|
Question 10.
You are configuring a VLAN and the switch you are using requires that you do so within the VLAN database.
Which command allows you to enter the VLAN database?
A. Switch# vlan database
B. Switch(config)#vlan database
C. Switch(config-if)# vlan database
D. Switch(vlan)# vlan database
Answer: A
Question 11.
Which critical issue should you account for when implementing an integrated network security management design?
A. NAT interoperates with encrypted voice traffic
B. host-based intrusion detection systems reside in the network
C. all network devices are time-synchronized
D. SNMP community read-write stings are configured to allow for total management access
Answer: C
Question 12.
A customer with a small enterprise network of 15 remote sites is trying to optimize its VPN by migrating some remote sites using Frame Relay connections to the Internet to using cable connections to the Internet. Minimizing costs is one of the customer's highest priorities. Only a moderate amount of IP traffic is passing through the network, most of which is from the remote sites to the central site. IPSec should be used to provide VPN functionality and basic confidentiality is desired.
Based on the traffic patterns, which topology would be the easiest for this customer to set up and manage?
A. full mesh
B. partial mesh
C. point-to-multipoint
D. hub-and-spoke
Answer: D
Question 13.
A host on the Sales subnet (10.0.2.0/24) is not able to initiate a web connection to an outside website.
According to the network diagram and partial Cisco Adaptive Security Device Manager configuration shown in the exhibit, what is the cause of the problem?
A. The dynamic NAT global pool is not configured correctly.
B. The source networks for static NAT are not configured correctly.
C. The administrator has not added an access list to allow the connection.
D. The source network for dynamic NAT is not configured correctly.
Answer: D
Question 14.
A user is unable to connect to the Cisco Router and Security Device Manager via HTTPS.
Which two or these might have caused this problem? (Choose two)
A. The ip https server command is missing from the running configuration.
B. The ip http secure-server command is missing from the running configuration.
C. The user is trying to launch Cisco Router and Security Device Manager from the inside
(secured) interface with a firewall enabled.
D. The user has a privilege level lower than 15.
E. The browser security level is set too high.
Answer: B, D
Question 15.
Which command can be used to verify that RIPv2 is running on a router?
A. show startup-config
B. show ip route
C. show ip route rip
D. show ip protocols
Answer: D
Question 16.
According to the Cisco Adaptive Security Device Manager window, which statement about address translation is correct?
A. Using Network Address Translation, any host on the DMZ1 subnet (172.16.1.0) will be
translated to a mapped address on the outside interface of 192.168.1.11.
B. Using port address translation, DMZ2 host 172.16.1O.2will be translated on DMZ1 to IP
address 172.16.1.22 with a dynamically assigned port address.
C. Using Network Address Translation, host 10.0.1.10 on the inside network will be dynamically
translated to a mapped address from the address pool of 192.168.1.20 to 192.168.1.94.
D. Using port address translation, outside host 1 92168.1 .10 with a dynamically assigned port
address will be translated to 10.0.1.11 on the inside interface.
Answer: C
Question 17.
When using Cisco Router and Security Device Manager to configure AAA login authentication policies, which four methods are available? (Choose four.)
A. group RADIUS: use a list of RADIUS hosts
B. group TACACS+: use a Iist of TACACS+hosts
C. enable: use enable password
D. otp: use one-time password
E. local: use local database
F. default use line password
Answer: A, B, C, E
Question 18.
A network administrator is troubleshooting an EIGRP connection between Router A and Router B.
Given the debug output on Router A, which two statements are true? (Choose two.)
A. Router A received a hello packet with mismatched autonomous system numbers.
B. Router A received a hello packet with mismatched hello timers.
C. Router A received a hello packet with mismatched authentication parameters.
D. Router A received a hello packet with mismatched metric-calculation mechanisms.
E. Router A will form an adjacency with Router B.
F. Router A will not form an adjacency with Router B.
Answer: D, F
Question 19.
Which two statements best describe the wireless core feature set using autonomous access points when implementing Wireless Domain Services? (Choose two)
A. The primary Layer 2 WDS server address is configured via the infrastructure access point GUI.
B. The primary Layer 2 WDS server address is automatically discovered by the infrastructure
access points through multicast.
C. The primary Layer 2 WDS is selected by the highest MAC address followed by priority number.
D. The primary Layer 2 WDS is selected by the highest priority number, followed by MAC
address.
E. The primary Layer 2 WDS is selected by the highest IP address, followed by MAC address.
Answer: B, D
Question 20.
A concern has been expressed that the switched infrastructure in an integrated network is vulnerable to VLAN hopping attacks.
