Cisco 642-531 Free Dowload, Best Cisco 642-531 Exam Dumps Online Shop

Welcome to download the newest Pass4itsure C-TERP10-60 VCE dumps: http://www.pass4itsure.com/C-TERP10-60.html

Cisco 642-531 exam sample questions help the candidates to find high paying jobs in different TelePresence Video. In preparation for any technician TelePresence Video certification Cisco 642-531 exam, you need to look for the right kind of study materials and Cisco 642-531 exam sample questions to assist you in your review. You can find a variety of them online, though there are some things you need to reconsider in Cisco 642-531 choosing resources online. Only go to FLYDUMPS Cisco 642-531 exam sample questions that can provide you genuine, reliable and updated preparation materials Cisco 642-531. You need more than a basic level that every job candidate has. An established TelePresence Video Sales Engineer for Advanced Exam Cisco 642-531 exam sample questions allows you often.

UESTION 84
Which statement regarding the service account on an IDS Sensor is valid?
A. Only users with the administrator role can be assigned to the service account.
B. Advanced signature tuning operations can be performed through the service account.
C. The service account must be created by Cisco TAC personnel.
D. A singular user only can be assigned to the service account.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
Creating the Service AccountYou should create a service account for TAC to use during troubleshooting.
Although more than one user can have access to the sensor, only one user can have service privileges on
a sensor. The service account is for support purposes only.
CautionDo not make modifications to the sensor through the service account except under the direction of
TAC.
If you use the service account to configure the sensor, your configuration is not supported by TAC. We do
not support the addition and/or running of an additional service to the operating system through the service
account, because it affects the proper performance and proper functioning of the other IDS services. TAC
does not support a sensor on which additional services have been added.

Reference:

Cisco Courseware 7-24
QUESTION 85
What is the default privilege level that is set when creating a user account on a Cisco IDS Sensor?
A. Viewer
B. Administrator
C. Operator
D. Anonymous
E. Guest

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Privileges: Allowed levels are:
1.
Service

2.
Administrator

3.
Operator

4.
Viewer The default is Viewer. Cisco Courseware 9-23

QUESTION 86
When setting up user accounts on a Cisco IDS Sensor. What role would you assign to provide users all viewing operations and the administrative ability to change only their own passwords?
A. operator
B. viewer
C. service
D. administrator

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Viewers can view configuration and event data and can perform the following function:
1. Modify their password Cisco Courseware 9-24
QUESTION 87
The new Certkiller trainee technician wants to know what the function of the “tls generate-key” command on the Cisco IDS sensor is. What would your reply be?
A. “tls generate-key” command generates a SSH host key
B. “tls generate-key” command generates a TLS host key
C. “tls generate-key” command generates X.509 certificate to present to the Certificate Authority
D. “tls generate-key” command generates a self-signed X.509 certificate

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Page 9-33 CSIDS Courseware under Generating an X.509 Certificate Use the tls generate-key command to generate the self-signed X.509 certificate needed by TLS
QUESTION 88
Which CLI command would permit remote network access to the IDS Sensor from network 10.1.1.0/24?
A. sensor(config)# access-list 100 permit 10.1.1.0.0.0.0.255
B. sensor(config-Host-net)# access-list 100 permit 10.1.1.0.0.0.0.255
C. sensor(config)# accessList ipAddress 10.1.1.0 netmask 255.255.255.0
D. sensor(config-Host-net)# accessList ipAddress 10.1.1.0 netmask 255.255.255.0

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cisco Courseware 9-31
QUESTION 89
A university’s security policy states that network devices must be managed using secure communication
methods.
Which Cisco IDS Sensor services must be disabled to meet this requirement? (Choose two)

A. SSH
B. Telnet
C. TFTP
D. SNMP
E. FTP
F. RSH

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
Explanation:
The Sensor always provides secure shell services (including scp). Increase the security of the Sensor by
disabling two services that allow clear text password authentication: Telnet and FTP. For maximum
security disable both.

