Exam Actual. Higher Quality. Better Service! QUESTION & ANSWER

Similar documents
Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0)

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

KillTest. 半年免费更新服务

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

CISCO EXAM QUESTIONS & ANSWERS

v Number: Passing Score: 800 Time Limit: 120 min File Version: 12.39

CertifyMe. CertifyMe

Cisco CCNP Security Exam

CISCO EXAM QUESTIONS & ANSWERS

Exam Name: Implementing Cisco Edge Network Security Solutions

PrepKing. PrepKing

ActualTorrent. Professional company engaging Providing Valid Actual Torrent file for qualification exams.

PrepKing. PrepKing

Transparent or Routed Firewall Mode

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

Transparent or Routed Firewall Mode

ASACAMP - ASA Lab Camp (5316)

Cisco - ASA Lab Camp v9.0

Fundamentals of Network Security v1.1 Scope and Sequence

Implementing Core Cisco ASA Security (SASAC)

Implementing Cisco Network Security (IINS) 3.0

About This Guide. Document Objectives. Audience

Cisco CISCO Securing Networks with ASA Advanced. Practice Test. Version

Access Rules. Controlling Network Access

Firewall Mode Overview

Cisco Exam. Volume: 223 Questions. Question No: 1 Which three commands can be used to harden a switch? (Choose three.)

Cisco CCIE Security Written.

Cisco Exam Implementing Cisco Network Security Version: 12.0 [ Total Questions: 186 ]

UniNets CCNA Security LAB MANUAL UNiNets CCNA Cisco Certified Network Associate Security LAB MANUAL UniNets CCNA LAB MANUAL

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

ASA/PIX Security Appliance

Migrating to the Cisco ASA Services Module from the FWSM

Introduction to the ASA

New Features for ASA Version 9.0(2)

Cisco Passguide Exam Questions & Answers

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

PIX Security Appliance Contexts, Failover, and Management

Information About NAT

Configuring TCP State Bypass

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title.

ASA 7.x/PIX 6.x and Above: Open/Block the Ports Configuration Example

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

CISCO EXAM QUESTIONS & ANSWERS

Technology Scenarios. INE s CCIE Security Bootcamp - 1 -

ASA Access Control. Section 3

CCNA Security. Implementing Cisco Network Security Version: 5.0

Firewall Core for CCIE Candidates By Rafael Leiva-Ochoa

Bridging Traffic CHAPTER3

CISCO EXAM QUESTIONS & ANSWERS

CCNA Security. 2.0 Secure Access. 1.0 Security Concepts

Cisco Exam Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) Version: 6.0 [ Total Questions: 79 ]

Exam Questions

IT Exam Training online / Bootcamp

Cisco ASA Software Release 8.2

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco IP Routing (ROUTE v2.0) Version: Demo

Routing Overview. Information About Routing CHAPTER

ASA Cluster for the Firepower 9300 Chassis

Downloaded from: justpaste.it/i2os

: Saved : : Serial Number: JMX1813Z0GJ : Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz : Written by enable_15 at 09:21: UTC Thu Dec !

Configuring an IP ACL

AAA and the Local Database

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Access Control Lists. About ACLs. ACL Types

Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance

CCNP Security VPN

HC-711 Q&As. HCNA-CBSN (Constructing Basic Security Network) - CHS. Pass Huawei HC-711 Exam with 100% Guarantee

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

ASA 8.X and later: Add or Modify an Access List through the ASDM GUI Configuration Example

Introduction to the Cisco ASA

ASA Cluster for the Firepower 9300 Chassis

Web server Access Control Server

Configuring Management Access

This section describes the clustering architecture and how it works. Management access to each ASA for configuration and monitoring.

Implementing Cisco Network Security

Clientless SSL VPN Overview

Chapter 5. Security Components and Considerations.

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

SSL VPN Configuration of a Cisco ASA 8.0

Setting General VPN Parameters

Implementing Cisco Edge Network Security Solutions ( )

Question: 1 An engineer is using the policy trace tool to troubleshoot a WSA. Which behavior is used?

cisco. Number: Passing Score: 800 Time Limit: 120 min.

Configuring Traffic Interception

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Threat Control Solutions. Version: Demo

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

Configuring Web Cache Services By Using WCCP

Deploying Cisco ASA Firewall Features (FIREWALL) v1.0. Global Knowledge European Remote Labs Instructor Guide

Configuring Role-Based Access Control

Failover for High Availability

ITdumpsFree. Get free valid exam dumps and pass your exam test with confidence

CCNA Security Official Cert Guide First Edition. Copyright 2015 Cisco Systems, Inc. ISBN-10: ISBN-13:

Some features are not supported when using clustering. See Unsupported Features with Clustering, on page 11.