Which two configuration statements can be used to mitigate VLAN hopping? (Choose two.)
A. switchport port-security
B. switchport port-security tagging
C. switchport access vlan
D. switchport double-tag snooping
E. switchport mode access
Answer: C, E
Question 21.
You enter the command show ip ospf neighbor and see "two-way/DROTHER" listed as the state for neighbor 10.1.1.1.
What does this status indicate?
A. The neighbor 10.1.1.1 is not a DR or BDR.
B. The neighbor relationship with 10.1 .1.1 has not yet completed.
C. DR and BDR election is in progress.
D. The neighbor 10.1.1.1 is the BDR.
Answer: A
Question 22.
A customer with a large enterprise network wants to allow employees to work from home over the Internet. The customer anticipates a large amount of traffic, predominantly toward the central site. The customer also requires a VPN using strong user authentication and encryption to protect highly sensitive data.
Which solution best meets this customer's requirements?
A. remote-access VPN with software encryption
B. remote-access VPN with hardware encryption
C. site-to-site VPN with hub-and-spoke tunnels using 3DES and pre-shared secrets
D. site-to-site Cisco Easy VPN
Answer: B
Question 23.
Which two statements are correct about using Cisco Router and Security Device Manager (SDM) to configure the OSPF routing protocol? (Choose two.)
A. Cisco SDM enforces the creation of area 0 when configuring DSPF.
B. Cisco SDM will use the supplied wildcard mask to exclude the host bits from the configured
network address.
C. Cisco SDM allows the configuration of an area range to allow route summarization between
OSPE areas.
D. Cisco SDM allows the selection of OSPFv1 or OSPFv2.
E. Cisco SDM allows the configuration of passive interfaces.
Answer: B, E
Question 24.
Which three statements are correct about the IEEE 802.3af Power over Ethernet standard? (Choose three.)
A. It defines a port that acts as a power source to be a PSE.
B. It defines a powered device to be a PDE.
C. It defines how a powered device is detected.
D. It defines three methods of delivering Power over Ethernet to the discovered powered device.
E. It describes five power classes to which a device may belong.
F. It defines power class 0 as being reserved for future use.
Answer: A, C, E
Question 25.
Users logging into Cisco Router and Security Device Manager should be authenticated using the Cisco ISP local user database. Currently, none of the users can access Cisco Router and Security Device Manager via HTTP.
You should check the configuration of which command or commands when attempting to resolve this problem?
A. ip http secure-server
B. ip http authentication local
C. line vty 0 5 login local
D. aaa new-model
aaa authentication login default local
Answer: B
Question 26.
A customer in Europe needs to establish an 11-Mbps wireless bridge link between two office buildings that are approximately 1.3 km apart. The wireless link will pass through a public park, which contains a lake that is surrounded by trees. You run the range calculation and determine that the Cisco Aironet 1300 Series Outdoor Access Point/Bridge should work. You install the link using 10.5-dB yagis with 75 feet of standard Cisco cabling and both radios set at 20 mW. The wireless bridges are not able to establish or maintain a link.
What is needed to successfully complete this link?
A. An amplifier needs to be installed at one of the sites.
B. The antenna must be raised high enough to clear the trees.
C. Lower loss cabling needs to be used to bring the EIRP into legal limits.
D. Due to the trees, a 21-dBi dish needs to be used for its narrower beam width.
Answer: B
Question 27.
The customer wants to implement wireless security through implementation of WPAv2.
Which component of WPAv2 would limit the rollout because of the continued use of old access points?
A. 46-bit IV
B. AES
C. TKIP
D. MIC
Answer: B
Question 28.
Which statement is true about a Cisco Aironet 350 Series wireless client when its green LED appears to be off and its amber LED is blinking?
A. The client adapter is scanning for a network.
B. The client adapter is in ad hoc mode.
C. The client adapter is performing a self-test.
D. The client adapter is in power-save mode.
Answer: D
|
Question 1.
Before launching the Application Publishing Wizard, what must be done to publish a package?
A. The package deployment schedule must be set.
B. The location of the package must be identified.
C. The target servers must be specified.
D. The package must be added to the Presentation Server Console.
Answer: D
Question 2.
Which two Health Monitoring and Recovery tests are enabled by default? (Choose two.)
A. Citrix SMA Service
B. Citrix XML Service
C. Citrix IMA Service
D. Citrix XTE Server Service
Answer: B, C
Question 3.
The administrator who installs the ADF packages on the target servers must have ______ and ______. (Choose the two phrases that complete the sentence correctly.)
