Fully Updated Do not hesitate to choose Flydumps Cisco 642-583 VCE Exam Dumps, all are updated timely by SAP expert professionals. Visit the site Flydumps.com to get the free Cisco 642-583 pdf dumps and free vce player.

Exam A
QUESTION 1
Which Cisco ASA’s Unified Communications proxy feature manipulates both the signaling and the media channels?
A. TLS Proxy
B. H.323 Proxy
C. SIP Proxy
D. Phone Proxy
E. CUMA Proxy

Correct Answer: D Section: (none) Explanation
QUESTION 2
Deploying logical security controls such as firewall and IPS appliances is an example of which kind of risk-management option?
A. risk avoidance
B. risk transfer
C. risk retention
D. risk reduction
E. risk removal

Correct Answer: A Section: (none) Explanation
QUESTION 3
DRAG DROP

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation Explanation/Reference:
“Pass Any Exam. Any Time.” 2 Cisco 642-583: Practice Exam

Explanation:
QUESTION 4
What is the benefit of the Cisco ASA phone proxy feature?
A. allows businesses to securely connect their Cisco Unified Presence clients back to their enterprise networks or to share presence information between Cisco Unified Presence servers in different enterprises
B. allows telecommuters to connect their IP phones to the corporate IP telephony network securely over the Internet, without the need to connect over a VPN tunnel
C. allows businesses to configure granular policies for SCCP traffic, such as enforcing only registered phone calls to send traffic through the Cisco ASA security appliance and filtering on message IDs to allow or disallow specific messages
D. enables deep inspection services for SIP traffic for both User Datagram Protocol (UDP) and TCP-based SIP environments, thus providing granular control for protection against unified communications attacks
E. enables inspection of the RTSP protocols that are used to control communications between the client and server for streaming applications
F. enables advanced H.323 inspection services that support H.323 versions 14 along with Direct Call Signaling (DCS) and Gatekeeper-Routed Call Signaling (GKRCS) to provide flexible security integration in a variety of H.323-driven VoIP environments

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” 3 Cisco 642-583: Practice Exam

QUESTION 5
Which two protocols can be used to implement high-availability IPS design, using the Cisco IPS 4200 Series Sensor appliance? (Choose two.)
A. spanning tree
B. stateful failover
C. EtherChannel load balancing
D. WCCP
E. HSRP
F. SDEE

Correct Answer: AC Section: (none) Explanation
QUESTION 6
What are the advantages and disadvantages of using the “Direct to tower” or PAC file methods for redirecting traffic to ScanSafe?
A. Advantages: ease of deployment, especially for multiple breakout points Disadvantages: no user granularity
B. Advantages: user granularity Disadvantages: requires additional hardware for each breakout point
C. Advantages: no browser changes required Disadvantages: not all browsers supported

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which statement is true?
A. Three-year commitments cost less per year than three consecutive one-year commitments.
B. Three consecutive one-year commitments cost less than one three-year commitment.
C. Three-year commitments cost the same per year as three consecutive one-year commitments
D. CiscoIronPort does not sell three-year commitments.

Correct Answer: A Section: (none) Explanation
QUESTION 8
“Pass Any Exam. Any Time.” 4 Cisco 642-583: Practice Exam
Which statement regarding the Cisco ASA encrypted voice inspection capability is correct?
A. The Cisco ASA decrypts, inspects, then re-encrypts voice-signaling traffic; all of the existing VoIP inspection functions for SCCP and SIP protocols are preserved.
B. The Cisco ASA acts as a non-transparent TLS proxy between the Cisco IP Phone and Cisco Unified Communications Manager.
C. TLS proxy applies to the encryption layer and is configured by using a Layer 3/4 inspection policy on the Cisco AS D. D. The Cisco ASA does not support PAT and NAT for SCCP inspection.
E. The Cisco ASA serves as a proxy for both client and server, with the Cisco IP Phone and the Session Border Controller.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
The Cisco IPS Manager Express (IME) can be used to manage how many IPS appliances, at a maximum?
A. 3
B. 5
C. 10
D. 15
E. 20
F. 25

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which Cisco ASA configuration is required to implement active/active failover?
A. transparent firewall
B. modular policy framework (MPF)
C. virtual contexts
D. policy-based routing
E. redundant interfaces
F. VLANs

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
“Pass Any Exam. Any Time.” 5 Cisco 642-583: Practice Exam
QUESTION 11
Which platform can support the highest number of SSL sessions?
A. Cisco 3845 with AIM-VPN/SSL-3
B. Cisco 7200 NPE-GE+VSA
C. Cisco 7200 NPE-GE+VAM2+
D. Cisco ASR1000-5G
E. Cisco 6500/7600 + VPN SPA
F. Cisco ASA 5580
Correct Answer: F Section: (none) Explanation

QUESTION 12
Which option best describes Dynamic Content Filtering on the web security appliance?
A. external DLP option for acceptable use scanning
B. filter for pages and frames with dynamic control asset HTML tags
C. content scanner for streaming videos
D. advanced rule engine for categorizing dark web sites

Correct Answer: D Section: (none) Explanation
QUESTION 13
Which countermeasure is best used to protect against rogue access points that are outside the enterprise physical perimeter and that attempt to attract legitimate clients?
A. dedicated rogue detector access points with active and passive RLDP and radio containment
B. personal firewall
C. Management Frame Protection
D. wireless IDS/IPS
E. EAP-TLS bidirectional authentication

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Which two settings can the Cisco Security Agent (release 5.2 and later) monitor to control user’s wireless access? (Choose two.)
“Pass Any Exam. Any Time.” 6 Cisco 642-583: Practice Exam
A. protection types such as WEP, TKIP
B. wireless card type (802.11a, b, org)
C. SSIDs
D. antivirus version
E. lightweight versus autonomous mode

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which series of steps illustrates how a challenge-and-response authentication protocol functions?

A. Exhibit A
B. Exhibit B
C. Exhibit C

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 16
What are the four most common approaches used for managing risk? (Choose four.)
A. risk reduction
B. risk avoidance
C. risk cancellation “Pass Any Exam. Any Time.” 7 Cisco 642-583: Practice Exam
D. risk elimination
E. risk transfer
F. risk retention/acceptance

Correct Answer: ABEF Section: (none) Explanation
Explanation/Reference:
QUESTION 17
On Cisco IOS routers that are running BGP, which three kinds of traffic filters can be implemented to limit routing information propagation? (Choose three.)
A. distribute list
B. prefix list
C. passive interface
D. as-path filter
E. Type 3 LSA filter

Correct Answer: ABD Section: (none) Explanation
QUESTION 18
Refer to the exhibit. A distributed DoS attack has been detected. The attack appears to have sources from many hosts in network X/24. An operator in the network operation center is notified of this attack and must take preventive action. To block all offending traffic, the network operator announces a BGP route, with the next-hop attribute of 172.31.1.1, for the X/24 network of the attacker.
Which two methods do the routers at the regional office, branch office, and telecommuter location use to prevent traffic going to and from the attacker? (Choose two.)
“Pass Any Exam. Any Time.” 8 Cisco 642-583: Practice Exam
A. a dynamic ACL entry to block any traffic that is sourced from the X/24 network
B. a static route to 172.31.1.1/32, which points to a null interface
C. a prefix list to block routing updates about the X/24 network
D. strictuRPF
E. a route map to tag all traffic from the X/24 network with the no-export communityattribute

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 19
Which Cisco Security Management product supports both Cisco and third-party security products?
A. Cisco IME
B. Cisco ASDM
C. Cisco Security Manager
D. Cisco Security MARS
E. Cisco Configuration Professional
F. Cisco SDM

Correct Answer: D Section: (none) Explanation
QUESTION 20
What should be configured to maintain symmetric flow of traffic when using the Gateway Load Balancing Protocol to enable high-availability Cisco IOS firewalls?
A. policy-based routing
B. static routing
C. dynamic routing
D. CEF
E. network address translation (NAT)
F. reflexive ACL

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
We provide Cisco 642-583 help and information on a wide range of issues.Cisco 642-583 is professional and confidential and your issues will be replied within 12 hous.Cisco 642-583 free to send us any questions and we always try our best to keeping our Customers Satisfied.

Previous post New Questions Cisco 642-582 Study Guide Updated Guarante The 100% Valid
Next post 100% Pass VCE Dumps–Latest Cisco 642-642 Exam Questions Updated With All New Added Questions