[ Free Actualtest Braindumps- IT certification training&Study Guide,Guarantee to PASS! ]
» PassGuide.com-Provides Actualtest Questions And Answers,Successful for IT Certification or Full Refund for you Fri 19 Mar 2010 - 21:30:04 *
Welcome, Guest. Please Lost your Pass? or register.

Login with username, password
Search  
Archives


passguide

Recent Posts


Top Posts of the Day

  • No posts viewed yet.

Tags


Blogroll
« »
Actualtests CCSP 642-511

VPN and Security Cisco Secure Virtual Private Networks (CSVPN) : 642-511 Exam
642-511 CSVPN
Cisco Secure Virtual Private Networks

Retired February 1, 2008
Exam Number: 642-511
Associated Certifications: CCSP, Cisco VPN Specialist
Duration: 75 minutes (55-65 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description Exam Topics Recommended Training Additional Resources
Exam Description
The Cisco Secure Virtual Private Networks exam (CSVPN 642-511) is one of the exams associated with the Cisco Certified Security Professional and the Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the CSVPN v4.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify, and manage the Cisco VPN 3000 Concentrator, Cisco VPN Software Client, and Cisco VPN 3002 Hardware Client feature set. CCNA or CCDA recertification candidates who pass the 642-511 CSVPN exam will be considered recertified at the CCNA or CCDA level.

Exam Topics
The following information provides general guidelines for the content likely to be included on this exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Overview of Virtual Private Networks and IPSec Technologies
Cisco products enable a secure VPN
IPSec overview
IPSec protocol framework
How IPSec works

Cisco Virtual Private Network 3000 Concentrator Series Hardware
Overview of the Cisco VPN 3000 Concentrator Series
Cisco VPN 3000 Concentrator
Cisco VPN 3000 Concentrator Series Client support

Configuring the Cisco VPN 3000 Series Concentrator for Remote Access Using Pre-shared Keys
Overview of remote access using pre-shared keys
Initial configuration of the Cisco VPN 3000 Concentrator Series for remote access
Browser configuration of the Cisco VPN 3000 Series Concentrator
Configure users and groups
More in-depth configuration information
Configure the Cisco Windows VPN Software Client

Configure Cisco Virtual Private Network 3000 Series Concentrator for Remote Access Using Digital Certificates
CA support overview
Certificate generation
Validating certificates
Configuring the Cisco VPN 3000 Concentrator Series for CA support

Configure the Cisco Virtual Private Network Firewall Feature for IPSec Software Client
Overview of software client’s firewall feature
Software Client’s Are You There feature
Software Client’s Central Policy Protection feature
Software Client’s firewall statistics
Customizing firewall policy

Configure the Cisco Virtual Private Network Client Auto-Initiation Feature
Overview of the Cisco VPN Software Client auto-initiation
Configure the Cisco VPN Software Client auto-initiation

Monitor and Administer Cisco VPN 3000 Remote Access Networks
Monitoring
Administration
Bandwidth Management

Configure the Cisco VPN 3002 Hardware Client for Remote Access
Cisco VPN 3002 Hardware client remote access with pre-shared keys

Configure the Cisco Virtual Private Network 3002 Hardware Client
Overview of the Hardware Client interactive unit and user authentication features
Configuring the Hardware Client interactive unit authentication feature
Configuring the Hardware Client user authentication feature
Monitoring the Hardware Client user statistics

Configure the Cisco Virtual Private Network Client Backup Server and Load Balancing
Configuring the Cisco VPN Client backup server feature
Configuring the Cisco VPN Client load balancing feature
Overview of the Cisco VPN Client Reverse Route Injection feature

Configure the Virtual Private Network 3002 Hardware Client for Software Auto-Update
Overview and configuration of the VPN 3002 Hardware Client software auto-update feature
Monitoring the Cisco VPN 3002 Hardware Client software auto-update feature

Configure the Cisco Virtual Private Network 3000 Series Concentrator for the IPSec Over UDP and IPSec Over TCP
Overview of Port Address Translation
Configuring IPSec over UDP
Configuring NAT-Transversal
Configuring IPSec over TCP

Cisco Virtual Private Network 3000 Series Concentrator LAN-to-LAN with Pre-Shared Keys
Cisco VPN 3000 Series Concentrator IPSec LAN-to-LAN
LAN-to-LAN configuration

Cisco Virtual Private Network 3000 Series Concentrator LAN-to-LAN with NAT
LAN-to-LAN overview
Configuring the Concentrator LAN-LAN NAT feature

Cisco Virtual Private Network 3000 Series Concentrator LAN-to-LAN using Digital Certificates
Root certificate installation
Identify certificate installation

Exam Number/Code: 642-511
Exam Name:VPN and Security Cisco Secure Virtual Private Networks (CSVPN)

Free Sample :PassGuide-it certification Printable PDF Or software Download: Actualtest offers free demo for IT certification Exams You can check out the interface, question quality and usability of our IT Simulation exams before you decide to buy it. We are the only one site can offer demo for almost all products http://demo.passguide.com/download passguide braindumps

“VPN and Security Cisco Secure Virtual Private Networks (CSVPN)”, also known as 642-511 exam, is a Cisco certification. With the complete collection of questions and answers, Actualtests has assembled to take you through 174 Q&As to your 642-511 Exam preparation. In the 642-511 exam resources, you will cover every field and category in VPN and Security helping to ready you for your successful Cisco Certification.
Free Demo Download Actualtests offers free demo for 642-511 exam (VPN and Security Cisco Secure Virtual Private Networks (CSVPN)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.

