Which option can be used to authenticate the IPsec peers during IKE Phase 1?
A. Diffie-Hellman Nonce
B. pre-shared key
D. integrity check value
Which single Cisco IOS ACL entry permits IP addresses from 172.16.80.0 to 172.16.87.255?
A. permit 172.16.80.0 0.0.3.255
B. permit 172.16.80.0 0.0.7.255
C. permit 172.16.80.0 0.0.248.255
D. permit 18.104.22.168 255.255.252.0
E. permit 172.16.80.0 255.255.248.0
F. permit 172.16.80.0 255.255.240.0
You want to use the Cisco Configuration Professional site-to-site VPN wizard to implement a site- to-site IPsec VPN using pre-shared key. Which four configurations are required (with no defaults)? (Choose four.)
A. the interface for the VPN connection
B. the VPN peer IP address
C. the IPsec transform-set
D. the IKE policy
E. the interesting traffic (the traffic to be protected)
F. the pre-shared key
Which two options represent a threat to the physical installation of an enterprise network? (Choose two.)
A. surveillance camera
B. security guards
C. electrical power
D. computer room access
E. change control
Which option represents a step that should be taken when a security policy is developed?
A. Perform penetration testing.
B. Determine device risk scores.
C. Implement a security monitoring system.
D. Perform quantitative risk analysis.
Which type of network masking is used when Cisco IOS access control lists are configured?
A. extended subnet masking
B. standard subnet masking
C. priority masking
D. wildcard masking
How are Cisco IOS access control lists processed?
A. Standard ACLs are processed first.
B. The best match ACL is matched first.
C. Permit ACL entries are matched first before the deny ACL entries.
D. ACLs are matched from top down.
E. The global ACL is matched first before the interface ACL.
Which type of management reporting is defined by separating management traffic from production traffic?
A. IPsec encrypted
Which syslog level is associated with LOG_WARNING?
In which type of Layer 2 attack does an attacker broadcast BDPUs with a lower switch priority?
A. MAC spoofing attack
B. CAM overflow attack
C. VLAN hopping attack
D. STP attack
New Updated Passleader Cisco 640-554 Exam Dumps Free Download