Are you struggling for the Cisco 642-381 exam? Good news, Flydumps IT technical experts have collected and certified 445 questions and answers which are updated to cover the knowledge points and enhance candidates’abilities.With Cisco 642-381 preparation tests you can pass the exam easily and go further on Microsoft career path.

QUESTION 49
Exhibit:

According to the Cisco Adaptive Security Device Manager window, which statement about address translation is correct?
A. Using Network Address Translation, any host on the DMZ1 subnet (172.16.1.0) will be translated to a mapped address on the outside interface of 192.168.1.11.
B. Using port address translation, DMZ2 host 172.16.10.2 will be translated on DMZ1 to IP address
172.16.1.22 with a dynamically assigned port address.
C. Using Network Address Translation, host 10.0.1.10 on the inside network will be dynamically translated to a mapped address from the address pool of 192.168.1.20 to 192.168.1.94.
D. Using port address translation, outside host 192.168.1.10 with a dynamically assigned port address will be translated to 10.0.1.11 on the inside interface.

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 50
When troubleshooting poor network performance, which two symptoms would typically be associated with a network layer problem? (Choose two.)
A. Packet loss is more than 30 percent.
B. There is excessive broadcast traffic.
C. There are excessive CRC errors.
D. Pings succeed only part of the time.
E. Slips are detected on WAN interfaces.
F. ARP requests are timing out.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Which three statements are correct about the IEEE 802.3af Power over Ethernet standard? (Choose three.)
A. It defines a port that acts as a power source to be a PSE.
B. It defines a powered device to be a PDE.
C. It defines how a powered device is detected.
D. It defines three methods of delivering Power over Ethernet to the discovered powered device.
E. It describes five power classes to which a device may belong.
F. It defines power class 0 as being reserved for future use.

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 52
You have just configured and enabled the Cisco IOS Firewall feature set from a remote location using the Cisco Router and Security Device Manager (SDM) Firewall wizard. You later want to double-check your configuration using Cisco SDM. However, you find that you can no longer connect to the Cisco IOS Firewall using Cisco SDM. What is the probable cause of this failure?
A. You must additionally specify the Cisco SDM management port number to gain access when the configuration has been applied.
B. You have not generated an RSA key pair between the host and device to allow secure access via Cisco SDM.
C. You have been locked out via access lists that have been applied to the router as a result of your Cisco SDM configuration.
D. You must specify the host IP address of Cisco SDM in the Configuration panel for allowed management connections.

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 53
When using Cisco Router and Security Device Manager (SDM) to configure IPS, what must you do first before you can select Configure > Signature to edit any signatures?
A. Select Configure > Global Settings to enable IPS globally on the router.
B. Select Configure > Global Settings to disable the Failed Closed option.
C. Select Configure > Global Settings to point Cisco SDM to the ips.tar file in the router Flash memory.
D. Select Configure > Rules to create the inbound and/or outbound filter to determine which traffic will be scanned by IPS.
E. Select Configure > Rules to enable an interface for inbound and/or outbound IPS.

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 54
Exhibit:

Switches A and C are running PVST+ STP, and Switch B is running 802.1Q STP. If the BPDU of the root in VLAN 1 is better than the BPDU of the root in VLAN 2, then there is no blocking port in the VLAN 2 topology. The BPDU of VLAN 2 never makes a “full circle” around the topology; it is replaced by the VLAN 1 BPDU on the B-C link, because B runs only one STP merged with VLAN 1 STP of PVST+. Thus, there is a forwarding loop. What does PVST+ do to correct this?
A. Switch A sends PVST+ BPDUs of VLAN 2 (to the SSTP address that is flooded by Switch B) towards Switch C. Switch C will put port C-B into a type-inconsistent state, which prevents the loop.
B. Switch B sends PVST+ BPDUs of VLAN 1 (to the SSTP address that is flooded by Switch A) towards Switch C. Switch C will put port C-B into a type-inconsistent state, which prevents the loop.
C. Switch C sends PVST+ BPDUs of VLAN 2 (to the SSTP address that is flooded by Switch B) towards Switch C. Switch A will put port C-B into a type-inconsistent state, which prevents the loop.
D. Switch A sends PVST+ BPDUs of VLAN 1 (to the SSTP address that is flooded by Switch B) towards Switch B. Switch A will put port C-B into a type-inconsistent state, which prevents the loop.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 55
In an infrastructure based on a wireless advanced feature set using lightweight access points, by which method is a rogue contained?
A. The WCS sends excessive traffic to the rogue, thus overloading the access point.
B. The rogue MAC address is used to spoof broadcast deassociation packets.
C. The rogue MAC address is used to spoof broadcast deauthentication packets.
D. The WCS sends out excessive signals on the same channel when the rogue is detected.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
OSPF routes are being redistributed into EIGRP but they are not showing up in the routing table. What are two possible causes? (Choose two.)
A. CEF has not been enabled.
B. Synchronization has been turned off.
C. Incorrect distribute lists have been configured.
D. No default metric has been configured for EIGRP.
E. The ip classless command is missing.
F. There are mismatched autonomous system numbers.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 57
Exhibit: Which two statements are correct about what is displayed? (Choose two.)

