Brain-dumps.com
 
 
 

 
Cisco 
350-001 
350-018 
350-030 
640-025 
640-603 
640-604 
640-605 
640-606 
640-607 
640-801 
640-811 
640-861 
640-901 
640-910 
642-511 
642-521 
642-531 
642-541 
642-641 
642-661 
642-801 
642-811 
642-821 
642-831 
642-871 
642-891 
643-531 
644-101 
646-301 
646-401 
646-521 
9E0-100 
9E0-131 
9E0-422 
9E0-431 
9E0-441 
9E0-541 
9E0-576 
9E0-581 
9E0-601 
9E0-691 
9E0-805 
 
 
Citrix 
1Y0-220 
1Y0-221 
1Y0-610 
1Y0-720 
1Y0-721 
1Y0-910 
1Y0-911 
1Y0-921 
1Y0-931 
1Y0-941 
1Y0-950 
1Y0-951 
1Y0-961 
1Y0-962 
1Y0-991 
 
 
CIW 
1D0-410 
1D0-425 
1D0-450 
1D0-460 
1D0-470 
 
 
Comptia 
220-221 
220-222 
220-231 
220-232 
220-301 
220-302 
225-020 
EKO-001 
IK0-002 
N10-002 
SK0-001 
TK0-001 
XK0-001 
 
 
Microsoft 
70-015 
70-016 
70-019 
70-028 
70-029 
70-080 
70-081 
70-086 
70-088 
70-091 
70-098 
70-100 
70-152 
70-175 
70-176 
70-210 
70-214 
70-215 
70-216 
70-217 
70-218 
70-219 
70-220 
70-221 
70-222 
70-223 
70-224 
70-225 
70-226 
70-227 
70-228 
70-229 
70-230 
70-244 
70-270 
70-284 
70-290 
70-291 
70-292 
70-293 
70-294 
70-296 
70-305 
70-306 
70-310 
70-315 
70-316 
74-100 
ppt2000 
 
 
Novell 
50-632 
50-634 
50-639 
50-640 
50-644 
50-653 
50-654 
50-659 
50-662 
50-676 
50-677 
50-682 
50-683 
 
 
Oracle 
1Z0-001 
1Z0-007 
1Z0-020 
1Z0-023 
1Z0-024 
1Z0-025 
1Z0-026 
1Z0-030 
1Z0-031 
1Z0-032 
1Z0-033 
1Z0-131 
1Z0-132 
1Z0-147 
 
 
Sun 
310-011 
310-012 
310-014 
310-015 
310-025 
310-035 
310-051 
 
 
CWNA 
PWO-100 
 
 
Lotus 
 
 
Compaq 
010-066 
010-067 
 
 
Linux 
117-102 
 
 
IBM 
000-199 
000-285 
000-355 
 
 
DB/2 
000-513 
000-516 
 
 
 
 

Thanks to www.exams.ws and www.examcheets.com .

 

QUESTION 1.You have installed a FWSM in your Catalyst 6500 switch, initialized it in the switch, configured switch VLANs, and configured the module interface, however, you are unable to establish outbound connections. You check your configuration and find that you have correctly configured the six basic commands (nameif, interface, ip address, nat, global, and route.

What could be the cause of the problem?

A. You have not configured a switch VLAN for the inside interface.

B. You need an ACL for the outside interface.

C. The MSFC is configured as a connected router only on the outside interface.

D. You need an ACL for the inside interface.

Answer: A

QUESTION 2. How can dynamic outside NAT simplify router configuration on your internal or perimeter networks?

A. By controlling the addresses that appear on these networks.

B. Because you can configure your routing within the nat command.

C. Because you can configure your routing within the global command.

D. Because statics take precedence over nat and global command pairs.

Answer: A

QUESTION 3. Which statement about Telnet and the PIX Firewall is true?

A.      You can enable Telnet on all interfaces except the outside interface.

B.      You can enable Telnet on all interfaces, but the PIX Firewall requires that all Telnet traffic to all interfaces be IPSec protected.

C.      You can enable Telnet on all interfaces, but the PIX Firewall requires that all Telnet traffic to the outside interface be IPSec protected.

D.     Telnet connections to the PIX Firewall are not permitted.

Answer: C

QUESTION 4. How do you get the multicast subcommand mode where you can enter the igmp commands for further multicast support?

A. Use the clear IGMP group command.

B. Enter the igmp interface command in privileged mode.

C. Enter the multicast mode command in configuration mode.

D. Enter the multicast interface command in configuration mode.

Answer: D

QUESTION 5. Which statement about downloadable ACLs is true?

A.      A downloadable ACL is not downloaded again as long as it exists on the PIX Firewall.

B.      The PIX Firewall does not support versioning downloadable ACLs.

C.      Downloadable ACLs are downloaded from the PIX Firewall to the Cisco Secure ACS server during authentication

D.     Downloadable ACLs must have names assigned to them.

Answer: D

QUESTION 6. Why is the group tag in the aaa-server command important?

