CCSP642-551题库下载

j2eelover

<p align="left"><p align="left">最新642-551题库分享，覆盖CCSP考试</p></p><p align="left"><p align="left">1. What is a set of conditions that, when met, indicates that an intrusion is occurring or has occurred?</p></p><p align="left"><p align="left">A. rules</p></p><p align="left"><p align="left">B. state tables</p></p><p align="left"><p align="left">C. signatures</p></p><p align="left"><p align="left">D. master parameters</p></p><p align="left"><p align="left">Answer: C</p></p><p align="left"><p align="left">2. If you choose Add from the Allowed Hosts panel in Cisco IDM, which two fields are available for configuration? (Choose two.)</p></p><p align="left"><p align="left">A. Static Routes</p></p><p align="left"><p align="left">B. Dynamic Routes</p></p><p align="left"><p align="left">C. IP Address</p></p><p align="left"><p align="left">D. Default Route</p></p><p align="left"><p align="left">E. Netmask</p></p><p align="left"><p align="left">Answer: CE</p></p><p align="left"><p align="left">3. What are the three types of private VLAN ports? (Choose three.)</p></p><p align="left"><p align="left">A. typical</p></p><p align="left"><p align="left">B. isolated</p></p><p align="left"><p align="left">C. nonisolated</p></p><p align="left"><p align="left">D. promiscuous</p></p><p align="left"><p align="left">E. community</p></p><p align="left"><p align="left">F. bridging</p></p><p align="left"><p align="left">Answer: BDE</p></p><p align="left"><p align="left">4.LAB This is the Answer: pixfirewall(config)#interface eth3 100full pixfirewall(config)# nameif eth3 protected security 56 5.When port security is enabled on a Cisco Catalyst switch, what is the default action when the configured maximum of allowed MAC addresses value is exceeded? pixfirewall(config)# ip address protected 192.168.147.1 255.255.255.0</p></p><p align="left"><p align="left">A. The port is shut down.</p></p><p align="left"><p align="left">B. The port is enabled and the maximum number automatically increases.</p></p><p align="left"><p align="left">C. The MAC address table is cleared and the new MAC address is entered into the table.</p></p><p align="left"><p align="left">D. The MAC address table is shut down.</p></p><p align="left"><p align="left">Answer: A</p></p><p align="left"><p align="left">6. What is a description of a promiscuous PVLAN port?</p></p><p align="left"><p align="left">A. It has a complete Layer 2 separation from the other ports within the same PVLAN.</p></p><p align="left"><p align="left">B. It can only communicate with other promiscuous ports.</p></p><p align="left"><p align="left">C. It can communicate with all interfaces within a PVLAN.</p></p><p align="left"><p align="left">D. It cannot communicate with any other ports.</p></p><p align="left"><p align="left">Answer: C</p></p><p align="left"><p align="left">7. Which two protocols does Cisco Secure ACS use for AAA services? (Choose two.)</p></p><p align="left"><p align="left">A. TACACS+</p></p><p align="left"><p align="left">B. Telnet</p></p><p align="left"><p align="left">C. SSH</p></p><p align="left"><p align="left">D. RADIUS</p></p><p align="left"><p align="left">E. SSL</p></p><p align="left"><p align="left">F. SNMP</p></p><p align="left"><p align="left">Answer: AD</p></p><p align="left"><p align="left">8. Which command would be used on the Cisco PIX Security Appliance to show the pool of addresses to be translated?</p></p><p align="left"><p align="left">A. show nat</p></p><p align="left"><p align="left">B. show xlate</p></p><p align="left"><p align="left">C. show global</p></p><p align="left"><p align="left">D. show conn</p></p><p align="left"><p align="left">Answer: C</p></p><p align="left"><p align="left">9. What is the default security-level definition setting for the outside interface for the Cisco PIX Security Appliance?</p></p><p align="left"><p align="left">A. 0</p></p><p align="left"><p align="left">B. 100</p></p><p align="left"><p align="left">C. 50</p></p><p align="left"><p align="left">D. 25</p></p><p align="left"><p align="left">Answer: A</p></p><p align="left"><p align="left">10. Which Cisco IOS command enables the AAA access-control commands and functions on the router, and overrides the older TACACS and extended TACACS commands?</p></p><p align="left"><p align="left">A. no aaa authentication login default enable</p></p><p align="left"><p align="left">B. aaa authentication login default local</p></p><p align="left"><p align="left">C. aaa new-model</p></p><p align="left"><p align="left">D. login authentication default</p></p><p align="left"><p align="left">E. no login authentication default</p></p><p align="left"><p align="left">Answer: C</p></p>