Testking CCSP 642-523
Securing Networks with PIX and ASA
Exam Number: 642-523
Associated Certifications: CCSP/Cisco Firewall Specialist
Duration: 90 minutes (63 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Question: 1
Which of these commands enables the DHCP server on the DMZ interface of the Cisco ASAwith an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A – dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ
B – dhcpd range 10.0.1.100-10.0.1.108DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ
C – dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable
D – dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable
DMZ
Answer: A Question: 2
Based on this output
Which of the following statements is true?
A – The ACLOUT access list has been designed to allow the IP address with the network address of 192.168.6.0 to have unrestricted access to the web server at lP address
192.168.1.11.
B – The ACLIN access list permits web access from host 192.168.6.10 to all hosts behind the
Cisco ASA.
C – The ICMPDMZ access list denies all ICMP traffic bound for the bastion host except echo replies
D – The ACLOUT access list has been designed to deny the IP address 192.168.1.11 web access to the host with a network address of 192.168.6.0.
Answer: A Question: 3
Which mode of operation must you enter in order to recover the Cisco ASA password?
A – unprivileged
B – privileged C – configure D – monitor
Answer: D
TK
Exam Name: Securing Networks with PIX and ASA
Exam Type: Cisco
Exam Code: 642-523 Total Questions: 66
Question: 4
Which command both verifies that NAT is working properly and displays active NAT transactions?
A – show running-configuration nat
B – show nat translation
C – showdate
D – show ip nat all
Answer: C Question: 5
The Cisco VPN Client supports which three of these tunneling protocols and methods? (Choose three.)
A – lPsec over TCP B – lPsec over TCP C – ESP
D – AH
E – SCEP F – LZS
Answer: A, B, C Question: 6
A network administrator wants to authenticate remote users who are accessing the WEB1 server from the Internet.
TK
Exam Name: Securing Networks with PIX and ASA
Exam Type: Cisco
Exam Code: 642-523 Total Questions: 66
When a remote user initiates a session to the WEB1 server, the ASA1 security appliance will
verify the user’s credentials with the TX_ACS AAA server via RADIUS. To accomplish this, the administrator must load and configure Cisco ACS software on the TX_ACS AAA server. During
the process, the administrator must correctly configure the AM client information in the Cisco ACS
network configuration window.
What must the administrator place in field A (AAA Client Hostname) and field B (AM Client IP
address)?
A – AX_ACS B?0.0.1.10
B – AEB1 B?72.16.1.2
C – Aave B?92.168.2.10
D – ASA1 B?0.0.1 .1
Answer: D Question: 7
When configuring a crypto ipsec transform-set command, how many unique transforms can a single transform set contain?
Interactive Testing Engine Included!
181 Questions
Updated : 09/18/2008
Price : $87.99 $79.99
Free download?testking CCSP 642-523
Free download?pass4sure CCSP 642-523
| Cisco Braindumps Free Downloads |
|
Type |
Exam Bible | New Questions & Answers |
Latest Updated |
Download link |
 |
All Cisco 's Exam Pack |
589 |
1 days ago | Download |
[...] download: testking 642-523 Free download: pass4sure 642-523 Free download: actualtest 642-523 Free download: testinside [...]
[...] licensing available on a Security Appliance Add, delete, and modify syslog messages Free download: testking 642-523 Free download: pass4sure 642-523 Free download: actualtest 642-523 Free download: testinside [...]