Need The Newest Cisco 642-524 Exam Dumps? Why not try Cisco 642-524 vce or pdf exam dumps? You can get all the new Cisco 642-524 exam questions and answers you need, we ensure high pass rate and money back guarantee.

QUESTION 51
Refer to the exhibit. Assume that you want to configure the Cisco VPN client so that it can make remote access VPN connections to a Cisco ASA adaptive security appliance using a preshared key. Which two statements provide the correct information for the fields that they reference? (Choose two.)

A. In the Connection Entry field, enter the name of the connection profile as it is specified on the security appliance
B. In the Host field, enter the public interface IP address of the security appliance
C. In the Authentication tab, click the radio button for the authentication method you want to usE. For preshared key authentication, you can select Group Authentication or Mutual Group Authentication.
D. In the Name field, enter the name of a group policy that matches a group policy on the security appliancE.
E. In the Password field, enter the preshared key that matches the preshared key configured on the security appliancE.

Correct Answer: BE Section: (none) Explanation
Explanation/Reference: QUESTION 52
Without port forwarding, smart tunnels, or browser plug-ins, which four options can a clientless SSL VPN user access from a web browser? (Choose four.)
A. internal websites
B. Microsoft Outlook Web Access
C. files on the network, via FTP or the CIFS protocol
D. Citrix Presentation Server Client
E. Sametime
F. web-enabled applications

Correct Answer: ABCF Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Multimedia applications can pose challenges to a firewall because they transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination. Which three statements accurately describe how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three )
A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports.
B. It supports multimedia without NAT only.
C. It supports multimedia with or without NAT.
D. It supports RTSP applications, including RealNetworks RDP multicast.
E. It supports RTSP, H.323, Skinny, and CTIQBE.
F. It supports SIP with NAT but not with PAT.

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 54
The network security administrator for XYZ Corporation used Cisco ASDM to configure active/standby failover between two Cisco ASA adaptive security appliances at corporate headquarters. The administrator used the Cisco ASDM High Availability and Scalability Wizard and feels confident that the configuration is correct on both security appliances. However, the show failover command output shows that one interface remains constantly in the waiting state and never normalizes. Which two troubleshooting steps should the administrator take?(Choose two.)
A. Verify that the security appliances have the same feature licenses.
B. Verify that the line and protocol of the interface are up on the primary and secondary security appliance interfaces.
C. Verify that PortFast is enabled on any switch port that connects to the security appliances.
D. Verify that EtherChanneling is enabled on any switch port that connects to the security appliances.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference: QUESTION 55
Which three commands will show you the contents of flash memory on the Cisco ASA adaptive security appliance? (Choose three )
A. show disk0:
B. show version
C. dir
D. show flash:
E. show memory
F. show file system

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 56
In which two places can you view a list of hosts that the security appliance identifies as targets of attack? (Choose two.)
A. In the Monitoring > Properties area of Cisco ASDM
B. In the Monitoring > Interfaces area of Cisco ASDM
C. In the output of the show threat-detection shun command
D. In the output of the show threat-detection scanning-threat command
E. In the output of the show threat-detection command
F. In the output of the show threat-detection scanning-threat target command

Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
QUESTION 57
Refer to the exhibit. Which three statements about the exhibit are true? (Choose three)

A. The DCHP-assigned IP address of the VPN client is 10.0.21.1.
B. The IP address of the security appliance to which the VPN client is connected is 192.168.1.2.
C. The name of the group policy for the current session is CorpNet, a group policy that is configured on the security appliance.
D. The VPN client is encrypting packets.
E. HMAC-SHA1 makes data that is transmitted over the VPN unreadable if it is interceptee.
F. The VPN client rejected 539 packets because they did not come from the VPN headend security appliance.

Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Which three types of traffic are inspected by default in the default global policy? (Choose three )
A. FTP
B. HTTP
C. TFTP
D. ESMTP
E. IM
F. ICMP

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 59
In what two ways can you decrease the amount of time it takes for an active Cisco ASA adaptive security appliance to fail over to its standby failover peer in an active/active failover configuration? (Choose two.)
A. decrease the failover link poll time
B. use the special serial failover cable to connect the security appliances
C. use single mode
D. decrease the unit failover poll time
E. configure redundant interfaces on each failover peer
F. decrease the interface failover poll time

Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
QUESTION 60
Refer to the exhibit. Given the configuration that is shown, what traffic will be logged to the AAA server?

A. All connection information will be logged in the accounting database.
B. All outbound TCP connection information will be logged in the accounting database.
C. Only authenticated and authorized console connection information will be logged in the accounting database.
D. No information will be loggeD. This is not a valid configuration because TACACS+ connection information cannot be captured and logged.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Which three options are matchable criteria for identifying a set of Layer 3/4 through traffic? (Choose three. )
A. VPN tunnel group
B. VLAN
C. default inspection traffic
D. protocol
E. MAC addresses
F. access control list

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 62

A. 1
B. 2
C. 3
D. 4

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Get certified Cisco 642-524 is a guaranteed way to succeed with IT careers.We help you do exactly that with our high quality Cisco 642-524 Certification Certified Information Systems Security Professional training materials.

Previous post Cisco 642-524 Vce & PDF, Up To Date Cisco 642-524 Exam Download For Download
Next post Cisco 642-582 Practise Questions, 100% Success Rate Cisco 642-582 Certification Questions And Answers With High Quality