考古大師Cisco CCNP 642-825考古題

Exam Number: 642-825
Associated Certifications: CCNP
Duration: 90 minutes
Cisco CCNP 642-825考試題庫由TestInside認證題庫網資深IT認證講師和Cisco產品專家結合PROMETRIC或VUE的真實642-825考試環境最新原題傾心打造。所有購買TestInside認証題庫的客戶都將得到90天的免費升級服務，保証了對642-825題庫的完整覆蓋。題庫覆蓋了當前最新的真實考題，並且全部附有正確答案，我們承諾題庫對Cisco 642-825 (CCNP)考試原題完整覆蓋。TestInside 642-825題庫助您輕鬆通過認證考試，一次不過全額退款。
Exam Description
The Implementing Secure Converged Wide Area Networks (ISCW 642-825) is a qualifying exam for the Cisco Certified Network Professional CCNP®. The ISCW 642-825 exam will certify that the successful candidate has important knowledge and skills necessary to secure and expand the reach of an enterprise network to teleworkers and remote sites with focus on securing remote access and VPN client configuration. The exam covers topics on Cisco hierarchical network model as it pertains to the WAN, teleworker configuration and access, frame mode MPLS, site-to-site IPSEC VPN, Cisco EZVPN, strategies used to mitigate network attacks, Cisco device hardening and IOS firewall features.

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Implement basic teleworker services.
Describe Cable (HFC) technologies.
Describe xDSL technologies.
Configure ADSL (i.e., PPPoE or PPPoA).
Verify basic teleworker configurations.
Implement Frame-Mode MPLS.
Describe the components and operation of Frame-Mode MPLS (e.g., packet-based MPLS VPNs).
Configure and verify Frame-Mode MPLS.
Implement a site-to-site IPSec VPN
Describe the components and operations of IPSec VPNs and GRE Tunnels.
Configure a site-to-site IPSec VPN/GRE Tunnel with SDM (i.e., preshared key).
Verify IPSec/GRE Tunnel configurations (i.e., IOS CLI configurations).
Describe, configure, and verify VPN backup interfaces.
Describe and configure Cisco Easy VPN solutions using SDM.
Describe network security strategies.
Describe and mitigate common network attacks (i.e., Reconnaissance, Access, and Denial of Service).
Describe and mitigate Worm, Virus, and Trojan Horse attacks.
Describe and mitigate application-layer attacks (e.g., management protocols).
Implement Cisco Device Hardening
Describe, Configure, and verify AutoSecure/One-Step Lockdown implementations (i.e., CLI and SDM).
Describe, configure, and verify AAA for Cisco Routers.
Describe and configure threat and attack mitigation using ACLs.
Describe and configure IOS secure management features (e.g., SSH, SNMP, SYSLOG, NTP, Role-Based CLI, etc.)
Implement Cisco IOS firewall.
Describe the functions and operations of Cisco IOS Firewall (e.g., Stateful Firewall, CBAC, etc.).
Configure Cisco IOS Firewall with SDM.
Verify Cisco IOS Firewall configurations (i.e., IOS CLI configurations, SDM Monitor).
Describe and configure Cisco IOS IPS.
Describe the functions and operations of IDS and IPS systems (e.g., IDS/IPS signatures, IPS Alarms, etc.)
Configure Cisco IOS IPS using SDM.
1. As a network engineer, do you know which three techniques should be used to secure management protocols?
(Choose three.)
A. Configure SNMP with only read-only community strings.
B. Encrypt TFTP and syslog traffic in an IPSec tunnel.
C. Implement RFC 3704 filtering at the perimeter router when allowing syslog access from devices on the outside
of a firewall.
D. Use SNMP version 2.
Answer: ABC

2. In terms of worm attack, we may take many methods to mitigate it. What are two steps that must be taken when
mitigating a worm attack? (Choose two.)
A. Limit traffic rate.
B. Inoculate systems by applying update patches.
C. Enable anti-spoof measures.
D. Quarantine infected machines.
Answer: BD