http://www.2shared.com/file/10128030/c2557902/PassGuide_ccnp_642-825_V331.html

http://www.sendspace.com/file/yrujis

http://www.4shared.com/file/177807421/3f40c3d8/PassGuide_ccnp_642-825_V331.html

http://rapidshare.com/files/323780117/PassGuide_ccnp_642-825_V3.31.zip.html

http://uploading.com/files/69cm7a14/PassGuide%2Bccnp%2B642-825%2BV3.31.zip/

http://rapidshare.de/files/48870532/PassGuide_ccnp_642-825_V3.31.zip.html

Implementing Secure Converged Wide Area Networks

http://www.sendspace.com/file/5ecnuq

http://rapidshare.com/files/322130503/PassGuide_ccnp_642-825_.pdf.html

http://rapidshare.de/files/48851527/PassGuide_ccnp_642-825_.pdf.html

http://uploading.com/files/29d49265/PassGuide%2Bccnp%2B642-825%2B.pdf/

http://www.4shared.com/file/175173642/7e45ea2c/PassGuide_ccnp_642-825_.html

Q&A Demo

www.PassGuide.com

(C) Copyright 2006-2009 CertBible Tech LTD,All Rights Reserved.

Important Note
Please Read Carefully

Study Tips

This product will provide you questions and answers carefully compiled and written by our experts. Try to understand the concepts behind the questions instead of cramming the questions.

Go through the entire document at least twice so that you make sure that you are not missing anything.

Latest Version

We are constantly reviewing our products. New material is added and old material is revised. Free updates are available for 120 days after the purchase. You should check your member zone at PassGuide an update 3-4 days before the scheduled exam date.

Feedback

If you spot a possible improvement then please let us know. We always interested in improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.

Be Prepared. Be Confident. Get Certified.
————————————————————————————————————————-
Sales and Support Manager
Sales Team: sales@passguide.com Support Team: support@passguide.com
———————————————————————————————————————

Copyright

Each pdf file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular pdf file is being distributed by you, CertBible reserves the right to take legal action against you according to the International Copyright Laws.
1. Which two statements about common network attacks are true? (Choose two.)
Select 2 response(s).

A. Access attacks can consist of password attacks, trust exploitation, port redirection, and man-in-the-middle attacks.
B. Access attacks can consist of password attacks, ping sweeps, port scans, and man-in-the-middle attacks.
C. Access attacks can consist of packet sniffers, ping sweeps, port scans, and man-in-the-middle attacks.
D. Reconnaissance attacks can consist of password attacks, trust exploitation, port redirection and Internet information queries.
E. Reconnaissance attacks can consist of packet sniffers, port scans, ping sweeps, and Internet information queries.
F. Reconnaissance attacks can consist of ping sweeps, port scans, man-in-middle attacks and Internet information queries.

Answer: AE

2. Which two statements about management protocols are true? (Choose two.)
Select 2 response(s).

A. Syslog version 2 or above should be used because it provides encryption of the syslog messages.
B. NTP version 3 or above should be used because these versions support a cryptographic authentication mechanism between peers.
C. SNMP version 3 is recommended since it provides authentication and encryption services for management packets.
D. SSH, SSL and Telnet are recommended protocols to remotely manage infrastructure devices.
E. TFTP authentication (username and password) is sent in an encrypted format, and no additional encryption is required.

Answer: BC

3. Refer to the exhibit. Which two statements about the AAA configuration are true? (Choose two.)
Select 2 response(s).

A. A good security practice is to have the none parameter configured as the final method used to ensure that no other authentication method will be used.
B. If a TACACS+ server is not available, then a user connecting via the console port would not be able to gain access since no other authentication method has been defined.
C. If a TACACS+ server is not available, then the user Bob could be able to enter privileged mode as long as the proper enable password is entered.
D. The aaa new-model command forces the router to override every other authentication method previously configured for the router lines.
E. To increase security, group radius should be used instead of group tacacs+.
F. Two authentication options are prescribed by the displayed aaa authentication command.

Answer: DF

4. What are the two main features of Cisco IOS Firewall? (Choose two.)
Select 2 response(s).

A. TACACS+
B. AAA
C. Cisco Secure Access Control Server
D. Intrusion Prevention System
E. Authentication Proxy

Answer: DE

5. What three features does Cisco Security Device Manager (SDM) offer? (Choose three.)
Select 3 response(s).

A. smart wizards and advanced configuration support for NAC policy features
B. single-step mitigation of Distributed Denial of Service (DDoS) attacks
C. one-step router lockdown
D. security auditing capability based upon CERT recommendations
E. multi-layered defense against social engineering
F. single-step deployment of basic and advanced policy settings

Answer: ACF

6. What are three objectives that the no ip inspect command achieves? (Choose three.)
Select 3 response(s).

A. removes the entire CBAC configuration
B. removes all associated static ACLs
C. turns off the automatic audit feature in SDM
D. denies HTTP and Java applets to the inside interface but permits this traffic to the DMZ
E. resets all global timeouts and thresholds to the defaults
F. deletes all existing sessions

Answer: AEF

7. Which three features are benefits of using GRE tunnels in conjunction with IPsec for building site-to-site VPNs? (Choose three.)
Select 3 response(s).

