QUESTION NO: 1
Cisco ISR Routers offer which three of these security benefits? (Choose three.)
A. onboard VPN accelerator
B. events correlation and proactive response
C. high-performance AIM VPN modules
D. virtual firewall
E. Cisco IOS Firewall and IOS IPS
F. transparent firewall
Answer: A,C,E Explanation:

QUESTION NO: 2
The Cisco ASA Security Appliance can offer the benefit of integrating which three security services into one device? (Choose three.)
A. IPS
B. VPN Concentrator
C. ACS server
D. PIX firewall
E. CSA MC
F. DDoS Anomaly Guard and Detector
Answer: A,B,D Explanation:

QUESTION NO: 3
Which network management solution performs configuration, monitoring, and management of Cisco Firewall, VPN router, and IPS devices as well as maintains network device inventory and software distribution features?
A. CiscoWorks Security Device Management Center (SD/MC)
B. Security Device Manager (SDM)
C. Adaptive Security Device Manager (ASDM)
D. CiscoWorks VMS/Management Center (VMS/MC)
Answer: D Explanation:


QUESTION NO: 4
Which two of these statements best describe fast secure roaming for the wireless core feature set using autonomous access points? (Choose two.)
A. It is compatible with all wireless clients.
B. It reduces roaming latency through reduced client RF channel scanning enhancements.
C. It reduces roaming latency to targeted times of less than 75ms.
D. Roaming occurs without reauthentication through a centralized RADIUS server.
E. It is enabled through WLSE deployment.

Answer: B,D Explanation:
QUESTION NO: 5
Refer to the exhibit.


Deploying integrated services on the Cisco ISR Router can help reduce network cost and complexity by integrating which four of these features on the ISR? (Choose four.)
A. firewall and VPN
B. IP telephony and voice mail
C. Secure Access Control Server
D. LAN switching and Wireless LAN
E. IPS
F. Anomaly Guard and Detection
Answer: A,B,D,E Explanation:

QUESTION NO: 6
Which of these is a benefit of an integrated security management system?
A. It provides configuration, monitoring, and troubleshooting capabilities across a wide range of security products.
B. It integrates security device management products and collects events on an ��as needed�� basis to reduce management overhead.
C. It integrates security management capabilities into the router or switch.
D. It provides a single point of contact for all security configuration tasks thereby enhancing the return on investment.
E. It leverages existing network management systems such as HP OpenView to lower the cost of implementation.
Answer: A Explanation:

QUESTION NO: 7
Which three of these items can a wireless assisted site survey optimize? (Choose three.)
A. radio transmit power setting
B. security selection
C. beacon interval
D. IPS auto-response settings
E. channel selection
F. IDS settings

Answer: A,C,E Explanation:

QUESTION NO: 8
Which statement concerning the Active/Active failover feature is correct?
A. ASA Security Appliance failover pair must have either an Unrestricted and UR license or a UR and FO-A/A license to be able to support Active/Active failover.
B. If an active security context within the primary security appliance "fails", the status of the primary security appliance unit changes to "failed" while the secondary failover security appliance unit transitions to "active."
C. Active/Active failover is supported in "multiple mode" configuration only.
D. Active/Active failover supports site-to-site IPSec VPN stateful failover.
Answer: C Explanation:

QUESTION NO: 9
Which two of these statements describe important aspects of performing a wireless site survey? (Choose two.)
A. An 802.11g access point with a variety of antennas can be used in all standard site surveys.
B. Site surveys can be performed manually or through assisted site survey.
C. Channel power during testing starts at the default minimum and gradually increases to the maximum.
D. Overlapping access points can create performance problems.
E. Surveys should be done after hours in an office building or during reduced inventory levels in warehouses.
Answer: B,D Explanation:
QUESTION NO: 10
Which of these statements regarding Cisco's WebVPN support is correct?