Reference:
Cisco IDS Sensor Software – Cisco Intrusion Detection System Sensor Configuration Note Version 3.1

QUESTION 90
Which of the following Sensor commands will archive IP log files to a remote host?
A. ftp iplog
B. copy iplog
C. upload log
D. iplog export
E. export log

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: copy Use the copy command to copy iplogs and configuration files. copy [/erase] source-url destination-url copy iplog log-id destination-url Syntax Description

Reference:
Cisco Courseware 12-19

QUESTION 91
The new Certkiller trainee technician wants to know what the PuTTYgen utility in IDS MC is used for. What will your reply be?
A. PuTTYgen utility is used to generate SSL certificates for IDS Sensors.
B. PuTTYgen utility is used to generate SSH public and private keys for IDS Sensors.
C. PuTTYgen utility is used to generate SSH public and private keys for IDS MC server.
D. PuTTYgen utility is used to generate SSL keys for administrative client access to IDS MC server.
E. PuTTYgen utility is used to generate shared secret keys for IDS Sensors and IDS MC server.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
To use SSH keys in IDSMC or SecurityMonitor, follow these steps:
Step1 To use SSH keys in IDSMC or SecurityMonitor for Windows 2000, follow these steps:

a.
Use PuttyGen to generate your keys. Instructions are available at http://www.chiark.greenend.org.uk/ ~sgtatham/putty/docs.html .

b.
Copy the public key to the sensor’s ~.ssh/authorized_keys file.

c.
Save the private key. We recommend the name sensorname.key for the private key and we use it in this example.

Reference:
Cisco Courseware 12-7

QUESTION 92
How would you go about successfully adding a Sensor to the IDS MC if the Sensor software version is not displayed in the drop-down list of available versions during the add process?
A. Update the Sensor’s software version to a version matching one in the IDS MC list.
B. Select the Discover Settings check box to automatically discover the unlisted version.
C. Update IDS MC with the latest IDS signatures.
D. Manually enter the correct software version in the version field under the Sensor’s Identification window.
E. Use the Query Sensor option next to the version field under the Sensor’s identification window to automatically discover the unlisted version.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: Page 12-5 CSIDS Course under Device – Sensor Under the last paragraph, if the Sensor software version is not listed in the drop-down menu, it will be necessary to update the IDS MC with the latest version of IDS Signatures
QUESTION 93
Which of the following pieces of information is needed to add a Sensor to IDS MC if the Discover Settings check box is NOT selected?
A. Correct IP address
B. Correct user ID and password
C. Any legitimate values for IP address, Sensor name, user ID, and password
D. Correct Sensor name and SSH settings
E. Correct user ID, password, and IP address

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
Step5 Provide the information required by the Enter Sensor Information page:

a.
Enter the IP address of the sensor.

b.
Enter the NAT address of the sensor, if there is one.

c.
Enter the sensor name.

d.
To retrieve sensor settings from the sensor, select the Discover Settings check box.
Note If you choose to discover settings, you may have to wait from 30 seconds to several minutes,
depending upon the size and complexity of your network and its traffic.

e.
Enter the user ID and password for Secure Shell (SSH) communications between your host and the
sensor:

*
When you are using a sensor appliance, the user ID is netrangr, and the password is one that you
assign.

*
When you are using an IDS module, the user ID is ciscoids, and the password is one that you assign.

Reference:
Cisco Courseware 12-3

QUESTION 94
Which of the following represents the methods for adding devices in the Management Center for IDS Sensors using the GUI interface?
A. Manually add only
B. Manually add or import from file
C. Manually add or import from RME
D. Manually add or import from security monitor
E. Manually add or import from campus manager

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Cisco Courseware 12-3: Devices -> Sensor -> Add

QUESTION 95
Which of the following statements regarding Sensor group functions is valid? (Choose all that apply.)
A. Sensor groups permit signature updates to be performed in batch mode
B. Sensor groups allow configuration settings and policies to be inherited by subgroups
C. Sensor groups create administrative access domains for controlling Sensor access rights
D. Sensor groups provide a single point of configuration for parameters common to multiple Sensors
E. Sensor groups are dynamically created to separate Sensor platform types

