Exam A QUESTION 1 An XYZ Corporation systems engineer, while making a sales call on the ABC Corporation headquarters, tried to access the XYZ sales de

Similar documents
Exam4Tests. Latest exam questions & answers help you to pass IT exam test easily

Cisco Passguide Exam Questions & Answers

Cisco Exam Questions & Answers

SASSL v1.0 Managing Advanced Cisco SSL VPN. 3 days lecture course and hands-on lab $2,495 USD 25 Digital Version

CCNP Security VPN

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Secure Access Solutions. Version: Demo

Exam Questions

Exam : JN Title : Juniper Networks Certified Internet Assoc(JNCIA-SSL) Exam. Version : Demo

Cisco CISCO Securing Networks with ASA Advanced. Practice Test. Version

ASACAMP - ASA Lab Camp (5316)

Cisco Exam Questions & Answers

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

JN0-355 Q&As. Junos Pulse Secure Access, Specialist (JNCIS-SA) Pass Juniper JN0-355 Exam with 100% Guarantee

Q&As Implementing Cisco Network Security

Implementing Core Cisco ASA Security (SASAC)

Vendor: Citrix. Exam Code: 1Y Exam Name: Implementing Citrix NetScaler 10.5 for App and Desktop Solutions. Version: Demo

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

Deploying Cisco ASA VPN Solutions v2.0 (VPN)

Vendor: Juniper. Exam Code: JN Exam Name: Junos Pulse Access Control, Specialist (JNCIS-AC) Version: Demo

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee

Cisco - ASA Lab Camp v9.0

Vendor: Citrix. Exam Code: 1Y Exam Name: Implementing Citrix NetScaler 10 for App and Desktop Solutions. Version: Demo

Vendor: Cisco. Exam Code: Exam Name: Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0. Version: Demo

Q&As Check Point Certified Security Administrator

Vendor: Citrix. Exam Code: 1Y Exam Name: Designing, Deploying and Managing Citrix XenMobile Solutions. Version: Demo

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

CCNP Security: Securing Networks with ASA VPNs

Vendor: Citrix. Exam Code: 1Y Exam Name: Managing Citrix XenDesktop 7 Solutions Exam. Version: Demo

Exam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo

New Features for ASA Version 9.0(2)

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Create and Apply Clientless SSL VPN Policies for Accessing. Connection Profile Attributes for Clientless SSL VPN

1Y0-371 Q&As. Designing, Deploying and Managing Citrix XenMobile 10 Enterprise Solutions. Pass home 1Y0-371 Exam with 100% Guarantee

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

HC-711 Q&As. HCNA-CBSN (Constructing Basic Security Network) - CHS. Pass Huawei HC-711 Exam with 100% Guarantee

Vendor: Cisco. Exam Code: Exam Name: Cisco Interconnecting Cisco Networking Devices Part 1 (ICND1 v3.0) Version: Demo

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Threat Control Solutions. Version: Demo

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

Cisco Exam Implementing Cisco Network Security Version: 12.0 [ Total Questions: 186 ]

Cisco Secure Desktop (CSD) on IOS Configuration Example using SDM

Vendor: Microsoft. Exam Code: Exam Name: MTA Security Fundamentals Practice Test. Version: Demo

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

H Q&As. HCNA-HNTD (Huawei Network Technology and Device) Pass Huawei H Exam with 100% Guarantee

Cisco ASA 5500 LAB Guide

Cisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant

Contents. Introduction. Prerequisites. Requirements. Components Used

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

ASDM Book 3: Cisco ASA Series VPN ASDM Configuration Guide, 7.6

Integration Guide. SafeNet Authentication Manager. Using RADIUS Protocol for Cisco ASA

Juniper Exam JN0-314 Junos Pulse Access Control, Specialist (JNCIS-AC) Version: 7.0 [ Total Questions: 222 ]

Implementing Cisco Network Security (IINS) 3.0

AnyConnect on Mobile Devices

Expressway for Mobile and Remote Access Deployments, page 1 Cisco AnyConnect Deployments, page 9 Survivable Remote Site Telephony, page 17

