1.Which definition best describes the implementation service component within the implement phase?
A. providing a step-by-step plan that details the installation and service-commission tasks required in order to
create a controlled-implementation environment that emulates a customer network
B. assessing the ability of site facilities to accommodate proposed infrastructure changes
C. developing and executing proof-of-concept tests, validating high-level infrastructure design, and identifying
any design enhancements
D. installing, configuring, and integrating systems components based on an implementation plan developed in
earlier phases
E. improving a customer's infrastructure security system
Answer: D
2.Which Cisco security tool can best determine if a Cisco ISR router is properly secured?
A. Cisco SDM Security Audit
B. Cisco Security MARS
C. Cisco Security Agent MC
D. Cisco Security IntelliShield
E. CAN
Answer: A
3.In the plan phase, network readiness assessment addresses which customer need?
A. an assessment of the preparedness of the customer's existing system infrastructure to support a proposed
solution
B. a comprehensive design that has been customized based on the operations processes, network management
processes, and tools of its system
C. an in-depth assessment of the operational environment required to support the operation of both the current and
planned solutions
D. the optimal technologies for supporting its business requirements and objectives
Answer: A
4.In the design phase, which service component provides the customer with a comprehensive design?
A. Implementation Plan
TestInside 642-373
B. Detailed Design Development
C. Project Kick-off
D. Staging Plan
E. High-Level Design
Answer: B
5.Refer to the exhibit. What are two Cisco IOS commands that would verify connectivity between routers R1 and
R2? (Choose two.)
A. show cdp neighbor
B. show controllers serial
C. show frame-relay lmi
D. show ip route
E. show running-config
Answer: A, D
6.Which of these best describes the Cisco Lifecycle Services approach?
A. a methodology for proactively updating equipment before it reaches the end of its life
B. a methodology for introducing new technologies
C. a methodology for creating a business plan
D. a methodology for determining total cost of ownership
Answer: B
7.Which of the following best describe the customer benefit of creating a systems acceptance test plan in the
design phase?
TestInside 642-373
A. reduce unnecessary disruption, delays, rework, and other problems by establishing test cases for use in
verifying that the system meets operational, functional, and interface requirements
B. improve its ability to make sound financial decisions by developing a business case based on its business
requirements and establishing a basis for developing a technology strategy
C. reduce operating costs and limit change-related incidents by providing a consistent and efficient set of
processes
D. improve the return on investment and hasten migration by identifying and planning for necessary infrastructure
changes and resource additions, as well as reduce deployment costs by analyzing gaps early in the planning
process to determine what is needed to support the system
Answer: A
8.At which stage of the Cisco Lifecycle Services approach should customer education presentations occur?
A. Planning
B. Design
C. Implementation
D. Operation
E. Optimization
Answer: A
9.Which CiscoWorks component would most help you locate end-station connections at the access switch level
quickly?
A. CiscoView
B. Resource Manager Essentials
C. Device Fault Manager
D. Campus Manager
Answer: D
10.On what lower-level transport protocol does CiscoWorks LAN Management Solution rely on and why?
A. TCP, because CiscoWorks LAN Management requires that packets require the reliability in the network
B. UDP, because CiscoWorks LAN Management is an application that does not require the reliability of TCP
C. IP, because CiscoWorks LAN Management requires the reliability of IP packets
TestInside 642-373
D. UDP, because CiscoWorks LAN Management requires the reliability of UDP's detection of lost packets and
retransmission
E. TCP, because CiscoWorks LAN Management does not require detection and retransmission of lost packets
Answer: B
11.At which stage of the Cisco Lifecycle Services approach would you test for system acceptance?
A. Preparation
B. Planning
C. Design
D. Implementation
E. Operation
F. Optimization
Answer: D
12.What is the purpose of the Dynamic Configuration Tool?
A. to determine the correct IOS image to support your modules or blades
B. to allow for the mass deployment of devices with minimal configurations
C. to test router configurations virtually prior to implementing them in your production network
D. to provide an easy way to check for known bugs in IOS releases
E. to verify that hardware such as modules are compatible with your chassis
Answer: E
13.After properly configuring multiple VLANs, an administrator has decided to secure its VLAN network. Which
three steps are required to secure this environment? (Choose three.)