A. Cisco ISR Routers with the Enhanced Security Bundles support WebVPN.
B. Cisco security appliances act as a proxy between the end user and the target web server.
C. Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both support WebVPN.
D. Cisco's WebVPN solution supports both TCP and UDP port forwarding for legacy application support.
Answer: B Explanation:

QUESTION NO: 11
After properly configuring multiple VLANs, an administrator has decided to secure its VLAN network. Which three steps are required to secure this environment? (Choose three.)
A. If a port is connected to a foreign device make sure to disable CDP, DTP, RPR, PAgP, UDLP, and any other unnecessary protocols, and enable UplinkFast/BPDU guard on it.
B. Enable root guard feature to prevent a directly or indirectly connected STP-capable device from affecting the location of the root bridge.
C. Configure VTP domains appropriately or turn off VTP altogether to limit or prevent possible undesirable protocol interaction with regards to the network-wide VLAN configuration.
D. Set the native VLAN ID to match the port VLAN ID of any 802.1q trunk to prevent spoofing.
E. Disable all unused ports and place them in an unused VLAN to avoid unauthorized access.
Answer: B,C,E Explanation:
QUESTION NO: 12
Refer the exhibit.


Which two methods enable a PC connected to the PartnerNet to connect to a server on DMZ1 but deny it access to both DMZ2 and the Inside network? (Choose two.)
A. Enable port address translation for traffic sourced from the PartnerNet PC to the DMZ1 server.
B. Disable NAT control on DMZ2 and the Inside interfaces only.
C. Enable static NAT translation for the DMZ1 server, and then use an ACL to permit the PartnerNet PC traffic to the DMZ1 server.
D. Disable NAT control on the DMZ1 interface only.
E. Lower the security level of the DMZ2 interface to 30.
F. Raise the security level of the PartnerNet interface to 55.
Answer: C,F Explanation:

QUESTION NO: 13
Which of these best describes the Cisco Lifecycle Services approach?
A. a methodology for proactively updating equipment before it reaches the end of its life
B. a methodology for introducing new technologies
C. a methodology for creating a business plan
D. a methodology for determining total cost of ownership

Answer: B Explanation:

QUESTION NO: 14
At which stage of the Cisco Lifecycle Services approach would you recommend supporting and troubleshooting the system?
A. Preparation
B. Planning
C. Design
D. Implementation
E. Operation
F. Optimization
Answer: E Explanation:

QUESTION NO: 15
At which stage of the Cisco Lifecycle Services approach would you test for system acceptance?
A. Preparation
B. Planning
C. Design
D. Implementation
E. Operation
F. Optimization
Answer: D Explanation:

QUESTION NO: 16
What is one reason you might recommend a solution using only autonomous access points to a customer?
A. The customer requires Layer 3 roaming.

B. The customer requires immediate wireline integration with a Catalyst 6500 switch.
C. The customer needs an outdoor-ready access point.
D. The customer wants the option to migrate to LWAPP.
Answer: D Explanation:

QUESTION NO: 17
What is the purpose of the Dynamic Configuration Tool?
A. to determine the correct IOS image to support your modules or blades
B. to allow for the mass deployment of devices with minimal configurations
C. to test router configurations virtually prior to implementing them in your production network
D. to provide an easy way to check for known bugs in IOS releases
E. to verify that hardware such as modules are compatible with your chassis
Answer: E Explanation:

QUESTION NO: 18
Which of these statements about CiscoWorks is true?
A. The LMS interface can manage a maximum of four CiscoWorks servers.
B. CiscoWorks SNMS supports integration with HPOV.
C. CiscoWorks does not require TCP reliability.
D. CiscoWorks Restricted is the recommended choice for large enterprise.
Answer: C Explanation:

QUESTION NO: 19
A customer is considering purchasing either a Cisco Catalyst 2960 or Cisco Catalyst Express 500. Which feature can only be found on the Catalyst 2960?
A. 48 Ethernet 10/100 ports

B. Fast Ethernet and Gigabit Ethernet connectivity
C. dual-purpose copper or fiber uplinks
D. standalone fixed-configuration Layer 2 switching
Answer: A Explanation:

QUESTION NO: 20
Which three of these service components are in the design phase? (Choose three.)
A. Account Qualification and Planning
B. Detailed Design Development
C. Staff Training
D. Systems Acceptance Test Plan Development
E. Staging Plan Development
F. Site Readiness Assessment
Answer: B,D,E Explanation:

QUESTION NO: 21
In which of these phases is a customer��s current network infrastructure assessed?
A. plan
B. design
C. implement
D. prepare
Answer: A Explanation:

QUESTION NO: 22
Which three business requirements development activities are performed in the prepare phase before creating a technology strategy? (Choose three.)

