Description:
CCNA Exam 642-551
Title: Securing Cisco Network Devices
Ver: 02.28.07
Example Question out of 62 Questions:
QUESTION 23:
Which component within the Cisco Network Admission Control architecture acts as
the policy server for evaluating the endpoint security information that is relayed
from network devices, and for determining the appropriate access policy to apply?
A. CiscoWorks
B. CiscoWorks VMS
C. Cisco Secure ACS
D. Cisco Trust Agent
E. Cisco Security AgentAnswer: C
QUESTION 24:
Which authentication method is based on the 802.1x authentication framework, and mitigates several of the weaknesses by using dynamic WEP and sophisticated key management on a peer-packet basis?
A. PAP
B. CHAP
C. LEAP
D. ARAPAnswer: C
Explanation:
Lightweight EAP (LEAP): Cisco Systems has been shipping a security scheme known as LEAP since November 2000.QUESTION 25:
Which method does a Cisco firewall use for packet filtering?
A. inspection rules
B. ACLs
C. Security policies
D. VACLsAnswer: B
Explanation:
The access list is a group of statements. Each statement defines a pattern that would be found in an IP packet. As each packet comes through an interface with an associated access list, the list is scanned from top to bottom and in the exact order in which it was entered, for a pattern that matches the incoming packet. A permit or deny rule associated with the pattern determines the fate of that packet.Cisco uses access lists as packet filters to decide which packets can access a router serviceor which packets can be allowed across an interface. Packets that are allowed across an interface are called permitted packets. Packets that are not allowed across an interface are called denied packets. Access lists contain one or more rules or statements that determine what data is to be permitted or denied, or both permitted or denied, across an interface.
Download CCNA Exam 642-551 Securing Cisco Network Devices:
» Download Link