642-825 Implementing Secure Converged Wide Area Networks Mock Test Exam


Cisco ™

642-825 Implementing Secure Converged Wide Area Networks



Note 1: 642-825 Exhibit and all related diagrams are not shown in demo questions.
Note 2: 642-825 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.

Demo Question 21.


You need to configure access rules on a new EliteCertify router with the firewall feature set. Which three statements are true about a Cisco IOS Firewall? (Select three)

A. It can be configured to block Java traffic.
B. The inspection rules can be used to set timeout values for specified protocols.
C. It can be configured to detect and prevent SYN-flooding denial-of-service (DoS) network attacks.
D. The ip inspect cbac-name command must be configured in global configuration mode.
E. It can only examine network layer and transport layer information.
F. It can only examine transport layer and application layer information.


Display Answer


Purchase Full Version:


642-825 Printable PDF Prep Guide $49.95 BUY NOW!

642-825 Test Simulation Engine $69.95 BUY NOW!

642-825 PDF & Test Simulation Engine $99.95 BUY NOW!




Answer: A, B, C

Explanation: Cisco IOS Firewall intelligently filters TCP and UDP packets based on application layer protocol session information. It inspects traffic for sessions that originate on any interface of the router and manages state information for TCP and UDP sessions. This state information is used to create temporary openings in the ACLs to allow return traffic and additional data connections for permissible sessions. Inspecting packets at the application layer and maintaining TCP and UDP session information helps prevent certain types of network attacks, such as SYN flooding. Cisco IOS Firewall inspects packet sequence numbers in TCP connections to see if they are within expected ranges, and drops any suspicious packets. Additionally, Cisco IOS Firewall can detect unusually high rates of new connections and issue alert messages. The firewall inspection can help protect against certain denial of service (DoS) attacks involving fragmented IP packets.



  • Based on the latest 642-825 exam objectives!
  • Designed like actual 642-825 exam questions!
  • 100% Verified Realistic 642-825 Exam Questions and Answers!
  • Exhibits, Drag&Drop and Simulation 642-825 Questions Included!
  • Constantly Updated Guide to Reflect the Current 642-825 Exams!
  • Detailed Explanations for Most Guide Practice Exams!
 Sponsored Links
Japan Exam



CRM
MB2-421 MB2-422
MB2-423
$89 Get Detail

SCJP
310-025 310-035
310-055 310-056

$119 Get Detail

MCDST
70-271 70-272

$59 Get Detail

8i DBA
1Z0-001 1Z0-023
1Z0-024 1Z0-025
1Z0-026
$149 Get Detail

CA
1D0-510
$49.95 Get Detail


Demark
Took my last CCNP test last Friday. EliteCertify tests really made the difference, I passed every one on the first ...


England
Many thanks to your complete solution in 3Com Test Simulation Engine, Study Guides and PDF practice exams which are very ...


NY, USA
I wanted to take a few minutes to thank EliteCertify for passing 3 exams towards my MCSE. ...





Keyword
View Cart      Check Out
This site is both PayPal and VeriSign Verified. 128-bit SSL Encryption!
More questions about Order Security?