Flydumps ensures Cisco 642-567 study guide are the newest and valid enough to help you pass the test.Please visit Flydumps.com and get valid Cisco 642-567 PDF and VCE exam dumps with free new version.100% valid and success.

Exam A
QUESTION 1
When issuing the show eou all command on a Cisco router acting as a NAD, you do not see any EOUoUDP sessions in the displayed output. Which, most likely, is the problem?
A. No clients have attempted access.
B. Clients are not configured to use EOUoUDP.
C. All NAC sessions have timed out.
D. The router is not properly configured.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 2
A college network administrator wants to restrict access to specific, targeted subnets by role, such as student, administration, faculty, and guest roles. How would this be accomplished using the Clean Access Manager (CAM)?
A. Define extended access-list templates, and apply each template to a specific user role.
B. Define IP-based traffic control policy for each role that specifies the target subnets.
C. Define a host-based traffic control policy for each role that specifies the target subnets.
D. Define a bandwidth policy for each role that specifies the target subnets.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which Cisco “all-in-one” security appliance automatically detects, isolates, and cleans infected and/or vulnerable devices that attempt to access a network?
A. Cisco Security Monitoring, Analysis and Response System (CS MARS)
B. Cisco Clean Access (CCA)
C. Security Device Manager (SDM)
D. Cisco Security Agent (CSA)

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Refer to the exhibit. The ACS server has the downloadable access list called “Checkup ACL” configured. If the host shown is granted access to the network, which access list (ACL) will be sent to the NAD and where will it be placed in the ACL? (Choose two.) Exhibit:
Exhibit:

A. permit ip any 10.0.0.0 0.0.0.255
B. permit ip host 172.16.10.111 10.0.0.0 0.0.0.255
C. permit ip 172.16.0.0 0.0.255.255 10.0.0.0 0.0.0.255
D. The access control entry will be placed before the existing static ACL entries.
E. The access control entry will be placed after the existing static ACL entries.
F. Extended IP ACL 102 will be replaced with the named ACL, “Checkup ACL.”

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 5
To configure the Mars appliance to send out an alert when the system rule fires, what should you fropm the MARS GUI screen shown?
Exhibit:

A. Click on “Active” in the “Status” field, select the appropriate alerts, then apply.
B. Click on “None” in the “Action” field, select the appropriate alerts, then apply
C. Click “Edit” to edit the “Operation” field of the rule, select the appropriate alert option(s), then apply.
D. Click “Edit” to edit the “Event” field of the rule, select the appropriate alert option(s), then apply.
E. Click “Edit” to edit the “Reported User” field of the rule, select the appropriate alert option(s), then apply.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 6
When the maximum limit of 100 unauthorized non-responsive endpoints per NAD is reached, the router stops processing RADIUS requests for NAC to prevent DoS attacks on the ACS server. What then happens to legitimate users attempting access?
A. Users without CTA will be denied access.
B. Users with CTA will still receive posture validation tokens.
C. Users will have default network access (whatever is permitted by the access list [ACL] of the router interface).
D. All users will be denied access and placed into an “unknown” status.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 7
When installing the Trend AV policy server for use with a Cisco NAC deployment, which two types of web servers can you install? (Choose two.)
A. IIS
B. Mozilla
C. Sun ONE
D. Linux
E. Apache 2.0

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
What information will be displayed with the debug eou eap command when issued on a Cisco Catalyst switch acting as a NAD?
A. EAPoUPD packets
B. EAPoUPD posture validation information
C. all EOU and EAP packets
D. EAP state machine EOU messages

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which two actions result when the access list shown below is applied to an interface of a Cisco router performing NAC? (Choose two.) access-list 102 permit udp any any eq 21862 access-list 102 deny ip any any
A. EAPoUDP traffic is allowed.
B. All traffic other than UDP traffic destined to the DNS server is blocked.
C. Clientless host traffic is validated.
D. The rest of the traffic is blocked until it is validated.
E. NAD traffic is forwarded to the antivirus policy server prior to posture assessment.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 10
In the CCA Manager, which default administrative group has delete privileges?
A. Manager
B. Add/Edit
C. Full Control
D. Operator

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Regarding MARS Appliance rules, which three statements are correct? (Choose three.)
A. There are three types of rules: System Inspection Rules, User Inspection Rules, and Drop Rules.
B. Rules can be saved as reports.
C. Rules can be deleted.
D. Rules trigger incidents.
E. Rules can be defined using a seed file.
F. Rules can be created using a query.