A. allows dynamic routing over the tunnel
B. supports multi-protocol (non-IP) traffic over the tunnel
C. reduces IPsec headers overhead since tunnel mode is used
D. simplifies the ACL used in the crypto map
E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

Answer: ABD

8. Which three IPsec VPN statements are true? (Choose three.)
Select 3 response(s).

A. IKE keepalives are unidirectional and sent every ten seconds.
B. IKE uses the Diffie-Hellman algorithm to generate symmetrical keys to be used by IPsec peers.
C. IPsec uses the Encapsulating Security Protocol (ESP) or the Authentication Header (AH) protocol for exchanging keys.
D. Main mode is the method used for the IKE phase two security association negotiations.
E. Quick mode is the method used for the IKE phase one security association negotiations.
F. To establish IKE SA, main mode utilizes six packets while aggressive mode utilizes only three packets.

Answer: ABF

9. Which three statements are true about Cisco IOS Firewall? (Choose three.)
Select 3 response(s).

A. It can be configured to block Java traffic.
B. It can be configured to detect and prevent SYN-flooding denial-of-service (DoS) network attacks.
C. It can only examine network layer and transport layer information.
D. It can only examine transport layer and application layer information.
E. The inspection rules can be used to set timeout values for specified protocols.
F. The ip inspect cbac-name command must be configured in global configuration mode.

Answer: ABE

10. Refer to the exhibit. On the basis of the partial configuration, which two statements are true? (Choose two.)

Select 2 response(s).

A. A CBAC inspection rule is configured on router RTA.
B. A named ACL called SDM_LOW is configured on router RTA.
C. A QoS policy has been applied on interfaces Serial 0/0 and FastEthernet 0/1.
D. Interface Fa0/0 should be the inside interface and interface Fa0/1 should be the outside interface.
E. On interface Fa0/0, the ip inspect statement should be incoming.
F. The interface commands ip inspect SDM_LOW in allow CBAC to monitor multiple protocols.

Answer: AF

11. Which two statements describe the functions and operations of IDS and IPS systems? (Choose two.)
Select 2 response(s).

A. A network administrator entering a wrong password would generate a true-negative alarm.
B. A false positive alarm is generated when an IDS/IPS signature is correctly identified.
C. An IDS is significantly more advanced over IPS because of its ability to prevent network attacks.
D. Cisco IDS works inline and stops attacks before they enter the network.
E. Cisco IPS taps the network traffic and responds after an attack.
F. Profile-based intrusion detection is also known as “anomaly detection”.

Answer: BF

12. Refer to the exhibit. What statement is true about the interface S1/0 on router R1?
Select the best response.

A. Labeled packets can be sent over an interface.
B. MPLS Layer 2 negotiations have occurred.
C. IP label switching has been disabled on this interface.
D. None of the MPLS protocols have been configured on the interface.

Answer: D

13. Which two network attack statements are true? (Choose two.)
Select 2 response(s).

A. Access attacks can consist of password attacks, trust exploitation, port redirection, and man-in-the-middle attacks.
B. Access attacks can consist of UDP and TCP SYN flooding, ICMP echo-request floods, and ICMP directed broadcasts.
C. DoS attacks can be reduced through the use of access control configuration, encryption, and RFC 2827 filtering.
D. DoS attacks can consist of IP spoofing and DDoS attacks.
E. IP spoofing can be reduced through the use of policy-based routing.
F. IP spoofing exploits known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information.

Answer: AD

14. What are the four steps, in their correct order, to mitigate a worm attack?
Select the best response.

A. contain, inoculate, quarantine, and treat
B. inoculate, contain, quarantine, and treat
C. quarantine, contain, inoculate, and treat
D. preparation, identification, traceback, and postmortem
E. preparation, classification, reaction, and treat
F. identification, inoculation, postmortem, and reaction

Answer: A

15. If an edge Label Switch Router (LSR) is properly configured, which three combinations are possible? (Choose three.)
Select 3 response(s).

A. A received IP packet is forwarded based on the IP destination address and the packet is sent as an IP packet.
B. An IP destination exists in the IP forwarding table. A received labeled packet is dropped because the label is not found in the LFIB table.
C. There is an MPLS label-switched path toward the destination. A received IP packet is dropped because the destination is not found in the IP forwarding table.
D. A received IP packet is forwarded based on the IP destination address and the packet is sent as a labeled packet.
E. A received labeled IP packet is forwarded based upon both the label and the IP address.
F. A received labeled packet is forwarded based on the label. After the label is swapped, the newly labeled packet is sent.

