Exam 642-524 study material Made available by Testkingprep.com
Free 642-524 Exam Preparation Questions Exam 642-524: Securing Networks with ASA Foundation
For Latest 642-524 Exam Questions and study guides- visit- http://www.testkingprep.com/642-524.html
Question:1 In the default global policy, which three traffic types are inspected by default? (Choose three.) A. FTP B. ICMP C. TFTP D. ESMTP Answer: A, C, D Question:2 When are duplicate objects allowed in object groups? A. when a group object is included, which causes the group hierarchy to become circular B. never C. always, because there are no conditions or restrictions D. when they are due to the inclusion of group objects Answer: D Question:3 You are the network security administrator for the P4S company. You create an FTP inspection policy including the strict option, and it is applied to the outside interface of the corporate adaptive security appliance. How to handle FTP on the security appliance after this policy is applied? (Choose three.) A. FTP inspection is applied to traffic entering the inside interface. B. FTP inspection is applied to traffic exiting the inside interface. C. Strict FTP inspection is applied to traffic exiting the outside interface. D. Strict FTP inspection is applied to traffic entering the outside interface. Answer: A, C, D Question:4 For the following commands, which one would configure the adaptive security appliance to use an ACS server for console access authentication? A. aaa authentication console SRVGRP1 B. aaa authentication serial console LOCAL C. aaa authentication serial console SRVGRP1 LOCAL D. aaa authentication console LOCAL Answer: C Question:5 At the headquarter of the P4S company, the adaptive security appliance has recently been logging more threats and anomalies than usual. Its network security department is unsure of the severity of these potential threats and anomalies. This department would like to gather information on threat-related protocols and ports to get a broader view of the overall situation and determine what action to take. For instance, the administrator of this company would like to know about bursts on a particular port or protocol or on a set of ports and protocols. Which set of steps should be taken to obtain this information? A. Use the Threat Detection panel in Cisco ASDM to enable scanning threat detection. Then use the Cisco ASDM Firewall Dashboard to view the port and protocol statistics. B. Use the Threat Detection panel in Cisco ASDM to enable port and protocol statistics. Then use the show threat-detection statistics port and the show threat-detection statistics protocol commands to view the statistics. C. Use the Service Policy Rules panel in Cisco ASDM to configure a global inspection policy. Then use the Cisco ASDM Device Dashboard to view the port and protocol statistics. D. Use the Service Policy Rules panel in Cisco ASDM to configure a global inspection policy. Then use the show threat-detection rate command to view the statistics. Answer: B
For Latest 642-524 Exam Questions and study guides- visit- http://www.testkingprep.com/642-524.html
Question:6 Study the exhibit carefully. When the show failover command has returned this output, what is the problem with the failover configuration? P4S-fw2# show failover Failover ON Cable status: Other side not connected Failover unit Primary Failover LAN Interface: N/A-Serial-based failover enabled Unit Poll frequency 15 seconds, holdtime 45 seconds Interface Poll frequency 15 seconds Interface Policy 1 Monitored Interfaces 3 of 250 maximum Last Failover at: 13:21:38 UTC Dec 10 2004 This host: Primary-Active Active time: 200(sec) Interface outside (192.168.2.2): Normal (Waiting) Interface inside (10.0.2.1): Normal (Waiting) Interface dmz (172.16.2.1): Normal (Waiting) Other host: Secondary-Not detected Active time : 0(sec) Interface outside (192.168.2.7): Unknown (Waiting) Interface inside (10.0.2.7): Unknown (Waiting) Interface dmz (172.16.2.7): Unknown (Waiting) Stateful Failover Logical Update Statistics Link: Unconfigured A. The poll frequency is set too high to detect the secondary failover security appliance. B. The failover cable is not connected to the secondary failover security appliance. C. There is no problem; the timer that detects the secondary failover security appliance has not expired. D. The LAN-based failover interface has been shut down on the security appliance. Answer: B Question:7 While setting up a remote access VPN, which three items does the Cisco ASDM IPsec VPN Wizard require you to configure? (Choose three.) A. tunnel