A. If a port is connected to a foreign device make sure to disable CDP, DTP, RPR, PAgP, UDLP, and any other
unnecessary protocols, and enable UplinkFast/BPDU guard on it.
B. Enable root guard feature to prevent a directly or indirectly connected STP-capable device from affecting the
location of the root bridge.
C. Configure VTP domains appropriately or turn off VTP altogether to limit or prevent possible undesirable
protocol interaction with regards to the network-wide VLAN configuration.
D. Set the native VLAN ID to match the port VLAN ID of any 802.1q trunk to prevent spoofing.
TestInside 642-373
E. Disable all unused ports and place them in an unused VLAN to avoid unauthorized access.
Answer: B, C, E
14.What is one benefit of the Cisco anti-X defense strategy?
A. applications security
B. virtual firewall protection
C. security events correlation for proactive response
D. malware, virus, and worm mitigation
Answer: D
15.Which two of these statements best describe the benefits of the Cisco Compatible Extensions Program?
(Choose two.)
A. offers a feature-rich implementation alternative to Wi-Fi certification
B. accelerates the availability of innovative features while maintaining interoperability
C. provides innovative features only on Cisco's wireless client adapters
D. provides an evolving set of specifications for interoperability
E. eliminates the need for testing by providing innovative features to wireless client vendors through a one-time
license fee
Answer: B, D
16.Which three of these service components are in the design phase? (Choose three.)
A. Account Qualification and Planning
B. Detailed Design Development
C. Staff Training
D. Systems Acceptance Test Plan Development
E. Staging Plan Development
F. Site Readiness Assessment
Answer: B, D, E
17.A Cisco Catalyst switch can belong to how many VTP domains?
A. 1
TestInside 642-373
B. 2
C. 1 to 1,005
D. 1 to 4,096
E. no limit
Answer: A
18.Which two of these statements best describe the benefits of Cisco's wireless IDS functionality? (Choose two.)
A. AirDefense for wireless IDS is required by autonomous APs.
B. 2.4GHz RF management can monitor both 802.11 and non-802.11 RF interference.
C. APs only monitor the RF channels that are servicing the clients.
D. Cisco or CCX compatible client cards can extend the RF IDS service for autonomous APs.
E. Autonomous APs must be dedicated IDS sensors while lightweight APs can combine client traffic and RF
monitoring.
Answer: B, D
19.Conducting a project kick-off in the plan phase provides which of the following customer benefits?
A. ensure that it receives detailed network diagrams
B. reduce the risk of downtime due to facilities-related problems
C. ensure end-user support immediately after the launch of a new system
D. confirm project roles and responsibilities, as well as milestone dates
Answer: D
20.What are three benefits of the Cisco Adaptive Threat Defense strategy? (Choose three.)
A. using QoS techniques such as Traffic Policing to rate limit suspected traffic to prevent DoS attacks
B. automatic reconfigurations of the security devices based on current security threats
C. containment and control of security threats
D. application security
E. anti-x defense
F. virtual firewall
Answer: C, D, E
TestInside 642-373
21.The Cisco Lifecycle Services approach is primarily applicable to which type of companies?
A. the large enterprise with a global presence
B. the large enterprise with a single campus
C. the small- or medium-sized business
D. All companies, regardless of size
Answer: D
22.Your company has two primary divisions: Products and Services. The Products division is on network
150.10.64.0/21. The Services division is on network 150.10.72.0/21. You want to summarize both networks into
one routing statement.
Which IP address and subnet mask combination would most efficiently accomplish this?
A. 150.10.64.0/21
B. 150.10.64.0/22
C. 150.10.64.0/20
D. 150.10.0.0./16
Answer: C
23.Which of these is a benefit of an integrated security management system?
A. It provides configuration, monitoring, and troubleshooting capabilities across a wide range of security
products.
B. It integrates security device management products and collects events on an "as needed" basis to reduce
management overhead.
C. It integrates security management capabilities into the router or switch.
D. It provides a single point of contact for all security configuration tasks thereby enhancing the return on
investment.
E. It leverages existing network management systems such as HP OpenView to lower the cost of implementation.
Answer: A
24.Which of these statements regarding Cisco's WebVPN support is correct?
