Free Cisco 640-554 Exam Dumps Questions & Answers

In a brute-force attack, what percentage of the keyspace must an attacker generally search through until he or she finds the key that decrypts the data?

• A.  Roughly 75 percent
• B.  Roughly 50 percent
• C.  Roughly 66 percent
• D.  Roughly 10 percent

How can you prevent clientless SSL VPN users from accessing any HTTP or HTTPS URL within the portal?

• A.  Configure a web ACL.
• B.  Configure a portal access rule.
• C.  Configure a smart tunnel.
• D.  Turn off URL entry.

You use Cisco Configuration Professional to enable Cisco IOS IPS. Which state must a signature be in before any actions can be taken when an attack matches that signature?

• A.  Unretired and enabled
• B.  Successfully complied and unretired
• C.  Enabled
• D.  Successfully complied and enabled
• E.  Successfully complied
• F.  Unretired
• G.  Enabled, unretired, and successfully complied

You have configured a standard access control list on a router and applied it to interface Serial 0 in an outbound direction. No ACL is applied to Interface Serial 1 on the same router. What happens when traffic being filtered by the access list does not match the configured ACL statements for Serial 0?

• A.  The resulting action is determined by the destination IP address and port number.
• B.  The traffic is dropped.
• C.  The source IP address is checked, and, if a match is not found, traffic is routed out interface Serial 1.
• D.  The resulting action is determined by the destination IP address.

Which Cisco management tool provides the ability to centrally provision all aspects of device configuration across the Cisco family of security products?

• A.  Security Device Manager
• B.  Cisco Security Manager
• C.  Cisco Secure Management Server
• D.  Cisco Configuration Professional