Official 2014 Latest Cisco 640-554 Dump Free Download(91-100)!
QUESTION 91
Which Layer 2 protocol provides loop resolution by managing the physical paths to given network segments?
A. root guard
B. port fast
C. HSRP
D. STP
Answer: D
QUESTION 92
Which statement is true when you have generated RSA keys on your Cisco router to prepare for secure device management?
A. You must then zeroize the keys to reset secure shell before configuring other parameters.
B. The SSH protocol is automatically enabled.
C. You must then specify the general-purpose key size used for authentication with the crypto key generate
rsa general-keys modulus command.
D. All vty ports are automatically enabled for SSH to provide secure management.
Answer: B
QUESTION 93
What is the key difference between host-based and network-based intrusion prevention?
A. Network-based IPS is better suited for inspection of SSL and TLS encrypted data flows.
B. Network-based IPS provides better protection against OS kernel-level attacks against hosts and servers.
C. Network-based IPS can provide protection to desktops and servers without the need of installing
specialized software on the end hosts and servers.
D. Host-based IPS can work in promiscuous mode or inline mode.
E. Host-based IPS is more scalable then network-based IPS.
F. Host-based IPS deployment requires less planning than network-based IPS.
Answer: C
QUESTION 94
Refer to the exhibit. You are a network manager for your organization. You are looking at your Syslog server reports. Based on the Syslog message shown, which two statements are true? (Choose two.)
A. Service timestamps have been globally enabled.
B. This is a normal system-generated information message and does not require further investigation.
C. This message is unimportant and can be ignored.
D. This message is a level 5 notification message.
Answer: AD
QUESTION 95
Which four methods are used by hackers? (Choose four.)
A. footprint analysis attack
B. privilege escalation attack
C. buffer Unicode attack
D. front door attacks
E. social engineering attack
F. Trojan horse attack
Answer: ABEF
QUESTION 96
Which statement about Cisco IOS IPS on Cisco IOS Release 12.4(11)T and later is true?
A. uses Cisco IPS 5.x signature format
B. requires the Basic or Advanced Signature Definition File
C. supports both inline and promiscuous mode
D. requires IEV for monitoring Cisco IPS alerts
E. uses the built-in signatures that come with the Cisco IOS image as backup
F. supports SDEE, SYSLOG, and SNMP for sending Cisco IPS alerts
Answer: A
QUESTION 97
Which characteristic is the foundation of Cisco Self-Defending Network technology?
A. secure connectivity
B. threat control and containment
C. policy management
D. secure network platform
Answer: D
QUESTION 98
Which kind of table do most firewalls use today to keep track of the connections through the firewall?
A. dynamic ACL
B. reflexive ACL
C. netflow
D. queuing
E. state
F. express forwarding
Answer: E
QUESTION 99
Which Cisco IOS command is used to verify that either the Cisco IOS image, the configuration files, or both have been properly backed up and secured?
A. show archive
B. show secure bootset
C. show flash
D. show file systems
E. dir
F. dir archive
Answer: B
QUESTION 100
What does the secure boot-config global configuration accomplish?
A. enables Cisco IOS image resilience
B. backs up the Cisco IOS image from flash to a TFTP server
C. takes a snapshot of the router running configuration and securely archives it in persistent storage
D. backs up the router running configuration to a TFTP server
E. stores a secured copy of the Cisco IOS image in its persistent storage
Answer: C
If you want to pass the Cisco 640-554 Exam sucessfully, recommend to read latest Cisco 640-554 Dump full version.