REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Klusnar
 
 

 

Braindumps of 642-618
Deploying Cisco ASA Firewall Solutions (FIREWALL) V2.0

 

Exam Questions, Answers, Braindumps (642-618)

This braindump is provided with ratings from different students. I used www.examcheats.net study material and the exam was not a problem for me. 

 

QUESTION NO: 1

On the Cisco ASA, tcp-map can be applied to a traffic class using which MPF CLI configuration command?

A. inspect

B. sysopt connection

C. tcp-options

D. parameters

E. set connection advanced-options

Answer: E

QUESTION NO: 2

By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without explicitly allowing it using an ACL?

A. ARP

B. BPDU

C. CDP

D. OSPF multicasts

E. DHCP

Answer: A

QUESTION NO: 3

When enabling a Cisco ASA to send syslog messages to a syslog server, which syslog level will produce the most messages?

A. notifications

B. informational

C. alerts

D. emergencies

E. errors

F. debugging

Answer: F

QUESTION NO: 4

A customer is ordering a number of Cisco ASAs for their network. For the remote or home office, they are purchasing the Cisco ASA 5505. When ordering the licenses for their Cisco ASAs, which two licenses must they order that are "platform specific" to the Cisco ASA 5505? (Choose two.)

A. AnyConnect Essentials license

B. per-user Premium SSL VPN license

C. VPN shared license

D. internal user licenses

E. Security Plus license

Answer: D,E

QUESTION NO: 5

What mechanism is used on the Cisco ASA to map IP addresses to domain names that are contained in the botnet traffic filter dynamic database or local blacklist?

A. HTTP inspection

B. DNS inspection and snooping

C. WebACL

D. dynamic botnet database fetches (updates)

E. static blacklist

F. static whitelist

Answer: B

QUESTION NO: 6

In which two directions are the Cisco ASA modular policy framework inspection policies applied? (Choose two.)

A. in the ingress direction only when applied globally

B. in the ingress direction only when applied on an interface

C. in the egress direction only when applied globally

D. in the egress direction only when applied on an interface

E. bi-directionally when applied globally

F. bi-directionally when applied on an interface

Answer: A,F

QUESTION NO: 7

Which two statements about Cisco ASA 8.2 NAT configurations are true? (Choose two.)

A. NAT operations can be implemented using the NAT, global, and static commands.

B. If nat-control is enabled and a connection does not need a translation, then an identity NAT configuration is required.

C. NAT configurations can use the any keyword as the input or output interface definition.

D. The NAT table is read and processed from the top down until a translation rule is matched.

E. Auto NAT links the translation to a network object.

Answer: A,B

QUESTION NO: 8

Which three configurations are needed to enable SNMPv3 support on the Cisco ASA? (Choose three.)

A. SNMPv3 Local EngineID

B. SNMPv3 Remote EngineID

C. SNMP Users

D. SNMP Groups

E. SNMP Community Strings

F. SNMP Hosts

Answer: C,D,F

QUESTION NO: 9

In which type of environment is the Cisco ASA MPF set connection advanced-options tcp-statebypass option the most useful?

A. SIP proxy

B. WCCP

C. BGP peering through the Cisco ASA

D. asymmetric traffic flow

E. transparent firewall

Answer: D

QUESTION NO: 10

Which three types of class maps can be configured on the Cisco ASA appliance? (Choose three.)

A. control-plane

B. regex

C. inspect

D. access-control

E. management

F. stack

Answer: B,C,E

QUESTION NO: 11

On Cisco ASA Software Version 8.4 and later, which two options show the maximum number of active and standby ports that an EtherChannel can have? (Choose two.)

A. 2 active ports

B. 4 active ports

C. 6 active ports

D. 8 active ports

E. 2 standby ports

F. 4 standby ports

G. 6 standby ports

H. 8 standby ports

Answer: D,H

QUESTION NO: 12

By default, how does the Cisco ASA authenticate itself to the Cisco ASDM users?

A. The administrator validates the Cisco ASA by examining the factory built-in identity certificate thumbprint of the Cisco ASA.

B. The Cisco ASA automatically creates and uses a persistent self-signed X.509 certificate to authenticate itself to the administrator.

C. The Cisco ASA automatically creates a self-signed X.509 certificate on each reboot to authenticate itself to the administrator.

D. The Cisco ASA and the administrator use a mutual password to authenticate each other.

E. The Cisco ASA authenticates itself to the administrator using a one-time password.

Answer: C

QUESTION NO: 13

When will a Cisco ASA that is operating in transparent firewall mode perform a routing table lookup instead of a MAC address table lookup to determine the outgoing interface of a packet?

A. if multiple context mode is configured

B. if the destination MAC address is unknown

C. if the destination is more than a hop away from the Cisco ASA

D. if NAT is configured

E. if dynamic ARP inspection is configured

Answer: D

 

642-618


 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend