8.bin), one ASDM image file (asdm-602.bin), and no configuration files. You would like to reconfigure the Cisco ASA adaptive security appliance by use of Cisco ASDM, but you realize that you can’t access Cisco ASDM. Which set of commands offers the minimal configuration required to access Cisco ASDM?
A. interface, nameif, setup (followed by the setup command interactive prompts)
B. setup (followed by the setup command interactive prompts)
C. interface, nameif, ip address, no shutdown, hostname, domain-name, clock set, http server enable
D. interface, nameif, ip address, hostname, domain-name, clock set, http server enable, asdm PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515 image

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 79
Which two options are correct about the threat detection feature of the Cisco ASA adaptive security appliance? (Choose two.)
A. The security appliance scanning threat detection feature is based on traffic signatures.
B. Because of their impact on performance, both basic threat detection and scanning threat detection are disabled by default.
C. The threat detection feature can help you determine the level of severity for packets that are detected and dropped by the security appliance inspection engines.
D. Scanning threat detection detects network sweeps and scans and optionally takes appropriate preventative action.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 80
The PG security department would like to apply specific restrictions to one network user, Bob, because he works from home and accesses the corporate network from the outside interface of the security appliance. PG decides to control network access for this user by using the downloadable ACL feature of the security appliance. Authentication of inbound traffic is already configured on the security appliance, and Bob already has a user account on the Cisco Secure ACS. Which three tasks should be completed in order to achieve the goal of limiting network access for Bob via downloadable ACLs? (Choose three.)
A. Configure the security appliance to use downloadable ACLs.
B. Attach the downloadable ACL to the user profile for Bob on the Cisco Secure ACS.
C. Configure the Cisco Secure ACS to use downloadable ACLs.
D. Configure the downloadable ACLs on the Cisco Secure ACS.

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 81
Which options can a clientless SSL VPN user access from a web browser without port forwarding, smart tunnels, or browser plug-ins?
A. internal websites
B. Microsoft Outlook Web Access
C. files on the network, via FTP or the CIFS protocol
D. web-enabled applications

Correct Answer: ABCD Section: (none) Explanation
Explanation/Reference:
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
QUESTION 82
Which three commands can display the contents of flash memory on the Cisco ASA adaptive security appliance? (Choose three.)
A. show disk0:
B. show memory
C. dir
D. show flash:

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 83
Which two statements about the downloadable ACL feature of the security appliance are correct? (Choose two.)
A. Downloadable ACLs are supported using TACACS+ or RADIUS.
B. Downloadable ACLs enable you to store full ACLs on a AAA server and download them to the security appliance.
C. The security appliance supports only per-user ACL authorization.
D. The downloadable ACL must be attached to a user or group profile on a AAA server.

Correct Answer: BD Section: (none) Explanation Explanation/Reference:
QUESTION 84
For creating and configuring a security context, which three tasks are mandatory? (Choose three.)
A. allocating interfaces to the context
B. assigning MAC addresses to context interfaces
C. creating a context name
D. specifying the location of the context startup configuration

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 85
Which two statements are true about multiple context mode? (Choose two.)
A. Multiple context mode does not support IPS, IPsec, and SSL VPNs, or dynamic routing protocols.
B. Multiple context mode enables you to create multiple independent virtual firewalls with their own security policies and interfaces.
C. Multiple context mode enables you to add to the security appliance a hardware module that supports up to four independent virtual firewalls. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
D. When you convert from single mode to multiple mode, the security appliance automatically adds an entry for the admin context to the system configuration with the name “admin.”

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 86
Which three features can the Cisco ASA adaptive security appliance support? (Choose three.)
A. BGP dynamic routing
B. 802.1Q VLANs
C. OSPF dynamic routing
D. static routes

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 87
Which one of the following commands can provide detailed information about the crypto map configurations of a Cisco ASA adaptive security appliance?
A. show ipsec sa
B. show crypto map
C. show run ipsec sa
D. show run crypto map

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 88
What is the reason that you want to configure VLANs on a security appliance interface?
A. for use in conjunction with device-level failover to increase the reliability of your security appliance
B. for use in transparent firewall mode, where only VLAN interfaces are used
C. to increase the number of interfaces available to the network without adding additional physical interfaces or security appliances
D. for use in multiple context mode, where you can map only VLAN interfaces to contexts

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 89
Which two options are correct about the impacts of this configuration? (Choose two.)
class-map INBOUND_HTTP_TRAFFIC match access-list TOINSIDEHOST class-map OUTBOUND_HTTP_TRAFFIC
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-515
match access-list TOOUTSIDEHOST policy-map MYPOLICY class INBOUND_HTTP_TRAFFIC inspect http set connection conn-max 100 policy-map MYOTHERPOLICY class OUTBOUND_HTTP_TRAFFIC inspect http service-policy MYOTHERPOLICY interface inside service-policy MYPOLICY interface outside
A. Traffic that matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum connection limits.
B. Traffic that enters the security appliance through the inside interface is subject to HTTP inspection.
C. Traffic that enters the security appliance through the outside interface and matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum connection limits.
D. Traffic that enters the security appliance through the inside interface and matches access control list TOOUTSIDEHOST is subject to HTTP inspection.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Worried about Cisco 642-515 pass results? Adopt most reliable way of exam preparation that is Cisco https://www.lead4pass.com/642-515.html Questions & Answers with explanations to get reliable high Cisco 642-515 pass result.Flydumps definitely guarantees it!