A. administrative access to the network share point server
B. read access to the target servers
C. read access to the network share point server
D. administrative access to the target servers
E. read access to the packager server
F. administrative access to the packager server
Answer: C, D
Question 4.
A large medical research company ITCertKeys.com wants to reduce the high CPU usage on their servers in order to improve the user experience. Most users work with a web-based tool that is graphic-intensive. They work with files that need to be accessed from multiple locations and by multiple users so that researchers can access the files as they make their rounds through clinics.
What should the administrator implement to meet the company's requirements?
A. Application limits
B. Published desktops
C. Server-to-client content redirection
D. Client-to-server content redirection
Answer: C
Question 5:
The Citrix Administrator at a ITCertKeys.com plans on deploying a web-based cataloging application consisting of new items under development. The application includes JPEG images of product prototypes alongside detailed descriptions. This application will be accessed by a group of engineers from remote field sites with limited network bandwidth. This application will only be provided by means of a single set of servers running Presentation Server that will be deployed within the new server farm. Access to the data source is controlled so that data queries may originate only from the servers running Presentation Server. The JPEG images are large files and users require graphical detail even when using dial-up, wireless WAN, or other slow connections.
Which three SpeedScreen Browser Acceleration options should be configured at the server farm level? (Choose three.)
A. Determine when to compress
B. Enable SpeedScreen Browser Acceleration
C. Compress JPEG images to improve bandwidth and set the compression level to high
D. Compress JPEG images to improve bandwidth and set the compression level to low
E. Use farm settings for SpeedScreen Browser Acceleration
Answer: A, B, D
Question 6.
ITCertKeys.com recently implemented Citrix Presentation Server. The company plans to use the shadowing feature to improve their help desk activities. Specifically, the company wants the help desk personnel to be able to shadow all users in the company's domain and manipulate their work stations remotely. For security and privacy reasons, the company wants to ensure that users must accept shadowing before help desk personnel can shadow them. During the Presentation Server installation, the administrator allowed shadowing but did not configure any settings for remote control or shadow acceptance. The administrator has just created a policy titled "Shadowing."
Which two steps are required to accomplish this task? (Choose two.)
A. Enable shadowing in a policy and prohibit remote input when being shadowed.
B. Enable shadowing in a policy and prohibit being shadowed without notification.
C. Enable permissions for all help desk users and set status to allow.
D. Enable permissions for all users and set status to allow.
Answer: B, C
Question 7.
Which two statements are true when an administrator associates published applications with file types and then assigns them to users? (Choose two.)
A. All files of an associated type encountered in locally running applications are opened with
applications running on the server when users run the Program Neighborhood Agent.
B. The client passes the name of the published content file to the local viewer application when
users run the Program Neighborhood Agent.
C. Content published on servers is opened with applications published on servers when users
connect using the Program Neighborhood Agent.
D. The file type associations in the published applications are copied to the registry of the client
device when users connect using the Web Interface.
Answer: A, C
Question 8.
When configuring Virtual Memory Optimization, it is best to configure an optimization time ______________. (Choose the appropriate option to complete the sentence.)
A. when the administrator can manually monitor the process
B. that precedes a scheduled reboot
C. of high or maximum usage
D. of low or no usage
Answer: D
Question 9.
A network administrator at ITCertKeys.com created a policy for the Human Resources group called "HR standard" which restricts the users in that group from accessing their local drives. Human Resources has recently added five new recruiters to the team who will travel to universities throughout the country to recruit candidates. While on these trips, the recruiters will need to save data on their laptops and upload information nightly. The administrator creates a new policy for the recruiters called "HR recruitment" and disables the rule which restricts access to the local drives.
Which two steps are required to ensure that the recruiters are able to access their local drives? (Choose two.)
A. Filter the HR recruitment policy by users, specify the five recruiter accounts and allow access
B. Filter the HR standard policy by users, specify the five recruiter accounts and allow access
C. Rank the HR recruitment policy higher than the HR standard policy
D. Rank the HR standard policy higher than the HR recruitment policy
Answer: A, C
Question 10.
A newly published web-based application calls a Java applet to support audio interaction with other users. The application requires Virtual IP in order to function properly. Users launched the published web browser successfully; however, only the first user on the server could initialize the audio portion. Other Java-based applications on the same servers functioned correctly.
Which option will best address this problem?
A. Remove the servers from the Virtual Loopback list and re-add them to read the new
configuration.
B. Increase the IP range for Virtual IP addresses to allow for the added users.
C. Configure the correct Java runtime path for Virtual IP loopback.
D. Add the entries directly to the registry instead of the Management Console to implement the
new Virtual IP configuration.
Answer: C
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.