Networks with Cisco NAC Appliance primarily benefit from:

Pass Citrix 1Y0-306 Exam

Vendor: CompTIA. Exam Code: Exam Name: CompTIA A+ Certification Exam (902) Version: Demo

Firepower Threat Defense Remote Access VPNs

Cisco AnyConnect Secure Mobility Client

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

1.1 Configuring HQ Router as Remote Access Group VPN Server

HySecure Quick Start Guide. HySecure 5.0

BIG-IP Access Policy Manager : Visual Policy Editor. Version 12.1

Q&As. Implementing Cisco Collaboration Devices v1.0. Pass Cisco Exam with 100% Guarantee

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Configuring L2TP over IPsec

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

Vendor: Microsoft. Exam Code: Exam Name: TS: Microsoft System Center Operations Manager 2007, Configuring. Version: Demo

Juniper JN0-570 JNCIS-SSL. Download Full Version :

Fundamentals of Network Security v1.1 Scope and Sequence

REMOTE ACCESS IPSEC. Course /14/2014 Global Technology Associates, Inc.

Remote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN

A. Verify that the IKE gateway proposals on the initiator and responder are the same.

MWA Deployment Guide. VPN Termination from Smartphone to Cisco ISR G2 Router

Cisco Exam Questions & Answers

Remote Access VPN. Remote Access VPN Overview. Maximum Concurrent VPN Sessions By Device Model

DEMO QUESTION 1 An engineer is performing an international multisite deployment and wants to create an effective backup method to access TEHO destinat

Vendor: Citrix. Exam Code: 1Y Exam Name: Managing Citrix XenDesktop 7.6 Solutions. Version: Demo

Support Device Access

ActualTorrent. Professional company engaging Providing Valid Actual Torrent file for qualification exams.

NAC Appliance (Cisco Clean Access) In Band Virtual Gateway for Remote Access VPN Configuration Example

The VPN menu and its options are not available in the U.S. export unrestricted version of Cisco Unified Communications Manager.

ASA 8.x Dynamic Access Policies (DAP) Deployment Guide

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Exam Actual. Higher Quality. Better Service! QUESTION & ANSWER

Deployment of Cisco IP Mobility Solution on Enterprise Class Teleworker Network

CISCO EXAM QUESTIONS & ANSWERS

L2TP over IPsec. About L2TP over IPsec/IKEv1 VPN

Q&As. Windows Operating System Fundamentals. Pass Microsoft Exam with 100% Guarantee

Network Security CSN11111

SAS and F5 integration at F5 Networks. Updates for Version 11.6

Cisco Exam Questions & Answers

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

CISCO EXAM QUESTIONS & ANSWERS

Vendor: Riverstone. Exam Code: Exam Name: Riverbed Certified Solutions Associate. Version: Demo

Cisco NAC Network Module for Integrated Services Routers

Contents. Introduction. Prerequisites. Requirements. Components Used

Configuring LAN-to-LAN IPsec VPNs

TECHNOLOGY Introduction The Difference Protection at the End Points Security made Simple

Secure Mobility. Klaus Lenssen Senior Business Development Manager Security

SAM 8.0 SP2 Deployment at AWS. Version 1.0

Transcription:

Cisco 642-647 Deploying Cisco ASA VPN Solutions (VPN v1.0) Version: Demo https://.com

