IT認定試験を受験する予定があるあなたにヘルプを与える

NO.1 You suspect that an attacker in your network has configured a rogue Layer 2 device to intercept
traffic from multiple VLANs, which allows the attacker to capture potentially sensitive data.
Which two methods will help to mitigate this type of activity? (Choose two.)
A. Turn off all trunk ports and manually configure each VLAN as required on each port.
B. Place unused active ports in an unused VLAN.
C. Secure the native VLAN, VLAN 1, with encryption.
D. Set the native VLAN on the trunk ports to an unused VLAN.
E. Disable DTP on ports that require trunking.
Answer: D,E

Cisco   640-554日本語   640-554試験時間   640-554参考書   640-554

NO.2 Which two countermeasures can mitigate STP root bridge attacks? (Choose two.)
A. root guard
B. BPDU filtering
C. Layer 2 PDU rate limiter
D. BPDU guard
Answer: A,D

Cisco費用   640-554対策   640-554   640-554日本語サンプル
Explanation:
The BPDU guard feature is designed to allow network designers to keep the active network topology
predictable. BPDU guard is used to protect the switched network from the problems that may be
caused by the receipt of BPDUs on ports that should not be receiving them. The receipt of
unexpected BPDUs may be accidental or may be part of an unauthorized attempt to add a switch to
the network. BPDU guard is best deployed toward user-facing ports to prevent rogue switch network
extensions by an attacker. The root guard feature of Cisco switches is designed to provide a way to
enforce the placement of root bridges in the network. Root guard limits the switch ports out of which
the root bridge may be negotiated. If a root-guard-enabled port receives BPDUs that are superior to
those that the current root bridge is sending, then that port is moved to a root-inconsistent state,
which is effectively equal to an STP listening state, and no data traffic is forwarded across that port.

NO.3 DRAG DROP
Answer:
Explanation:

NO.4 When a switch has multiple links connected to a downstream switch, what is the first step that
STP takes to prevent loops?
A. STP elects the root bridge.
B. STP selects the root port.
C. STP selects the designated port.
D. STP blocks one of the ports.
Answer: A

Cisco   640-554試合   640-554試験対策   640-554

NO.5 With Cisco IOS zone-based policy firewall, by default, which three types of traffic are permitted
by the router when some of the router interfaces are assigned to a zone? (Choose three.)
A. traffic flowing between a zone member interface and any interface that is not a zone member
B. traffic flowing to and from the router interfaces (the self zone)
C. traffic flowing among the interfaces that are members of the same zone
D. traffic flowing among the interfaces that are not assigned to any zone
E. traffic flowing between a zone member interface and another interface that belongs in a different
zone
F. traffic flowing to the zone member interface that is returned traffic
Answer: B,C,D

Cisco受験記   640-554復習資料   640-554クエリ
Explanation:
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994
.shtml

NO.6 Which statement about the Atomic signature engine is true?
A. It can perform signature matching on a single packet only.
B. It can perform signature matching on multiple packets.
C. It can examine applications independent of the platform.
D. It can flexibly match patterns in a session.
Answer: A

Ciscoソリューション   640-554練習問題   640-554クラム   640-554   640-554アクセスリスト

NO.7 Which statement is true when you have generated RSA keys on your Cisco router to prepare for
secure device management?
A. You must then zeroize the keys to reset secure shell before configuring other parameters.
B. The SSH protocol is automatically enabled.
C. You must then specify the general-purpose key size used for authentication with the crypto key
generate rsa general-keys modulus command.
D. All vty ports are automatically enabled for SSH to provide secure management.
Answer: B

Ciscoサンプル   640-554一発合格   640-554模擬試験   640-554パッケージ   640-554復習資料   640-554
Explanation:
http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml
Generate an RSA key pair for your router, which automatically enables SSH. carter(config)#crypto key
generate rsa Refer to crypto key generate rsa - Cisco IOS Security Command Reference, Release 12.3
for more information on the usage of this command.

NO.8 Which option describes a function of a virtual VLAN?
A. A virtual VLAN creates a logically partitioned LAN to place switch ports in a separate broadcast
domain.
B. A virtual VLAN creates trunks and links two switches together.
C. A virtual VLAN adds every port on a switch to its own collision domain.
D. A virtual VLAN connects many hubs together.
Answer: A

Cisco日本語サンプル   640-554   640-554信頼度   640-554認定   640-554改訂

Pass4TestはCiscoの640-554試験の最新の問題集を提供するの専門的なサイトです。Ciscoの640-554問題集は640-554に関する問題をほとんど含まれます。私たちのCiscoの640-554問題集を使うのは君のベストな選択です。Pass4Testは君の試験を最も早い時間で合格できる。学習教材がどんな問題があっても、あるいは君の試験を失敗したら、私たちは全額返金するのを保証いたします。

神様は私を実力を持っている人間にして、美しい人形ではないです。IT業種を選んだ私は自分の実力を証明したのです。しかし、神様はずっと私を向上させることを要求します。Ciscoの640-554試験を受けることは私の人生の挑戦の一つです。でも大丈夫です。Pass4TestのCiscoの640-554試験トレーニング資料を購入しましたから。すると、Ciscoの640-554試験に合格する実力を持つようになりました。 Pass4TestのCiscoの640-554試験トレーニング資料を持つことは明るい未来を持つことと同じです。

試験番号：640-554
試験科目：「Implementing Cisco IOS Network Security (IINS v2.0)」
一年間無料で問題集をアップデートするサービスを提供いたします
最近更新時間：2015-07-07
問題と解答：全246問 640-554 ソリューション

>>640-554 ソリューション

Pass4TestはCiscoの640-554認定試験にたいして短期で有効なウェブサイトで640-554認定試験に合格するのを保証したり、Cisco認証試験に合格しなければ全額で返金いたします。あなたはPass4Testが提供した640-554の認証試験の問題集を購入するの前にインターネットで無料な試用版をダウンロードしてください。

IT業界の一员として、君はまだIT認証試験を悩んでいますか？認証試験はITの専門知識を主なテストとして別に初めてIT関連の認証試験に参加する受験生にとってはとても難しいとみされます。良い対応性の訓練が必要で、Pass4Test の問題集をお勧めます。

Pass4Testは最新のM2150-753試験問題集と高品質の1Z0-409認定試験の問題と回答を提供します。Pass4TestのC4090-457 VCEテストエンジンと3103試験ガイドはあなたが一回で試験に合格するのを助けることができます。高品質のC4040-226トレーニング教材は、あなたがより迅速かつ簡単に試験に合格することを100％保証します。試験に合格して認証資格を取るのはそのような簡単なことです。

記事のリンク：http://www.pass4test.jp/640-554.html