Testking ccsp 642-523
Securing Networks with PIX and ASA
Exam Number: 642-523
Associated Certifications: CCSP/Cisco Firewall Specialist
Duration: 90 minutes (63 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Question: 1
Which of these commands enables the DHCP server on the DMZ interface of the Cisco ASAwith an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A – dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ
B – dhcpd range 10.0.1.100-10.0.1.108DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ
C – dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable
D – dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable
DMZ
Answer: A Question: 2
Based on this output
Which of the following statements is true?
A – The ACLOUT access list has been designed to allow the IP address with the network address of 192.168.6.0 to have unrestricted access to the web server at lP address
192.168.1.11.
B – The ACLIN access list permits web access from host 192.168.6.10 to all hosts behind the
Cisco ASA.
C – The ICMPDMZ access list denies all ICMP traffic bound for the bastion host except echo replies
D – The ACLOUT access list has been designed to deny the IP address 192.168.1.11 web access to the host with a network address of 192.168.6.0.
Answer: A Question: 3
Which mode of operation must you enter in order to recover the Cisco ASA password?
A – unprivileged
B – privileged C – configure D – monitor
Answer: D
TK
Exam Name: Securing Networks with PIX and ASA
Exam Type: Cisco
Exam Code: 642-523 Total Questions: 66
Question: 4
Which command both verifies that NAT is working properly and displays active NAT transactions?
A – show running-configuration nat
B – show nat translation
C – showdate
D – show ip nat all
Answer: C Question: 5
The Cisco VPN Client supports which three of these tunneling protocols and methods? (Choose three.)
A – lPsec over TCP B – lPsec over TCP C – ESP
D – AH
E – SCEP F – LZS
Answer: A, B, C Question: 6
A network administrator wants to authenticate remote users who are accessing the WEB1 server from the Internet.
TK
Exam Name: Securing Networks with PIX and ASA
Exam Type: Cisco
Exam Code: 642-523 Total Questions: 66
When a remote user initiates a session to the WEB1 server, the ASA1 security appliance will
verify the user’s credentials with the TX_ACS AAA server via RADIUS. To accomplish this, the administrator must load and configure Cisco ACS software on the TX_ACS AAA server. During
the process, the administrator must correctly configure the AM client information in the Cisco ACS
network configuration window.
What must the administrator place in field A (AAA Client Hostname) and field B (AM Client IP
address)?
A – AX_ACS B?0.0.1.10
B – AEB1 B?72.16.1.2
C – Aave B?92.168.2.10
D – ASA1 B?0.0.1 .1
Answer: D Question: 7
When configuring a crypto ipsec transform-set command, how many unique transforms can a single transform set contain?
Exam 642-523: Securing Networks with PIX and ASA (SNPA)
Related Certifications: CCSP and Cisco Firewall Specialist
Number of Questions: 63
Duration: 90 minutes
Exam Topics Include:
1. Install and configure a Security Appliance for basic network connectivity
2. Configure a Security Appliance to restrict inbound traffic from non trusted sources
3. Configure a Security Appliance to provide secure connectivity using site-to-site VPNs
4. Configure an ASA to provide secure connectivity using remote access VPNs
5. Configure transparent firewall, virtual firewall, and high availability firewall features on a Security Appliance
6. Configure AAA services for the ASA
7. Configure routing and switching on an ASA
8. Configure Security Appliance advanced application layer and modular policy features
9. Monitor and manage an installed Adaptive Security Appliance
The Securing Networks with PIX and ASA exam (SNPA 642-523) is one of the core exams associated with the Cisco Certified Security Professional (CCSP) certification. In all, you will need to pass five separate exams to become CCSP certified. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify and manage the Cisco PIX and ASA Security Appliance products.
Interactive Testing Engine Included!
181 Questions
Updated : 08/29/2008
Price : $87.99 $79.99
Free download :testking ccsp 642-523
Free download :pass4sure ccsp 642-523
| Cisco Braindumps Free Downloads |
|
Type |
Exam Bible | New Questions & Answers |
Latest Updated |
Download link |
 |
All Cisco 's Exam Pack |
589 |
1 days ago | Download |