Cisco Exam Questions & Answers

Exam A QUESTION 1 An XYZ Corporation systems engineer, while making a sales call on the ABC Corporation headquarters, tried to access the XYZ sales de

PIX/ASA: PPPoE Client Configuration Example

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL II. VERSION 2.0

CCNA Security v2.0 Chapter 9 Exam Answers

Overview 1. Service Features 1

Transcription:

Higher Quality Better Service! Exam Actual QUESTION & ANSWER Accurate study guides, High passing rate! Exam Actual provides update free of charge in one year! http://www.examactual.com

Exam : 642-617 Title : Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0) Version : Demo 1 / 8

1.hich Cisco ASA feature enables the ASA to do these two things? 1) Act as a proxy for the server and generate a SYN-ACK response to the client SYN request. 2) When the Cisco ASA receives an ACK back from the client, the Cisco ASA authenticates the client and allows the connection to the server. A. TCP normalizer B. TCP state bypass C. TCP intercept D. basic threat detection E. advanced threat detection F. botnet traffic filter Answer: C 2.By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without explicitly allowing it using an ACL.? A. ARP B. BPDU C. CDP D. OSPF multicasts E. DHCP Answer: A 3.Referto the exhibit. Which Cisco ASA feature can be configured using this Cisco ASDM screen? A. Cisco ASA command authorization using TACACS+ B. AAA accounting to track serial, ssh, and telnet connections to the Cisco ASA C. Exec Shell access authorization using AAA D. cut-thru proxy E. AAA authentication policy for Cisco ASDM access Answer: D 4.Refer to the exhibit. 2 / 8

The Cisco ASA is dropping all the traffic that is sourced from the internet and is destined to any security context inside interface. Which configuration should be verified on the Cisco ASA to solve this problem? A. The Cisco ASA has NAT control disabled on each security context. B. The Cisco ASA is using inside dynamic NAT on each security context. C. The Cisco ASA is using a unique MAC address on each security context outside interface. D. The Cisco ASA is using a unique dynamic routing protocol process on each security context. E. The Cisco ASA packet classifier is configured to use the outside physical interface to assign the packets to each security context. Answer: C 5.Which four types of ACL object group are supported on the Cisco ASA (release 8.2)? (Choose four.) A. protocol B. network C. port D. service E. icmp-type F. host Answer: A,B,D,E 6.Refer to the exhibit. 3 / 8

Which two CLI commands will result? (Choose two. ) A. aaa authorization network LOCAL B. aaa authorization network default authentication-server LOCAL C. aaa authorization command LOCAL D. aaa authorization exec LOCAL E. aaa authorization exec authentication-server LOCAL F. aaa authorization exec authentication-server Answer: C,D 7.Refer to the exhibit. Which two statements about the class maps are true? (Choose two.) A. These class maps are referenced within the global policy by default for HTTP inspection. B. These class maps are all type inspect http class maps. C. These class maps classify traffic using regular expressions. D. These class maps are Layer 3/4 class maps. E. These class maps are used within the inspection_default class map for matching the default inspection 4 / 8

traffic. Answer: B,E 8.Refer to the exhibit. A Cisco ASA in transparent firewall mode generates the log messages seen in the exhibit. What should be configured on the Cisco ASA to allow the denied traffic? A. extended ACL on the outside and inside interface to permit the multicast traffic B. EtherType ACL on the outside and inside interface to permit the multicast traffic C. stateful packet inspection D. static ARP mapping E. static MAC address mapping Answer: A 9.The Cisco ASA must support dynamic routing and terminating VPN traffic. Which three Cisco ASA options will not support these requirements? (Choose three.) A. transparent mode B. multiple context mode C. active/standby failover mode D. active/active failover mode E. routed mode F. no NAT-control Answer: A,B,D 10.Refer to the exhibits. 5 / 8

Which five options should be entered into the five fields in the Cisco ASDM Add Static Policy NAT Rule screen? (Choose five.) access-list POLICY_NAT_ACL extended permit ip host 172.16.0.10 10.0.1.0 255.255.255.0 static (dmz,outside) 192.168.2.10 access-list POLICY_NAT_ACL A. dmz = Original Interface B. outside = Original Interface C. 172.16.0.10 = Original Source D. 192.168.2.10 = Original Source E. 10.0.1.0/24 = Original Destination F. 192.168.2.10 = Original Destination G. dmz = Translated Interface H. outside = Translated Interface I. 192.168.2.10 = Translated Use IP Address J. 172.16.0.10 = Translated Use IP Address Answer: A,C,E,H,I 11.By default, which access rule is applied inbound to the inside interface? A. All IP traffic is denied. B. All IP traffic is permitted. C. All IP traffic sourced from any source to any less secure network destinations is permitted. D. All IP traffic sourced from any source to any more secure network destinations is permitted Answer: C 12.In which type of environment is the Cisco ASA MPF set connection advanced-options tcp-statebypass option the most useful? 6 / 8

A. SIP proxy B. WCCP C. BGP peering through the Cisco ASA D. asymmetric traffic flow E. transparent firewall Answer: D 13.Which Cisco ASA platform should be selected if the requirements are to support 35,000 connections per second, 600,000 maximum connections, and traffic shaping? A. 5540 B. 5550 C. 5580-20 D. 5580-40 Answer: B 14.Refer to the exhibit. What is the resulting CLI command? A. match request uri regex _default_gotomypc-tunnel drop-connection log B. match regex _default_gotomypc-tunnel drop-connection log C. class _default_gotomypc-tunnel drop-connection log D. match class-map _default_gotomypc-tunnel drop-connection log Answer: C 7 / 8

15.A customer is ordering a number of Cisco ASAs for their network. For the remote or home office, they are purchasing the Cisco ASA 5505. When ordering the licenses for their Cisco ASAs, which two licenses must they order that are "platform specific" to the Cisco ASA 5505? (Choose two.) A. AnyConnect Essentials license B. per-user Premium SSL VPN license C. VPN shared license D. internal user licenses E. Security Plus license Answer: D,E 8 / 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback