Free Sharing Flydumps Cisco 642-371 exam questions and answers are constantly being revised and updated for relevance and accuracy.Many candidates has passed the Cisco 642-371 exam easily by training the new version.100% pass rate.

QUESTION 40
Which of these is a benefit of an integrated security management system?
A. It provides configuration, monitoring, and troubleshooting capabilities across a wide range of security products.
B. It integrates security device management products and collects events on an “as needed” basis to reduce management overhead.
C. It integrates security management capabilities into the router or switch.
D. It provides a single point of contact for all security configuration tasks thereby enhancing the return on investment.
E. It leverages existing network management systems such as HP OpenView to lower the cost of implementation.

Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 41
Which of these is an administrative time saving benefit of dynamic signature definition files on a Cisco router running Cisco IOS IPS?
A. dynamically learns new signatures in real time
B. dynamically updates signatures from Cisco.com
C. dynamically configures IPS signature parameters
D. dynamically chooses which signatures to activate based upon network traffic seen

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 42
After properly configuring multiple VLANs, an administrator has decided to secure its VLAN network. Which three steps are required to secure this environment? (Choose three.)
A. If a port is connected to a foreign device make sure to disable CDP, DTP, RPR, PAgP, UDLP, and any other unnecessary protocols, and enable UplinkFast/BPDU guard on it.
B. Enable root guard feature to prevent a directly or indirectly connected STP-capable device from affecting the location of the root bridge.
C. Configure VTP domains appropriately or turn off VTP altogether to limit or prevent possible undesirable protocol interaction with regards to the network-wide VLAN configuration.
D. Set the native VLAN ID to match the port VLAN ID of any 802.1q trunk to prevent spoofing.
E. Disable all unused ports and place them in an unused VLAN to avoid unauthorized access.

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 43
Regarding the USB eToken module supported on the Cisco ISR series of routers, which three of these are correct? (Choose three.)
A. The storage size is 32KB.
B. The storage size is 128MB.
C. It is used for Cisco IOS image storage.
D. Files can be encrypted and accessed via a PIN.
E. The USB eToken feature is a Cisco proprietary feature.
F. A bootstrap configuration can be stored in its unprotected space.

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 44
Which statement concerning the Active/Active failover feature is correct?
A. ASA Security Appliance failover pair must have either an Unrestricted and UR license or a UR and FO-
A/A license to be able to support Active/Active failover.
B. If an active security context within the primary security appliance “fails”, the status of the primary security appliance unit changes to “failed” while the secondary failover security appliance unit transitions to “active.”
C. Active/Active failover is supported in “multiple mode” configuration only.
D. Active/Active failover supports site-to-site IPSec VPN stateful failover.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 45
Wi-Fi Protected Access was an interim step on the way to the more secure WPA2. What was added in WPA2 to make it more secure?
A. PEAP
B. EAP-FAST
C. AES encryption
D. Rivest Cipher 4 encryption

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 46
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 47
Refer to the exhibit. A company wants to connect two new offices to their main office. One building is 2 miles away from the headquarters and the other is 12 miles away. The angle between the buildings is 80 degrees. Which antenna is the best to use in this situation?

A. 12 dBi omni
B. 10 dBi yagi
C. 14 dBi sector
D. 21 dBi dish

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Drag Drop question

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 49
Which two of these items best describe the benefits of RF management for the wireless core feature set using autonomous access points? (Choose two.)
A. Rogue AP detection extends only to the boundaries of the Basic Service Set.
B. Access points can monitor RF while passing client data.
C. Radio management information is aggregated at the WLSE and graphically displayed at the Location Manager appliance.
D. RF management can detect, isolate, and mitigate root access points.
E. Access points must be in sensor scanning mode and with no client data traffic.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 50
What is the benefit of using the Cisco Easy VPN Server feature along with the Cisco software VPN client for implementing remote-access VPNs?
A. The Cisco Easy VPN Server feature and the Cisco software VPN client use the same GUI configuration tool to simplify remote-access VPN configurations.
B. The Cisco Easy VPN Server feature allows the Cisco software VPN client to receive its security policies from the central site VPN device. This minimizes the configuration requirements at the remote location for large remote access VPN deployments.
C. The Cisco Easy VPN Server feature and the Cisco software VPN client use hardware-based encryption to reduce the CPU overhead of the central site VPN router.
D. The Cisco Easy VPN Server feature and the Cisco software VPN client enable scalable remote-access VPNs deployment by using a thick client/thin server model where the central site VPN router can handle thousands of incoming VPN connections.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Which two of these data encryption AIM modes are found on the 3800 family of Cisco ISR Routers? (Choose two.)
A. BPII
B. BPII-Plus
C. EPII
D. EPII-Plus
E. HPII
F. HPII-Plus

Correct Answer: DF Section: (none) Explanation
Explanation/Reference: QUESTION 52

No one else except Flydumps.com assures you 100 percent ratio with its value pack.This value pack offers complete Cisco 642-371 forum to get top grades. This value pack is specially designed and includes things like Cisco 642-371 real exam questions as well as Cisco 642-371 notes to clear certain points that are complicated in the syllabus. Another key feature that makes Flydumps.com’s value pack important is that is has all Cisco 642-371 simulation in it that are very important.These important features in the Flydumps.com value pack has increased its importance for passing Cisco 642-371 test with top ranks.