A. The IP address that is used for the router ID must be reachable.
B. Router 1 is the designated router because it has the lowest configured IP address.
C. Router 1 is the designated router because it has the highest configured loopback address.
D. If Router 1 had a PRI of 0, it could not be a designated router or a backup designated router.
E. Router 1 has had its ID manually configured by using the router-ID command.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Topic 1, Certkiller .com, Scenario
You work as a network technician at Certkiller .com. You are required to troubleshoot a VPN environment.
Scenario exhibit:
Topic 1, Questions (4 Questions)
QUESTION 58
How many active VPN clients are currently to the 1841 ISR router?
A. 0
B. 1
C. 2
D. 3
E. 4
F. 5
G. 6
H. 7
I. 8

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 59
Which IP address or address range will be used when allocating an internal IP address to the VPN clients for the “test” VPN group?
A. 10.1.1.100 to 10.1.1.1200
B. 10.1.1.2 to 10.1.1.254
C. 192.168.1.1 to 192.168.1.100
D. 192.168.1.2 to 192.168.1.254
E. 10.1.1.1
F. 192.168.1.1
G. 192.168.1.2

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 60
Which authentication method is used by the ” Certkiller ” VPN group?
A. RSA Encrypted Noou7cne
B. RSA Digital Signature
C. Pre-Shared Key
D. Digital Certificate
E. DHZ
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Which method list and issued to authenticate the remove access VPN users? Select two.
A. sdm_vpn_xauth_ml_1
B. sdm_vpn_group_ml_1
C. SDM_CMAP_1
D. Local database on the ISR
E. Remote TACACS+ server
F. Remote Radius Server
G. Enable password

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
Topic 2, Certkiller Japan, Scenario
You work as a network technician at the Osaka Certkiller .com branch office. You are required to
troubleshoot the Certkiller network.
Scenario exhibit:
QUESTION 62
Which two statements describe traffic that would be permitted based on the current access list configurations? Select two.
A. Telnet traffic from any outside host to the 172.16.10.2 host on the dmz2
B. HTTP and HTTPS traffic from any outside host to the 172.16.1.2 host on the dmz1
C. Any IP traffic from any outside host to the 172.16.10.2 host on the dmz2
D. Any IP traffic from any outside host to the 172.16.1.2 host on the dmz1
E. Any IP traffic from any host on the dmaz1 to any host on the inside.
F. Any IP traffic from any host on the dmaz2 to any host on the inside.

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Which statement is correct about the current address translation configurations on the security appliance?
A. Dynamic NAT is used to translate the 10.0.1.100 host on the inside interface to a global address of
192.168.1.1
B. Port Address Translation (PAT) is used to translate any host on the inside interface to the 192.168.1.00 global address.
C. Static NAT is used to translate the 172.16.1.2 host on the dmz1 interface to a global address of
192.168.1.102.
D. Dynamic NAT is used to translate any host on dmaz1 and dmz2 interfaces to a mapped address from the address pool of 192.168.1.110 to 192.168.1.250
E. Static NAT is used to translate the 172.168.1.100.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 64
What is the current configuration default gateway IP address on the security appliance?
A. 172.16.10.1
B. 172.16.1.1
C. 192.168.1.2
D. 10.0.1.1
E. 172.16.1.2
F. 172.16.10.2

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Which hosts are allowed to manage this security appliance using the ASDM?
A. the 10.0.1.100 host only
B. the 172.16.1.2 host only
C. the 172.16.10.2 host only
D. any host on the 10.0.1.0/24 subnet
E. any host on the 172.16.1.0/24 subnet
F. any host on the 172.16.10.0/24 subnet

Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 66
What is the maximum number of VLANs and physical interfaces are supported based on the current security appliance software license?
A. 25 VLANs and 6 interfaces
B. 10 VLANs and 6 interfaces
C. 50 VLANs and 6 interfaces
D. 150 VLANs and 6 interfaces
E. 100 VLANs and 6 interfaces

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
If you fail in Cisco 642-381 exam test with Cisco 642-381 exam dumps, we promise to give you full refund! You only need to scan your Cisco 642-381 exam score report to us together with your receipt ID. After our confirmation, we will give you full refund in time.Or you can choose to charge another IT exam Q&As instead of Cisco 642-381 exam dumps.Useful Cisco certifications exam dumps are assured with us.If our Cisco 642-381 exam dumps can’t help you pass Cisco 642-381 exam,details will be sent before we send the exam to you.We don’t waste our customers’ time and money! Trusting Passtcert is your best choice!