A. identifying and assessing customer business requirements
B. documenting and categorizing customer business requirements in terms of performance, availability, capacity, and security
C. producing a documented technology strategy
D. creating a bill of materials
E. presenting documented business requirements to a customer and having the customer validate them
F. completing a site survey
Answer: A,B,E Explanation:

QUESTION NO: 23
In the design phase, which service component provides the customer with a comprehensive design?
A. Implementation Plan
B. Detailed Design Development
C. Project Kick-off
D. Staging Plan
E. High-Level Design
Answer: B Explanation:

QUESTION NO: 24
In the plan phase, network readiness assessment addresses which customer need?
A. an assessment of the preparedness of the customer��s existing system infrastructure to support a proposed solution
B. a comprehensive design that has been customized based on the operations processes, network management processes, and tools of its system
C. an in-depth assessment of the operational environment required to support the operation of both the current and planned solutions
D. the optimal technologies for supporting its business requirements and objectives
Answer: A Explanation: QUESTION NO: 25


The Cisco SA 500 Series Security Appliances are built specifically for businesses with less than 100 employees. What are three important benefits of this device? (Choose three.)
A. business-grade firewall
B. premium support via SMARTnet
C. site-to-site VPN for remote offices
D. Cisco IOS software-based
E. email security
F. XML support
Answer: A,C,E Explanation:

QUESTION NO: 26
Which three are integrated Smart Applications included with the Cisco Unified Communications 500 Series? (Choose three.)
A. Smart Business Suite
B. Connected Data Protector
C. TimeCard View
D. Cisco Unified CallConnector
E. Cisco WebEx PhoneConnect
F. VoiceView Express
Answer: C,E,F Explanation:

QUESTION NO: 27
What three elements are included with Cisco Small Business Pro Service? (Choose three.)
A. software upgrades and updates
B. Cisco SMARTnet
C. next business day advanced hardware replacement
D. access to the Cisco Small Business Support Center

E. access to the Cisco Small Business University
F. five-year subscription terms
Answer: A,C,D Explanation:

QUESTION NO: 28
How does the Cisco Small Business Pro Service differ from the Cisco Small Business Pro warranty?
A. access to Cisco Small Business Support Community
B. device-level warranty
C. Cisco Small Business Pro products only
D. speed of hardware replacement
Answer: D Explanation:

QUESTION NO: 29
Using Smart Designs increases the typical deal size by how much?

A. 2x
B. 3x
C. 5x
D. 10x
Answer: B Explanation:

QUESTION NO: 30
Which post-sales SMART Design documents are available to help you better serve your customers? (Choose three.)
A. Design Guide
B. Small Business Product Guide

C. Implementation Guide
D. Solution Profile
E. Cisco Configuration Assistant
F. Application Notes
Answer: A,C,F Explanation:

QUESTION NO: 31
Which pre-sales SMART Design documents are available to help you implement and install a solution? (Choose three.)
A. Quick Quoting Tool
B. Small Business Product Guide
C. Smart Business Communications System
D. Solution Profile
E. Overview Presentation
F. Cisco Configuration Assistant
Answer: B,D,E Explanation:

QUESTION NO: 32
Which statement best describes clustering in a small-business wireless network?
A. automatically configures wireless client devices via Wi-Fi Protected Setup
B. can get real-time traffic or bandwidth statistics from an access point within a cluster
C. replicates configuration parameters across access points in the cluster, while optimizing network performance
D. allows multiple access points to be connected wirelessly, without the need for a wired Ethernet network
Answer: C Explanation:
QUESTION NO: 33

Which three WAN technologies does the Cisco SR 500 Family support? (Choose three.)
A. Fast Ethernet
B. Fibre Channel
C. ADSL

D. T1
E. IPv6
F. SIP trunking
Answer: A,C,D Explanation:

QUESTION NO: 34
Which two WAN interfaces does the Cisco SRP 520 Series support? (Choose two.)
A. Fibre Channel
B. ADSL2+
C. serial
D. Fast Ethernet
E. passive optical network (PON)
Answer: B,D Explanation:

QUESTION NO: 35
Which combination of ports is available on the Cisco SPA 8800 voice gateway?
A. one station port and one trunk port (1xFXS and 1xFXO)
B. two station ports (2xFXS)
C. four station ports and four trunk ports (4xFXS and 4xFXO)
D. eight station ports (8xFXS)
Answer: C Explanation:
QUESTION NO: 36

What is used to avoid power drops and running power to access points?
A. Cisco Aironet 1140 Series
B. End-point PSE
C. Midspan PSE
D. PoE-enabled switches
Answer: D Explanation:

