[Free] Download New Updated (December) Cisco 640-554 Exam Questions 231-240

By | December 12, 2015

Ensurepass

QUESTION 231

Which two protocols can SNMP use to send messages over a secure communications channel? (Choose two.)

 

A.

DTLS

B.

TLS

C.

ESP

D.

AH

E.

ISAKMP

 

Correct Answer: AB

 < /font>

 

QUESTION 232

Which two options are for securing NTP? (Choose two.)

 

A.

a stratum clock

B.

access lists

C.

Secure Shell

D.

authentication

E.

Telnet

 

Correct Answer: BD

 

 

QUESTION 233

What must be configured before Secure Copy can be enabled?

 

A.

SSH

B.

AAA

C.

TFTP

D.

FTP

 

Correct Answer: B

 

 

QUESTION 234

Which two ports does Cisco Configuration Professional use? (Choose two.)

 

A.

80

B.

8080

C.

443

D.

21

E.

23

 

Correct Answer: AC

 

 

QUESTION 235

Which two options are physical security threats? (Choose two.)

 

A.

hardware

B.

environment

C.

access lists

D.

device configurations

E.

software version

 

Correct Answer: AB

 

 

QUESTION 236

Which command configures stateful packet inspection to inspect a packet after it passes the inbound ACL of the input interface?

 

A.

ip inspect out

B.

ip inspect in

C.

ip inspect name audit-trail on

D.

ip inspect name audit-trail off

 

Correct Answer: B

 

 

QUESTION 237

Which statement about identity NAT is true?

 

A.

It is a static NAT configuration that translates the real IP address on the ingress interface to the same IP address on the egress interface.

B.

It is a dynamic NAT configuration that translates a real IP address to a mapped IP address.

C.

It is a static NAT configuration that translates a real IP address to a mapped IP address.

D.

It is a dynamic NAT configuration that translates the real IP address on the ingress interface to the same IP address on the egress interface.

 

Correct Answer: A

 

 

QUESTION 238

Which element must you configure to allow traffic to flow from one security zone to another?

 

A.

a zone pair

B.

a site-to-site VPN

C.

a zone list

D.

a zone-based policy

 

Correct Answer: A

 

 

QUESTION 239

With which two NAT types can Cisco ASA implement address translation? (Choose two.)

 

A.

network object NAT

B.

destination NAT

C.

twice NAT

D.

source NAT

E.

double NAT

 

Correct Answer: AC

 

 

QUESTION 240

Which technology is the most effective choice for locally mirroring ports to support data investigation for a single device at the data layer?

 

A.

RMON

B.

SPAN

C.

RSPAN

D.

ERSPAN

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 640-554 Exam Questions

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …