Cisco 642-583 (Security Solutions for Systems Engineers) 시험을 패스해서 자격증을 취득하려고 하는데 시험비며 학원비며 공부자료비며 비용이 만만치 않다구요? 제일 저렴한 가격으로 제일 효과좋은Pass4Test 의 Cisco 642-583 (Security Solutions for Systems Engineers) 덤프를 알고 계시는지요? Pass4Test 의 Cisco 642-583 (Security Solutions for Systems Engineers)  덤프는 최신 시험문제에 근거하여 만들어진 시험준비공부가이드로서 학원공부 필요없이 덤프공부만으로도 시험을 한방에 패스할수 있습니다. 덤프를 구매하신분은 철저한 구매후 서비스도 받을수 있습니다.

 

 

NO.1 Which Cisco ASA configuration is required to implement active/active failover?
A. transparent firewall
B. modular policy framework (MPF)
C. virtual contexts
D. policy-based routing
E. redundant interfaces
F. VLANs
Answer: C

NO.2 The Cisco IPS Manager Express (IME) can be used to manage how many IPS appliances, at a
maximum?
A. 3
B. 5
C. 10
D. 15
E. 20
F. 25
Answer: B

NO.3 Deploying logical security controls such as firewall and IPS appliances is an example of which kind of
risk-management option.?
A. risk avoidance
B. risk transfer
C. risk retention
D. risk reduction
E. risk removal
Answer: A

NO.4 DRAG DROP
Answer:

NO.5 Which statement regarding the Cisco ASA encrypted voice inspection capability is correct?
A. The Cisco ASA decrypts, inspects, then re-encrypts voice-signaling traffic; all of the existing VoIP
inspection functions for SCCP and SIP protocols are preserved.
B. The Cisco ASA acts as a non-transparent TLS proxy between the Cisco IP Phone and Cisco Unified
Communications Manager.
C. TLS proxy applies to the encryption layer and is configured by using a Layer 3/4 inspection policy on
the Cisco AS
D. D. The Cisco ASA does not support PAT and NAT for SCCP inspection.
E. The Cisco ASA serves as a proxy for both client and server, with the Cisco IP Phone and the Session
Border Controller.
Answer: A

NO.6 Which series of steps illustrates how a challenge-and-response authentication protocol functions?
A. Exhibit A
B. Exhibit B
C. Exhibit C
Answer: A

NO.7 Which platform can support the highest number of SSL sessions?
A. Cisco 3845 with AIM-VPN/SSL-3
B. Cisco 7200 NPE-GE+VSA
C. Cisco 7200 NPE-GE+VAM2+
D. Cisco ASR1000-5G
E. Cisco 6500/7600 + VPN SPA
F. Cisco ASA 5580
Answer: F

NO.8 Which option best describes Dynamic Content Filtering on the web security appliance?
A. external DLP option for acceptable use scanning
B. filter for pages and frames with dynamic control asset HTML tags
C. content scanner for streaming videos
D. advanced rule engine for categorizing dark web sites
Answer: D

NO.9 Which Cisco ASA's Unified Communications proxy feature manipulates both the signaling and the
media channels?
A. TLS Proxy
B. H.323 Proxy
C. SIP Proxy
D. Phone Proxy
E. CUMA Proxy
Answer: D

NO.10 Which countermeasure is best used to protect against rogue access points that are outside the
enterprise physical perimeter and that attempt to attract legitimate clients?
A. dedicated rogue detector access points with active and passive RLDP and radio containment
B. personal firewall
C. Management Frame Protection
D. wireless IDS/IPS
E. EAP-TLS bidirectional authentication
Answer: E

NO.11 What is the benefit of the Cisco ASA phone proxy feature?
A. allows businesses to securely connect their Cisco Unified Presence clients back to their
enterprise networks or to share presence information between Cisco Unified Presence servers in different
enterprises
B. allows telecommuters to connect their IP phones to the corporate IP telephony network
securely over the Internet, without the need to connect over a VPN tunnel
C. allows businesses to configure granular policies for SCCP traffic, such as enforcing only registered
phone calls to send traffic through the Cisco ASA security appliance and filtering on message IDs to allow
or disallow specific messages
D. enables deep inspection services for SIP traffic for both User Datagram Protocol (UDP) and
TCP-based SIP environments, thus providing granular control for protection against unified
communications attacks
E. enables inspection of the RTSP protocols that are used to control communications between the client
and server for streaming applications
F. enables advanced H.323 inspection services that support H.323 versions 14 along with Direct Call
Signaling (DCS) and Gatekeeper-Routed Call Signaling (GKRCS) to provide flexible security integration
in a variety of H.323-driven VoIP environments
Answer: B

NO.12 Which two protocols can be used to implement high-availability IPS design, using the Cisco IPS 4200
Series Sensor appliance? (Choose two.)
A. spanning tree
B. stateful failover
C. EtherChannel load balancing
D. WCCP
E. HSRP
F. SDEE
Answer: A,C

NO.13 Which two settings can the Cisco Security Agent (release 5.2 and later) monitor to control user's
wireless access? (Choose two.)
A. protection types such as WEP, TKIP
B. wireless card type (802.11a, b, org)
C. SSIDs
D. antivirus version
E. lightweight versus autonomous mode
Answer: A,C

NO.14 What are the advantages and disadvantages of using the "Direct to tower" or PAC file methods for
redirecting traffic to ScanSafe?
A. Advantages: ease of deployment, especially for multiple breakout points Disadvantages: no user
granularity
B. Advantages: user granularity Disadvantages: requires additional hardware for each breakout point
C. Advantages: no browser changes required Disadvantages: not all browsers supported
Answer: A

NO.15 Which statement is true?
A. Three-year commitments cost less per year than three consecutive one-year commitments.
B. Three consecutive one-year commitments cost less than one three-year commitment.
C. Three-year commitments cost the same per year as three consecutive one-year commitments
D. CiscoIronPort does not sell three-year commitments.
Answer: A