Embed Size (px)
DESCRIPTION
A. http redirect B. nat C. http-proxy D. static E. set connection F. access-list Answer: B,D,E QUESTION 4 Which three of these are Cisco ASA syslog message fields? (Choose three.) A. triggering packet copy B. message.text C. syslog community string D. logging level E. default ASA gateway F. logging device ip Answer: B,D,F QUESTION 5 Exhibit: You work as a network technician at Certkiller.com. Please study the exhibit carefully. An administrator wants to permanently map host addresses on the DMZ subnet to the same host addresses, but a different subnet on the outside interface. Which command or commands should the administrator use to accomplish this? A. access-list server_map permit tcp any nat(outside) 10 access-list server_map global (dmz) netmask B. static (dmz,outside) netmask
Citation preview
http://www.pass4sureOfficial.com
642-523
CiscoSecuring Networks with PIX and ASA (SNPA)
Visit: http://www.pass4sureofficial.com/exams.asp?examcode=642-523Pass4sureofficial.com is a reputable IT certification examination guide, study guides andaudio exam provider, we not only ensure that you pass your 642-523 exam in first attempt,but also you can get a high score to acquire Cisco certification.
If you use pass4sureofficial 642-523 Certification questions and answers, you will experienceactual 642-523 exam questions/answers. We know exactly what is needed and have all the exampreparation material required to pass the exam. Our Cisco exam prep covers over 95% of thequestions and answers that may be appeared in your 642-523 exam. Every point from pass4sure642-523 PDF, 642-523 review will help you take Cisco 642-523 exam much easierand become Cisco certified. All the Questions/Answers are taken from real exams.
Here's what you can expect from the Pass4sureOfficial Cisco 642-523 course:
* Up-to-Date Cisco 642-523 questions taken from the real exam.* 100% correct Cisco 642-523 answers you simply can't find in other 642-523 courses.* All of our tests are easy to download. Your file will be saved as a 642-523 PDF.* Cisco 642-523 brain dump free content featuring the real 642-523 test questions.
Cisco 642-523 certification exam is of core importance both in your Professionallife and Cisco certification path. With Cisco certification you can get a goodjob easily in the market and get on your path for success. Professionals who passedCisco 642-523 exam training are an absolute favorite in the industry.You will pass Cisco 642-523 certification test and career opportunities will beopen for you.
642-523
QUESTION 1Which three of these are Cisco ASA syslog message fields? (Choose three.)
A. syslog community stringB. message.textC. triggering packet copyD. logging device ipE. default ASA gatewayF. logging level
Answer: B,D,F
QUESTION 2Exhibit:
You work as a network technician at Certkiller .com. Please study the exhibit carefully.What does the inspect http HTTP_TRAFFIC command do in this policy map?
A. It adds HTTP traffic inspection to the OUTSIDE_POLICY policy mapB. It adds HTTP traffic limits to the OUTSIDE_POLICY policy mapC. It adds HTTP traffic inspection on TCP port 8080 to the OUTSIDE_POLICY policymapD. It adds HTTP traffic inspection to the inspection-default global class map
Answer: A
QUESTION 3An Administrator wants to protect a DMZ web server from SYN Flood attacks. Whichthree of these commands, used individually would allow the administrator to place limitson the number of embryonic connections? (choose three.)
642-523
A. http redirectB. natC. http-proxyD. staticE. set connectionF. access-list
Answer: B,D,E
QUESTION 4Which three of these are Cisco ASA syslog message fields? (Choose three.)
A. triggering packet copyB. message.textC. syslog community stringD. logging levelE. default ASA gatewayF. logging device ip
Answer: B,D,F
QUESTION 5Exhibit:
You work as a network technician at Certkiller .com. Please study the exhibit carefully.An administrator wants to permanently map host addresses on the DMZ subnet to thesame host addresses, but a different subnet on the outside interface. Which command orcommands should the administrator use to accomplish this?
A. access-list server_map permit tcp any 192.168.1.0.0 255.255.255.0nat(outside) 10 access-list server_mapglobal (dmz) 10 172.16.1.9-10 netmask 255.255.255.0B. static (dmz,outside) 192.168.10.0 172.16.1.0 netmask 255.255.255.0
642-523
C. nat (dmz) 1 172.16.1.0 netmask 255.255.255.0global (outside) 1 192.168.10.9-10 netmask 255.255.255.0D. NAT (dmz) 0 172.16.1.0 netmask 255.255.255.0
Answer: C
QUESTION 6Exhibit:
You work as a network technician at Certkiller .com. Please study the exhibit carefully.This adaptive security appliance is configured for which two types of failover? (Choosetwo.)
