Free CCNA 640-553 IINS Certification Exam Download

Exam Number: 640-553
Associated Certifications: CCNA Security
Duration: 90 minutes (55-65 questions)
Available Languages: English

The 640-553 IINS Implementing Cisco IOS Network Security exam is associated with the CCNA Security certification. This exam tests a candidate’s knowledge of securing Cisco routers and switches and their associated networks. It leads to validated skills for installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security infrastructure.

Candidates can prepare for this exam by taking the Implementing Cisco IOS Network Security (IINS)course.

– more infomation of CCNA 640-553 IINS certification exam –

CCNA Security Certification meets the needs of IT professionals who are responsible for network security. It confirms an individual’s skills for job roles such as Network Security Specialists, Security Administrators, and Network Security Support Engineers. This certification validates skills including installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security structure.

Students completing the recommended Cisco training will gain an introduction to core security technologies as well as how to develop security policies and mitigate risks. IT organizations that employ CCNA Security-holders will have IT staff that can develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.

Question: 6
Which of these correctly matches the CLI command(s) to the equivalent SDM wizard that performs similar configuration functions?

A. Cisco Common Classification Policy Language configuration commands and the SDM Site-
to-Site VPNn wizard
B. Auto secure exec command and the SDM One-Step Lockdown wizard
C. Setup exec command and the SDM Security Audit wizard

D. Class-maps, policy-maps, and service-policy configuration commands and the SDM IPS
wizard
E. Aaa configuration commands and the SDM Basic Firewall wizard
Answer: B
Question: 7
What is the key difference between host-based and network-based intrusion prevention?

A. Network-based IPS is better suited for inspection of SSL and TLS encrypted data flows.
B. Network-based IPS provides better protection against OS kernel-level attacks against hosts and servers.
C. Network-based IPS can provide protection to desktops and servers without the need of installing specialized software on the end hosts and servers.
D. Host-based IPS can work in promiscuous mode or inline mode.
E. Host-based IPS is more scalable then network-based IPS.
F. Host-based IPS deployment requires less planning than network-based IPS.
Answer: C
Question: 8
Refer to the exhibit.
You are a network manager for your organization. You are looking at your Syslog server reports. Based on the Syslog message shown, which two statements are true? (Choose two.)

A. Service timestamps have been globally enabled.
B. This is a normal system-generated information message and does not require further investigation.
C. This message is unimportant and can be ignored. D. This message is a level 5 notification message.
Answer: A, D
Question: 9
You suspect an attacker in your network has configured a rogue layer 2 device to intercept traffic
from multiple VLANS, thereby allowing the attacker to capture potentially sensitive data. Which two methods will help to mitigate this type of activity? (Choose two.)

A. Turn off all trunk ports and manually configure each VLAN as required on each port
B. Disable DTP on ports that require trunking
C. Secure the native VLAN, VLAN 1 with encryption
D. Set the native VLAN on the trunk ports to an unused VLAN E. Place unused active ports in an unused VLAN
Answer: B, D
Question: 10
Which three statements about SSL-based VPNs are true? (Choose three.)

A. Asymmetric algorithms are used for authentication and key exchange.
B. SSL VPNs and IPsec VPNs cannot be configured concurrently on the same router. C. Symmetric algorithms are used for bulk encryption.

Free download:pass4sure CCNA 640-553
Free download:PassGuide CCNA 640-553

password:www.ciscoexams.org