Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
26 Cards in this Set
- Front
- Back
|
Which three security features do ASA models 5505 and 5510 support by default? (Choose three.) |
stateful firewall intrusion prevention system |
|
Refer to the exhibit. Two types of VLAN interfaces were configured on an ASA 5505 with a Base license. The administrator wants to configure a third VLAN interface with limited functionality. Which action should be taken by the administrator to configure the third interface? |
the administrator must enter the no forward interface vlan command before the nameif command on the third interface. |
|
|
When the ASA recognizes that the incoming packets are part of an already established connection, which three fast path tasks are executed? (Choose three.) |
performing TCP sequence number checks performing IP checksum verification |
|
Refer to the exhibit. What will be displayed in the output of the show running-config objectcommand after the exhibited configuration commands are entered on an ASA 5505? |
range 192.168.1.10 192.168.1.20 |
|
Refer to the exhibit. An administrator has entered the indicated commands on an ASA 5505. Based on the information presented, what type of remote access VPN has the administrator configured? |
a clientless SSL VPN via a web browser |
|
|
Which three wizards are included in Cisco ASDM 6.4? (Choose three.) |
VPN wizard Startup wizard |
|
|
A network engineer is using a Cisco ASA as a proxy device to provide remote secure access to a company web server. What technology is being used? |
Cisco AnyConnect Secure Mobility Client with SSL |
|
Refer to the exhibit. Which three sets of configuration commands were entered on the ASA 5505? (Choose three.) |
interface vlan 2 nameif outside security-level 0 ip address 209.165.200.226 255.255.255.248 route outside 0.0.0.0 0.0.0.0 209.165.200.225 |
|
|
Which statement describes the function provided to a network administrator who uses the Cisco Adaptive Security Device Manager (ASDM) GUI that runs as a Java Web Start application? |
The administrator can connect to and manage a single ASA device |
|
Refer to the exhibit. A network administrator is configuring an object group on an ASA device. Which configuration keyword should be used after the object group nameSERVICE1? |
TCP |
|
Refer to the exhibit. An administrator has configured an ASA 5505 as indicated but is still unable to ping the inside interface from an inside host. What is the cause of this problem? |
The no shutdown command should be entered on interface Ethernet 0/1. |
|
|
What command defines a DHCP pool that uses the maximum number of DHCP client addresses available on an ASA 5505 that is using the Base license? |
CCNAS-ASA(config)# dhcpd address 192.168.1.25-192.168.1.56 inside |
|
Refer to the exhibit. According to the command output, which three statements are true about the DHCP options entered on the ASA 5505? (Choose three.) |
.......... |
|
|
Sales representatives of an organization use computers in hotel business centers to occasionally access corporate e-mail and the inventory database. What would be the best VPN solution to implement on an ASA to support these users?
|
clientless SSL VPN using a web browser
|
|
|
What is a characteristic of ASA security levels?
|
An ACL needs to be configured to explicitly permit traffic from an interface with a lower security level to an interface with a higher security level. |
|
Refer to the exhibit. A network administrator is configuring PAT on an ASA device to enable internal workstations to access the Internet. Which configuration command should be used next? |
nat (inside,outside) dynamic interface |
|
Refer to the exhibit. A network administrator has configured NAT on an ASA device. What type of NAT is used? |
inside NAT |
|
|
Which three types of remote access VPNs are supported on ASA devices? (Choose three.) |
IPsec (IKEv1) VPN using the Cisco VPN Client Clientless SSL VPN using a web browser |
|
|
Which two statements are true about ASA standard ACLs? (Choose two.) |
They are typically only used for OSPF routes. |
|
|
What is the purpose of the webtype ACLs in an ASA? |
to filter traffic for clientless SSL VPN users |
|
|
Which option lists the four steps to configure the Modular Policy Framework on an ASA? |
1) Configure extended ACLs to identify specific granular traffic. This step may be optional. 2) Configure the class map to define interesting traffic. 3) Configure a policy map to apply actions to the identified traffic. 4) Configure a service policy to identify which interface should be activated for the service. |
|
|
Which Cisco VPN solution provides limited access to internal network resources by utilizing a Cisco ASA and provides browser-based access only? |
clientless SSL VPN |
|
Refer to the exhibit. The indicated window has appeared in the web browser of a remote user. What is the cause of this message? |
The user has logged out of a clientless SSL VPN session. |
|
|
Which option lists the ASA adaptive security algorithm session management tasks in the correct order? |
1) performing the access list checks 2) performing route lookups 3) allocating NAT translations (xlates) 4) establishing sessions in the "fast path" |
|
|
Which three components must be configured when implementing a clientless SSL VPN on an ASA 5505 device? (Choose three.) |
connection profile name |
|
|
Steps to configure a clientless SSL VPN include the following: |
Configure the SSL VPN interface.Configure a connection profile name for the connection and identify the interface to which outside users will connect.If the default certificate is not going to be used, select the third-party certificate to connect clients.Configure user authentication.Create a group policy.Configure a bookmark list of URLs to be used in the clientless SSL VPN web portal. |
