CISCO 642-502 SNRS
Visited 789 times, 1 so far today
Securing Networks with Cisco Routers and Switches Exam
Retired June 20, 2007
Exam Number: 642-502
Associated Certifications: CCSP
Duration: 90 minutes (60-70 questions)
Available Languages: English
Click Here to Register: Pearson VUE or Prometric
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Exam Description Exam Topics Recommended Training Additional Resources
Exam Description
The Securing Networks with Cisco Routers and Switches exam is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNRS v1.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to secure networks using Cisco routers and switches.
Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Implement Layer 2 security
Utilize Cisco IOS and Cat OS commands to mitigate Layer 2 attacks
Implement Cisco Identity-Based Networking Services
Implement Cisco 802.1X Port-Based Authentication
Identify and describe Layer 2 security best practices
Configure Cisco IOS Firewall features to meet security requirements
Identify and describe the capabilities of the IOS firewall feature set
Configure CBAC to dynamically mitigate identified threats to the network
Verify and troubleshoot CBAC configuration and operation
Configure authentication proxy to apply security policies on a per-user basis
Verify and troubleshoot authentication proxy configuration and operation
Configure Cisco IOS-based IPS to identify and mitigate threats to network resources
Identify and describe the capabilities of the IOS-IPS feature set
Configure the IPS features to identify threats and dynamically block them from entering the network
Verify and troubleshoot IDS operation
Maintain and update the signatures
Configure basic IPSec VPNs to secure site-to-site and remote access to network resources
Select the correct IPSec implementation based on specific stated requirements
Configure IPSec Encryption for site-to-site VPN using pre-shared keys
Configure IPSec Encryption for site-to-site VPN using certificate authority
Verify and troubleshoot IPSec operation
Configure EZ-VPN server
Configure EZ-VPN remote using both hardware and software clients.
Troubleshoot EZ-VPN
Configure authentication, authorization and accounting to provide basic secure access control for networks
Configure administrative access to the Cisco Secure ACS server
Configure AAA clients on the Cisco Secure ACS (for routers)
Configure users, groups and access rights
Configure router to enable AAA to use TACACS+
Configure router to enable AAA to use a Radius server
Verify and troubleshoot AAA operation
Use management applications to configure and monitor IOS security features
Initialize SDM communications on Cisco routers
Perform a LAN interface configuration of a Cisco router using SDM
Use SDM to define and establish a site-to-site VPN
Recommended Training
Securing Networks with Cisco Routers and Switches (SNRS) is the recommended training for this exam.
Courses listed are offered by Cisco Learning Partners, the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the Global Learning Partner Locator for a Cisco Learning Partner near you.
Additional Resources
A variety of Cisco Press titles may be available for this exam. These titles can be purchased through the Cisco Marketplace Bookstore, directly from Cisco Press.
TestInside 642-502
Cisco 642-502
Securing Networks with Cisco Routers and Switches
Exam(SNRS)
Q&A DEMO
English: www.TestInside.com BIG5: www.Testinside.net GB: www.testking.name
TestInside,help you pass any IT exam!
TestInside 642-502
1.Drag Drop question
Drag and drop question. Drag the items to the proper locations.
Correct Answers:
TestInside 642-502
2.Drag Drop question
Drag and drop question. Drag the items to the proper locations.
Correct Answers:
3.Select the two protocols used to provide secure communications between SDM and the target router. (Choose
two.) A:HTTPS B:RCP C:Telnet
TestInside 642-502
D:SSH
E:HTTP F:AES
Correct Answers: A, D
4.Refer to the Cisco Router and Security Device Manager page in the exhibit. What would be the result of clicking the “Launch the selected task” button in the VPN configuration screen?
PassGuide offers free demo for Certification Exams You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products. Download links:http://demo.passguide.com/downloadA: to start the GRE site-to-site VPN connection configuration
B: to edit the site-to-site VPN connection
C: to start the security audit
D: to start the Easy VPN Server configuration
E: to start the default site-to-site VPN connection configuration
F: to start the Easy VPN Remote configuration
Correct Answers: E
TestInside 642-502
5.Simulate question
5.This is the correct configration.
Branch(config)#access-list 101 permit icmp any any Branch(config)#access-list 101 permit eigrp host 172.30.2.1 any Branch(config)#ip inspect name cisco http alert on audit-trail on Branch(config)#ip inspect name cisco ftp alert on audit-trail on Branch(config)#interface fastEthernet 0/1
Branch(config-if)#ip access-group 101 in Branch(config-if)#ip inspect cisco in Branch(config)#logging on Branch(config)#logging 10.0.2.12
Branch(config)#copy run start
Correct Answers:
6.Choose the correct command that will load the SDF into a router and merge the new signatures with those that are already loaded in the router.
A: copy flash ips-sdf
TestInside 642-502
B: copy url ips-sdf
C: copy ips-sdf url
D: write flash ips-sdf
E: write ips-sdf url
F: write url ips-sdf
Correct Answers: B
7.Choose the three actions that the IOS Firewall IDS router may perform when a packet, or a number of packets in
a session, match a signature. (Choose three.)
A:forward packet to the Cisco IDS Host Sensor for further analysis
B:send an alarm to the Cisco IDS Director or Syslog server
C:send an alarm to Cisco Secure ACS
D:set the packet reset flag and forward the packet through
E:drop the packet immediately
F:return the packet to the sender
Correct Answers: B, D, F
8.Which ESP mode is used to provide end-to-end protection of message payloads between two hosts? A: transport mode
B: encrypted mode
C: ESP mode
D: tunnel mode
Correct Answers: A
9.Where are access profiles stored with the authentication proxy features of the Cisco IOS Firewall? A: PIX Firewall
B: Cisco router
C: Cisco VPN Concentrator
D: Cisco Secure ACS authentication server
TestInside 642-502
Correct Answers: D
10.In an 802.1x implementation, the authenticator acts as a gateway to which device? A: host
B: authenticator
C: PC
D: authentication server
E: client
F: supplicant
Correct Answers: D
Updated : 03/03/2008
Price : $27.49 $24.99
Preparing for the 642-502 exam? Searching 642-502 Test Questions, 642-502 Practice Exam, 642-502 BrainDumps? Testking 642-502 is written to coincide with the real test by the experienced IT experts and specialists. With the complete collection of Testking Questions and Answers, Testking 642-502 is high enough to help the candidates to pass this exam easily without any other study materials and no need to attend the expensive training class.
Why choose Testking 642-502 braindumps
Quality and Value for the 642-502 Exam
100% Guarantee to Pass Your 642-502 Exam
Practice Test Questions accompanied by exhibits
Testking 642-502 Exam Features
Downloadable, Testking Interactive 642-502 Testing engines
Testking Cisco 642-502 Downloadable, Printable Exams (in PDF vce format)
Our Exam 642-502 Preparation Material Lbas provides you everything you will need to take your 642-502 exams. The 642-502 study guide Exam details Tutorials are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.
Free download?testking ccSp 642-502
Free download?pass4sure ccSp 642-502
Dowload PassGuide Practice Test Questions
7 Comments on “CISCO 642-502 SNRS”