Pass4Test 의 Security Specialist 642-583 시험에 도전장을 던지셨나요? 현황에 만족하지 않고 열심히 하는 모습에 박수를 보내드립니다. Security Specialist 642-583 시험을 학원등록하지 않고 많은 공부자료 필요없이 Pass4Test 에서 제공해드리는 Security Specialist 642-583 덤프만으로도 가능합니다. 수많은 분들이 검증한  Security Specialist 642-583 덤프는 시장에서 가장 최신버전입니다.가격도 친근하구요.

 

 

NO.1 Which platform can support the highest number of SSL sessions?
A. Cisco 3845 with AIM-VPN/SSL-3
B. Cisco 7200 NPE-GE+VSA
C. Cisco 7200 NPE-GE+VAM2+
D. Cisco ASR1000-5G
E. Cisco 6500/7600 + VPN SPA
F. Cisco ASA 5580
Answer: F

NO.2 Which statement is true?
A. Three-year commitments cost less per year than three consecutive one-year commitments.
B. Three consecutive one-year commitments cost less than one three-year commitment.
C. Three-year commitments cost the same per year as three consecutive one-year commitments
D. CiscoIronPort does not sell three-year commitments.
Answer: A

NO.3 Deploying logical security controls such as firewall and IPS appliances is an example of which kind of
risk-management option.?
A. risk avoidance
B. risk transfer
C. risk retention
D. risk reduction
E. risk removal
Answer: A

NO.4 The Cisco IPS Manager Express (IME) can be used to manage how many IPS appliances, at a
maximum?
A. 3
B. 5
C. 10
D. 15
E. 20
F. 25
Answer: B

NO.5 Which statement regarding the Cisco ASA encrypted voice inspection capability is correct?
A. The Cisco ASA decrypts, inspects, then re-encrypts voice-signaling traffic; all of the existing VoIP
inspection functions for SCCP and SIP protocols are preserved.
B. The Cisco ASA acts as a non-transparent TLS proxy between the Cisco IP Phone and Cisco Unified
Communications Manager.
C. TLS proxy applies to the encryption layer and is configured by using a Layer 3/4 inspection policy on
the Cisco AS
D. D. The Cisco ASA does not support PAT and NAT for SCCP inspection.
E. The Cisco ASA serves as a proxy for both client and server, with the Cisco IP Phone and the Session
Border Controller.
Answer: A

NO.6 DRAG DROP
Answer:

NO.7 Which Cisco ASA's Unified Communications proxy feature manipulates both the signaling and the
media channels?
A. TLS Proxy
B. H.323 Proxy
C. SIP Proxy
D. Phone Proxy
E. CUMA Proxy
Answer: D

NO.8 What is the benefit of the Cisco ASA phone proxy feature?
A. allows businesses to securely connect their Cisco Unified Presence clients back to their
enterprise networks or to share presence information between Cisco Unified Presence servers in different
enterprises
B. allows telecommuters to connect their IP phones to the corporate IP telephony network
securely over the Internet, without the need to connect over a VPN tunnel
C. allows businesses to configure granular policies for SCCP traffic, such as enforcing only registered
phone calls to send traffic through the Cisco ASA security appliance and filtering on message IDs to allow
or disallow specific messages
D. enables deep inspection services for SIP traffic for both User Datagram Protocol (UDP) and
TCP-based SIP environments, thus providing granular control for protection against unified
communications attacks
E. enables inspection of the RTSP protocols that are used to control communications between the client
and server for streaming applications
F. enables advanced H.323 inspection services that support H.323 versions 14 along with Direct Call
Signaling (DCS) and Gatekeeper-Routed Call Signaling (GKRCS) to provide flexible security integration
in a variety of H.323-driven VoIP environments
Answer: B

NO.9 Which series of steps illustrates how a challenge-and-response authentication protocol functions?
A. Exhibit A
B. Exhibit B
C. Exhibit C
Answer: A

NO.10 What are the advantages and disadvantages of using the "Direct to tower" or PAC file methods for
redirecting traffic to ScanSafe?
A. Advantages: ease of deployment, especially for multiple breakout points Disadvantages: no user
granularity
B. Advantages: user granularity Disadvantages: requires additional hardware for each breakout point
C. Advantages: no browser changes required Disadvantages: not all browsers supported
Answer: A

NO.11 Which Cisco ASA configuration is required to implement active/active failover?
A. transparent firewall
B. modular policy framework (MPF)
C. virtual contexts
D. policy-based routing
E. redundant interfaces
F. VLANs
Answer: C

NO.12 Which two protocols can be used to implement high-availability IPS design, using the Cisco IPS 4200
Series Sensor appliance? (Choose two.)
A. spanning tree
B. stateful failover
C. EtherChannel load balancing
D. WCCP
E. HSRP
F. SDEE
Answer: A,C

NO.13 Which two settings can the Cisco Security Agent (release 5.2 and later) monitor to control user's
wireless access? (Choose two.)
A. protection types such as WEP, TKIP
B. wireless card type (802.11a, b, org)
C. SSIDs
D. antivirus version
E. lightweight versus autonomous mode
Answer: A,C

NO.14 Which option best describes Dynamic Content Filtering on the web security appliance?
A. external DLP option for acceptable use scanning
B. filter for pages and frames with dynamic control asset HTML tags
C. content scanner for streaming videos
D. advanced rule engine for categorizing dark web sites
Answer: D

NO.15 Which countermeasure is best used to protect against rogue access points that are outside the
enterprise physical perimeter and that attempt to attract legitimate clients?
A. dedicated rogue detector access points with active and passive RLDP and radio containment
B. personal firewall
C. Management Frame Protection
D. wireless IDS/IPS
E. EAP-TLS bidirectional authentication
Answer: E