Answer: ADF

16. Which three techniques should be used to secure management protocols? (Choose three.)
Select 3 response(s).

A. Configure SNMP with only read-only community strings.
B. Encrypt TFTP and syslog traffic in an IPSec tunnel.
C. Implement RFC 3704 filtering at the perimeter router when allowing syslog access from devices on the outside of a firewall.
D. Synchronize the NTP master clock with an Internet atomic clock.
E. Use SNMP version 2.
F. Use TFTP version 3 or above because these versions support a cryptographic authentication mechanism between peers.

Answer: ABC

17. Which statement describes Reverse Route Injection (RRI)?
Select the best response.

A. A static route that points towards the Cisco Easy VPN server is created on the remote client.
B. A static route is created on the Cisco Easy VPN server for the internal IP address of each VPN client.
C. A default route is injected into the route table of the remote client.
D. A default route is injected into the route table of the Cisco Easy VPN server.

Answer: B

18. What are two possible actions an IOS IPS can take if a packet in a session matches a signature? (Choose two.)
Select 2 response(s).

A. reset the connection
B. forward the packet
C. check the packet against an ACL
D. drop the packet

Answer: AD

19. Refer to the exhibit. Which two statements about the Network Time Protocol (NTP) are true? (Choose two.)
Select 2 response(s).

A. Router RTA will adjust for eastern daylight savings time.
B. To enable authentication, the ntp authenticate command is required on routers RTA and RTB.
C. To enable NTP, the ntp master command must be configured on routers RTA and RTB.
D. Only NTP time requests are allowed from the host with IP address 10.1.1.1.
E. The preferred time source located at 130.207.244.240 will be used for synchronization regardless of the other time sources.

Answer: AB

20. What is a reason for implementing MPLS in a network?
Select the best response.

A. MPLS eliminates the need of an IGP in the core.
B. MPLS reduces the required number of BGP-enabled devices in the core.
C. Reduces routing table lookup since only the MPLS core routers perform routing table lookups.
D. MPLS eliminates the need for fully meshed connections between BGP enabled devices.

Answer: B

21. Refer to the exhibit. The show mpls interfaces detail command has been used to display information about the interfaces on router R1 that have been configured for label switching. Which statement is true about the MPLS edge router R1?
Select the best response.

A. Packets can be labeled and forwarded out interface Fa0/1 because of the MPLS operational status of the interface.
B. Because LSP tunnel labeling has not been enabled on interface Fa0/1, packets cannot be labeled and forwarded out interface Fa0/1.
C. Packets can be labeled and forwarded out interface Fa1/1 because MPLS has been enabled on this interface.
D. Because the MTU size is increased above the size limit, packets cannot be labeled and forwarded out interface Fa1/1.

Answer: A

22. Refer to the exhibit. MPLS has been configured on all routers in the domain. In order for R2 and R3 to forward frames between them with label headers, what additional configuration will be required on devices that are attached to the LAN segment?
Select the best response.

A. Decrease the maximum MTU requirements on all router interfaces that are attached to the LAN segment.
B. Increase the maximum MTU requirements on all router interfaces that are attached to the LAN segment.
C. No additional configuration is required. Interface MTU size will be automatically adjusted to accommodate the larger size frames.
D. No additional configuration is required. Frames with larger MTU size will be automatically fragmented and forwarded on all LAN segments.

Answer: B

23. Which three statements about IOS Firewall configurations are true? (Choose three.)
Select 3 response(s).

A. The IP inspection rule can be applied in the inbound direction on the secured interface.
B. The IP inspection rule can be applied in the outbound direction on the unsecured interface.
C. The ACL applied in the outbound direction on the unsecured interface should be an extended ACL.
D. The ACL applied in the inbound direction on the unsecured interface should be an extended ACL.
E. For temporary openings to be created dynamically by Cisco IOS Firewall, the access-list for the returning traffic must be a standard ACL.
F. For temporary openings to be created dynamically by Cisco IOS Firewall, the IP inspection rule must be applied to the secured interface.

Answer: ABD

24. What are three features of the Cisco IOS Firewall feature set? (Choose three.)
Select 3 response(s).

A. network-based application recognition (NBAR)
B. authentication proxy
C. stateful packet filtering
D. AAA services
E. proxy server
F. IPS

Answer: BCF

25. Which statement describes the Authentication Proxy feature?
Select the best response.

A. All traffic is permitted from the inbound to the outbound interface upon successful authentication of the user.
B. A specific access profile is retrieved from a TACACS+ or RADIUS server and applied to an IOS Firewall based on user provided credentials.
C. Prior to responding to a proxy ARP, the router will prompt the user for a login and password which are authenticated based on the configured AAA policy.
D. The proxy server capabilities of the IOS Firewall are enabled upon successful authentication of the user.

