pass4sure ccsp 642-551 v2.73

Securing Cisco Network Devices Exam : 642-551 Exam

Product Description

Exam Number/Code: 642-551
Exam Name: Securing Cisco Network Devices Exam
VUE Code: 642-551
Questions Type: Single choice,
Real Exam Question Numbers: 60-70 questions
Exam Language(s): English

“Securing Cisco Network Devices Exam”, also known as 642-551 exam, is a Cisco certification.
Preparing for the 642-551 exam? Searching 642-551 Test Questions, 642-551 Practice Exam, 642-551 Dumps?

With the complete collection of questions and answers, Pass4sure has assembled to take you through 62 questions to your 642-551 Exam preparation. In the 642-551 exam resources, you will cover every field and category in VPN and Security helping to ready you for your successful Cisco Certification.

The Securing Cisco Network Devices 642-551 SND exam forms the foundation of the Cisco Certified Security Professional, Cisco Firewall Specialist, Cisco IPS Specialist, and Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the SND course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, and verify basic security features of Cisco Layer 2 devices, Cisco Routers, Cisco IDS/IPS Sensors, Cisco VPN 3000 Concentrators, and Cisco PIX Security Appliances.
642-551 SND
Securing Cisco Network Devices Exam
Last day to test 01/31/07
Exam Number: 642-551
Associated Certifications: CCSP, Cisco Firewall, Cisco IPS, and Cisco VPN Specialist
Duration: 90 minutes (60-70 questions)
Available Languages: English
Click Here to Register: Pearson VUE or Prometric
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description Exam Topics Recommended Training Additional Resources
Exam Description

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Describe the products in the Cisco security portfolio and explain how they mitigate security threats to a network

* Identify the appropriate devices to secure a network
* Identify the appropriate device feature to secure a network
* Describe the difference in functionality and capabilities of the different security devices
* Identify security issues with common management protocols
* Describe threats to a network and network devices
* Identify different techniques to deal with security threats

Describe the security features available for a Cisco Layer 2 device in a secure network

* Identify security features on a Layer 2 device
* Describe basic security feature configurations on a Layer 2 device

Implement security on a Cisco IOS Router

* Identify mitigation techniques for common physical router security threats
* Configure router for secure administrative access
* Implement basic AAA for router administrative authentication
* Configure AutoSecure to harden Cisco routers
* Configure router access lists to secure networks
* Configure security for router services and interfaces
* Implement Syslog logging
* Identify major components of the SDM

Describe and configure Cisco IPS and HIPS

Free PassGuide Practice Engine Demo Download Pass4sure offers free demos for each certification exam, including all IT vendors. You can check out the testing engine software, or pdf file question quality and usability of our practice exams before you decide to buy it. We are the only one site that offers demos for almost all IT certification exams.If you want to try p4s exam practice engine demo. http://demo.passguide.com/download

* Configure user accounts
* Describe and configure Network Access lists
* Describe how the sensor device is secure by default
* Install the sensor on the network
* Describe the methods used to access a sensor
* Describe the process for displaying the sensor configuration
* Identify major components of IDM
* Describe basic sensor operations
* Describe the process of using alarms to identify network attacks
* Identify the appropriate platform required to install the CSA MC
* Configure the default group
* Describe the process of agent kit deployment and verifying management of the agent
* Describe key features and concepts of VMS
* Describe the interoperability of the components of VMS
* Describe the hardware and software requirements of VMS

Configure and verify basic remote access on a Cisco VPN 3000 Concentrator

* Perform an initial configuration
* Configure users and groups
* Configure VPN clients
* Verify IPSec tunnel establishment

Implement a Cisco PIX security appliance

* Describe basic PIX security appliance hardware and software architecture
* Identify appropriate PIX security appliance hardware and software configuration
* Configure basic network settings using CLI
* Configure basic interface features on a PIX security appliance
* Verify initial configurations
* Identify major components of the PDM
* Configure static address translation
* Configure Network Address Translation
* Configure firewall to secure inbound traffic
* Verify inbound traffic restrictions
* Describe basic IPSec topologies
* Define the services provided by IPSec
* Describe the IPSec protocol framework
* Describe the IPSec algorithm framework
* Describe the concepts of split tunneling
* Describe the various authentication methods
* Describe how the PIX security appliance uses IPSec to secure networks

QUESTION 24:
Which authentication method is based on the 802.1x authentication framework, and
mitigates several of the weaknesses by using dynamic WEP and sophisticated key
management on a peer-packet basis?
A. PAP
B. CHAP
C. LEAP
D. ARAP
Answer: C
Explanation:
Lightweight EAP (LEAP): Cisco Systems has been shipping a security scheme known as
LEAP since November 2000.
QUESTION 25:
Which method does a Cisco firewall use for packet filtering?
A. inspection rules
B. ACLs
C. Security policies
D. VACLs
Answer: B
Explanation:
The access list is a group of statements. Each statement defines a pattern that would be
found in an IP packet. As each packet comes through an interface with an associated
access list, the list is scanned from top to bottom and in the exact order in which it was
entered, for a pattern that matches the incoming packet. A permit or deny rule associated
with the pattern determines the fate of that packet.
Cisco uses access lists as packet filters to decide which packets can access a router
serviceor which packets can be allowed across an interface. Packets that are allowed
across an interface are called permitted packets. Packets that are not allowed across an
interface are called denied packets. Access lists contain one or more rules or statements
that determine what data is to be permitted or denied, or both permitted or denied, across
an interface.
QUESTION 26:
Which command is used to encrypt passwords in the router configuration file?
A. service password-encryption
B. password-encryption
C. enable password encryption
D. encrypt password
Answer: A

Free download:pass4sure ccsp 642-551
Free download:testking ccsp 642-551
more info:www.ciscoexams.org

PassGuide provides high-quality test materials, for example, Cisco CCNA CCNP CCIE, Comptia A + NETWORK + Security +, Juniper jncia, jncis, Vmware VCP-410,certification practice exams and so on.We are committed to give full refund to candidates if they fail the exam with use of our products.And we are confident to make such a guarantee. Buy Best Practice Exam,high-quality ,100% Guarantee ,Pls contact me,Mail:Sales@passguide.com

P4S Free Downloads

Type	Exam Braindumps	New Questions & Answers	Latest Updated	Available link
	All Pass4sure's Exam Pack	858	1 days ago	Download Free Testing Engines