A.      The aaa command references the group tag to know where to direct authentication, authorization, or accounting traffic.

B.      The group tag identifies which users require authorization to use certain services.

C.      The group tag identifies which user groups must authenticate.

D.     The group tag enables or disables user authentication services.

Answer: A

QUESTION 7. You are the network security administrator for an enterprise network with a complex security policy. Which PIX Firewall feature should you configure to minimize the number of ACLs needed to implement your policy?

A. ASA

B. Packet capture

C. Turbo ACLs

D. IP helper

E. Object grouping

Answer: E

QUESTION 8. Speaking of Security Association requirements, which of the following statements is true?

A. A set of SAs are needed, one per direction, per protected data pipe.

B. A set of SAa are needed, one per direction, per protocol, per protected data pipe.

C. A set of SAs are needed, one per protocol only.

D. A set of SAs are needed, per protocol, per protected data pipe.

Answer: B

QUESTION 9. The graphic shows the output from the show failover command. This unit is active and the other unit is Standby.

For an unknown reason, the failover is triggered and this unit has become Standby. We enter the command "show failover" again. What shall we see as the ip address of the [active-interface-inside]?

A. 172.29.1.2

B. 192.168.89.1

C. 0.0.0.0

D. 172.29.1.1

Answer: D

QUESTION 10. Adaptive Security Algorithm (ASA) is the heart of the PIX Firewall. Choose the strict rules that ASA follows: (Choose all that apply)

A. The highest security interface is the inside interface.

B. The highest security interface is the outside interface.

C. No outbound packet can exit the PIX Firewall without a connection and state.

D. No packet, regardless of its direction, can traverse the PIX Firewall without a connection or state.

E. No inbound packet can enter the PIX Firewall without a connection and state.

Answer: A, D

QUESTION 11. How does the PIX Firewall know where to get the addresses to use for any NAT configuration?

A.      From the nat_id in the static command.

B.      You can have only one global pool of addresses, so the PIX Firewall knows that NAT uses the addresses in the global pool established by the global command.

C.      From the nat_id in the nat command.

D.     From the nat_id in the dhcp address command.

Answer: C

QUESTION 12. What is the purpose of the access-group command?

A. Bind an ACL to an interface.

B. Create an object group.

C. Create and access group.

D. Unbind the acl_ID from the interface interface_name

Answer: A

QUESTION 13. Which statements about security level 100 are true? (Choose two)

A.      It is the lowest security level.

B.      It is the highest security level.

C.      It is the least-trusted security level.

D.     By default it is designated for the inside interface of the PIX Firewall.

E.      It is not currently a configurable security level. It is reserved for future use.

F.      By default, it is designated for the outside interface of the PIX Firewall.

Answer: B, D

QUESTION 14. Which statements about the PIX Firewall's DHCP capabilities are true? (Choose two)

A.      It can be a DHCP server.

B.      It cannot be a DHCP client.

C.      You must remove a configured domain name.

D.     It can be a DHCP server and client simultaneously.

E.      It cannot pass configuration parameters it receives from another DHCP server to its own DHCP clients.

F.      The PIX Firewall's DHCP server can be configured to distribute the IP address of up to four DNS servers to its clients.

Answer: A, D

QUESTION 15. The LAN-based failover your configured does not work. Why? (Choose two)

A. You used a hub for failover operation.

B. You used a switch for failover operation.

C. You used a dedicated VLAN for failover operation.

D. You did not set a failover IP address.

E. You did not use a crossover Ethernet cable between the two PIX Firewalls.

F. You used a crossover Ethernet cable between the two PIX Firewalls.

Answer: D, F

QUESTION 16. How are LAN-based failover and serial failover alike?

A.      Both require that all configuration is performed on the primary PIX Firewall.

B.      Both require the use of a special serial cable.

C       They are configured with the same command set.

D.     Both require two dedicated interfaces: one for configuration replication and another for stateful failover

E.      Both provide stateful failover.

Answer: E

QUESTION 17. Choose the correct statements regarding ACLs & Conduits:

A.      A conduit creates a rule on the PIX Firewall Adaptive Security Algorithm by denying connections from one interface to access hosts on another.

B.      An ACL applies to a single interface, affecting all traffic entering that interface regardless of its security level.

C.      An ACL applies to a single interface, affecting all traffic entering that interface based in its security level..

D.     A conduit creates an exception to the PIX Firewall Adaptive Security Algorithm by permitting connections from one interface to access hosts on another.

Answer: B, D

QUESTION 18. What username and password establish an SSH connection to your PIX Firewall?

A. username pixfirewall, password aaapass

B. username pix, current enable password

C. username pixfirewall, password attack

D. username pix, current Telnet password

Answer: D.

Braindumps Exam questions Dumps Brain dumps
MCSE Braindumps CCNA Braindumps CCNA Exam Braindump