Exam DetailsThe Cisco Secure Virtual Private Networks exam (CSVPN 642-511) is one of the exams associated with the Cisco Certified Security Professional and the Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the CSVPN v4.0 course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify, and manage the Cisco VPN 3000 Concentrator, Cisco VPN Software Client, and Cisco VPN 3002 Hardware Client feature set. CCNA or CCDA recertification candidates who pass the 642-511 CSVPN exam will be considered recertified at the CCNA or CCDA level.

QUESTION 11:
What size is the encryption key used in 3DES?
A. 128 bits
B. 168 bits
C. 128 bytes
D. 168 bytes
Answer: B
Explanation:
3DES uses a 56 bit key, 3 times, for an effective throughput
of 168 bits encryption.
QUESTION 12:
Which of the following has the lowest encryption bit
642-511
Actualtests.com – The Power of Knowing
length?
A. SHA
B. MD5
C. DES
D. AES
E. ESP
Answer: C
Explanation:
Data Encryption Standard (DES) uses only a 56 bit key to
encrypt data, and is easily broken.
QUESTION 13:
What is the key size of Diffie-Hellman group 2?
A. 128 bits
B. 256 bits
C. 512 bits
D. 1024 bits
Answer: D
Explanation:
Diffie-Hellman is used to create a completely secure secret
key, over a completely insecure link, using highly complex
mathematical algorithms safe from brute force even if
sniffers are on the line
QUESTION 14:
What benefit does ESP have, that AH does not?
A. authentication
B. encryption
C. tunnel mode
D. md5 hash
Answer: B
Explanation:
Authentication Header does not have any way of
encrypting data, ESP does.
642-511
Actualtests.com – The Power of Knowing
QUESTION 15:
Using which of the following protocols with AH will
cause packet failure?
A. AYT
B. VRRP
C. NAT
D. CDP
Answer: C
Explanation:
You cannot translate an IP address in AH authenticated
packet because AH uses that field when calculating
authentication. This will cause then other end of the VPN
tunnel to drop all packets because they will not authenticate
properly.
QUESTION 16:
How big is the SPI field in an IPSEC header?
A. 2 bytes
B. 4 bytes
C. 8 bytes
D. 24 bytes
Answer: B
Explanation:
The Security Parameter Index (SPI) field identifies a
Security Association between two IPSEC endpoints. The
field is 32 bits long (4 bytes).
QUESTION 17:
Which of the following peer authentication methods
scales the worst?
A. digital certificates
B. SCEP
C. preshared keys
D. encrypted nonces
Answer: C
642-511
Actualtests.com – The Power of Knowing
Explanation:
A preshared key peer authentication method does not scale
well because each key needs to be entered manually at each
peer participating in the VPN.
QUESTION 18:
What is the protocol number that denotes AH is in use?
A. 17
B. 51
C. 89
D. 123
Answer: B
Explanation:
The Authentication Header protocol is protocol number 51.
QUESTION 19:
DRAG DROP
Jason the security administrator at Certkiller Inc. was given the assignment to match
the following order.
In IPSec main mode, match the two-way exchange between the initiator and
receiver with their descriptions.
Answer:
Explanation:
Main ModeMain mode provides a way to establish the first phase of an IKE SA, which
is then used to negotiate future communications. The first step, securing an IKE SA,
642-511
Actualtests.com – The Power of Knowing
occurs in three two-way exchanges between the sender and the receiver. In the first
exchange, the sender and receiver agree on basic algorithms and hashes. In the second
exchange, public keys are sent for a Diffie-Hellman exchange. Nonces (random numbers
each party must sign and return to prove their identities) are then exchanged. In the third
exchange, identities are verified, and each party is assured that the exchange has been
completed.
Reference: Reference: Cisco Secure Virtual Private Network (Ciscopress) page 27
QUESTION 20:
James the security administrator for Certkiller Inc. is working with IKE. His job is to
know what the three functions of IKE Phase 2 are. (Choose three)
A. IKE uses aggressive mode.
B. IKE can optionally performs an additional DH exchange.
C. IKE periodically renegotiates IPSec SAs to ensure security.
D. IKE Negotiates IPSec SA parameter protected by an existing IKE SA.
E. IKE verifies the other side’s identity.
F. IKE uses main mode.
Answer: B C D

Free download:pass4sure CCSP 642-511
Free download?testking CCSP 642-511

Download Free PassGuide Product, Help you pass any it Exams,Click Me
Actualtests Free Downloads

Type

 Exam Bible NEW Questions & Answers

Latest Updated

 Download link
Testking torrent All Actual-Test 's Exam Pack

858

 1 days ago Full Download
passguide dumps

Download Free Latest Actualtests Certification Braindumps

  1. Free Actualtest Actualtests CCSP 642-503
  2. Free Actualtest Actualtests CCSP 642-552
  3. Free Actualtest Actualtests CCSP 642-521
  4. Free Actualtest Actualtests CCSP 642-523
  5. Free Actualtest Actualtests CCSP 642-542
  6. Free Actualtest Actualtests CCSP 642-541
  7. Free Actualtest Actualtests CCSP 642-524
  8. Free Actualtest Actualtests CCSP 642-515
  9. Free Actualtest Actualtests CCSP 642-551
  10. Free Actualtest Actualtests CCSP 642-522

Viewed 52 times
By [ Download Free Actualtests Dumps ] On [ October 6th, 2008 - 10:27 pm ] in [ Cisco ] -
Tags: [ ]

Comment

Leave a Reply
Categories


Top Posts Overall


Meta
Any charges made through this site will appear as Pass Guide Certification LTD. PassGuide Materials do not contain actual questions and answers from Microsoft's Certification Exams