Exam A QUESTION 1 An XYZ Corporation systems engineer, while making a sales call on the ABC Corporation headquarters, tried to access the XYZ sales demonstration folder to transfer a demonstration via FTP from an ABC conference room behind the firewall. The engineer could not reach XYZ through the remote-access VPN tunnel. From home the previous day, however, the engineer connected to the XYZ sales demonstration folder and transferred the demonstration via IPsec over DSL. To get the connection to work and transfer the demonstration, what can you suggest? A. Change the MTU size on theipsec client to account for the change from DSL to cable transmission. B. Enable the local LAN access option on theipsec client. C. Enable theipsec over TCP option on the IPsec client. D. Enable the clientless SSL VPN option on the PC Correct Answer: A /Reference: QUESTION 2 Refer to the exhibit. For the ABC Corporation, members of the NOC need the ability to select tunnel groups from a drop-down menu on the Cisco IOS WebVPN login page. As the Cisco ASA administrator, how would you accomplish this task? A. Define a special identity certificate with multiple groups that are defined in the certificate OU field that will grant the certificate holder access to the named groups on the login page. B. Under Group Policies, define a default group that encompasses the required individual groups that would appear on the login page. C. Under Connection Profiles, define a NOC profile that encompasses the required individual profiles that would appear on the login page. D. Under Connection Profiles, enable group selection from the login page. /Reference: QUESTION 3 Which four parameters must be defined in an ISAKMP policy when creating an IPsec site-to-site VPN using the Cisco ASDM? (Choose four.) A. encryption algorithm B. hash algorithm C. authentication method D. IP address of remoteipsec peer E. D-H group F. perfect forward secrecy Correct Answer: ABCE https://.com

/Reference: QUESTION 4 An administrator has preconfigured the Cisco ASA 5505 user settings with a username and a password. When the telecommuter first turns on the Cisco ASA 5505 and attempts to establish a VPN tunnel, the user is prompted for a username and password. Which two Cisco ASA 5505 Group Policy features require this extra level of authentication? (Choose two.) A. New Unit Authentication B. Extended Group Authentication C. Secure Unit Authentication D. Role-Based Access Control Authentication E. Compartmented Mode Authentication F. Individual User Authentication Correct Answer: CF /Reference: QUESTION 5 Refer to the exhibit. Which two statements are correct regarding these two Cisco ASA clientless SSL VPN bookmarks? (Choose two.) A. CSCO_WEBVPN_USERNAME is a user attribute. B. CSCO_WEBVPN_USERNAME is a Cisco predefined variable that is used for macro substitution. C. The CSCO_WEBVPN_USERNAME variable is enabled by using the Post SSO plug-in. D. CSCO_SSO is a Cisco predefined variable that is used for macro substitution. E. The CSCO_SSO=1 parameter enables SSO for the SSH plug-in. F. The CSCO_SSO variable is enabled by using the Post SSO plug-in. Correct Answer: BE /Reference: QUESTION 6 Which Cisco ASA SSL VPN feature provides support for PCI compliance by allowing for the validation of two sets of username and password credentials on the SSL VPN login page? A. Single Sign-On B. Certificate to Profile Mapping C. Double Authentication D. RSA OTP /Reference: QUESTION 7 Which two types of digital certificate enrollment processes are available for the Cisco ASA security appliance? (Choose two.) A. LDAP B. FTP C. TFTP D. HTTP E. SCEP F. Manual Correct Answer: EF /Reference: QUESTION 8 Your corporate finance department purchased a new non-web-based TCP application tool to run on one of its servers. The finance employees need remote access to the software during non- business hours. The employees do not have "admin" privileges to their PCs. How would you configure the SSL VPN tunnel to allow this application to run? A. Configure a smart tunnel for the application. B. Configure a "finance tool" VNC bookmark on the employee clientless SSL VPN portal. C. Configure the plug-in that best fits the application. D. Configure the Cisco ASA appliance to download the CiscoAnyConnect SSL VPN client to the finance employee each time an SSL VPN tunnel is established. Correct Answer: A https://.com

/Reference: QUESTION 9 "Pass Any Exam. Any Time." - www.actualtests.com 5 Cisco 642-647: Practice Exam Refer to the exhibit. A new network engineer configured the ABC adaptive security appliance with two bookmarks for a new temporary employee. The temporary worker can connect to the administrator server via the temp_worker_admin bookmark but cannot connect to the project server via the temp_worker_projects (greyed-out) bookmark. It was determined that the URL and IP addressing information in the GUI screens is correct. What is wrong with the configuration? A. URL Entry should be enabled. B. The File Server Entry Inherit parameter should be overwritten and set for enabled. C. The DNS server information is incorrect. D. File Server Browsing should be enabled Correct Answer: C /Reference: QUESTION 10 "Pass Any Exam. Any Time." - www.actualtests.com 6 Cisco 642-647: Practice Exam https://.com

Refer to the exhibit. When an SSL VPN user, contractor1, enters https://192.168.4.2 (the outside address of the Cisco ASA appliance) into the browser, an SSL VPN Login screen appears. Along with the information that is contained in the Cisco ASDM configuration screens, what can an administrator determine about the state of the connection after the user clicks the Login button? A. The user login will succeed and an IP address of 10.0.4.120 will be assigned. B. The user will be presented with a clientless VPN portal page. C. The user login will succeed but the user will be connected to the "contractor" tunnel group. D. The login will fail. /Reference: QUESTION 11 Which two statements about the Cisco ASA load balancing feature are correct? (Choose two.) A. The Cisco ASA load balances both site-to-site and remote-access VPN tunnels. B. The Cisco ASA load balances remote-access VPN tunnels only. C. The Cisco ASA load balances IPsec VPN tunnels only. D. The Cisco ASA load balances IPsec VPN and Cisco AnyConnect SSL VPN tunnels only. E. The Cisco ASA load balances IPsec VPN, clientless, and Cisco AnyConnect SSL VPN tunnels Correct Answer: B /Reference: QUESTION 12 A Cisco AnyConnect user profile can be pushed to the PC of a remote user from a Cisco ASA. Which three user profile parameters are configurable? (Choose three.) A. Backup Server list B. DTLS Override C. Auto Reconnect D. Simultaneous Tunnels E. Connection Profile Lock F. Auto Update Correct Answer: ACF /Reference: QUESTION 13 Refer to the exhibit. Today was the first day on a new project for an offsite temporary worker at the XYZ Corporation. The worker was told to launch the SSL VPN session and then use the smart- tunnel application to start a remote desktop application on the project server, projects_server.xyz.com. The worker looked at the portal screen that was provided but did not know how to access the smart-tunnel application. As the help desk person, what can you recommend that the temporary worker do? A. Click the Web Applications button. B. Click the Applications Access button. C. Click the Browse Networks button. D. On the Home page, click the Address drop-down menu, choose RDP://, and fill in the destination host name, projects_server.abc.com. Correct Answer: B /Reference: QUESTION 14 ABC Corporation hired a temporary worker to help out with a new project. The network administrator tasked you with restricting the internal clientless SSL VPN network access of the temporary worker to one server with the IP address of 172.26.26.50 via HTTP. Which two statements would complete the assignment? (Choose two.) https://.com

A. Configure access-listtemp_acl webtype permit url http://172.26.26.50. B. Configure access-listtemp_acl_stand_acl standard permit host 172.26.26.50. C. Configure access-listtemp_acl_extended extended permit http any host 172.26.26.50. D. Apply the access list to the temporary worker Group Policy. E. Apply the access list to the temporary worker Connection Profile. F. Apply the access list to the outside interface in the inbound direction Correct Answer: AD /Reference: QUESTION 15 In clientless SSL VPN, administrators can control user access to the internal network or resources of a company, based on what? A. interface ACLs B. webtype ACLs C. per-user or per-group ACLs D. MPF-configured service policies Correct Answer: B /Reference: QUESTION 16 When attempting to tunnel FTP traffic through a stateful firewall that may be performing NAT or PAT, which type of VPN tunneling should be used to allow the VPN traffic through the stateful firewall? A. clientless SSL VPN B. IPsec over TCP C. Smart Tunnel D. SSL VPN plug-ins Correct Answer: B /Reference: QUESTION 17 "Pass Any Exam. Any Time." - www.actualtests.com 11 Cisco 642-647: Practice Exam Refer to the exhibit. When testing SSL VPN in a nonproduction environment, certain variables in the Cisco ASDM session details can be viewed or changed under Configuration > AnyConnect Connection Profiles. Which parameter can be viewed or changed in the AnyConnect Connection Profiles? A. Assigned IP address 10.0.4.120 B. Client Type: SSL VPN Client C. Authentication Mode: Certificate and User Password D. ClientVer: Cisco AnyConnect VPN Agent for Windows Correct Answer: C /Reference: QUESTION 18 An IT manager and a security manager are discussing the deployment options for clientless SSL ActualTests.com VPN. They are trying to decide which groups are best suited for this new deployment option. Which two groups are the best candidates for the upcoming https://.com

