Ensurepass

QUESTION 61

Where in the Cisco ASA appliance CLI are Active/Active Failover configuration parameters configured?

 

A.      admin context

B.      customer context

C.      system execution space

D.      within the system execution space and admin context

E.       within each customer context and admin context

 

Answer: C 

 

 

QUESTION 62

With Cisco ASA active/active or active/standby stateful failover, which state information or table is not passed between the active and standby Cisco ASA by default?

 

A.      NAT translation table

B.      TCP connection states

C.      UDP connection states

D.      ARP table

E.       HTTP connection table

 

Answer: E

 

 

QUESTION 63

Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols?

 

A.      network

B.      ICMP

C.      protocol

D.      TCP-UDP

E.       service

 

Answer: E

 

 

QUESTION 64

Using the default modular policy framework global configuration on the Cisco ASA, how does the Cisco ASA process outbound HTTP traffic?

 

A.      HTTP flows are not permitted through the Cisco ASA, because HTTP is not inspected by default.

B.      HTTP flows match the inspection_default traffic class and are inspected using HTTP inspection.

C.      HTTP outbound traffic is permitted, but all return HTTP traffic is denied.

D.      HTTP flows are statefully inspected using TCP stateful inspection.

 

Answer: D

 

 

QUESTION 65

Which flags should the show conn command normally show after a TCP connection has successfully been established from an inside host to an outside host?

 

A.      aB

B.      saA

C.      sIO

D.      AIO

E.       UIO

F.       F

 

Answer: E

 

 

QUESTION 66

Which Cisco ASA show command groups the xlates and connections information together in its output?

 

A.      show conn

B.      show conn detail

C.      show xlate

D.      show asp

E.       show local-host

 

Answer: E

 

 

QUESTION 67

When a Cisco ASA is configured in multiple context mode, within which configuration are the interfaces allocated to the security contexts?

 

A.      each security context

B.      system configuration

C.      admin context (context with the “admin” role)

D.      context startup configuration file (.cfg file)

 

Answer: B

 

 

QUESTION 68

When troubleshooting redundant interface operations on the Cisco ASA, which configuration should be verified?

 

A.      The name if configuration on the member physical interfaces are identical.

B.      The MAC address configuration on the member physical interfaces are identical.

C.      The active interface is sending periodic hellos to the standby interface.

D.      The IP address configuration on the logical redundant interface is correct.

E.       The duplex and speed configuration on the logical redundant interface are correct.

 

Answer: D

 

 

QUESTION 69

Which statement about the Cisco ASA 5505 configuration is true?

 

A.      The IP address is configured under the physical interface (ethernet 0/0 to ethernet 0/7).

B.      With the default factory configuration, the management interface (management 0/0) is configured with the 192.168.1.1/24 IP address.

C.      With the default factory configuration, Cisco ASDM access is not enabled.

D.      The switchport access vlan command can be used to assign the VLAN to each physical interface (ethernet 0/0 to ethernet 0/7).

E.       With the default factory configuration, both the inside and outside interface will use DHCP to acquire its IP address.

 

Answer: D

 

 

QUESTION 70

What is the correct regular expression to match HTTP requests whose URI is /welcome.jpg?

 

A.      ^/welcome.jpg

B.      ^/welcome\.jpg

C.      ^*/welcome\.jpg

D.      ^\/welcome\.jpg

E.       ^\*/welcome\.jpg

 

Answer: D

 

Download Latest CCNP 642-618 Real Free Tests , help you to pass exam 100%.

Comments are closed.