Answer: B

26. Which two statements about an IDS are true? (Choose two.)
Select 2 response(s).

A. The IDS is in the traffic path.
B. The IDS can send TCP resets to the source device.
C. The IDS can send TCP resets to the destination device.
D. The IDS listens promiscuously to all traffic on the network.
E. Default operation is for the IDS to discard malicious traffic.

Answer: BD

27. Which statement about an IPS is true?
Select the best response.

A. The IPS is in the traffic path.
B. Only one active interface is required.
C. Full benefit of an IPS will not be realized unless deployed in conjunction with an IDS.
D. When malicious traffic is detected, the IPS will only send an alert to a management station.

Answer: A

28. Which three categories of signatures can a Cisco IPS microengine identify? (Choose three.)
Select 3 response(s).

A. DDoS signatures
B. strong signatures
C. exploit signatures
D. numeric signatures
E. spoofing signatures
F. connection signatures

Answer: ACF

29. During the Easy VPN Remote connection process, which phase involves pushing the IP address, Domain Name System (DNS), and split tunnel attributes to the client?
Select the best response.

A. mode configuration
B. the VPN client establishment of an ISAKMP SA
C. IPsec quick mode completion of the connection
D. VPN client initiation of the IKE phase 1 process

Answer: A

30. When configuring the Cisco VPN Client, what action is required prior to installing Mutual Group Authentication?
Select the best response.

A. Transparent tunneling must be enabled.
B. A valid root certificate must be installed.
C. A group pre-shared secret must be properly configured.
D. The option to “Allow Local LAN Access” must be selected.

Answer: B

*11 hours of Instructor Led Video Training
*642-825 ISCW Implementing Secure Converged Wide Area Networks CCNP Exam Coverage
*Learn How To Expand the Reach of an Enterprise Network to Remote Sites While Focusing On Securing Remote Access and VPN Client Configuration
*This Course Will Help You Pass Your ISCW Exam On Your Way To Earning the Valuable CCNP Certification

Intro To ISCW

* Network Modeling
* Remote Connectivity Methods
* Basic (and Not-So-Basic) Security
* Authentication, Authorization, and Accounting (AAA)
* MultiProtocol Label Switching (MPLS)
* Virtual Private Networks (VPNs)
* Firewalls
* Intrusion Prevention System (IPS)

Network Modeling

* The Cisco Three-Layer Model
* The Cisco Enterprise Architecture
* Cisco IIN and SONA
* Teleworking: Questions to Ask Before Implementing

Remote Connectivity Method

* Intro to Broadband
* DSL Delivery Options
* Cable Modem Boot Process
* PPPoE, PPPoA, and RFC 1483/2684 Bridging
* Basic Troubleshooting
* Hybrid Fiber-Coaxial

Basic (and Not-So-Basic) Security

* Password Basics
* NTP and Router Clocks
* Telnet and SSH
* Banners
* TCP Intercept
* IP Spoofing and 3704 Filtering
* Views and Superviews
* SNMP Security Basics
* Autosecure (CLI and SDM)
* Basic Logging Commands

Authentication, Authorization, and Accounting (AAA)

* Authentication and Authentication Lists
* Configuring AAA at the CLI
* Configuring AAA with SDM
* Debugging AAA
* Authorization
* Privilege Levels
* Account

MultiProtocol Label Switching (MPLS)

* Types, Modes, and Router Roles
* “push, swap, pop�
* Labels, the Control Plane, and the Data Plane
* The MPLS Process
* Penultimate Hop Popping
* The FIB, LIB, and LFIB
* Basic MPLS Configuration
* MPLS VPNs
* Route Distinguishers and VRFs
* MTU Sizing

Virtual Private Networks (VPNs)

* Terminology
* Tunneling Protocols
* Data and Key Encryption Methods
* IPSec Architecture
* Configuring Site-to-Site VPNs, Policies, and Transform Sets
* Crypto ACLs
* Configuring GRE over IPSec (Using SDM)
* GRE Tips
* Easy VPN Theory and Configuration
* Stateless and Stateful VPN Failover Methods

Firewalls

* Intro to Firewalls
* Stateless and Stateful Filtering
* IOS Firewall Feature Set Components
* Extended ACL Review
* CBAC Operation and Benefits
* Firewall Configuration at the CLI
* Firewall Configuration with SDM – Basic and Advanced
* SDM Basics
* Direction of Your Lists
* Disabling IP Inspection

Intrusion Prevention System (IPS)

* Comparing IPS and IDS
* Approaches to Intrusion Prevention
* Signatures and Signature Types
* SDFs
* Signature Actions
* SDEE and Syslog
* “False Positives�
* Configuring IPS with SDM

http://rapidshare.com/files/125056348/Trainsignal_ISCW_642-825.part1.rar

http://rapidshare.com/files/125071398/Trainsignal_ISCW_642-825.part2.rar

http://rapidshare.com/files/125074508/Trainsignal_ISCW_642-825.part3.rar

David Kotfila • Joshua Moorhouse • Ross G. Wolfson, CCIE® No. 16696

CCNP Implementing Secured Converged Wide-Area Networks (ISCW 642-825) Lab Portfolio provides you with opportunities for hands-on practice to secure and expand the reach of an enterprise-class network to teleworkers and branch sites.

The labs reinforce your understanding of how to secure and expand the reach of an enterprise network with a focus on VPN configuration and securing network access to remote sites. The book’s primary focus includes teleworker configuration and access, Frame Mode MPLS, site-to-site IPsec VPN, Cisco® EZVPN, strategies used to mitigate network attacks, Cisco device hardening, and Cisco IOS® firewall features.

Those preparing for the Implementing Secured Converged Wide-Area Networks (ISCW 642-825) certification exam should work through this book cover to cover. If you need to quickly review configuration examples, you can go directly to the relevant chapter.

CCNP Implementing Secured Converged Wide-Area Networks (ISCW 642-825) Lab Portfolio includes

* 27 Labs built to support v5 of the Implementing Secured Converged Wide-Area Networks course within the Cisco Networking Academy® curriculum providing ample opportunity for practice.
* 2 Challenge and Troubleshooting Labs added to the core curriculum labs to test your mastery of the topics.
* 2 Case Studies to give you a taste of what is involved in a fully functioning network covering all the technologies taught in this course. Even if you do not have the actual equipment to configure these more complex topologies, it is worth reading through these labs to expand your thinking into more complex networking solutions.

David Kotfila, CCNP®, CCAI, is the director of the Cisco Networking Academy at Rensselaer Polytechnic Institute (RPI), Troy, New York.

Joshua Moorhouse, CCNP, recently graduated from Rensselaer Polytechnic Institute with a bachelor of science degree in computer science, where he also worked as a teaching assistant in the Cisco Networking Academy. He currently works as a network engineer at Factset Research Systems.

Ross Wolfson, CCIE® No. 16696, recently graduated from Rensselaer Polytechnic Institute with a bachelor of science degree in computer science. He currently works as a network engineer at Factset Research Systems.

Use this Lab Portfolio with:

CCNP ISCW Official Exam Certification Guide

ISBN-10: 1-58720-150-X

ISBN-13: 978-1-58720-150-9

CCNP ISCW Portable Command Guide

ISBN-10: 1-58720-186-0

ISBN-13: 978-1-58720-186-8

This book is part of the Cisco Networking Academy Series from Cisco Press®. Books in this series support and complement the Cisco Networking Academy curriculum.

more info:http://www.ciscopress.com/bookstore/product.asp?isbn=158713215X
book download http://rapidshare.com/files/141964915/www.certdumps.net_CCNP_Implementing_Secured_Converged_Wide-Area_Networks_Lab_Portfolio.rar

Denise Donohue, Jay Swan

ISBN: 1-58705-314-4

As a final exam preparation tool, the CCNP ISCW Quick Reference Sheets provide a concise review of all objectives on the new CCNP ISCW exam (642-825). This digital Short Cut provides you with detailed, graphical-based information, highlighting only the key topics in cram-style format.

With this document as your guide, you will review topics on the Cisco hierarchical network model as it pertains to the WAN, teleworker configuration and access, frame mode MPLS, site-to-site IPsec VPN, Cisco EZVPN, strategies used to mitigate network attacks, and Cisco device hardening and IOS firewall features. These fact-filled Quick Reference Sheets allow you to get all-important information at a glance, helping you to focus your study on areas of weakness and to enhance memory retention of essential exam concepts.

Table of Contents:

Chapter 1: Network Conceptual Models

Chapter 2: Providing SOHO/Teleworker Connectivity

Chapter 3: Frame Mode MPLS

Chapter 4: IPsec

Chapter 5: Cisco Device Hardening

Chapter 6: Cisco IOS Threat Defenses

About the authors:

Denise Donohue, CCIE No. 9566, is manager of solutions engineering for ePlus Technology in Maryland. She is responsible for designing and implementing data and VoIP networks, supporting companies based in the national capital region. Prior to this role, she was a systems engineer for the data consulting arm of SBC/AT&T. Denise was a Cisco instructor and course director for Global Knowledge and did network consulting for many years. Her CCIE is in Routing and Switching.

