642-617 - Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0)

Go back to Cisco

Example Questions

Which Cisco ASA feature is implemented by the ip verify reverse-path interface interface_name command? The Cisco ASA is configured in multiple mode and the security contexts share the same outside physical interface. Which two packet classification methods can be used by the Cisco ASA to determine which security context to forward the incoming traffic from the outside interface? (Choose two.) A Cisco ASA requires an additional feature license to enable which feature? Which three Cisco ASA configuration commands are used to enable the Cisco ASA to log only the debug output to syslog? (Choose three.) Which statement about the default ACL logging behavior of the Cisco ASA is true? By default, how does the Cisco ASA authenticate itself to the Cisco ASDM users? Which statement about the Cisco ASA 5505 configuration is true? With Cisco ASA active/active or active/standby stateful failover, which state information or table is not passed between the active and standby Cisco ASA by default? A Cisco ASA is operating in transparent firewall mode, but the MAC address table of the Cisco ASA is always empty, which causes connectivity issues. What should you verify to troubleshoot this issue? By default, which access rule is applied inbound to the inside interface? Which two statements about Cisco ASA failover troubleshooting are true? (Choose two.) When will a Cisco ASA that is operating in transparent firewall mode perform a routing table lookup instead of a MAC address table lookup to determine the outgoing interface of a packet? With Cisco ASA active/standby failover, what is needed to enable subsecond failover? Using the default modular policy framework global configuration on the Cisco ASA, how does the Cisco ASA process outbound HTTP traffic? A customer is ordering a number of Cisco ASAs for their network. For the remote or home office, they are purchasing the Cisco ASA 5505. When ordering the licenses for their Cisco ASAs, which two licenses must they order that are "platform specific" to the Cisco ASA 5505? (Choose two.) By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without explicitly allowing it using an ACL? Which Cisco ASA platform should be selected if the requirements are to support 35,000 connections per second, 600,000 maximum connections, and traffic shaping? Which two methods can be used to access the Cisco AIP-SSM CLI? (Choose two.) In which type of environment is the Cisco ASA MPF set connection advanced-options tcp-statebypass option the most useful? Which three statements about traffic shaping capability on the Cisco ASA are true? (Choose three.) When troubleshooting a Cisco ASA that is operating in multiple context mode, which two verification steps should be performed if a user context does not pass user traffic? (Choose two.) Which feature is not supported on the Cisco ASA 5505 with the Security Plus license? O A. security contexts Which three configuration options are available when configuring static routes on the Cisco ASA? (Choose three.) On the Cisco ASA, where are the Layer 5-7 policy maps applied? Which Cisco ASA show command groups the xiates and connections information together in its output? When troubleshooting a Cisco ASA (running 8.2.2) that is operating in transparent firewall mode, what should you verify to ensure proper operation? Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols? When troubleshooting redundant interface operations on the Cisco ASA, which configuration should be verified?

Study Guides