A. Cisco ISR Routers with the Enhanced Security Bundles support WebVPN.
B. Cisco security appliances act as a proxy between the end user and the target web server.
TestInside 642-373
C. Cisco PIX Security Appliances (running release 7.0) and Adaptive Security Appliances both support WebVPN.
D. Cisco's WebVPN solution supports both TCP and UDP port forwarding for legacy application support.
Answer: B
25. Drag and drop question. Drag the items to the proper locations.
Answer:
26.Which component of Cisco ASDM provides administrators with a complete system overview and device health
statistics at a glance?
A. Dashboard
B. AIP SSM
C. Resource Manager
D. Cisco ASDM Launcher
Answer: A
27.Which two of these statements best describe fast secure roaming for the wireless core feature set using
autonomous access points? (Choose two.)
A. It is compatible with all wireless clients.
B. It reduces roaming latency through reduced client RF channel scanning enhancements.
C. It reduces roaming latency to targeted times of less than 75ms.
TestInside 642-373
D. Roaming occurs without reauthentication through a centralized RADIUS server.
E. It is enabled through WLSE deployment.
Answer: B, D
28.Which item is a feature of Cisco Compatible Extensions, Version 3?
A. full 802.11e compliance
B. full WPAv2 compliance
C. wireless IDS
D. NAC
Answer: B
29.Which of these statements about CiscoWorks is true?
A. The LMS interface can manage a maximum of four CiscoWorks servers.
B. CiscoWorks SNMS supports integration with HPOV.
C. CiscoWorks does not require TCP reliability.
D. CiscoWorks Restricted is the recommended choice for large enterprise.
Answer: C
30.Which service component within the prepare phase recommends the appropriate technology strategy to address
a business requirement of the customer?
A. identifying what a customer requires from a proposed solution
B. analyzes the customer's business requirements and recommends the appropriate Cisco technologies to meet
business requirements
C. determining what end-user training a customer requires
D. addressing a customer's physical requirements
Answer: B
31. Drag and drop question. Drag the items to the proper locations.
TestInside 642-373
Answer:
32.Which statement concerning the Active/Active failover feature is correct?
A. ASA Security Appliance failover pair must have either an Unrestricted and UR license or a UR and FO-A/A
license to be able to support Active/Active failover.
B. If an active security context within the primary security appliance "fails", the status of the primary security
appliance unit changes to "failed" while the secondary failover security appliance unit transitions to "active."
C. Active/Active failover is supported in "multiple mode" configuration only.
D. Active/Active failover supports site-to-site IPSec VPN stateful failover.
Answer: C
33.Deploying ISRs with integrated security services can help lower the total cost of ownership. Which of these
TestInside 642-373
Cisco ISR Routers features illustrate this point?
A. using built-in on-board VPN acceleration to reduce the amount of VPN configuration tasks
B. using the USB port to perform fast Cisco IOS image upgrade
C. using the security audit feature to implement inline Intrusion Prevention System
D. using the SDM configuration tool to reduce training costs
E. using the high performance AIM to increase the Cisco IOS Firewall performance
Answer: D
34.Which network management solution performs configuration, monitoring, and management of Cisco Firewall,
VPN router, and IPS devices as well as maintains network device inventory and software distribution features?
A. CiscoWorks Security Device Management Center (SD/MC)
B. Security Device Manager (SDM)
C. Adaptive Security Device Manager (ASDM)
D. CiscoWorks VMS/Management Center (VMS/MC)
Answer: D
35.At which stage of the Cisco Lifecycle Services approach would you recommend supporting and
troubleshooting the system?
A. Preparation
B. Planning
C. Design
D. Implementation
E. Operation
F. Optimization
Answer: E
36.Which design phase service component includes the development and documentation of the test case or cases
used to verify that a deployed infrastructure meets operational, functional, and interface requirements?
A. Implementation Plan
B. Business Plan
C. Staging Plan
TestInside 642-373
D. Detailed Design Development
E. Systems Acceptance Test Plan Development
Answer: E
37.Cisco ISR Routers offer which three of these security benefits? (Choose three.)
A. onboard VPN accelerator
B. events correlation and proactive response
C. high-performance AIM VPN modules
D. virtual firewall
E. Cisco IOS Firewall and IOS IPS
F. transparent firewall
Answer: A, C, E
38.The PIX Security Appliance feature set is a subset of the ASA Security Appliance feature set. Which two of
these features are only supported by an ASA Security Appliance? (Choose two.)
A. security contexts
B. transparent firewall
C. WebVPN
D. Active/Active failover
E. low latency queuing
F. AIP-SSM intrusion prevention
Answer: C, F
39.What are two important approaches to communicate when identifying a customer's security risks? (Choose
two.)
A. Smaller companies are at less risk than larger enterprises, so their security needs are not as great.
B. Business strategy should directly relate to the security policy and budget.
C. The designated security expert should report to the IT department, since that is where the solution will be
implemented.
D. Security should be a continuous process.
E. Security solutions should come from multiple vendors to make it easier to coordinate security events from the
TestInside 642-373
point of origin.
Answer: B, D
40.You are about to upgrade a router with a newer IOS version, but you would like to check for known bugs first.
Which tool will allow you to do this most easily?
A. Cisco Bug Toolkit
B. Cisco Bug Matrix
C. Cisco.com Search functionality
D. Dynamic Configuration Tool
Answer: A
41.A customer is considering purchasing either a Cisco Catalyst 2960 or Cisco Catalyst Express 500. Which
feature can only be found on the Catalyst 2960?
A. 48 Ethernet 10/100 ports
B. Fast Ethernet and Gigabit Ethernet connectivity
C. dual-purpose copper or fiber uplinks
D. standalone fixed-configuration Layer 2 switching
Answer: A
42.Which of these is an accurate list of Cisco Lifecycle Services phases?
A. initiation, planning, analysis, design, development, implementation, operations and maintenance
B. project planning, site assessment, risk assessment, solution selection and acquisition, testing, and operations
C. prepare, plan, design, implement, operate, and optimize
D. analysis, design, deployment, testing, implementation, and production
E. presales, project planning, development, implementation, operations testing, and operations sign-off
Answer: C
43. Drag and drop question. Drag the items to the proper locations.
TestInside 642-373
Answer:
44.What is one reason you might recommend a solution using only autonomous access points to a customer?
A. The customer requires Layer 3 roaming.
B. The customer requires immediate wireline integration with a Catalyst 6500 switch.
C. The customer needs an outdoor-ready access point.
D. The customer wants the option to migrate to LWAPP.
Answer: D
45.List three benefits of implementing an integrated security solution based on the Cisco Self-Defending Network
TestInside 642-373
strategy? (Choose three.)
A. integrated security
B. collaborative security system
C. self provisioning
D. Adaptive Threat Defense
E. programmable security ASICs
F. Cisco IOS-based security
Answer: A, B, D
46. Drag and drop question. Drag the items to the proper locations.
Answer:
47.Refer to the exhibit. Deploying integrated services on the Cisco ISR Router can help reduce network cost and
complexity by integrating which four of these features on the ISR? (Choose four.)
TestInside 642-373
A. firewall and VPN
B. IP telephony and voice mail
C. Secure Access Control Server
D. LAN switching and Wireless LAN
E. IPS
F. Anomaly Guard and Detection
Answer: A, B, D, E
48.Cisco ASDM provides 16 different graphs that help identify security risks by displaying data about potentially
malicious activity. What is one kind of data these graphs show?
A. stateful packet statistics
B. real-time analysis of dropped packets
C. ACL statement matches
D. portmap requests
Answer: D
49.In which of these phases is a detailed design of a proposed customer solution developed?
A. plan
B. design
TestInside 642-373
C. prepare
D. operate
Answer: B
50.Which two of these statements describe important aspects of performing a wireless site survey? (Choose two.)
A. An 802.11g access point with a variety of antennas can be used in all standard site surveys.
B. Site surveys can be performed manually or through assisted site survey.
C. Channel power during testing starts at the default minimum and gradually increases to the maximum.
D. Overlapping access points can create performance problems.
E. Surveys should be done after hours in an office building or during reduced inventory levels in warehouses.
Answer: B, D