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation: The IDS MC uses a hierarchy of groups and Sensors. A group can contain Sensors, other groups, or a combination of Sensors and groups. When you start the IDS MC, you always have levels of groups and Sensors, just as a folder in Windows 2000 can contain many levels of folders and files. The IDS MC hierarchy of groups and Sensors enables you to configure more than one Sensor at a time by configuring an entire group of Sensors simultaneously. Configuring more than one Sensor at a time in this way is possible because a Sensor can acquire settings from its parent group. A Sensor must, in fact, acquire settings from its parent group if a parent defines those settings as mandatory. A child cannot override the values for such settings. Cisco Courseware 12-12
QUESTION 96
Which of the following options are available to add a new Sensor group? (Choose all that apply.)
A. inherit settings from the subgroup
B. copy settings from another group
C. import group from the Monitoring Center for Security
D. copy settings from the Monitoring Center for Security group
E. inherit settings from the parent group

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
Page 12-13 CSIDS Courseware under Devices-Sensor Group Note: When you create subgroups, the subgroup inherits the properties of either the parent group or you may copy settings from another group to the new subgroup
QUESTION 97
Select the true statements regarding Sensor groups.
A. The mandatory check box exists in the context of a Sensor object to identify required configuration settings.
B. The override check box exists in the context of a Sensor Group object to prevent configuration parameters from being inherited.
C. The override check box exists in the context of a Sensor object to override settings previously flagged as mandatory.
D. By default, all Sensor subgroups inherit the configuration settings of other Sensors in the same Sensor group.
E. The mandatory check box exists in the context of a Sensor Group object to indicate that all fields in the configuration windows require values.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
“A sensor must, in fact, acquire settings from the parent group, if a parent defines those settings as
mandatory.
A child cannot override the values for such settings.” (C) is false because of the keyword must in the
statement above, so that a child cannot override values for mandatory settings.

(B)
Cisco Courseware 12-15 shows the “Override” checkbox in a screenshot.

(D)
Cisco Courseware 12-12 shows a screenshot with the selection key:
O Default (use parent values) (A) and (E) are false, because “mandatory” check boxes say nothing about
“requirements”, but if subgroups must use the parameter or not (by overriding it):
Cisco Courseware 12-12:

QUESTION 98
You need to retrieve Sensor IP logs for analysis. Which of the following methods are available to you to accomplish this task? (Choose all that apply.)
A. Download via IDM
B. Archive using SCP
C. Copy using FTP
D. Import to IDS MC
E. Upload using Security Monitor

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation:
Page 12-19 CSIDS Courseware under Automatic Logging IP Log Files can be retrieved by the following
methods
1) Use the CLI copy command to copy the IP log files to another host system using FTP or SCP.
2) Download the IP log files via IDM.
After retrieving the IP log files, you can use a network protocol analyzer to examine the data.
Not B: Archive using SCP is false, although Copy using SCP would be true.

QUESTION 99
The new Certkiller trainee technician wants to know how automatic IP logging is enabled on Sensor. What would your reply be?
A. It is enabled by default for all high-severity signature alarms.
B. It is enabled by default for all signatures.
C. It is enabled by default for all master signatures only.
D. It must be manually configured for individual signatures.

Correct Answer: D Section: (none) Explanation Explanation/Reference:
Explanation: Attacks or other misuses of network resources can be defined as network intrusions. Network intrusions can be detected by sensors that use a signature-based technology. A signature is a set of rules that your sensor uses to detect typical intrusive activity, such as denial of service (DoS) attacks. As sensors scan network packets, they use signatures to detect known attacks and respond with actions that you define. The sensor compares the list of signatures with network activity. When a match is found, the sensor takes an action, such as logging the event or sending an alarm to IDS Event Viewer. Sensors allow you to modify existing signatures and define new ones. Signature-based intrusion detection can produce false positives because certain normal network activity can be misinterpreted as malicious activity. For example, some network applications or operating systems may send out numerous ICMP messages, which a signature-based detection system might interpret as an attempt by an attacker to map out a network segment. You can minimize false positives by tuning your sensors. To configure a sensor to monitor network traffic for a particular signature, you must enable the signature. By default, the most critical signatures are enabled when you install IDS Device Manager. When an attack is detected that matches an enabled signature, the sensor generates an alert event (formerly known as an alarm), which is stored in the sensor’s event store. The alert events, as well as other events, may be retrieved from the event store by web-based clients. By default the sensor logs all Informational alarms or higher. If you have added IDS Event Viewer as a destination, the alarm is sent to the IDS Event Viewer database and you can view the alarm in IDS Event Viewer. Configuring IP Logging You can configure a sensor to generate an IP session log when the sensor detects an attack. When IP logging is configured as a response action for a signature and the signature is triggered, all packets to and from the source address of the alarm are logged for a specified period of time. You can set the number of minutes events are logged.
Reference: Installing and Using the Cisco Intrusion Detection System Device Manager and Event Viewer Version 4.1 Cisco Courseware 12-18
QUESTION 100
Which of the following fields will you advice the new Certkiller trainee technician to populate when creating custom signatures with IDS MC? (Choose two.)
A. SubSigID
B. signature name
C. engine description
D. engine name
E. signature string

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
The two required fields are Signature Name & Engine
Reference: Cisco Courseware 14-33 Page 365 Cisco Press CCSP CSIDS 2nd edition under Creating Custom Signatures See screenshot, fields marked with
*
are required.

*
Signature name * Engine

QUESTION 101
Which TCP session reassembly configuration parameter enforces that a valid TCP session be establish before the Cisco IDS Sensor’s sensing engine analyzes the traffic associated with the session?
A. TCP open establish timeout
B. TCP embryonic timeout
C. TCP closed timeout
D. TCP three way handshake
E. TCP sequence timeout

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
The goal of defining these reassembly settings is to ensure that the sensor does not allocate all of its
resources to datagrams that cannot be completely reconstructed, either because the sensor missed some
frame transmissions or because an attack is generating random fragmented datagrams.
To specify that the sensor track only sessions for which the three-way handshake is completed, select the
TCP Three Way Handshake check box.

Reference:
Tuning Sensor Configurations

QUESTION 102
Which TCP session reassembly configuration parameter enforces that a valid TCP session be establish before the Cisco IDS Sensor’s sensing engine analyzes the traffic associated with the session?
A. TCP open establish timeout
B. TCP embryonic timeout
C. TCP closed timeout
D. TCP three way handshake
E. TCP sequence timeout

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
Select the TCP three way handshake if you want the sensor to tack only those sessions for which the
three-way handshake is completed. The other options for reassembly are:
No reassembly Loose reassembly Strict reassembly

Reference:
Cisco Secure Intrusion Detection System (Ciscopress) page 419

QUESTION 103
When configuring a custom signature via the IDM Signature Wizard, you must choose a signature type from one of three categories. What are those categories? Choose three.
A. HTTP signatures
B. HTTPS signatures
C. web server signatures
D. packet signatures
E. stream signatures
F. FTP server signatures

Correct Answer: CDE Section: (none) Explanation
QUESTION 104
How do you configure the Sensor to capture the packet that triggers a signature?
A. It is always on for TCP stream signatures.
B. In the signature configuration.
C. In the signature configuration by IP address
D. Globally by IP addess

Correct Answer: B Section: (none) Explanation
QUESTION 105
You are the Certkiller administrator. Which of the following actions can you configure a Cisco IDS Sensor to take a signature is fired when using IDS MC? (Choose four.)
A. log
B. alarm
C. block host
D. reset
E. trigger
F. block connection

Correct Answer: ACDF Section: (none) Explanation
Explanation/Reference:
Page 14-7 CSIDS Courseware under Signature Actions You can configure signatures to cause the Sensor to take action when the signature is triggered by the following: 1) IP Log 2) TCP Reset 3) Block – Block Host
-Block Connection Cisco Courseware 13-10 Cisco Courseware 14-7 Cisco Courseware 14-12 (Screenshot)
QUESTION 106
What information can a network security administrator specify in a Cisco IDS exclude signature filter? (Choose two)
A. Signature name
B. Signature ID
C. Signature action
D. Signature severity level
E. Sub-signature ID
F. Source port

