100% Pass VCE Dumps–Cisco 642-457 Branindump With Free VCE And PDF Download

Exam A 100% Valid Cisco 642-457 exam questions and answers are tested and approved by Microsoft experts. Furthermore, we are constantly updating our Cisco 642-457 exam dumps, 100% guarantee in quality and reliability.
QUESTION 1
When using the Site to Site VPN wizard in Cisco Router and Security Device Manager, why would you need to create an access list using the Add a Rule screen?
A. to open holes on the firewall to permit ISAKMP, ESP, and AH traffic
B. to define the traffic that will be protected by IPSec
C. to specify a range of IP addresses on the inside interface
D. to specify the remote-peer IP address range
E. to enable split tunneling

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Under normal operation, which light sequence on the Cisco Aironet 1300 Wireless Bridge indicates that a device is associated to the bridge?
A. The center LED (Status) is solid green
B. The center LED (Status) flashes green once every second
C. The center LED (Status) flashes green once every 3 seconds
D. The center LED (Status) blinks amber when an association occurs

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 3

A. VLAN 1 is blocked, while VLAN 2 is forwarding
B. VLAN 1 is blocked, while VLAN 2 is listening
C. Both VLANs are listening on the port from which this BPDU is sent
D. Both VLANs are blocked on the port from which this BPDU is received

Correct Answer: D Section: (none) Explanation Explanation/Reference:
QUESTION 4
A user is not able to access the Cisco Router and Security Device Manager (SDM) via HTTPS. Which two situations could be causing the problem? (Choose two.)
A. The ip https server command is not in the running-config
B. The ip http secure-server command is not in the running-config
C. The user is trying to launch Cisco SDM from the inside (secured) interface with firewall enabled
D. The user does not have a privilege level of 15

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Certkiller.com wants to implement wireless security through implementation of WPAv2. Which component of WPAv2 would limit the rollout because of the continued use of old access points?
A. 48-bit IV
B. AES
C. TKIP
D. MIC

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 6

A. The IPSec and IKE encryption methods do not match. They all have to be either 3DES or AES
B. Certkiller 1 is using a standard IP ACL (100-149) while Certkiller 2 is using a turbo ACL (150-199)
C. The D-H Group settings on the two routers are set to group 2. They must be set to group 1 for SHA-1
D. The IPSec policy map names on the two routers do not match. They must be the same on both routers
E. The IPSec rules on the two routers are not permitting the correct interesting traffic

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 7
An administrator at host address 10.0.1.11 is trying to gain access to Cisco Adaptive Security Device Manager via a Cisco ASA Security Appliance inside interface at IP address 10.0.1.1. Which two commands are required on a security appliance to enable Cisco ASDM access? (Choose two.)
A. http (inside) host 10.0.1.11
B. Access-list asdm_access permit tcp host 10.0.1.11 host 10.0.1.1 eq http ! http (inside) match asdm_access !
C. http server enable
D. asdm-management enable
E. http 10.0.1.1 255.255.255.255 inside
F. Access-list asdm_access permit tcp host 10.0.1.11 host 10.0.1.1 eq http asdm-map ASDM match asdm_access

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
What is the default authentication method when using HTTP to access the Cisco Router and Security Device Manager (SDM), assuming that you are not using the default configuration file (sdmconfig-xxxx.cfg) that comes with Cisco SDM?
A. none
B. local database
C. aaa
D. enable password
E. line console password
F. line vty password

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 9
The network administrator has configured the SSID value in a wireless Cisco Aironet client card. What is the result of the client-to-access-point association if the client SSID1 is left blank, and the SSID2 is assigned a value of my_ssid?
A. The client will consider SSID1 a null value, causing the client to request the SSID from the access point
B. The client software will not allow this configuration and will create an error message until the configuration is corrected
C. The client software will replace SSID1 with SSID2, and use my_ssid to attempt association with the access point
D. The client software will attempt association with the access point using a null value of SSID1, and if not successful it will rotate to use the SSID2 value of my_ssid

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which four features can be configured using Cisco Router and Security Device Manager version 2.1.1? (Choose four.)
A. IP multicast routing (PIM)
B. IPS
C. Easy VPN Remote and Easy VPN Server
D. static routes and IGP routing protocols (OSPF, RIP, EIGRP)
E. SSL VPN (WebVPN)
F. AAA

Correct Answer: BCDF Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Which three are different types of STP inconsistencies in a Layer 2 network? (Choose three.)
A. MAC inconsistency
B. root inconsistency
C. EtherChannel inconsistency
D. type inconsistency
E. PVID inconsistency
F. vendor inconsistency

Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 12

A. HMAC-SHA1 is used to authenticate the remote users
B. Preshared key is used to authenticate the remote peer
C. AES is used to provide data confidentiality
D. The Cisco VPN Client software is assigned an internal IP address of 192.168.1.1
E. The PC that is running the Cisco VPN Client software will not have access to the local LAN once the PC is connected into the VPN

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Which two statements are correct about using Cisco Router and Security Device Manager (SDM) to configure the OSPF routing protocol? (Choose two.)
A. Cisco SDM enforces the creation of area 0 when configuring OSPF
B. Cisco SDM will use the supplied wildcard mask to exclude the host bits from the configured network address
C. Cisco SDM allows the configuration of an area range to allow route summarization between OSPF areas
D. Cisco SDM allows the selection of OSPFv1 or OSPFv2
E. Cisco SDM allows the configuration of passive interfaces

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 14
The Cisco Aironet 802.11a/b/g Wireless LAN Client Adapter has two LEDs. Which two situations indicate that the card is associated to an access point and is working properly? (Choose two.)
A. green LED off; amber LED solid
B. green LED off; amber LED blinking sporadically
C. green LED blinking fast; amber LED blinking fast
D. green LED blinking slowly; amber LED blinking slowly
E. green LED blinking slowly; amber LED blinking fast

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which two statements best describe the wireless core feature set using autonomous access points when implementing Wireless Domain Services? (Choose two.)
A. The primary Layer 2 WDS server address is configured via the infrastructure access point GUI
B. The primary Layer 2 WDS server address is automatically discovered by the infrastructure access points through multicast
C. The primary Layer 2 WDS is selected by the highest MAC address, followed by priority number
D. The primary Layer 2 WDS is selected by the highest priority number, followed by MAC address.
E. The primary Layer 2 WDS is selected by the highest IP address, followed by MAC address

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 16
When will you need to enable the transparent tunneling feature on the Cisco VPN Client software?
A. to enable DMVPN
B. to enable dynamic routing over the IPSec tunnel using GRE
C. to enable V3PN
D. if the IPSec-protected traffic is going through a router that is performing NAT or PAT
E. if IPSec is using tunnel mode instead of transport mode

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Several users have reported problems accessing the new company web server. How can the administrator test to ensure that all layers of the OSI model are working?
A. Ping the web server by name
B. Ping the IP address of the web server
C. Telnet to port 80 of the web server
D. Use the debug ip http server command
E. Use the show ip http server command
F. Use the netstat -r command

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 18

A. Perfomance, Configuration, Fault monitoring, Accounting, Security
B. Configuration, Fault monitoring, Accounting, Security, Perfomance
C. Configuration, Accounting, Fault monitoring, Security, Perfomance
D. Security, Accounting, Configuration, Perfomance, Fault monitoring

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which two statements are correct about OSPF in a multiarea environment? (Choose two.)
A. OSPF will by default summarize routing updates between areas
B. OSPF requires the use of the area range configuration command only when nondefault summarization is required
C. OSPF ABR routers are needed only at the boundary of another OSPF area
D. OSPF uses wildcard masks in the network statements but subnet masks in the area range statements
E. OSPF requires that all areas have a least one ASBR

