exam 642-523 preparation questions
DESCRIPTION
Aonetesting the leading source in certification preparation services, all certification guaranteed study material, question and answers, practice exams and many more at one place. This is a brand which fulfills all the requirements of certification preparation of exams. By Aonetesting 642-523 training kits get 100% results in any certification exams.TRANSCRIPT
Exam 642-523 study material
Made available by Aonetesting.com
Free 642-523 Exam Preparation Questions
Exam 642-523: Securing Networks with PIX and ASA
For Latest 642-523 Exam Questions and study guides- visit- http://www.aonetesting.com/642-523.html
For Latest 642-523 Exam Questions and study guides- visit- http://www.aonetesting.com/642-523.html
Question:1 Which statement about Telnet and the security appliance is true? A. You can enable Telnet on all interfaces, but the PIX security appliance requires that all Telnet traffic
to all interfaces be IPSec protected. B. You can enable Telnet on all interfaces, but it must be protected with SSH. C. You can enable Telnet on all interfaces, but the PIX security appliance requires that all Telnet traffic
to the outside interface be IPSec protected. D. You can enable Telnet on all interfaces except the outside interface.
Answer: C Question:2 Please look at the follwing picture: Which of the following traffic is permitted based on the current access-list configuration?
A. FTP traffic from any outside host to the 172.16.1.2 host on the DMZ1 network B. HTTP and HTTPS traffic from the 172.16.10.2 DMZ2 host to any host on the outside C. Any IP traffic from any outside host to the 172.16.10.2 host on the DMZ2 network D. Any IP traffic from any outside host to the 172.16.1.2 host on the DMZ1 network
Answer: A Question:3 How is the address translation feature of the security appliance used in the current configuration? (Choose two)
For Latest 642-523 Exam Questions and study guides- visit- http://www.aonetesting.com/642-523.html
A. Dynamic NAT is used to translate any host on the inside to a mapped address from the address pool of 192.168.1.20 to 192.168.1.254.
B. Port Address Translation (PAT) is used to translate any host on the inside to the 192.168.1.10 global address.
C. Static NAT is used to translate the 172.16.10.2 DMZ2 host address to a global address of 192.168.1.12
D. Dynamic NAT is used to translate any host on the DMZ1 network and the DMZ2 network to a mapped address from the address pool of 192.168.1.20 to 192.168.1.254.
For Latest 642-523 Exam Questions and study guides- visit- http://www.aonetesting.com/642-523.html
Answer: A, C Question:4 Why does the PIX security appliance record information about a packet in its stateful session flow table? A. To establish a proxy session by relaying the application layer requests and responses between two
endpoints B. To track outbound UDP connections C. To compare against return packets for determining whether the packet should be allowed
through the firewall D. To build the reverse path forwarding (RFP) table to prevent spoofed source IP address Answer: C Question:5 What is the currently configured default gateway IP address on the security appliance?
A. 172.16.10.1 B. 172.16.1.1 C. 192.168.1.1 D. 10.0.1.1
Answer: C Question:6 Which hosts are allowed to manage this security appliance using ASDM or HTTPS?
A. The 10.0.1.11 host only B. The 172.16.1.2 host only
C. The 172.16.10.2 host only D. Any host on the 10.0.1.0/24 subnet
Answer: A Question:7 Which of these identifies basic settings for the security appliance, including a list of contexts? A. Network configuration B. Admin configuration C. System configuration D. Primary configuration
Answer: C Question:8 Which interface on this security appliance is enabled for DHCP server functionality?
A. None B. GigabitEthernet0/2 C. GigabitEthernet0/1 D. GigabitEthernet0/0
Answer: C Question:9 What is the maximum number of VLANs and physical interfaces supported based on the current security appliance software license?
A. 25 VLANs and 6 interfaces B. 10 VLANs and 3 interfaces C. 50 VLANs and 8 interfaces D. 100 VLANs and unlimited interfaces
Answer: D Question:10 An administrator wants to protect a DMZ web server from SYN flood attacks. Which command does not allow the administrator to place limits on the number of embryonic connections? A. Set connection B. Nat C. Static D. HTTP-map
Answer: D
For Latest 642-523 Exam Questions and study guides- visit- http://www.aonetesting.com/642-523.html
For complete Exam 642-523 Training kits and Self-Paced Study Material
Visit:http://www.aonetesting.com/642-523.html
http://www.aonetesting.com
For Latest 642-523 Exam Questions and study guides- visit- http://www.aonetesting.com/642-523.html