Correct Answer: ADF Section: (none) Explanation
Explanation/Reference:
QUESTION 12
DRAG DROP You work as a network technician at Certkiller .com. Your Certkiller trainee Sandra is curious about NAD configuration for clientless hosts. You must order the appropriate NAD configurations tasks.
Select and Place:

Correct Answer:
Section: (none) Explanation
Explanation/Reference:
ASFE Course Notes pg 1-129 Configuring Cisco IOS Routers for NAC:

QUESTION 13
Refering to the Incident Vector Graph shown on the MARS GUI screen, which three of the following statements are correct? Select three.
Exhibit:

A. The port being attacked is port 80
B. This incident has two associated Event Types.
C. You can mitigate this attack by clicking on the device being attacked.
D. The device being attacked is the Tivoli Server
E. Click the Previous button to view any other Sessions related to this incident.

Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 14
You have an external database configured for use in your NAC deployment. When the ACS forwards the credentials to the external database and does not receive a result in return, what action will the ACS take?
A. return a posture token of “unknown”
B. put the requesting device in the default group
C. automatically redirect the request to a remediation server
D. reject policy validation requests

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 15
DRAG DROP You work as a network technician at Certkiller .com. Your boss is curious about Cisco NAC configuration. Select the configuration tasks that are needed to configure a Cisco NAC switch interface. You will not use all tasks
Select and Place:

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Explanation: ASFE Course Notes pg 1-161/162 (config)# interface fe0/1 (config-if)# ip access-group Interface_ACL in (config-if)# ip admission NAC_Rule
QUESTION 16
Referring to the System Inspection Rule shown on the MARS GUI screen, which one of the following statements is correct?
Exhibit:

A. Click on “Add” to activate the rule.
B. Click on “Activate” to activate the rule.
C. Click on “Change Status” to activate the rule.
D. Click on “Edit”. Then you can apply and activate the rule.
E. Click on “Duplicate” to archive the rule to a remote NAS.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
When migrating from an existing standalone CAM to a High Availability CAM solution, what IP address should the administrator configure for the CAM1 service IP address?
Exhibit:

A. 10.10.10.3
B. 10.10.10.4
C. 10.10.10.5 (an unused IP address)
D. 10.10.10.252 (assigned by the system)

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 18
Which CCA out-of-band solution statement is correct?
A. All client traffic flows through the CAS while access switch VLAN management is performed out of band.
B. Access switch to CAM configuration and status change messages are communicated via a proprietary protocol.
C. The switchport access and authentication VLAN information is sent to the access switch from the CAM.
D. As a laptop device accesses the CCA network, the access switch sends the device’s MAC address to the CAS.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: ASFE Course Notes pg 2-178 Add the switches that you want to control to the NAM. When the switches are added and the ports on the switch are discovered, you can then configure the relevant switch ports to use the relevant port profiles. These profiles set up the ports to use the appropriate access and authentication VLANS to enable the client traffic to be routed temporarily through the NAS for authentication and certification before allowing this traffic on the trusted network.
QUESTION 19
You work as a network technician at Certkiller .com. Your Certkiller trainee Sandra is curios Cisco Clean Access component. You need to match the component with the correct description.
Select and Place:

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 20
How does the Clean Access Manager (CAM) determine the presence of vulnerability?
A. The end-user CTA capability summary message does not match the defined role-based security policy requirement on the CAM.
B. The CAM receives a CSA vulnerability alert from the Clean Access Server (CAS).
C. The CAS network scan report matches a defined role- or OS-based vulnerability on the CAM.
D. The CCA scan report matches a role-based vulnerability signature on the CAM.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
The Cisco 642-567 training is a vital way of becoming the best.This Cisco 642-567 certification has helped the candidates to enhance their capabilities by providing a great learning platform to them so that they can polish their skills.