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 20
When implementing an integrated network-security management design, which critical issue should you account for?
A. that management stations intercommunicate and can correlate events
B. that full syslogging of all events is enabled
C. that all network devices are time synchronized
D. that SNMP community read-write strings are configured to allow for total management access

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 21
Users logging into Cisco Router and Security Device Manager (SDM) should be authenticated using the Cisco ISR local user database. Currently, none of the users can access the Cisco SDM via HTTP. Which command or commands should be verified as properly configured on the ISR to resolve this problem?
A. ip http secure-server
B. ip http authentication local
C. line vty 0 5 login local
D. line con 0 login local
E. aaa new-model aaa authentication login default local
F. aaa new-model aaa authorization exec default local
Correct Answer: B Section: (none) Explanation

Explanation/Reference:
QUESTION 22
Which two items have the most influence on an outdoor wireless antenna bridge-path installation? (Choose two.)
A. snow
B. Earth’s curvature
C. lightning
D. Fresnel zone
E. rain

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 23
Which two statements best describe the wireless implementation of Cisco Aironet root and non-root bridging? (Choose two.)
A. Point-to-point access points can be used if one is root and the other is non-root
B. WGB can be used with an access point if the distance is less than one mile
C. Root mode must be enabled only on one side in a point-to-point link to interoperate with other vendors and comply with 802.11
D. Up to 17 non-root bridges can associate to a root bridge
E. Point-to-point WGB can be used if total number of PCs is fewer than eight

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 24
Which two statements are correct about using Cisco Router and Security Device Manager (SDM) to configure RIP routing protocol? (Choose two.)
A. Cisco SDM allows the configuration of RIPv2 network masks.
B. Cisco SDM allows the configuration only of RIPv2
C. Cisco SDM allows the configuration of RIPv1 and RIPv2
D. Cisco SDM allows leaving the selection of the RIP protocol version to the default of the installed Cisco IOS software

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 25
What is not a correct statement about PoE ports that are implemented on Cisco Catalyst 4500 Series switches?
A. They can distinguish a Cisco prestandard device
B. They can distinguish an IEEE 802.1af powered device
C. They can distinguish an unpowered NIC
D. They provide -48 VDC power over standard Category 5 UTP cable
E. They deliver power for a distance up to 100 meters over standard Category 5 UTP cable.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 26

A. Certkiller 1 will not receive any EIGRP updates from Certkiller 2
B. Certkiller 3 will not receive any EIGRP updates from Certkiller 2
C. It is possible to configure the auto summary behavior of EIGRP 100 on Certkiller 2 using Cisco SDM
D. It is possible to configure multiple instances of EIGRP on Certkiller 2 using Cisco SDM, providing the autonomous systems numbers do not conflict
E. The IP address masks of interfaces FastEthernet 0/0 and FastEthernet 0/1 must match their corresponding network statements in the EIGRP routing protocol for routing updates to be exchanged
F. The various network and mask configurations under EIGRP 100 can be reduced to a single line of
172.16.224.0 0.0.31.255

Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 27
After performing a security audit in Cisco Router and Security Device Manager (SDM), you receive this as one of the results: Enable Unicast RPF on all outside interfaces – Not Passed. Which Cisco SDM configuration wizard can be use to resolve this?
A. Easy VPN Server
B. Basic Firewall
C. Edit Interface/Connection
D. Site to Site VPN
E. Routing
F. NAT

Correct Answer: B Section: (none) Explanation
Explanation/Reference:

Both PDF and software format demos for Cisco 642-457 exam dumps are offered by Flydumps for free. You can try Cisco 642-457 free demo before you decide to buy the full version practice test.Cisco 642-457 exam dumps details are researched and produced by our Professional Certification Experts who are constantly using industry experience to produce precise, and logical.Cisco 642-457 exam dumps will not only help you pass in one attempt,but also save your valuable time.