clientless SSL VPN rollout? (Choose two.) A. IT administrator who needs to manage servers from a corporate laptop B. employees who need occasional access to check their mail accounts C. vendor who needs access to confidential corporate presentations via Secure FTP D. customers who need interactive access to your corporate invoice server Correct Answer: BC /Reference: QUESTION 19 Refer to the exhibit. You are configuring a laptop with the Cisco VPN Client, which will use digital certificates for authentication. Which protocol will the Cisco VPN Client use to retrieve the digital certificate from the CA server? A. FTP B. LDAP C. HTTPS D. SCEP E. OCSP /Reference: QUESTION 20 Upon receiving a digital certificate, what are three steps that a Cisco ASA will perform to authenticate the digital certificate? (Choose three.) A. The identity certificate validity period is verified against the system clock of the Cisco ASA. B. Identity certificates are exchanged duringipsec negotiations. C. The identity certificate signature is validated by using the stored root certificate. D. The signature is validated by using the stored identity certificate. E. If enabled, the Cisco ASA locates the CRL and validates the identity certificate. Correct Answer: ACE /Reference: QUESTION 21 You have been using pre-shared keys for IKE authentication on your VPN. Your network has grown rapidly, and now you need to create VPNs with numerous IPsec peers. How can you enable scaling to numerous IPsec peers? A. Migrate to external CA-based digital certificates authentication B. Migrate to a load balancing server. C. Migrate to a shared license server. D. Migrate fromipsec to SSL VPN client extended authentication Correct Answer: A /Reference: QUESTION 22 https://.com

Refer to the exhibit. A junior network engineer configured the corporate Cisco ASA appliance to accommodate a new temporary worker. For security reasons, the IT department wants to restrict the internal network access of the new temporary worker to the corporate server with an IP ActualTests.com address of 10.0.4.10. After the junior network engineer finished the configuration, the IT security specialist tested the account of the temporary worker. The tester was able to access the URLs of additional secure servers from the Cisco IOS WebVPN user account of the temporary worker. What did the junior network engineer configure incorrectly? A. The ACL was configured incorrectly. B. The ACL was applied incorrectly, or not applied. C. Network browsing was not restricted on the temporary worker group policy. D. Network browsing was not restricted on the temporary worker user policy Correct Answer: B /Reference: QUESTION 23 After adding a remote-access IPsec tunnel via the VPN wizard, an administrator needs to tune the IKE policy parameters. Where is the correct place to tune IKE policy parameters? A. CiscoIPsec VPN SW Client > Client Profile B. IPsec User Profile C. Group Policy D. IKE Policy E. Crypto Map /Reference: QUESTION 24 To enable the Cisco ASA Host Scan with remediation capabilities, an administrator must have which two Cisco ASA licenses enabled on its security appliance? (Choose two.) A. CiscoAnyConnect Premium license B. CiscoAnyConnect Essentials license C. CiscoAnyConnect Mobile license D. Host Scan license E. Advanced Endpoint Assessment license F. Cisco Security Agent license Correct Answer: AE /Reference: QUESTION 25 After adding a remote-access IPsec tunnel via the VPN wizard, an administrator needs to tune the IPsec policy parameters. Where is the correct place to tune the IPsec policy parameters in Cisco ASDM? A. IPsec user profile B. Crypto Map C. Group Policy D. IPsec policy E. IKE policy /Reference: QUESTION 26 Which three statements are Cisco AnyConnect VPN Client deployment options? (Choose three.) https://.com

