Which security measure must you take for native VLANs on a trunk port?
A. Native VLANs for trunk ports should never be used anywhere else on the switch.
B. The native VLAN for trunk ports should be VLAN 1.
C. Native VLANs for trunk ports should match access VLANs to ensure that cross-VLAN traffic from multiple switches can be delivered to physically disparate switches.
D. Native VLANs for trunk ports should be tagged with 802.1Q.
Refer to the exhibit.
***Exhibit is Missing***
Which switch is designated as the root bridge in this topology?
A. It depends on which switch came on line first.
B. Neither switch would assume the role of root bridge because they have the same default priority.
C. switch X
D. switch Y
Which type of firewall technology is considered the versatile and commonly used firewall technology?
A. static packet filter firewall
B. application layer firewall
C. stateful packet filter firewall
D. proxy firewall
E. adaptive layer firewall
Which type of NAT is used where you translate multiple internal IP addresses to a single global, routable IP address?
A. policy NAT
B. dynamic PAT
C. static NAT
D. dynamic NAT
E. policy PAT
Which Cisco IPS product offers an inline, deep-packet inspection feature that is available in integrated services routers?
A. Cisco iSDM
B. Cisco AIM
C. Cisco IOS IPS
D. Cisco AIP-SSM
Which three modes of access can be delivered by SSL VPN? (Choose three.)
A. full tunnel client
B. IPsec SSL
C. TLS transport mode
D. thin client
F. TLS tunnel mode
During role-based CLI configuration, what must be enabled before any user views can be created?
A. multiple privilege levels
B. usernames and passwords
C. aaa new-model command
D. secret password for the root user
E. HTTP and/or HTTPS server
F. TACACS server group
Which three statements about applying access control lists to a Cisco router are true? (Choose three.)
A. Place more specific ACL entries at the top of the ACL.
B. Place generic ACL entries at the top of the ACL to filter general traffic and thereby reduce "noise" on the network.
C. ACLs always search for the most specific entry before taking any filtering action.
D. Router-generated packets cannot be filtered by ACLs on the router.
E. If an access list is applied but it is not configured, all traffic passes.
When port security is enabled on a Cisco Catalyst switch, what is the default action when the configured maximum number of allowed MAC addresses value is exceeded?
A. The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out.
B. The port is shut down.
C. The MAC address table is cleared and the new MAC address is entered into the table.
D. The violation mode of the port is set to restrict.
Which three statements about the Cisco ASA appliance are true? (Choose three.)
A. The DMZ interface(s) on the Cisco ASA appliance most typically use a security level between 1 and 99.
B. The Cisco ASA appliance supports Active/Active or Active/Standby failover.
C. The Cisco ASA appliance has no default MPF configurations.
D. The Cisco ASA appliance uses security contexts to virtually partition the ASA into multiple virtual firewalls.
E. The Cisco ASA appliance supports user-based access control using 802.1x.
F. An SSM is required on the Cisco ASA appliance to support Botnet Traffic Filtering.
New Updated Passleader Cisco 640-554 Exam Dumps Free Download