Jay Swan is a senior network engineer for the Southern Ute Indian Tribe Growth Fund in Ignacio, Colorado. Prior to that he was a Cisco instructor and course director for Global Knowledge. He has also worked in IT in the higher education and service provider fields. He holds CCNP and CCSP certifications.

More info:CCNP ISCW Quick Reference Sheets
book download http://rapidshare.com/files/141965757/www.certdumps.net_CCNP_ISCW_Quick_Reference_Sheets.rar

* Master all 642-825 exam topics with the official study guide
* Assess your knowledge with chapter-opening quizzes
* Review key concepts with foundation summaries
* Practice with hundreds of exam questions on the CD-ROM

Brian Morgan, CCIE® No. 4865

Neil Lovering, CCIE No. 1772

CCNP ISCW Official Exam Certification Guide is a best of breed Cisco® exam study guide that focuses specifically on the objectives for the Implementing Secure Converged Wide Area Networks exam (642-825 ISCW). Successfully passing the ISCW 642-825 exam certifies that you have the knowledge and skills necessary to secure and expand the reach of an enterprise network to teleworkers and remote sites with focus on securing remote access and VPN client configuration.

CCNP ISCW Official Exam Certification Guide follows a logical organization of the CCNP® ISCW exam objectives. Material is presented in a concise manner, focusing on increasing your retention and recall of exam topics. You can organize your exam preparation through the use of the consistent features in these chapters. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists and concise Foundation Summary information make referencing easy and give you a quick refresher whenever you need it. Challenging chapter-ending review questions help you assess your knowledge and reinforce key concepts.

The companion CD-ROM contains a powerful testing engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a topic-by-topic basis, presenting question-by-question remediation to the text. Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this book helps you master the concepts and techniques that can enable you to succeed on the exam the first time.

Brian Morgan, CCIE® No. 4865, is a consulting systems engineer for Cisco, specializing in Unified Communications technologies. He services a number of Fortune 500 companies in architectural, design, and support roles. With more than 15 years in the networking industry, he served as director of engineering for a large telecommunications company, is a certified Cisco instructor teaching at all levels, from basic routing and switching to CCIE lab preparation, and spent a number of years with IBM Network Services serving many of IBM’s largest clients. He is a former member of the ATM Forum and a long-time member of the IEEE.

Neil Lovering, CCIE No. 1772, works as a design consultant for Cisco. Neil has been with Cisco for more than three years and works on large-scale government networking solutions projects. Prior to Cisco, Neil was a network consultant and instructor for more than eight years and worked on various routing, switching, dialup, and security projects for many customers all over North America.

This official study guide helps you master all the topics on the CCNP ISCW exam, including

* The Cisco hierarchical network model as it pertains to the WAN

* Teleworker configuration and access with broadband technologies
* Frame mode MPLS
* IPsec VPN implementations
* Cisco device hardening
* Cisco IOS® Firewall features
* Cisco IOS Intrusion Prevention System (IPS) features

Companion CD-ROM

The CD-ROM contains an electronic copy of the book and more than 200 practice questions for the ISCW exam, which are all available in study mode, test mode, and flash card format.

This volume is part of the Exam Certification Guide Series from Cisco Press®. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears.

Category: Cisco Certification

Covers: CCNP ISCW Exam 642-825

More info:
book download http://rapidshare.com/files/141965743/www.certdumps.net_CCNP_ISCW_Official_Exam_Certification_Guide.rar

All the ISCW 642-825 commands in one compact, portable resource

Scott Empson

Hans Roth

Preparing for the CCNP certification? Working as a network professional? Here are all the CCNP-level commands for the ISCW exam you need in one condensed, portable resource. The CCNP ISCW Portable Command Guide is filled with valuable, easy-to-access information and is portable enough for use whether you’re in the server room or the equipment closet.

This book can help you memorize commands and concepts as you work to pass the CCNP ISCW exam (642-825). The guide summarizes all CCNP certification-level Cisco IOS Software commands, keywords, command arguments, and associated prompts, providing you with tips and examples of how to apply the commands to real-world scenarios. Sample configurations throughout the book provide you with a better understanding of how these commands are used in simple network designs.

The topics in this portable command guide cover how to do the following:

* Implement basic teleworker services
* Implement Frame-Mode MPLS
* Implement a site-to-site IPsec VPN
* Describe network security strategies
* Implement Cisco Device Hardening
* Implement Cisco IOS Firewall
* Describe and configure Cisco IOS IPS

Scott Empson is currently the assistant program chair of the bachelor of applied information systems technology degree program at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, teaching Cisco routing, switching, and network design courses in certificate, diploma, and applied degree programs at the post-secondary level.

Hans Roth is an instructor in the electrical/electronic engineering technology department at Red River College in Winnipeg, Canada.