A. Configure the CiscoAnyConnect profile to automatically launch client or clientless SSL VPN upon discovering a trusted network. B. Automatically download the CiscoAnyConnect VPN Client upon Cisco IOS WebVPN login. C. Prompt user upon Cisco IOSWebVPN login to select client or clientless SSL VPN within X seconds. D. Configure the CiscoAnyConnect profile to automatically disconnect the client or clientless SSL VPN tunnel upon discovering an untrusted network. E. User manually launches client from SSL VPN clientless portal. Correct Answer: BCE /Reference: QUESTION 27 An on-screen keyboard is a programmable SSL VPN option. Which three options are keyboard- configurable parameters that the administrator can enable or disable? (Choose three.) A. Show only if Secure Desktop Vault is disabled. B. Do not show onscreen keyboard. C. Show only for the login page. D. Show for all user input fields. E. Show for all portal pages that require authentication. F. Show for all plug-in pages. Correct Answer: BCE /Reference: QUESTION 28 Which three statements concerning keystroke logger detection are correct? (Choose three.) A. requires administrative privileges in order to run B. runs on Windows and MAC OS X systems C. detects loggers that run as a process or kernel module D. detects both hardware- and software-based keystroke loggers E. allows the administrator to define "safe" keystroke logger applications Correct Answer: ACE /Reference: QUESTION 29 Which statement is correct concerning the trusted network detection (TND) feature? A. The Cisco AnyConnect VPN Client v2.4 supports TND on Windows, Mac, and Linux platforms. B. With TND, one result of a Cisco Secure Desktop basic scan on an endpoint is to determine whether a device is a member of a trusted or an untrusted network. C. If enabled and a Cisco Secure Desktop advanced endpoint scan determines that a host is a member of anuntrusted network, an administrator can configure the TND feature to prohibit an end user from launching the Cisco AnyConnect VPN Client. D. When the user is inside the corporate network, TND can be configured to automatically disconnect a CiscoAnyConnect session. /Reference: QUESTION 30 Refer to the exhibit. When the user acecontractora Cisco AnyConnect tunnel is established, what type of Cisco ASA user restrictions are applied to the tunnel? A. full restrictions (no Cisco ASDM, no CLI, no console access) B. full restrictions (no read, no write, no execute permissions) C. full restrictions (CLI show commands and Cisco ASDM monitoring permissions only) D. full access with no restrictions https://.com

/Reference: QUESTION 31 For clientless SSL VPN users, bookmarks can be assigned to their portal. What are three methods for assigning bookmarks? (Choose three.) A. Connection Profiles B. Group Policies C. XML profiles D. LDAP or RADIUS attributes E. the portal customization tool F. User Policies Correct Answer: BDF /Reference: QUESTION 32 While a Cisco AnyConnect SSL VPN tunnel is established, a system administrator wants to restrict remote home office users to either print to their local printer or send the remaining traffic down the Cisco AnyConnect SSL VPN tunnel (with restricted Internet access). Choose both a tunnel policy option and an ACL type to accomplish this design goal. (Choose two.) A. Tunnel all networks B. Tunnel network list below C. Exclude network list from the tunnel D. Standard ACL E. Web ACL F. Extended ACL Correct Answer: CF /Reference: QUESTION 33 Which three webtype ACL statements are correct? (Choose three.) A. are assigned per-connection Profile B. are assigned per-user or per-group Policy C. can be defined in the CiscoAnyConnect Profile Editor D. supports URL pattern matching E. supports implicit deny all at the end of the ACL F. supports standard and extendedwebtype ACLs Correct Answer: BDE /Reference: QUESTION 34 The LAN-to-LAN tunnel is not established, but an administrator can ping the remote Cisco ASA. Which three IPsec LAN-to-LAN configuration parameters should the administrator verify at both ends of the tunnel? (Choose three.) ActualTests.com A. Pre-shared key B. Extended Authentication password C. Extended Authentication username D. Crypto ACL source IP address E. Crypto ACL destination IP address F. Tunnel connection type-originate or answer Correct Answer: ADE /Reference: QUESTION 35 https://.com

