642-523 - SNPA - Securing Networks with PIX and ASA Exam

Go back to Cisco

Example Questions

What does the activation-key command in the Cisco ASA do? When an administrator adds the same-security-traffic permit inter-interface command to a Cisco ASA, what will happen? Which of the following statements about adaptive security appliance failover is true? Which of these commands enables IKE on the outside interface? Which of these commands would block all SIP INVITE packets, such as calling-party and request-method, from specific SIP endpoints? You are configuring a crypto map. Which of these commands would you use to specify the peer to which IPsec-protected traffic can be forwarded? An internet user is sending HTTP traffic to a DMZ server with the external address of 192.168.1.4. Which command will redirect HTTP traffic bound for the DMZ web server to its real IP address of 10.10.11.4? Which mode of operation must you enter in order to recover the Cisco ASA password? What does the csd enable command enable on the Cisco ASA?" Which command configures the Cisco ASA console for SSH access by a local user? A security appliance administrator has defined a regular expression to match an unauthorized website. Which pair of commands would the administrator need to enter to configure a regular expression class map? Which of the following statements about the configuration of WebVPN on the Cisco ASA is true for Cisco ASA version 7.2? Which of these commands will configure the adaptive security appliance to use an ACS server for console access authentication? Which command both verifies that NAT is working properly and displays active NAT translations? Which of these commands must be used when configuring advanced FTP inspection, such as FTP banner masking or the blocking of specific usernames? On a Cisco ASA adaptive security appliance, the administrator enters the boot config disk0:/startup.txt command. What will this command do when the system is reloaded? Which command configures the adaptive security appliance interface as a DHCP client and sets the default route to be the default gateway parameter returned from the DHCP server? Which command will provide interface IP information, the interface operational status, and the interface configuration method for an adaptive security appliance? What does the nat 0 command do? When configuring a crypto ipsec transform-set command, how many unique transforms can a single transform set contain? Which of these commands enables the DHCP server on the DMZ interface of the Cisco ASA with an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2? Which of these regular expressions would best match the website address "www.cisco.com/go/ccsp"? The primary adaptive security appliance failed, so the secondary adaptive security appliance was automatically activated. The network administrator then fixed the problem. Now the administrator wants to return the primary to "active" status. Which of these commands, when issued on the primary adaptive security appliance, will reactivate the primary adaptive security appliance and restore it to "active" status? An administrator receives a new Cisco ASA. Which command, when entered from the console, directs the Cisco ASA to provide interactive prompts that aid in the building of a first-use, minimal configuration? Which of these statements regarding Active/Active failover configurations is correct? Which of these commands displays the status of the CSC SSM on the Cisco ASA? Which command will set the default route for an adaptive security appliance to the IP address 10.10.10.1? Which of these commands will provide detailed information about the crypto map configurations of a Cisco ASA? Which of these commands causes the CSC SSM to load a new software image from a remote TFTP server via the CLI? Which username and password can you use to establish an SSH connection to your adaptive security appliance when no local or remote user database has been configured?