QUESTION NO: 37
After you have established a sales plan with a customer and have established an initial solution that incorporates the specific infrastructure considerations of the customer, which stage of the Steps to Success program do you move to next?
A. Pre-sale
B. Plan
C. Design
D. Implement
E. Operate
Answer: C Explanation:

QUESTION NO: 38
A potential client wants inexpensive remote access and fast deployment of new sites. Which two options would you focus on? (Choose two.)
A. ACL management
B. cable and DSL router models
C. Cisco AnyConnect and SSL VPN
D. CBAC
E. remote security
Answer: B,C Explanation: QUESTION NO: 39


Upgrading customer switches provides a variety of opportunities. Which two factors are worth discussing with your customers? (Choose two.)
A. Gigabit Ethernet support
B. need for a complete equipment upgrade
C. savings on reduced cabling
D. smaller chassis footprint
E. advantage of dual core over single point
Answer: A,E Explanation:

QUESTION NO: 40
What should you do to prevent VLAN hopping?
A. Enable all unused ports and place them into an unused VLAN.
B. Set unused access ports to trunking ON.
C. Disable some unused ports.
D. Disable all unused ports and place them into an unused VLAN.
Answer: D Explanation:

QUESTION NO: 41
When you are about to configure VTP, which two characteristics should you keep in mind? (Choose two.)
A. A VTP password must be configured on all switches.
B. VTP should be set to server mode.
C. The server mode cannot delete VLANs.
D. VTP can run only version 1.
E. The VTP domain is restricted to building switch blocks.
F. Switches in a VTP domain can run different VTP versions.
Answer: A,F Explanation: QUESTION NO: 42


Which two characteristics should you keep in mind when configuring VLANs on a switch? (Choose two.)
A. VLAN partitions provide partitions for traffic in the VLAN.
B. A VLAN comes into existence before a local port is configured to be associated with the VLAN.
C. A VLAN comes into existence when a user deletes a VLAN from the local VTP database.
D. The VLANs share one MAC address across the switch.
E. Each VLAN has its own MAC address table.
Answer: A,E Explanation:

QUESTION NO: 43
What are two features of Cisco Configuration Professional? (Choose two.)
A. software installation for Cisco Configuration Professional router configuration
B. delayed network and router resource monitoring
C. Cisco Easy VPN server
D. three-step router lockdown
E. web-based management tool
F. limited configuration support for LAN and WAN interfaces
Answer: C,E Explanation:

QUESTION NO: 44
Which three Cisco Configuration Professional features might prompt a client to consider an upgrade? (Choose three.)
A. association of QoS policies with router interfaces
B. VPN and WAN connection testing
C. role-based access
D. security audit

E. WAN and VPN troubleshooting
F. Cisco Configuration Professional Express
G. AAA
Answer: A,B,G Explanation:

QUESTION NO: 45
When you explain the benefits of an effective network design to one of your clients, which two characteristics will you talk about? (Choose two.)
A. unpredictability
B. scalability
C. predictability
D. changeability
E. unexpected changes
F. adaptability
Answer: B,C Explanation:

QUESTION NO: 46
When should you run multiple protocols?
A. when you want to decrease the complexity of the network
B. when you want easier optimization
C. when you migrate from an older IGP to a new IGP
D. when you want higher efficiency
Answer: C Explanation:

QUESTION NO: 47
When you need to secure traffic across networks, which three elements would you review? (Choose three.)

A. packet flows
B. other networks in range
C. connections
D. storage
E. states
F. VPNs
Answer: A,C,E Explanation:

QUESTION NO: 48
What should you keep in mind when using ACLs to secure traffic?
A. ACLs filter packets by the source and destination address only.
B. ACLs do not filter packets by the source and destination port.
C. ACLs do not look at sequence or acknowledgement numbers.
D. The two types of ACLs are dynamic and reflexive.
Answer: C Explanation:

QUESTION NO: 49
What should you keep in mind when using a firewall to secure traffic?
A. Proxy firewalls permit traffic to pass directly between networks.
B. Proxy firewalls are faster than other technologies.
C. Simple stateful firewalls are much slower than proxy firewalls.
D. Hybrid firewalls do not provide complete session termination.
Answer: D Explanation:

QUESTION NO: 50
Which IPsec protocol would you use to provide authentication, integrity checking, and confidentiality to IP packets?