* Access all CCNP ISCW commands–use as a quick, offline resource for research and solutions
* Logical “how-to” topic groupings provide one-stop research
* Great for review before taking the CCNP ISCW certification exam
* Compact size makes it easy to carry with you, wherever you go
* “Create your own journal” section with blank, lined pages allows you to personalize the book for your needs

This book is part of the Cisco Press Certification Self-Study Product Family, which offers readers a self-paced study routine for Cisco certification exams. Titles in the Cisco Press Certification Self-Study Product Family are part of a recommended learning program from Cisco that includes simulation and hands-on training from authorized

Cisco Learning Partners and self-study products from Cisco Press.

Category: Cisco Press–Cisco Certification

Covers: CCNP ISCW Certification 642-825

Free down:CCNP ISCW Portable Command Guide (Self-Study Guide)
book download http://rapidshare.com/files/141966095/www.certdumps.netCCNP_ISCW_Portable_Command_Guide.rar

This training will help you:

* Design and create networks for today’s needs, including the convergence of voice, video, and data services onto a single network.
* Provide secure off-site network access through site-to-site and remote access Virtual Private Networking (VPN).
* Understand WAN technologies including Cable, DSL, and PPPoE.
* Understand how MPLS packet labeling overlays existing WAN technology, and how it allows all brands of routers to forward traffic quicker than ever before – plus how MPLS VPNs allow service providers to easily distinguish your traffic for speedy delivery.
* Configure Frame Mode MPLS on your Cisco routers.
* Learn IPSec VPNs inside and out – where IPSec fits in, what it’s about, what the building blocks are, what modes can you run it in, and how you authenticate your connection to be sure that the other side is who they say they are.
* Establish VPN connections using the Command Line Interface and the Security Device Manager.
* Implement encryption and tunneling to secure VPN traffic as it travels through public networks.
* Use Cisco’s Easy VPN to make it simple to configure VPN from the client side.
* Learn attacks that can be carried out on your WAN-connected network, and defense mechanisms you can use against these attacks.
* Reduce the vulnerability of your network using Cisco’s Auto-Secure and the SDM Security Audit.
* Lockdown management access to your routers using stronger password requirements, better encryption methods, and new IOS features that allow for stronger access control.
* Secure your IOS and router configuration files.
* Learn which access list type works best for your network, plus guidelines for optimal access list configuration and how to apply access lists to telnet ports and interfaces.
* Configure SSH, Syslog, SNMP, and NTP, plus understand what in-band and out-of-band management are, and how all of this relates to securing network management traffic.
* Implement Cisco AAA to lock down your router – using either the Radius or Tacacs+ protocol.
* Defend your network using Cisco’s IOS firewall and intrusion prevention systems.

Exam-Prep for Cisco ISCW exam as part of CCNP Certification

In Cisco CCNP – Exam-Pack: 642-825 ISCW, instructor Jeremy Cioara walks you through everything you need to know to create secure, robust remote access solutions. In addition, the training maps to exam objectives for Cisco CCNP Exam 642-825 ISCW, to help you prepare for CCNP Certification.

Prerequisites

A thorough understanding of Cisco networking such as a CCNA certification or equivalent knowledge is recommended before viewing these videos.

Cisco CCNP – Exam-Pack: 642-825 ISCW Contains:

- Cisco ISCW Series Intro (free video!)
- Model Madness: Network Design and Connectivity for the Modern World
- Understanding New WAN Technologies: Cable Technology
- Understanding New WAN Technologies: DSL Technology
- Understanding New WAN Technologies: Configuring PPPoE DSL Connections
- Multiprotocol Label Switching: The Concepts
- Multiprotocol Label Switching: Frame Mode Configuration
- Multiprotocol Label Switching: Understanding MPLS VPNs
- IPSec VPNs: VPN Concepts, Part 1
- IPSec VPNs: VPN Concepts, Part 2
- IPSec VPNs: VPN Site-to-Site CLI Configuration
- IPSec VPNs: VPN Site-to-Site SDM Configuration
- IPSec VPNs: IPSec Encrypted GRE Tunnels
- IPSec VPNs: Remote Access Connections with Cisco Easy VPN
- Network Lockdown: Attacks and Defense
- Network Lockdown: Cisco Auto-Secure and SDM Security Audit
- Network Lockdown: Securing Management Access
- Network Lockdown: Securing Management Access, Part 2
- Network Lockdown: Using Access Lists
- Network Lockdown: Securing Network Management
- Network Lockdown: Implementing Cisco AAA
- Defending the Network: Cisco IOS Firewall (free video!)
- Defending the Network: Cisco IOS IPS

http://www.cbtnuggets.com/webapp/product?id=371

Practice Exam 642-825
Product Description:
Exam Number/Code: 642-825
Exam Name: CCNP

“CCNP ’s Implementing Secure Converged Wide Area Networks”, also known as 642-825 exam, is a Cisco certification.
Preparing for the 642-825 exam? Searching 642-825 Test Questions, 642-825 Practice Exam, 642-825 Dumps?
With the complete collection of questions and answers, TestInside has assembled to take you through 176 questions to your 642-825 Exam preparation. In the 642-825 exam resources, you will cover every field and category in CCNP helping to ready you for your successful Cisco Certification.

