New Questions-100% Valid New Updated Questions for Cisco 642-504 Download

Do not you know how to choose the Cisco 642-504 exam dumps? Being worried about the changed questions? Just try Flydumps new version Cisco 642-504 exam dumps. All the new questions and answers were added to the new dumps,visit Flydumps.com to free download Cisco 642-504 !

Exam A
QUESTION 1
Which two are technologies that secure the control plane of the Cisco router? (Choose two.)
A. Cisco IOS Flexible Packet Matching
B. uRPF
C. routing protocol authentication
D. CPPr
E. BPDU protection
F. role-based access control
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 2
What are the two category types associated with 5.x signature use in Cisco IOS IPS? (Choose two.)
A. basic
B. advanced
C. 128MB.sdf
D. 256MB.sdf
E. attack-drop
F. built-in
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Refer to the exhibit.
Which optional AAA or RADIUS configuration command is used to support 802.1X guest VLAN
functionality?
A. aaa authentication dot1x default group radius
B. aaa authorization network default group radius
C. aaa accounting dot1x default start-stop group radius
D. aaa accounting system default start-stop group radius
E. radius-server host 10.1.1.1 auth-port 1812 acct-port 1813
Correct Answer: B Section: (none)
Explanation
Explanation/Reference:
QUESTION 4
Which is an advantage of implementing the Cisco IOS Firewall feature?
PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-504
A. provides self-contained end-user authentication capabilities
B. integrates multiprotocol routing with security policy enforcement
C. acts primarily as a dedicated firewall device
D. is easily deployed and managed by the Cisco Adaptive Security Device Manager
E. provides data leakage protection capabilities
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which three statements correctly describe the GET VPN policy management? (Choose three.)
A. A central policy is defined at the ACS (AAA) server.
B. A local policy is defined on each group member.
C. A global policy is defined on the key server, and it is distributed to the group members.
D. The key server and group member policy must match.
E. The group member appends the global policy to its local policy.
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 6
The CPU and Memory Threshold Notifications of the Network Foundation Protection feature protects which router plane?
A. control plane
B. management plane
C. data plane
D. network plane
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 7
In DMVPN, the NHRP process allows which requirement to be met?
A. dynamic physical interface IP address at the spoke routers
B. high-availability DMVPN designs
C. dynamic spoke-to-spoke on-demand tunnels
D. dynamic routing over the DMVPN
E. dual DMVPN hub designs

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which is correct regarding the Management Plane Protection feature?
A. By default, Management Plane Protection is enabled on all interfaces.
B. Management Plane Protection provides for a default management interface.
C. Only SSH and SNMP management will be allowed on nondesignated management interfaces. PassGuide.com-Make You Succeed To Pass IT Exams PassGuide 642-504
D. All incoming packets through the management interface are dropped except for those from the allowed management protocols.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 9
What are the two enrollment options when using the SDM Certificate Enrollment wizard? (Choose two.)
A. SCEP
B. LDAP
C. OCSP
D. Cut-and-Paste/Import from PC
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Refer to the exhibit.
Which two configuration commands are used to apply an inspect policy map for traffic traversing from the
E0 or E1 interface to the S3 interface? (Choose two.)
A. zone-pair security test source Z1 destination Z2
B. interface E0
C. policy-map myfwpolicy class class-default inspect
D. ip inspect myfwpolicy out
E. ip inspect myfwpolicy in
F. service-policy type inspect myfwpolicy
Correct Answer: AF Section: (none) Explanation
Explanation/Reference:

The Cisco 642-504 certification can make you a competent person. It may enable a technician to know about the Cisco 642-504 configurations,get information about the Cisco 642-504 data center products and hardware and knowledge about Cisco 642-504 united computing systems.