A. AH
B. ESP
C. IKE
D. ISAKMP
Answer: B Explanation:

QUESTION NO: 51
When offering the Cisco Aironet 1200 and 1300 Series Access Points, which two characteristics should you focus on? (Choose two.)
A. limitations of antenna usage
B. wireless LAN infrastructure
C. configuration options
D. companion switching solutions
E. functionality of the RF signals
Answer: B,C Explanation:

QUESTION NO: 52
What should you keep in mind when working with antennas?
A. Antennas can be used as transmit and receive antennas on the same radio.
B. All antennas broadcast the horizontal plane.
C. Isotropic antennas broadcast equally in all directions.
D. An antenna that converts electrical energy into RF waves is called a receive antenna.
Answer: A Explanation:
QUESTION NO: 53
How can you mitigate threats in WLANS when static WEP keys are used?

A. Use SSID to provide security.
B. Assign matching keys to the client and the access point.
C. Provide different keys to the client and access point.
D. Use standard 802.11 WEP keys, which are very secure.
Answer: B Explanation:

QUESTION NO: 54
A client needs a solution for a challenging RF environment. The situation requires the antenna versatility that is associated with connected antennas, a rugged metal enclosure, and a broad operating temperature range. Which access point would you recommend?
A. Cisco Aironet 1240AG Series
B. Cisco Aironet 1230AG Series
C. Cisco Aironet 1140 Series
D. Cisco Aironet 1130AG Series
Answer: A Explanation:

QUESTION NO: 55
What should you keep in mind when using a midspan PSE?
A. It can be use to deliver PoE over 1000BASE-T connections.
B. It can implement power delivery only over the spare wires of the copper cabling.
C. It defines terminology to describe a port that acts as a PSE to a powered device.
D. It states that power can be delivered by an end-point PSE.
Answer: B Explanation:

QUESTION NO: 56
What should you do if a customer wants to provide certain areas with wireless coverage at a specific data rate?

A. Perform a single survey.
B. Find out where the coverage pool is for one data rate, and calculate the rest based on that information.
C. Map out higher data rate cells only.
D. Find out how much throughput the user will require.
Answer: D Explanation:

QUESTION NO: 57
If you want to complete the low-level design of an indoor wireless network, what should your first step be?
A. Develop a detailed solution design.
B. Begin implementation and planning.
C. Write a customer to-do list.
D. Conduct a detailed business requirements gap analysis.
Answer: D Explanation:

QUESTION NO: 58
You need to address issues of bandwidth contention and consumption across a trunk link and on VLAN 1. What should you do?
A. Deny any single, range, or group of VLANs to traverse the trunk link.
B. Permit only those VLANs that are required for Layer 2 access and connectivity to traverse the trunk link.
C. Permit any single, range, or group of VLANs to traverse the trunk link.
D. Permit any number of VLANs to traverse the trunk link.
Answer: B Explanation:
QUESTION NO: 59
Which three operating modes can you configure on a switch that is running VTP? (Choose three.)

A. clear
B. server
C. administrator
D. client
E. transparent
F. network
G. user
Answer: B,D,E Explanation:

QUESTION NO: 60
What are two of the four key benefits of the ISR platforms? (Choose two.)
A. monitoring, analysis, and response
B. investment protection
C. guest access
D. voice and mobility ready
E. storage virtualization
Answer: B,D Explanation:

QUESTION NO: 61
You are offering the integrated services router solution to a client. Which two features and benefits would you describe? (Choose two.)
A. IP telephony and voicemail integration
B. standard security
C. dynamic configuration
D. integrated web-based tools
E. speeds and feeds
F. lower pricing
Answer: A,D Explanation: QUESTION NO: 62


What is a characteristic of a classful network environment?
A. The subnet mask is exchanged during the routing update process.
B. The network automatically summarizes the network mask at major network boundaries.
C. The route summarization process cannot be controlled manually.
D. Different subnets within the same major network must have the same subnet mask.
Answer: B Explanation:

QUESTION NO: 63
What is used to dynamically create a pair or multiple pairs of source addresses?
A. ESP
B. ISAKMP

C. AH
D. IKE
Answer: B Explanation:
QUESTION NO: 64
Which companion switch is recommended to be installed with the Cisco Smart Business Communications System?
A. C2950
B. C3750
C. ESW 500
D. SRW224G4
Answer: C Explanation:
QUESTION NO: 65 DRAG DROP


Answer:

Explanation: