Free P4S Cisco VPN and Security Exam 642-541 v2.93 Download

VPN and Security Cisco SAFE Implementation Exam (CSI) : 642-541 Exam

The Cisco SAFE Implementation exam tests the knowledge and skills needed to use the principles and axioms presented in the SAFE SMR, Enterprise, IP Telephony and Wireless LAN White Papers, and to implement them on specific security devices. The primary focus is on the labs, which allows the students to build complete end-to-end security solutions using SAFE White Papers as the blueprint. The configuration and functionality of the following devices in a SAFE SMR network are described in detail: IOS routers, PIX Firewalls, VPN Concentrators, Cisco IDS Sensors, Cisco Security Agent and the Cisco VPN Client. Basic implementation of a SAFE wireless LAN is also covered.

The SAFE White Papers can be downloaded for free.

Exam Number/Code: 642-541
Exam Name: VPN and Security Cisco SAFE Implementation Exam (CSI)
VUE Code: 642-541
Questions Type: Single choice,
Real Exam Question Numbers: 60-70 questions
Exam Language(s): English

Exam Description Introduction
The Cisco SAFE Implementation exam tests the knowledge and skills needed to use the principles and axioms presented in the SAFE SMR, Enterprise, IP Telephony and Wireless LAN White Papers, and to implement them on specific security devices. The primary focus is on the labs, which allows the students to build complete end-to-end security solutions using SAFE White Papers as the blueprint. The configuration and functionality of the following devices in a SAFE SMR network are described in detail: IOS routers, PIX Firewalls, VPN Concentrators, Cisco IDS Sensors, Cisco Security Agent and the Cisco VPN Client. Basic implementation of a SAFE wireless LAN is also covered.

The SAFE White Papers can be downloaded for free.

Exam Topics
The following information provides general guidelines for the content likely to be included on this exam. However, other related topics may also appear on any specific delivery of the exam.

Security Fundamentals
Need for network security
Components of a complete security policy
Primary network threats and attacks
Common attacks and recommended mitigation techniques
Security issues implicit in common management protocols

SAFE Blueprint Overview
SAFE Blueprint Overview
Design Fundamentals
SAFE Axioms

The Cisco Security Portfolio
Cisco Security Portfolio Overview
Secure Connectivity-Cisco VPN 3000 Concentrator and Cisco VPN Optimized IOS
Perimeter Security Firewalls-Cisco PIX Firewall and Cisco IOS Firewall
Intrusion Protection-IDS
Identity-CSACS
Security Management-VMS
Cisco AVVID

SAFE Small Network Design
Small Network Design Overview
Small Network Corporate Internet Module
Small Network Campus Module
Implementation-ISP Router
Implementation-Cisco IOS Firewall
Implementation-PIX Firewall
Implementation-CSA

SAFE Midsize Network Design
Midsize Network Design
Midsize Network Corporate Internet Module Design Guidelines
Midsize Network Campus Module
Midsize Network Campus Module Design Guidelines
Midsize Network WAN Module
Implementation-ISP Router and Edge Router
Implementation-Network IPS
Implementation-VPN 3000 Concentrator
Implementation-Layer 3 Switch

SAFE Remote Network Design
Remote-User Network Overview
Key Devices and Threat Mitigation
Software Client Option
Remote Site Firewall Option
VPN 3002 Hardware Client Option
Remote Site Router Option

SAFE Enterprise Network Design
Enterprise Network Design Overview
Enterprise Campus
Enterprise Network Edge

SAFE IP Telephony Design
IP Telephony Concepts, Caveats and Axioms
IP Telephony Product Portfolio
IP Telephony Design Considerations
IP Telephony Design for Small, Medium and Large Network

SAFE Wireless LAN Design
Wireless LAN Security Concepts, Caveats and Axioms
WLAN Security Extensions
Cisco WLAN Product Portfolio
WLAN Design Approach
Standard WLAN Design
WLAN Design for Small, Medium, Enterprise and Remote Network
WLAN Implementation

“VPN and Security Cisco SAFE Implementation Exam (CSI)”, also known as 642-541 exam, is a Cisco certification.
Preparing for the 642-541 exam Searching 642-541 Test Questions, 642-541 Exam, 642-541 Dumps

With the complete collection of questions and answers Q&as with Expert Explanations, Pass4sure has assembled to take you through 228 questions to your 642-541 Exam preparation. In the 642-541 exam resources, you will cover every field and category in VPN and Security helping to ready you for your successful Cisco Certification.

QUESTION 16:
What is the only way to effectively prevent the Man-in-the-middle attacks?
A. Firewalls
B. ISP filtering and rate limiting
C. HIDS & Firewall filtering
642-541
www.actualtest.org – The Power of Knowing
D. Encryption
E. Access Control
Answer: D
Explanation: Man-in-the-middle attacks can be effectively mitigated only through
the use of cryptography. If someone hijacks data in the middle of a
cryptographically private session, all the hacker will see is cipher text, and not the
original message.
Ref: Safe White papers 68
SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 17:
What is not a specific type of attack, but refers to most attacks that occur today?
A. DoS
B. Brute force password
C. IP spoofing
D. Unauthorized access
Answer: D
Explanation: Although unauthorized-access attacks are not a specific type of attack,
they refer to most attacks executed in networks today.
Ref: Safe White papers; Page 70
SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
QUESTION 18:
This method of attack will always compute the password if it is made up of the character
set you have selected to test.
A. What is LOphtCracks
B. What is brute force computation
C. What is dictionary lookup
D. What is brute force mechanism
Answer: B
QUESTION 19:
What is the primary method of mitigating port redirection attacks?
A. Keep firewalls up to date with the latest patches and fixes.
B. Do not allow trust models.
642-541
www.actualtest.org – The Power of Knowing
C. Keep OS and applications up to date with the latest patches and fixes.
D. Use proper trust models.
Answer: D
Explanation: Port redirection can be mitigated primarily through the use of proper
trust models (as mentioned earlier). If we assume that a system is under attack,
host-based IDS can help detect and prevent a hacker installing such utilities on a
host.
Ref: Safe White papers; Page 70
SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks
Reference: Cisco Courseware page 2-28
QUESTION 20:
What are two characteristics of a packet sniffer designed for attack purposes? (Choose
two)
A. Captures first 300 to 400 bytes.
B. Typically captures login sessions.
C. Captures the last 300 to 400 bytes.
D. Deciphers encrypted passwords.
E. Enable to capture UDP packets.
Answer: A B