Cisco CCNP 642-813 Exam Questions 07

Ensurepass

QUESTION
Which two components should be part of a security implementation plan? (Choose two.)

A. detailed list of personnel assigned to each task within the plan
B. a Layer 2 spanning-tree design topology
C. rollback guidelines
D. placing all unused access ports in VLAN 1 to proactively manage port security
E. enabling SNMP access to Cisco Discovery Protocol data for logging and forensic analysis

Correct Answer: B,C

QUESTION 37
When creating a network security solution, which two pieces of information should you have obtained previously to assist in designing the solution? (Choose two.)

A. a list of existing network applications currently in use on the network
B. network audit results to uncover any potential security holes
C. a planned Layer 2 design solution
D. a proof-of-concept plan
E. device configuration templates

Correct Answer: A,B

QUESTION 38
What action should you be prepared to take when verifying a security solution?

A. having alternative addressing and VLAN schemes
B. having a rollback plan in case of unwanted or unexpected results
C. running a test script against all possible security threats to insure that the solution will mitigate all potential threats
D. isolating and testing each security domain individually to insure that the security design will meet overall requirements when placed into production as an entire system

Correct Answer: B

QUESTION 39
When you enable port security on an interface that is also configured with a voice VLAN, what is the maximum number of secure MAC addresses that should be set on the port?

A. No more than one secure MAC address should be set.
B. The default is set.
C. The IP phone should use a dedicated port, therefore only one MAC address is needed per port.
D. No value is needed if the switchport priority extend command is configured.
E. No more than two secure MAC addresses should be set.

Correct Answer: E

QUESTION 40
Refer to the exhibit.

From the configuration shown, what can be determined?

A. The sticky addresses are only those manually configured MAC addresses enabled with the sticky keyword.
B. The remaining secure MAC addresses are learned dynamically, converted to sticky secure MAC addresses, and added to the running configuration.
C. A voice VLAN is configured in this example, so port security should be set for a maximum of 2.
D. A security violation restricts the number of addresses to a maximum of 10 addresses per access VLAN and voice VLAN. The port is shut down if more than 10 devices per VLAN attempt to access the port.

Correct Answer: B

Ensurepass offers the Latest 2013 642-813 Exam PDF to pass the exams.