REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Josha
 
 

Braindumps of 642-524
Securing Networks with ASA Foundation

 

Thanx to www.exams.ws for providing dumps. 


 
QUESTION NO: 1
Tom works as a network administrator. The primary adaptive security appliance in an active/standby failover configuration failed, so the secondary adaptive security appliance was automatically activated. Tom then fixed the problem. Now he would like to restore the primary to active status. Which one of the following commands can reactivate the primary adaptive security appliance and restore it to active status while issued on the primary adaptive security appliance?

A. failover reset
B. failover primary active
C. failover active
D. failover exec standby
Answer: C
QUESTION NO: 2
For the following commands, which one enables the DHCP server on the DMZ interface of the Cisco ASA with an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?

A. dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ
B. dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable DMZ
C. dhcpd range 10.0.1.100-10.0.1.108 DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ
D. dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable
Answer: A
QUESTION NO: 3
Tom works as a network administrator. He receives a new Cisco ASA. Which command, when entered from the console, directs the Cisco ASA to provide interactive prompts that aid in the building of a first-use, minimal configuration?

A. setup
B. configure factory default
C. configure terminal
D. configure startup
Answer: A
QUESTION NO: 4
What is the effect of the per-user-override option when applied to the access-group command syntax?

A. The log option in the per-user access list overrides existing interface log options.
B. It allows for extended authentication on a per-user basis.
C. Hallows downloadable user access lists to override the access list applied to the interface.
D. It increases security by building upon the existing access list applied to the interface. All subsequent users are also subject to the additional access list entries.
Answer: C
QUESTION NO: 5
For the following regular expressions, which one would best match the website address "www.cisco.com/go/ccsp"?

A. "www+cisco+comVgoVccsp"
B. "www.cisco.com/go/ccsp\r"
C. (w){3,}.cisco.comVgoV(c){2}sp
D. (w){3}\.cisco\.comVgoV(c){2}sp
Answer: D
QUESTION NO: 6
In order to recover the Cisco ASA password, which operation mode should you enter?

A. configure
B. unprivileged
C. privileged
D. monitor
Answer: D
QUESTION NO: 7
Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)

A. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection.
B. if you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy.
C. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client-server connections through the security appliance.
D. if inspection for a protocol is not enabled, traffic for that protocol may be blocked.
Answer: B,C,D
QUESTION NO: 8
Observe the following commands, which one verifies that NAT is working normally and displays active NAT translations?

A. showip nat all
B. show running-configuration nat
C. showxlate
D. show nat translation
Answer: C
QUESTION NO: 9
Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)

A. it dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. it supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.
Answer: A,C,D
QUESTION NO: 10
What is the result if the WebVPN url-entry parameter is disabled?

A. The end user is unable to access pre-defined URLs.
B. The end user is unable to access any CIFS shares or URLs.
C. The end user is able to access CIFS shares but not URLs.
D. The end user is able to access pre-defined URLs.
Answer: D
QUESTION NO: 11
What is one purpose of a tunnel group?

A. to group similar IPSec protocols
B. to group similar IPSec users
C. to group similar IPSec networks
D. to identify AAA servers
Answer: D
QUESTION NO: 12
You work as a security appliance administrator. You have defined a regular expression to match an unauthorized website. Which pair of commands would be used to configure a regular expression class map?

A. class-map regex match-any URL match UNAUTHORIZED_SITE
B. class-map type regex match-any URL match regex UNAUTHORIZED_SITE
C. class-map type regex match-any match regex UNAUTHORIZED_SITE
D. class-map match-any type regex match UNAUTHORIZED SITE
Answer: B
QUESTION NO: 13
Which three tunneling protocols and methods are supported by the Cisco VPN Client? (Choose three.)

A. Psec over TCP
B. Psec overUDP
C. ESP
D. ah
Answer: A,B,C


642-524

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend