[Free] Download New Updated (December) Cisco 640-554 Exam Questions 211-220

By | December 12, 2015

Ensurepass

QUESTION 211

Which VTP mode allows you to change the VLAN configuration and will then propagate the change throughout the entire switched network?

 

A.

VTP server

B.

VTP client

C.

VTP transparent

D.

VTP off

 

Correct Answer: A

 

 

QUESTION 212

When a switch has multiple links connected to a downstream switch, what is the first step that STP t
akes to prevent loops?

 

A.

STP elects the root bridge.

B.

STP selects the root port.

C.

STP selects the designated port.

D.

STP blocks one of the ports.

 

Correct Answer: A

 

 

QUESTION 213

What is the default STP priority on a switch?

 

A.

4096

B.

24576

C.

16384

D.

32768

 

Correct Answer: D

 

 

QUESTION 214

Which two options are asymmetric-key algorithms that are recommended by Cisco? (Choose two.)

 

A.

Rivest-Shamir-Adleman Algorithm

B.

ElGamal encryption system

C.

Digital Signature Algorithm

D.

Paillier cryptosystem

 

Correct Answer: AC

 

 

 

QUESTION 215

Which IPsec component takes an input message of arbitrary length and produces a fixed-length output message?

 

A.

the transform set

B.

the group policy

C.

the hash

D.

the crypto map

 

Correct Answer: C

 

 

QUESTION 216

Which three options are components of Transport Layer Security? (Choose three.)

 

A.

stateless handshake

B.

stateful handshake

C.

application layer

D.

session layer

E.

pre-shared keys

F.

digital certificates

 

Correct Answer: BCF

 

 

QUESTION 217

What are three features of IPsec tunnel mode? (Choose three.)

 

A.

IPsec tunnel mode supports multicast.

B.

IPsec tunnel mode is used between gateways.

C.

IPsec tunnel mode is used between end stations.

D.

IPsec tunnel mode supports unicast traffic.

E.

IPsec tunnel mode encrypts only the payload.

F.

IPsec tunnel mode encrypts the entire packet.

 

Correct Answer: BDF

 

 

QUESTION 218< /b>

Which command provides phase 1 and phase 2 status for all active sessions of an IPsec VPN on a Cisco router?

 

A.

show crypto map

B.

show crypto ipsec sa

C.

show crypto isakmp sa

D.

show crypto session

 

Correct Answer: D

 

 

 

 

 

QUESTION 219

How can you prevent clientless SSL VPN users from accessing any HTTP or HTTPS URL within the portal?

 

A.

Configure a web ACL.

B.

Turn off URL entry.

C.

Configure a smart tunnel.

D.

Configure a portal access rule.

 

Correct Answer: B

 

 

QUESTION 220

Which Cisco AnyConnect VPN feature enables DTLS to fall back to a TLS connection?

 

A.

perfect forward secrecy

B.

dead peer detection

C.

keepalives

D.

IKEv2

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 640-554 Exam Questions

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …