ExamBible cisco 640 553 study free demo
cisco 640 553 study free demo
Exam : Cisco 640-553
Title : IINS Implementing Cisco IOS Network Security
1. What will be disabled as a result of the no service password-recovery
command?
A. changes to the config-register setting
B. ROMMON
C. password encryption service
D. aaa new-model global configuration command
E. the xmodem privilege EXEC mode command to recover the Cisco IOS image
Answer: B
2. What are two characteristics of the SDM Security Audit wizard?
(Choose two.)
A. displays a screen with Fix-it check boxes to let you choose which
potential
security-related configuration changes to implement
B. has two modes of operationinteractive and non-interactive
C. automatically enables Cisco IOS firewall and Cisco IOS IPS to secure
the
router
D. uses interactive dialogs and prompts to implement role-based CLI
E. requires users to first identify which router interfaces connect to
the
inside network and which connect to the outside network
Answer: AE
3. Which of these correctly matches the CLI command(s) to the equivalent
SDM
wizard that performs similar configuration functions?
A. Cisco Common Classification Policy Language configuration commands
and the
SDM Site-to-Site VPN wizard
B. auto secure exec command and the SDM One-Step Lockdown wizard
C. setup exec command and the SDM Security Audit wizard
D. class-maps, policy-maps, and service-policy configuration commands
and the
SDM IPS wizard
E. aaa configuration commands and the SDM Basic Firewall wizard
Answer: B
4. Refer to the exhibit. Which statement is correct based on the show
login
command output shown?
A. When the router goes into quiet mode, any host is permitted to access
the
router via Telnet, SSH, and HTTP, since the quiet-mode access list has
not been
configured.
B. The login block-for command is configured to block login hosts for 93
seconds.
C. All logins from any sources are blocked for another 193 seconds.
D. Three or more login requests have failed within the last 100 seconds.
Answer: D
5. Refer to the exhibit. What does the option secret 5 in the username global
configuration mode command
indicate about the enable secret password?
A. It is hashed using SHA.
B. It is encrypted using DH group 5.
C. It is hashed using MD5.
D. It is encrypted via the service password-encryption command.
E. It is hashed using a proprietary Cisco hashing algorithm.
F. It is encrypted using a proprietary Cisco encryption algorithm.
Answer: C
6. During role-based CLI configuration, what must be enabled before any
user
views can be created?
A. multiple privilege levels
B. usernames and passwords
C. aaa new-model command
D. secret password for the root user
E. HTTP and/or HTTPS server
Answer: C
7. What is a result of securing the Cisco IOS image using the Cisco IOS
image
resilience feature?
A. The show version command will not show the Cisco IOS image file
location.
B. The Cisco IOS image file will not be visible in the output from the
show
flash command.
C. When the router boots up, the Cisco IOS image will be loaded from a
secured
FTP location.
D. The running Cisco IOS image will be encrypted and then automatically
backed
up to the NVRAM.
E. The running Cisco IOS image will be encrypted and then automatically
backed
up to a TFTP server.
Answer: B
8. What does level 5
in the
following enable secret global configuration mode command indicate?
router#enable secret level 5 password
A. The enable secret password is hashed using MD5.
B. The enable secret password is hashed using SHA.
C. The enable secret password is encrypted using Cisco proprietary level
5
encryption.
D. Set the enable secret command to privilege level 5.
E. The enable secret password is for accessing exec privilege level 5.
Answer: E
cisco 640 553 free download:
http://rapidshare.com/files/360858461/ExamBible_640-553.pdf.html
More info: ccna 640 553
More info: 640 553 exam
More info: cisco 640 553
More info: ccna security official exam certification guide exam 640 553
More info: download 640 553