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
Explanation:
When defining a simple filter, you need to configure the following fields:

*
Signature

*
Subsignature

*
IP address

*
Network Mask

*
Address Role

Reference:
Cisco Secure Intrusion Detection System (Ciscopress) page 446

QUESTION 107
What information can a network security administrator specify in a Cisco IDS signature filter? (Choose three)
A. Source port
B. Source address
C. Destination address
D. Destination port
E. Signature ID

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
Explanation:
A filter is defined by specifying the signature, the source address, and the destination address and whether
it is an inclusive or exclusive filter.

Reference:
CiscoWorks Management Center for IDS Sensors – Tuning Sensor Configurations

QUESTION 108
Study the exhibit below carefully:

According to the exhibit, which parameter selection would display the correct panel and the capability to perform a tuning of a specific signature to log events when they occur?
A. Select the desired check box and click on the engine name.
B. Click on the associated Signature ID.
C. Select the desired check box and select the desired action from the drop down menu in the action column.
D. Click on the desired signature name.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Reference: http://www.cisco.com/en/US/products/sw/cscowork/ps3990/ products_user_guide_chapter09186a008018d985.h tml#122
QUESTION 109
When customizing a signature, what would be the Alarm Throttle parameter setting if the Alarminterval parameter is also set when one is customizing a signature?
A. FireOnce
B. FireAll
C. GlobalSummarize
D. Summarize

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
FireAll is default.
AlamInterval doesn’t seem to be related to AlamThrottle.
ThrottleInterval specifies the related throttle (summarization-) timer.
Cisco Courseware 13-17, 13-18

QUESTION 110
Select the three phases of sensor tuning (Choose three.)
A. Prep Phase.
B. eployment Phase
C. Setup Phase
D. Tuning Phase
E. Maintenance Phase
F. Config Phase

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
Explanation:
The following routers do not support online insertion and removal (OIR) of network modules:

CiscoMWR1941-DC
QUESTION 111
Considering the following list of signature engines, which one would you deem is the best choice when creating a custom signature when you consider a situation where an intruder has created a worm that targets an application running on a fixed port and attempts to gain administrator access using a well-known default password.
A. ATOMIC.IPOPTIONS
B. SERVICE.MSSQL
C. SERVICE.IDENT
D. STRING.TCP

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
TCP.STRING by using these parameters:
1.
ToService (=number of the targeted port)

2.
RegExString (=string of well known default password)

Reference:
Cisco Courseware 13-62

QUESTION 112
Which of the following is used by a blocking Sensor in order to manage a Cisco IOS router for shunning? (Choose two.)
A. RDEP
B. Telnet
C. SSL
D. SSH
E. serial console

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Page 379 Cisco Press CCSP CSIDS 2nd edition under IP Blocking Devices-Cisco Routers To manipulate the ACLs on the managed device, you must configure the following on your managed devices:
-Telnet access (vty) enabled
-Line password assigned to vty
-Secure Shell (SSH) access allowed from sensor (or Telnet)
-Router’s enable password assigned
QUESTION 113
The new Certkiller trainee technician wants to know what the default duration for an automatic block on an IDS blocking device is. What would your reply be?
A. 1 minute
B. 10 minutes
C. 30 minutes
D. default time period is unlimited(permanent block)
E. there is no default block period, it must be configured

Correct Answer: C Section: (none) Explanation Explanation/Reference:
Page 15-9 CSIDS Courseware under Blocking Guidelines Blocking duration – By default the Sensor will automatically block for 30mins
QUESTION 114
Which of the following Cisco IDS platforms are capable of responding to active attacks by initiating either shunning or blocking? (Choose two.)
A. PIX-IDS
B. Network appliance IDS
C. IOS-IDS
D. Switch IDS module
E. Host IDS

