REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Symon
 
 

Braindumps of 642-617
Deploying Cisco ASA Firewall Solutions

 

Exam Questions, Answers, Braindumps (642-617)
You can have the real stuff from www.examcheats.net All exhibits , drag and drops and pass it as quickly as u can. Good Luck


Q No: 1
Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols?
A. network
B. ICMP
C. protocol
D. TCP-UDP
E. service
Ans: E
Q No: 2
Which three parameters are set using the set connection command within a policy map on the Cisco ASA 8.2 release? (Choose three.)
A. per-client TCP and/or UDP idle timeout
B. per-client TCP and/or UDP maximum session time
C. TCP sequence number randomization
D. maximum number of simultaneous embryonic connections
E. maximum number of simultaneous TCP and/or UDP connections
F. fragments reassembly options
Ans: C,D,E
Q No: 3
By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without explicitly allowing it using an ACL?
A. ARP
B. BPDU
C. CDP
D. OSPF multicasts
E. DHCP
Ans: A
Q No: 4
Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols?
A. network
B. ICMP
C. protocol
D. TCP-UDP
E. service
Ans: E
Q No: 5
When troubleshooting a Cisco ASA (running 8.2.2) that is operating in transparent firewall mode, what should you verify to ensure proper operation?
A. The Cisco ASA has not been configured for inside static or dynamic NAT.
B. The Cisco ASA global IP address belongs to the same subnet as the directly connected interfaces.
C. The outside and inside interfaceare connected to different Layer 3 subnets.
D. The Cisco ASA is using a dedicated management interface for management access.
E. The Cisco ASA is configured for ARP inspection.
Ans: B
Q No: 6
Which four types of ACL object group are supported on the Cisco ASA (release 8.2)? (Choose four.)
A. protocol
B. network
C. port
D. service
E. icmp-type
F. host
Ans: A,B,D,E
Q No: 7
Which three statements about traffic shaping capability on the Cisco ASA are true? (Choose three.)
A. Traffic shaping can be applied to all outgoing traffic on a physical interface or in the case of the Cisco ASA 5505, on a VLAN
B. Traffic shaping can be applied in the input or output direction.
C. Traffic shaping can cause jitter and delay.
D. You can configure both traffic shaping and priorityqueueing on the same interface.
E. Traffic shaping is not supported on the Cisco ASA 5580.
Ans: A,D,E
Q No: 8
When troubleshooting redundant interface operations on the Cisco ASA, which configuration should be verified?
A. Thenameif configuration on the member physical interfaces are identical.
B. The MAC address configuration on the member physical interfaces are identical.
C. The active interface is sending periodic hellos to the standby interface.
D. The IP address configuration on the logical redundant interface is correct.
E. The duplex and speed configuration on the logical redundant interface are correct.
Ans: D
Q No: 9
What mechanism is used on the Cisco ASA to map IP addresses to domain names that are contained in the botnet traffic filter dynamic database or local blacklist?
A. HTTP inspection
B. DNS inspection and snooping
C. WebACL
D. dynamicbotnet database fetches (updates)
E. staticblacklist
F. static white list
Ans: B
Q No: 10
The Cisco ASA must support dynamic routing and terminating VPN traffic. Which three Cisco ASA options will not support these requirements? (Choose three.)
A. transparent mode
B. multiple context mode
C. active/standby failover mode
D. active/active failover mode
E. routed mode
F. no NAT-control
Ans: A,B,D
Q No: 11
The Cisco ASA is configured in multiple mode and the security contexts share the same outside physical interface. Which two packet classification methods can be used by the Cisco ASA to determine which security context to forward the incoming traffic from the outside interface? (Choose two.)
A. unique interface IP address
B. unique interface MAC address
C. routing table lookup
D. MAC address table lookup
E. unique global mapped IP addresses
Ans: B,E
Q No: 12
By default, which access rule is applied inbound to the inside interface?
A. All IP traffic is denied.
B. All IP traffic is permitted.
C. All IP traffic sourced from any source to any less secure network destinations is permitted.
D. All IP traffic sourced from any source to any more secure network destinations is permitted
Ans: B
Q No: 13
In which type of environment is the Cisco ASA MPF set connection advanced-options tcp-statebypass option the most useful?
A. SIP proxy
B. WCCP
C. BGP peering through the Cisco ASA
D. asymmetric traffic flow
E. transparent firewall
Ans: D
Q No: 14
Which Cisco ASA platform should be selected if the requirements are to support 35,000 connections per second, 600,000 maximum connections, and traffic shaping?
A. 5540
B. 5550
C. 5580-20
D. 5580-40
Ans: B

642-617

 

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend