★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 640-554 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/640-554-dumps.html
We maintain your Cisco Cisco exam questions and answers comprehensive and also complete, which in turn guarantee your own excellent success. The useful Cisco 640-554 practice questions are designed in accordance with all the latest Cisco 640-554 exam syllabus. Its an easy case for you to pass your Cisco Cisco 640-554 exam if you take portion in our Cisco 640-554 coaching course. Pass4sures Cisco 640-554 goods cost somewhat money yet benefit anyone a lot.
2021 Sep ccna security official exam certification guide exam 640-554:
Q81. - (Topic 2)
During role-based CLI configuration, what must be enabled before any user views can be created?
A. multiple privilege levels
B. usernames and passwords
C. aaa new-model command
D. secret password for the root user
E. HTTP and/or HTTPS server
F. TACACS server group
Answer: C
Explanation:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtclivws.html
Configuring a CLI View Use this task to create a CLI view and add commands or interfaces to the view, as appropriate. Prerequisites Before you create a view, you must perform the following tasks:
.Enable AAA via the aaa new-model command. (For more information on enabling AAA, see the chapter
"Configuring Authentication" in the Cisco IOS Security ConfigurationGuide, Release 12.3.
.Ensure that your system is in root view—not privilege level 15.
SUMMARY STEPS
1. enable view
2. configure terminal
3. parser view view-name
4. secret 5 encrypted-password
5. commands parser-mode {include | include-exclusive | exclude} [all] [interface interface-name | command]
6. exit
7. exit
8. enable [privilege-level] [view view-name]
9. show parser view [all]
Q82. - (Topic 10)
Refer to the exhibit.
While troubleshooting site-to-site VPN, you issued the show crypto isakmp sa command. What does the given output show?
A. IPSec Phase 1 is established between 10.10.10.2 and 10.1.1.5.
B. IPSec Phase 2 is established between 10.10.10.2 and 10.1.1.5.
C. IPSec Phase 1 is down due to a QM_IDLE state.
D. IPSec Phase 2 is down due to a QM_IDLE state.
Answer: A
Q83. - (Topic 10)
Which monitoring protocol uses TCP port 1470 or UDP port 514?
A. RELP
B. Syslog
C. SDEE
D. IMAP
E. SNMP
F. CSM
Answer: B
Q84. - (Topic 10)
What VPN feature allows traffic to exit the security appliance through the same interface it entered?
A. hairpinning
B. NAT
C. NAT traversal
D. split tunneling
Answer: A
Q85. - (Topic 10)
Which command configures stateful packet inspection to inspect a packet after it passes the inbound ACL of the input interface?
A. ip inspect out
B. ip inspect in
C. ip inspect name audit-trail on
D. ip inspect name audit-trail off
Answer: B
Rebirth ccna security 640-554 exam:
Q86. - (Topic 10)
Which two ports does Cisco Configuration Professional use? (Choose two.)
A. 80
B. 8080
C. 443
D. 21
E. 23
Answer: A,C
Q87. - (Topic 10)
Refer to the exhibit.
Which statement about the device time is true?
A. The time is authoritative, but the NTP process has lost contact with its servers.
B. The time is authoritative because the clock is in sync.
C. The clock is out of sync.
D. NTP is configured incorrectly.
E. The time is not authoritative.
Answer: A
Q88. - (Topic 10)
Which option provides the most secure method to deliver alerts on an IPS?
A. IME
B. CSM
C. SDEE
D. syslog
Answer: C
Q89. - (Topic 7)
When Cisco IOS zone-based policy firewall is configured, which three actions can be applied to a traffic class? (Choose three.)
A. pass
B. police
C. inspect
D. drop
E. queue
F. shape
Answer: A,C,D
Explanation:
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a0080 8bc994.shtml
Zone-Based Policy Firewall Actions ZFW provides three actions for traffic that traverses from onezone to another: Drop—This is the default action for all traffic, as applied by the "class class-default" that terminates every inspect-type policy-map. Other class-maps within a policy-map can also be configured to drop unwanted traffic. Traffic that ishandled by the drop action is "silently" dropped (i.e., no notification of the drop is sent to the relevant end-host) by the ZFW, as opposed to an ACL's behavior of sending an ICMP “host unreachable” message to the host that sent the denied traffic. Currently, there is not an option to change the "silent drop" behavior. The log option can be added with drop for syslog notification that traffic was dropped by the firewall.
Pass—This action allows the router to forward traffic from one zone to another. The pass action does not track the state of connections or sessions within the traffic. Pass only allows the traffic in one direction. A corresponding policy must be applied to allow return traffic to pass in the opposite direction. The pass action is useful for protocols such as IPSec ESP, IPSec AH, ISAKMP, and other inherently secure protocols with predictable behavior. However, most application traffic is better handled in the ZFW with the inspect action.
Inspect—The inspect action offers state-based trafficcontrol. For example, if traffic from the private zone to the Internet zone in the earlier example network is inspected, the router maintains connection or session information for TCP and User Datagram Protocol (UDP) traffic. Therefore, the router permitsreturn traffic sent from Internet-zone hosts in reply to private zone connection requests. Also, inspect can provide application inspection and control for certain service protocols that might carry vulnerable or sensitive application traffic. Audit-trailcan be applied with a parameter-map to record connection/session start, stop, duration, the data volume transferred, and source and destination addresses.
Q90. - (Topic 3)
Which aaa accounting command is used to enable logging of the start and stop records for user terminal sessions on the router?
A. aaa accounting network start-stop tacacs+
B. aaa accounting system start-stop tacacs+
C. aaa accounting exec start-stoptacacs+
D. aaa accounting connection start-stop tacacs+
E. aaa accounting commands 15 start-stop tacacs+
Answer: C
Explanation:
http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_book.html
aaa accounting To enable authentication, authorization, and accounting (AAA) accounting of requested services for billing or security purposes when you use RADIUS or TACACS+, use the aaa accounting command in global configuration mode or template configuration mode. To disable AAA accounting, use the no form of this command. aaa accounting {auth-proxy | system | network | exec | connection | commands level | dot1x} {default | list-name | guarantee-first} [vrf vrf-name] {start-stop | stop-only | none} [broadcast] {radius | group group-name} no aaa accounting {auth-proxy | system | network | exec | connection | commands level | dot1x} {default | listname | guarantee-first} [vrf vrf-name] {start-stop | stop-only | none} [broadcast] {radius | group group-name} exec Runs accounting for the EXEC shell session. start-stop Sends a "start" accounting notice at the beginning of a process and a "stop" accounting notice at the end of a process. The "start" accounting record is sent in the background. The requested user process begins regardless of whether the "start" accounting notice was received by the accounting server.