group name B. a pool of addresses to be assigned to remote users C. peer IP address D. IPsec encryption and authentication parameters Answer: A, B, D Question:8 You have configured the security appliance and an AAA server for authentication. Why does Telnet and FTP authentication work normally but HTTP authentication does not? A. You must specify HTTPS authentication in your configuration. B. The AAA server is not properly configured to accept HTTP authentication requests. C. You have not enabled HTTP authorization, which is required for HTTP authentication. D. HTTP reauthentication may be taking place with the web browser sending the cached username and password back to the security appliance. Answer: D Question:9 Cisco ASDM helps you manage network and application security more effectively while improving operational efficiency. You work as a network administrator for ABC company. And you use the IPsec VPN Wizard to configure a site-to-site VPN in Cisco ASDM. Now you would like to modify the crypto ACL to specify different protected traffic. Where should you go in Cisco ASDM to accomplish this task? A. Configuration > Site-to-Site VPN > Connection Profiles B. Configuration > Site-to-Site VPN > Advanced > System Options C. Configuration > Site-to-Site VPN > Group Policies D. Configuration > Site-to-Site VPN > Advanced > IKE Policies Answer: A Question:10 An administrator wants to protect a DMZ web server from SYN flood attacks. Which three of these commands, used individually, would allow the administrator to place limits on the number of embryonic connections? (Choose three.) A. nat
For Latest 642-524 Exam Questions and study guides- visit- http://www.testkingprep.com/642-524.html
B. access-list C. static D. set connection Answer: A, C, D Question:11 Which three items are standards to identify a set of Layer 3/4 through traffic? (Choose three.) A. VPN tunnel group B. MAC addresses C. default inspection traffic D. access control list Answer: A, C, D Question:12 Which one of the following commands would offer interface IP information, the interface operational status, and the interface configuration method for an adaptive security appliance? A. show interface detail B. show interface ip brief C. show ip interface D. show interface stats Answer: B Question:13 How to differ a transparent mode security appliance from a routed mode security appliance? (Choose two.) A. It does not support security levels on the interfaces. B. It is not seen as a router hop to connected devices. C. It can pass traffic that cannot be passed by a security appliance in routed mode. D. It is seen as a router hop to connected devices. Answer: B, C Question:14 Why include a deny statement at the end of an ACL, even though the implicit deny at the end of the ACL will block traffic as needed? A. You can view the hit counters with the show access-list command. B. As a back-up, in case the implicit deny does not work. C. There is no reason to include the deny statement. D. You can enable the turbo ACL feature for individual ACLs. Answer: A Question:15 While creating an IPsec site-to-site VPN, which parameters must be defined in an IKE policy? A. message encryption algorithm B. message integrity (hash) algorithm C. key exchange parameters (DH group ID) D. peer authentication method Answer: A, B, C, D Question:16 Cisco's Adaptive Security Appliance (ASA) earns the silver in the network firewall category of our 2008 Product Leadership Awards. According to the exhibit. The ASA administrator is tasked to filter a single website on a host with the IP address 10.10.11.4, but allow access to all other websites. The administrator inputs the commands displayed and then executes them. Which two purposes are of the following commands? (Choose two.)
For Latest 642-524 Exam Questions and study guides- visit- http://www.testkingprep.com/642-524.html
P4S-asa1(config)# filter url http 0 0 0 0 P4S-asa1(config)# filter url except 10.10.11.4 255.255.255.255 00 A. allow access to all website except those hosted at IP address 10.10.11.4 B. filter the URLs found at the host with the IP address 10.10.11.4 C. filter all URL requests D. cause URL requests from the address 10.10.11.4 to be exempted from filtering Answer: C, D
For Latest 642-524 Exam Questions and study guides- visit- http://www.testkingprep.com/642-524.html
For complete Exam 642-524 Training kits and Self-Paced Study Material Visit: http://www.testkingprep.com/642-524.html
http://www.testkingprep.com/
For Latest 642-524 Exam Questions and study guides- visit- http://www.testkingprep.com/642-524.html