Securing Networks with Cisco Routers and Switches Exam(SNRS) : 642-502 Exam

Exam Number/Code: 642-502
Exam Name: Securing Networks with Cisco Routers and Switches Exam(SNRS)
VUE Code: 642-502
Questions Type: Single choice, Multiple choice, Simulate,
Question Numbers of Real-exam: 60-70 questions
Exam Language(s): English

“Securing Networks with Cisco Routers and Switches Exam(SNRS)”, also known as 642-502 exam, is a Cisco certification.
Preparing for the 642-502 exam? Searching 642-502 Test Questions, 642-502 Practice Exam, 642-502 Dumps?

With the complete collection of questions and answers, PassGuide has assembled to take you through 63 Q&A we offer correct answers for simulate questions. to your 642-502 Exam preparation. In the 642-502 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.

The Securing Networks with Cisco Routers and Switches exam is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNRS v1.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to secure networks using Cisco routers and switches.

 

Securing Networks with Cisco Routers and Switches Exam
Retired June 20, 2007
Exam Number: 642-502
Associated Certifications: CCSP
Duration: 90 minutes (60-70 questions)
Available Languages: English
Click Here to Register: Pearson VUE or Prometric
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description Exam Topics Recommended Training Additional Resources
Exam Description

The Securing Networks with Cisco Routers and Switches exam is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNRS v1.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to secure networks using Cisco routers and switches.
Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Implement Layer 2 security

* Utilize Cisco IOS and Cat OS commands to mitigate Layer 2 attacks
* Implement Cisco Identity-Based Networking Services
* Implement Cisco 802.1X Port-Based Authentication
* Identify and describe Layer 2 security best practices

Configure Cisco IOS Firewall features to meet security requirements

* Identify and describe the capabilities of the IOS firewall feature set
* Configure CBAC to dynamically mitigate identified threats to the network
* Verify and troubleshoot CBAC configuration and operation
* Configure authentication proxy to apply security policies on a per-user basis
* Verify and troubleshoot authentication proxy configuration and operation

Configure Cisco IOS-based IPS to identify and mitigate threats to network resources

Free Pass4sure p4s Practice Engine Demo Download PassGuide offers free demos for each certification exam, including all IT vendors. You can check out the testing engine software, or pdf file question quality and usability of our practice exams before you decide to buy it. We are the only one site that offers demos for almost all IT certification exams.If you want to try passguide exam practice engine

* Identify and describe the capabilities of the IOS-IPS feature set
* Configure the IPS features to identify threats and dynamically block them from entering the network
* Verify and troubleshoot IDS operation
* Maintain and update the signatures

Configure basic IPSec VPNs to secure site-to-site and remote access to network resources

* Select the correct IPSec implementation based on specific stated requirements
* Configure IPSec Encryption for site-to-site VPN using pre-shared keys
* Configure IPSec Encryption for site-to-site VPN using certificate authority
* Verify and troubleshoot IPSec operation
* Configure EZ-VPN server
* Configure EZ-VPN remote using both hardware and software clients.
* Troubleshoot EZ-VPN

Configure authentication, authorization and accounting to provide basic secure access control for networks

* Configure administrative access to the Cisco Secure ACS server
* Configure AAA clients on the Cisco Secure ACS (for routers)
* Configure users, groups and access rights
* Configure router to enable AAA to use TACACS+
* Configure router to enable AAA to use a Radius server
* Verify and troubleshoot AAA operation

Use management applications to configure and monitor IOS security features

* Initialize SDM communications on Cisco routers
* Perform a LAN interface configuration of a Cisco router using SDM
* Use SDM to define and establish a site-to-site VPN

QUESTION 24:
You have been tasked with setting up a new Certkiller router with CBAC. How do
you set the threshold of half-open sessions CBAC will allow per minute before
deleting them?
A. ip inspect one-minute incomplete (number)
B. ip inspect one-minute (number)
C. ip inspect one-minute high (number)
D. ip inspect one-minute high incomplete (number)
E. ip inspect max-incomplete minute high (number)
Answer: C
Explanation:
The “ip inspect one-minute high (number)” command will set the number of new,
half-open connections per minute CBAC will allow before deleting them. The default is
500 per minute.
642-502
Actualtests.com – The Power of Knowing
QUESTION 25:
You are setting up a new Certkiller router with CBAC. Which of the following
commands will alter the CBAC DNS timeout timer to 10 seconds?
A. ip inspect dns-server-timeout 10
B. ip inspect dns-server-timer 10
C. ip inspect dns-timeout 10
D. ip inspect dns-timer 10
Answer: C
Explanation:
To configure the time CBAC will keep a DNS session open in the state table, use the
global configuration command ip inspect dns-timeout (seconds). The default is five
seconds.
QUESTION 26:
You are setting up a new Certkiller router with CBAC. If CBAC is configured to
inspect telnet traffic on an interface, how should outbound telnet traffic be
configured in any ACL’s?
A. Outbound telnet should be permitted in any acl’s
B. Outbound telnet should be denied in any acl’s
C. Telnet should not be referenced at all in the acl
D. Outbound telnet should be denied only if inbound telnet is allowed
Answer: A

Free download:PassGuide ccsp 642-502
Free download:PassGuide ccsp 642-502
more info:www.ciscoexams.org

PassGuide Certificaton Practice test,Study Guide,Training Materials

1. Free PassGuide ccsp 642-522 v2.73
2. Free PassGuide ccsp 642-523 v2.73
3. Free New PassGuide cisco ccsp dumps
4. Free PassGuide ccsp 642-522 v2.93
5. Free PassGuide cisco CCSP
6. Free P4S Cisco CCSP Exam 642-551 v2.93
7. Free PassGuide ccsp 642-551 v2.73
8. Free PassGuide CCSP 642-524 SNAF 2.83
9. Free P4S Cisco CCSP Exam 642-552 v2.73
10. Free PassGuide CCSP SNRS 642-504 2.93
11. Free PassGuide ccsp 642-503 v2.73
12. Free PassGuide ccsp 642-503 v2.83

PassGuide certification Braindumps and training materials are GUARANTEED to help you pass your IT exams.Such as Microsoft Cisco, CompTIA, Oracle,IBM, Sun Juniper HP Checkpoint and other vendor.We are committed to give full refund to candidates if they fail the exam with use of our products.And we are confident to make such a guarantee. Buy Best Practice Exam,high-quality ,100% Guarantee ,Pls contact me Mail:Sales@passguide.com

P4S Free Downloads

Type	Exam Braindumps	New Questions & Answers	Latest Updated	Available link
	All PassGuide's Exam Pack	858	1 days ago	PassGuideTesting Engines

PassGuide Braindumps-PassGuide Test Software Help You Quick Pass Any IT Certifications Exams