Implementing Secure Converged Wide Area Networks
Test     Q&A     Updated     Price
642-825     176: Q&A     2008-6-25     USD:  69.00

http://down.ccnp.cc/blog/www.ccnp.cc/bible/testinside/

1. When configuring the Cisco VPN Client with transparent tunneling, what is true about the IPSec over TCP
option?
A. The port number is negotiated automatically.
B. Clients will have access to the secured tunnel and local resources.
C. The port number must match the configuration on the secure gateway.
D. Packets are encapsulated using Protocol 50 (Encapsulating Security Payload, or ESP).
Answer:C
3. Which two statements about common network attacks are true? (Choose two.)
A. Access attacks can consist of password attacks, trust exploitation, port redirection, and man-in-the-middle
attacks.
B. Access attacks can consist of password attacks, ping sweeps, port scans, and man-in-the-middle attacks.
C. Access attacks can consist of packet sniffers, ping sweeps, port scans, and man-in-the-middle attacks.
D. Reconnaissance attacks can consist of password attacks, trust exploitation, port redirection and Internet
information queries.
E. Reconnaissance attacks can consist of packet sniffers, port scans, ping sweeps, and Internet information
queries.
F. Reconnaissance attacks can consist of ping sweeps, port scans, man-in-middle attacks and Internet information
queries.
Answer:AE

4. Which two statements about worms, viruses, or Trojan horses are true? (Choose two.)
A. A Trojan horse has three components: an enabling vulnerability, a propagation mechanism, and a payload.
B. A Trojan horse virus propagates itself by infecting other programs on the same computer.
C. A virus cannot spread to a new computer without human assistance.
D. A virus has three components: an enabling vulnerability, a propagation mechanism, and a payload.
E. A worm can spread itself automatically from one computer to the next over an unprotected network.
F. A worm is a program that appears desirable but actually contains something harmful.
Answer:CE

5. Which two statements about management protocols are true? (Choose two.)
A. Syslog version 2 or above should be used because it provides encryption of the syslog messages.
B. NTP version 3 or above should be used because these versions support a cryptographic authentication
mechanism between peers.
C. SNMP version 3 is recommended since it provides authentication and encryption services for management

packets.
D. SSH, SSL and Telnet are recommended protocols to remotely manage infrastructure devices.
E. TFTP authentication (username and password) is sent in an encrypted format, and no additional encryption is
required.
Answer:BC

6. Which two statements about the Cisco AutoSecure feature are true? (Choose two.)
A. All passwords entered during the AutoSecure configuration must be a minimum of 8 characters in length.
B. Cisco123 would be a valid password for both the enable password and the enable secret commands.
C. The auto secure command can be used to secure the router login as well as the NTP and SSH protocols.
D. For an interactive full session of AutoSecure, the auto secure login command should be used.
E. If the SSH server was configured, the 1024 bit RSA keys are generated after the auto secure command is
enabled.
Answer:CE
7. Which three statements are correct about MPLS-based VPNs? (Choose three.)
A. Route Targets (RTs) are attributes attached to a VPNv4 BGP route to indicate its VPN membership.
B. Scalability becomes challenging for a very large, fully meshed deployment.
C. Authentication is done using a digital certificate or pre-shared key.
D. A VPN client is required for client-initiated deployments.
E. A VPN client is not required for users to interact with the network.
F. An MPLS-based VPN is highly scalable because no site-to-site peering is required.
Answer:AEF

8. Which IPsec mode will encrypt a GRE tunnel to provide multiprotocol support and reduced overhead?
A. 3DES
B. multipoint GRE
C. tunnel
D. transport
Answer:D
9. Which two statements are true about broadband cable (HFC) systems? (Choose two.)
A. Cable modems only operate at Layer 1 of the OSI model.
B. Cable modems operate at Layers 1 and 2 of the OSI model.
C. Cable modems operate at Layers 1, 2, and 3 of the OSI model.
D. A function of the cable modem termination system (CMTS) is to convert the modulated signal from the cable
modem into a digital signal.
E. A function of the cable modem termination system is to convert the digital data stream from the end user host
into a modulated RF signal for transmission onto the cable system.
Answer:BD
Free down:Testinside cisco ccnp iscw 642-825 v3.68

http://rapidshare.com/files/137044192/TestInside_642-825_v3.68.rar.html

New pass4sure iscw 642-825 

 latest testking ccnp 642-825

password:www.ciscoexams.org