640-553_actualtests_www.pass4sure.tk.pdf

Cisco 640-553

CISCO 640-553 IINS Implementing Cisco IOS Network

Security

Practice Test

Updated: Sep 30, 2009

Version 1.5

Cisco 640-553: Practice Exam

QUESTION NO: 1

Examine the following options, which access list will permit HTTP traffic sourced from host

10.1.129.100 port 3030 destined to host 192.168.1.10?

A. access-list 101 permit tcp host 192.168.1.10 eq 80 10.1.0.0 0.0.255.255 eq 3030

B. access-list 101permit tcp any eq 3030

C. access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.1.10 0.0.0.0 eq www

D. access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www

Answer: D

QUESTION NO: 2 DRAG DROP

Drag three proper statements about the IPsec protocol on the above to the list on the below.

Answer:

"Pass Any Exam. Any Time." - www.actualtests.com

Cisco 640-553: Practice Exam

QUESTION NO: 3

In a brute-force attack, what percentage of the keyspace must an attacker generally search

through until he or she finds the key that decrypts the data?

A. Roughly 50 percent

B. Roughly 66 percent

C. Roughly 75 percent

D. Roughly 10 percent

Answer: A

QUESTION NO: 4

The information of Cisco Router and Security Device Manager(SDM) is shown below:

"Pass Any Exam. Any Time." - www.actualtests.com

Cisco 640-553: Practice Exam

Within the "sdm-permit" policy map, what is the action assigned to the traffic class "class-default"?

A. inspect

"Pass Any Exam. Any Time." - www.actualtests.com

Cisco 640-553: Practice Exam

B. drop

C. police

D. pass

Answer: B

QUESTION NO: 5 DRAG DROP

On the basis of the description of SSL-based VPN, place the correct descriptions in the proper

locations.

Answer:

"Pass Any Exam. Any Time." - www.actualtests.com