Syngress Managing Cisco Network Security (SMCNS)

For security purposes, each PDF file is encrypted with a unique serial number associated with your21certify Exams account information. In accordance with International Copyright Law, 21certifyExams reserves the right to take legal action against you should we find copies of this PDF file hasbeen distributed to other parties.
Nội dung trích xuất từ tài liệu:
Syngress Managing Cisco Network Security (SMCNS) 640-100 1 CISCO:Managing Cisco Network Security (MCNS) 640-100 Version 6.0 Jun. 17th, 2003 21certify.com 640-100 2Study TipsThis product will provide you questions and answers along with detailed explanationscarefully compiled and written by our experts. Try to understand the concepts behindthe questions instead of cramming the questions. Go through the entire document atleast twice so that you make sure that you are not missing anything.Latest VersionWe are constantly reviewing our products. New material is added and old material isrevised. Free updates are available for 365 days after the purchase. You should checkthe products page on the www.21certify.com web site for an update 3-4 days before thescheduled exam date. Important Note: Please Read CarefullyThis 21certify Exam has been carefully written and compiled by 21certify Exams experts. It isdesigned to help you learn the concepts behind the questions rather than be a strict memorizationtool. Repeated readings will increase your comprehension.We continually add to and update our 21certify Exams with new questions, so check that you havethe latest version of this 21certify Exam right before you take your exam.For security purposes, each PDF file is encrypted with a unique serial number associated with your21certify Exams account information. In accordance with International Copyright Law, 21certifyExams reserves the right to take legal action against you should we find copies of this PDF file hasbeen distributed to other parties.Please tell us what you think of this 21certify Exam. We appreciate both positive and criticalcomments as your feedback helps us improve future versions.We thank you for buying our 21certify Exams and look forward to supplying you with all yourCertification training needs.Good studying!21certify Exams Technical and Support Team 21certify.com 640-100 3Q1.By default, Cisco Secure ACS for Windows Web server (CSAdmin) listens on which port? A. tcp 80 B. tcp 2002 C. tcp 5050 D. tcp 8080Answer: B.Q2.Which three statements about AH are true? (Choose three) A. AH provides protection against replay. B. AH encrypts the payload for data confidentiality. C. AH provides connectionless integrity for the IP datagrams. D. AH provides data origin authentication for the IP datagrams. E. AH encapsulates the data. F. AH uses symmetric secret key algorithms.Answer: A, C, D.Q3.Snooping and packet sniffing are examples of what type of threat? A. Repudiation B. Masquerade threats C. Eavesdropping D. DoSAnswer: C.Q4.What is the default idle time of an enabled IOS Firewall authentication proxy? A. 5 seconds B. 60 seconds C. 5 minutes D. 60 minutesAnswer: D. 21certify.com 640-100 4Q5.Which set specifies DH Group 1 or Group 2? A. Peer B. Transform-set C. Pfs D. Security-associationAnswer: C.Q6.What does authentication proxy on the Cisco IOS Firewall do? A. Create specific authorization policies for each user with Cisco Secure ACS, dynamic, peer-user security and authorization. B. Provides additional visibility at intranet, extranet, and Internet perimeters. C. Creates specific security policies for each user with Cisco Secure ACS, dynamic, peer-user authentication and authorization. D. Provides secure, per-application access control across network perimeters.Answer: C.Q7.When a remote user attempts to dial in to the network, the network access server (NAS) firstqueries the tacacs+ server for authentication information.What is the difference between an ERROR and a FAIL response? (Choose two) A. A FAIL response means that the user has not met the criteria to be successfully authenticated. B. An ERROR means that the ACS server has not responded to an authentication query. C. A FAIL means that the ACS server has not responded to an authentication query. D. An ERROR means that the user has not met the criteria to be successfully authenticated.Answer: A, B.Q8.You are creating more than one crypto map for a given interface using the sequence numberof each map entry to rank the map entries. 21certify.com ...