Refer to the exhibit. The ABC Corporation has a Cisco ASA in its test bed. A new network administrator is tasked with adding a smart-tunnel application to the existing configuration. The configuration will enable a "temp_worker" who is using Microsoft native RDP to have RDP access to server 10.0.4.4 only. Which statement is correct concerning the smart-tunnel configuration? A. Thewebtype access list is misconfigured. B. The smart-tunnel list parameter ismisconfigured. C. The smart-tunnel group-policy parameters aremisconfigured. D. The smart-tunnel configuration is configured correctly /Reference: QUESTION 36 Your corporation has contractors that need remote access to server desktops to diagnose issues and load software during nonbusiness hours. Which three clientless SSL VPN configurations would enable these contractors to access the desktop of remote servers? (Choose three.) A. Xwindows bookmark by using the Xwindows plug-in B. RDP bookmark by using the RDP plug-in C. SCP bookmark by using SCP plug-in D. VNC bookmark by using the VNC plug-in E. SSH bookmark by using the SSH plug-in F. Citrix plug-in by using the Citrix plug-in Correct Answer: BDF /Reference: QUESTION 37 Which four advanced endpoint assessment statements are correct? (Choose four.) A. examines the remote computer for personnel firewalls applications B. examines the remote computer for antivirus applications C. examines the remote computer for antispyware applications D. examines the remote computer for malware applications E. does not perform any remediation but provides input that can be evaluated by DAP records F. performs active remediation by applying rules, activating modules, and providing updates where applicable Correct Answer: ABCF /Reference: https://.com

QUESTION 38 A Unified Client Certificate will be used on the Cisco ASA to support what? A. certificate + double AAA authentication B. certificate + AAA authentication C. certificate maps D. Cisco ASA VPN clustering /Reference: QUESTION 39 ActualTests.com Refer to the exhibit. After a remote user established a Cisco AnyConnect session from a wireless card through the Cisco ASA appliance of a partner to a remote server, the user opened the Cisco AnyConnect VPN Client Statistics Details screen. Identify the two sources of the two IP addresses. (Choose two.) A. IP address that is assigned to the wireless Ethernet adapter of the remote user B. IP address that is assigned to the remote user from the Cisco ASA address pool C. IP address of the Cisco ASA physical interface of the partner D. IP address of the Cisco ASA virtual http server of the partner E. IP address of the default gateway router of the remote user ActualTests.com F. IP address of the default gateway router of the partner Correct Answer: BC /Reference: QUESTION 40 Which statement about plug-ins is false? A. Plug-insdo not require any installation on the remote system. B. Plug-ins require administrator privileges on the remote system C. Plug-ins support interactive terminal access. D. Plug-insare not supported on the Windows Mobile platform. Correct Answer: B /Reference: QUESTION 41 Authorization of a clientless SSL VPN defines the actions that a user may perform within a clientless SSLVPN session. Which statement is correct concerning the SSLVPN authorization process? A. Remote clients can be authorized by applying a dynamic access policy, which is configured on an external AAA server. B. Remote clients can be authorized externally by applying group parameters from an external database. C. Remote client authorization is supported by RADIUS and TACACS+ protocols. D. Remote clients can be authorized by selecting a clientless SSLVPN profile-based Group Policy name and applying the parameters of the named group from a local database. https://.com

Instant Download PDF And VCE 100% Passing Guar ----------------------------------------------------- To Read the Whole Q&As, please purchase the Complete Version from Our website. Trying our product! 100% Guaranteed Success 100% Money Back Guarantee 365 Days Free Update Instant Download After Purchase 24x7 Customer Support Average 99.9% Success Rate More than 69,000 Satisfied Customers Worldwide Multi-Platform capabilities - Windows, Mac, Android, iphone, ipod, ipad, Kindle Need Help Please provide as much detail as possible so we can best assist you. To update a previously submitted ticket: Guarantee & Policy Privacy & Policy Terms & Conditions Any charges made through this site will appear as Global Simulators Limited. All trademarks are the property of their respective owners. Copyright 2004-2015, All Rights Reserved. Get Latest & Actual IT Exam Dumps with VCE an https://.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback