Pass4sure Cisco CCSP 642-523 Exam
Securing Networks with PIX and ASA : 642-523 Exam
Exam Number/Code: 642-523
Exam Name: Securing Networks with PIX and ASA
“Securing Networks with PIX and ASA”, also known as 642-523 exam, is a Cisco certification.
Preparing for the 642-523 exam? Searching 642-523 Test Questions, 642-523 Practice Exam, 642-523 Dumps?
Which of these commands enables the DHCP server on the DMZ interface of the Cisco ASA with
an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A. dhcpd address 10.0.1.100-10.0.1.108 DMZ
dhcpd dns 192.168.1.2 dhcpd enable DMZ
B. dhcpd range 10.0.1.100-10.0.1.108 DMZ
dhcpd dns server 192.168.1.2 dhcpd DMZ
C. dhcpd address range 10.0.1.100-10.0.1.108
dhcpd dns 192.168.1.2 dhcpd enable
D. dhcpd address range 10.0.1.100-10.0.1.108
dhcpd dns server 192.168.1.2 dhcpd enable DMZ
Answer: A
Which mode of operation must you enter in order to recover the Cisco ASA password?
A. unprivileged
B. privileged
C. configure
D. monitor
Answer: D
QUESTION: 4
Which command both verifies that NAT is working properly and displays active NAT
translations?
A. show running-configuration nat
B. show nat translation
C. show xlate
D. show ip nat all
Answer: C
QUESTION: 5
The Cisco VPN Client supports which three of these tunneling protocols and methods? (Choose
three.)
A. IPsec over TCP
B. IPsec over UDP
C. ESP
D. AH
E. SCEP
F. LZS
Answer: A, B, C
When configuring a crypto ipsec transform-set command, how many unique transforms can a
single transform set contain?
A. one
B. two
C. three
D. four
Answer: B
QUESTION: 10
Which three of these are potential groups of users for WebVPN? (Choose three.)
A. employees accessing specific internal applications from desktops and laptops not managed by
IT
B. administrators who need to manage servers and networking equipment
C. employees that only need occasional corporate access to a few applications
D. employees that need access to a wide range of corporate applications
E. users of a customer service kiosk placed in a retail store
F. remote employees that need daily access to the internal corporate network
Answer: A, C, E
QUESTION: 11
Which of these commands will provide detailed information about the crypto map configurations
of a Cisco ASA?
A. show run ipsec sa
B. show ipsec sa
C. show crypto map
D. show run crypto map
Answer: D
QUESTION: 12
Which of these commands would block all SIP INVITE packets, such as calling-party and
request-method, from specific SIP endpoints?
A. Group the match commands in a SIP inspection policy map.
B. Group the match commands in a SIP inspection class map.
C. Use the match calling-party command in a class map. Apply the class map to a policy map
that contains the match request-methods command.
D. Use the match request-methods command in an inspection class map. Apply the inspection
class map to an inspection policy map that contains the match calling-party command.
E. Group the match commands in the global_policy policy map.
The primary adaptive security appliance failed, so the secondary adaptive security appliance was
automatically activated. The network administrator then fixed the problem. Now the administrator
wants to return the primary to “active” status. Which of these commands, when issued on the
primary adaptive security appliance, will reactivate the primary adaptive security appliance and
restore it to “active” status?
A. failover primary active
B. failover secondary group 1
C. failover active group 1
D. failover secondary standby group 1
Answer: C
QUESTION: 17
You are configuring a crypto map. Which of these commands would you use to specify the peer
to which IPsec-protected traffic can be forwarded?
A. crypto map set peer 192.168.7.2
B. crypto map 20 set-peer insidehost
C. crypto-map policy 10 set 192.168.7.2
D. crypto map peer7 10 set peer 192.168.7.2
Answer: D
QUESTION: 18
Which three types of information can be found in the syslog output for an adaptive security
appliance? (Choose three.)
A. time stamp and date
B. logging level
C. default router
D. interface packet received
E. hostname of the packet sender
F. message text
Answer: A, B, F
With the complete collection of questions and answers, Pass4sure has assembled to take you through 63 Q&As to your 642-523 Exam preparation. In the 642-523 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.
Questions and Answers : 63 Q&As
Updated: April 11th , 2008
Market Price: $125.99
Member Price: $99.99
Free Down:Pass4sure Cisco CCSP 642-523 v2.93
Testking 642-523
password:www.pass4sure.cc
Recent Comments