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
NAC block actions are initiated by IDS Sensors – executed by PIX and routers and featured switches. See also Cisco Courseware 4-9, 4-10, 4-11, 4-12 Cisco Courseware 15-10
QUESTION 115
Which of the following represents the limitation for IDS Sensor blocking?
A. 10 interface/directions across all devices
B. 100 interface/directions across all devices
C. 10 interface/directions maximum per devices
D. 100 interface/directions maximum per devices
E. 10 interface (both directions) across all devices

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Page 383 Cisco Press CCSP CSIDS 2nd edition under IP Blocking: Network Topology A single sensor can only perform IP Blocking on a maximum of 10 interfaces across one or more managed devices Cisco Courseware 15-3
QUESTION 116
Which of the following can a blocking Sensor utilize to manage a PIX Firewall for shunning? (Choose all that apply.)
A. RDEP
B. Telnet
C. SSLand
D. SSH
E. serial console

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Page 15-7 CSIDS Courseware under Blocking Device Requirements The blocking device must have one of the following configured: 1) Telnet enabled – Telnet access should be allowed from the sensor 2) Secure shell (SSH) enabled- SSH access should be allowedfrom the sensor
QUESTION 117
Which Sensor process is responsible for initiating shuns on a blocking device?
A. exec
B. NAC
C. blockd
D. shunStart
E. ACL Daemon

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
Network Access Controller (NAC) is used to initiate Sensor shunning on network devices.

Reference:
page 120 of Ciscopress CCSP self study: CSIDS 2nd edition.
Cisco Courseware 6-4

QUESTION 118
When designing IP blocking, why should you consider entry points?
A. They provide different avenues for the attacker to attack your networks.
B. They prevent all denial of service attacks.
C. They are considered critical hosts and should not be blocked.
D. They provide a method for the Sensor to route through the subnet to the managed router.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Today’s networks have several entry points to provide reliability, redundancy, and resilience. These entry
points also represent different avenues for the attacker to attack your network. You must identify all the
entry points into your network and decide whether they need to also participate in IP blocking.

Reference:
Cisco Secure Intrusion Detection System (Ciscopress) page 467 Cisco Secure Intrusion Detection System
4 chap 15 page 8 Note: It is recommended that Sensors be placed at those network entry and exit points
that provide sufficient intrusion detection coverage. Cisco Secure Intrusion Detection System 4 chap 4
page 37

QUESTION 119
Which of the following commands does a Cisco IOS router use to block attacks, as directed by and IDS blocking Sensor?
A. acl
B. shun
C. access-list
D. set security acl ip

Correct Answer: C Section: (none) Explanation Explanation/Reference:
Explanation:
If you configure the sensor for blocking, every router interface you configure the sensor to manage is
controlled solely by the sensor even if no blocks are applied. The default ACL used by the sensor sets
permit ip any any for controlled interfaces, and all traffic not being currently blocked is allowed through the
router on the controlled interface. You should accept the ACL generated by the sensor.
If you want to change the ACL generated by the sensor, you can specify preshun or postshun ACLs by
using the PreShunACL and PostShunACL tokens. The sensor allows two ACL numbers for each interface
that is controlled by device management. The PreShunACL designates ACL entries that the sensor should
place in the ACL before placing any deny entries for the addresses being blocked. The PostShunACL
designates ACL entries that the sensor should place after all deny entries for the address being blocked.
NoteYou cannot use standard named or numbered IP access lists (one that requires the standard
keyword) such as the following:
ip access-list standard name You can use a standard ACL as long as it is in this format:
access-list number

Reference:
Cisco Courseware 5-46

With Flydumps.com complete study guide for the Cisco 642-531 exam you will find questions and answers from previous exams as well as ones that our experts believe will be on the upcoming exams due to upgrades and new releases. This gives you the resources you actually need to pass the exam instead of just studying material without any knowledge of what might be on a test. If you want a career in the IT world, a certification is the only answer to ensure you get your dream job.

Pass4itsure C-TERP10-60 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/C-TERP10-60.html

Cisco 642-531 Free Dowload, Best Cisco 642-531 Exam Dumps Online Shop