642-618 - Deploying Cisco ASA Firewall Solutions (FIREWALL v2.0)

Go back to Cisco

Example Questions

Which two Cisco ASA configuration tasks are necessary to allow authenticated BGP sessions to pass through the Cisco ASA appliance? (Choose two.) Which two Cisco ASA licensing features are correct with Cisco ASA Software Version 8.3 and later? (Choose two.) In the default global policy, which traffic is matched for inspections by default? Which additional active/standby failover feature was introduced in Cisco ASA Software Version 8.4? Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols? Which statement about Cisco ASA multicast routing support is true? Which Cisco ASA show command groups the xlates and connections information together in its output? Using the default modular policy framework global configuration on the Cisco ASA, how does the Cisco ASA process outbound HTTP traffic? Which other match command is used with the match flow ip destination-address command within the class map configurations of the Cisco ASA MPF? Which configuration step (if any) is necessary to enable FTP inspection on TCP port 2121? Which statement about the Cisco ASA 5585-X appliance is true? A Cisco ASA is operating in transparent firewall mode, but the MAC address table of the Cisco ASA is always empty, which causes connectivity issues. What should you verify to troubleshoot this issue? Which Cisco ASA CLI command is used to enable HTTPS (Cisco ASDM) access from any inside host on the 10.1.16.0/20 subnet? Which Cisco ASA (8.4.1 and later) CLI command is the best command to use for troubleshooting SSH connectivity from the Cisco ASA appliance to the outside 192.168.1.1 server? A Cisco ASA requires an additional feature license to enable which feature? The Cisco ASA is configured in multiple mode and the security contexts share the same outside physical interface. Which two packet classification methods can be used by the Cisco ASA to determine which security context to forward the incoming traffic from the outside interface? (Choose two.) Where in the Cisco ASA appliance CLI are Active/Active Failover configuration parameters configured? Which Cisco ASA configuration is used to configure the TCP intercept feature? When troubleshooting a Cisco ASA that is operating in multiple context mode, which two verification steps should be performed if a user context does not pass user traffic? (Choose two.) Which two statements about Cisco ASA failover troubleshooting are true? (Choose two.) Which access rule is disabled automatically after the global access list has been defined and applied? Which option can cause the interactive setup script not to work on a Cisco ASA 5520 appliance running software version 8.4.1? When active/active failover is implemented on the Cisco ASA, how many failover groups are Which other match command is used with the match flow ip destination-address command within On the Cisco ASA, tcp-map can be applied to a traffic class using which MPF CLI configuration command? Which statement about the Cisco ASA botnet traffic filter is true? Which option lists the main tasks in the correct order to configure a new Layer 3 and 4 inspection policy on the Cisco ASA appliance using the Cisco ASDM Configuration > Firewall > Service Policy Rules pane? On the Cisco ASA, where are the Layer 5-7 policy maps applied? By default, not all services in the default inspection class are inspected. Which Cisco ASA CLI command do you use to determine which inspect actions are applied to the default inspection class? With Cisco ASA active/active or active/standby stateful failover, which state information or table is not passed between the active and standby Cisco ASA by default? With Cisco ASA active/standby failover, what is needed to enable subsecond failover? Which configuration step is the first to enable PIM-SM on the Cisco ASA appliance? With Cisco ASA active/standby failover, by default, how many monitored interface failures will cause failover to occur? When troubleshooting redundant interface operations on the Cisco ASA, which configuration should be verified? Which statement about the Cisco ASA 5505 configuration is true? By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without explicitly allowing it using an ACL? Which logging mechanism is configured using MPF and allows high-volume traffic-related events to be exported from the Cisco ASA appliance in a more efficient and scalable manner compared to classic syslog logging? Which statement about the default ACL logging behavior of the Cisco ASA is true? Which addresses are considered "ambiguous addresses" and are put on the greylist by the Cisco ASA botnet traffic filter feature? When active/active failover is implemented on the Cisco ASA, how many failover groups are supported on the Cisco ASA? By default, how does the Cisco ASA authenticate itself to the Cisco ASDM users? Which two statements about Cisco ASA redundant interface configuration are true? (Choose two.) Which option is not supported when the Cisco ASA is operating in transparent mode and also is using multiple security contexts? Which two methods can be used to access the Cisco AIP-SSM CLI? (Choose two.) Which feature is not supported on the Cisco ASA 5505 with the Security Plus license? Which two configurations are the minimum needed to enable EIGRP on the Cisco ASA appliance? (Choose two.) By default, which access rule is applied inbound to the inside interface? The Cisco ASA software image has been erased from flash memory. Which two statements about the process to recover the Cisco ASA software image are true? (Choose two.) Which statement about SNMP support on the Cisco ASA appliance is true?

Study Guides