A. Stateful FailoverB. LAN-Based FailoverC. Active/Standby FailoverD. Active/Active failoverE. Context/Group failoverF. Cable-based failover
Answer: B,D
QUESTION 7Which these commands displays the status of the CSC SSM on the Cisco ASA?
A. show module 1 CSC detailsB. show hw 1 detailsC. show module 1 detailsD. show interface GigabitEthernet 1/0
Answer: C
642-523
QUESTION 8Which command both verifies that NAT is working properly and displays active NATtranslations?
A. show nat translationB. show running-confugration natC. show ip nat allD. show xlate
Answer: D
QUESTION 9The Cisco VPN Client supports which three of these tunneling protocols and methods?(Choose three.)
A. AHB. LZSC. IPSec over TCPD. IPSec over UDPE. SCEPF. ESP
Answer: C,D,F
QUESTION 10What does the nat 0 command do?
A. The nat 0 command, followed by an access list, specifies the addresses that are not tobe translatedB. The nat 0 command, followed by a range of IP Addresses, specifies the addresses thatare to be translated using network address translationsC. The nat 0 command, followed by a range of IP Addresses, specifies the addresses thatare to be translated when used for IPSecD. The nat 0 command, followed by an access list, specifies the addresses that are to beused in translations only once
Answer: A
QUESTION 11What does the activation-key command in the Cisco ASA do?
A. Applies the activation key to the Cisco ASDM so the Cisco ASA can be managedusing a web interfaceB. Applies the activation key to the Cisco ASA operating system, so that the Cisco ASAis licensed and all features are availableC. Activates the SSM module in the Cisco ASA, providing intrusion protection and
642-523
content filteringD. Automatically activates the Cisco ASA, allowing it to be configured right out of thebox
Answer: B
QUESTION 12Which three of these are required in order to set up a CSC SSM on the Cisco ASA?(Choose three.)
A. The IP Address of the CSC interfaceB. An SSL Certificate to user for HTTPS connectionsC. An E-mail address for notificationsD. Activation codesE. DNS names of critical hostsF. IP Addresses of external routers
Answer: A,C,D
QUESTION 13Which of these commands enables IKE on the outside interface?
A. isakmp enable outsideB. ike enable outsideC. nameif outside isakmp enableD. int g0/0 ike enable (outbound)
Answer: A
QUESTION 14The Cisco VPN Client supports which three of these tunneling protocols and methods?(Choose three.)
A. ESPB. IPSec over UDPC. LZSD. SCEPE. IPSec over TCPF. AH
Answer: A,B,E
QUESTION 15Which three of these are potential groups of users for WebVPN? (Choose three.)
A. Remote Employees that need daily access to the internet corporate network
Pass4SureOfficial.com Lifetime Membership Features;
-----------------
Pass4SureOfficial Lifetime Membership Package includes over 2500 Exams.All exams Questions and Answers are included in package.All Audio Guides are included free in package.All Study Guides are included free in package.Lifetime login access.Unlimited download, no account expiry, no hidden charges, just one time $99 payment.Free updates for Lifetime.Free Download Access to All new exams added in future.Accurate answers with explanations (If applicable).Verified answers researched by industry experts.Study Material updated on regular basis.Questions, Answers and Study Guides are downloadable in PDF format.Audio Exams are downloadable in MP3 format.No authorization code required to open exam.Portable anywhere.100% success Guarantee.Fast, helpful support 24x7.
View list of All exams (Q&A) downloadshttp://www.pass4sureofficial.com/allexams.asp
View list of All Study Guides (SG) downloadshttp://www.pass4sureofficial.com/study-guides.asp
View list of All Audio Exams (AE) downloadshttp://www.pass4sureofficial.com/audio-exams.asp
Download All Exams Sampleshttp://www.pass4sureofficial.com/samples.asp
To purchase $99 Lifetime Full Access Membership click herehttp://www.pass4sureofficial.com/purchase.asp
3COMADOBEAPCAppleBEABICSICheckPointCiscoCitrixCIW
CompTIAComputerAssociatesCWNPDELLECCouncilEMCEnterasysExamExpressExinExtremeNetworks
FilemakerFortinetFoundryFujitsuGuidanceSoftwareHDIHitachiHPHuaweiHyperion
IBMIISFAIntelISACAISC2ISEBISMJuniperLegatoLotus
LPIMcAfeeMcDataMicrosoftMile2NetworkApplianceNetwork-GeneralNokiaNortelNovell
OMGOraclePMIPolycomRedHatSairSASInstituteSCPSee-BeyondSNIA
SunSybaseSymantecTeraDataTIATibcoTruSecureVeritasVmware
