Q1. According to the logging configuration on the Cisco ASA, what will happen if syslog server 10.10.2.40 fails?
A. New connections through the ASA will be blocked and debug system logs will be sent to the internal buffer.
B. New connections through the ASA will be blocked and informational system logs will be sent to the internal buffer.
C. New connections through the ASA will be blocked and system logs will be sent to server 10.10.2.41.
D. New connections through the ASA will be allowed and system logs will be sent to server 10.10.2.41.
E. New connections through the ASA will be allowed and informational system logs will be sent to the internal buffer.
F. New connections through the ASA will be allowed and debug system logs will be sent to the internal buffer.
Answer: B
Explanation:
This is shown by the following screen shot:
\\psf\Home\Desktop\Screen Shot 2015-06-17 at 5.26.32 PM.png
Q2. What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?
A. 1024 bytes
B. 1518 bytes
C. 2156 bytes
D. 9216 bytes
Answer: D
Q3. What are three ways to add devices in Cisco Prime Infrastructure? (Choose three.)
A. Use an automated process.
B. Import devices from a CSV file.
C. Add devices manually.
D. Use RADIUS.
E. Use the Access Control Server.
F. Use Cisco Security Manager.
Answer: A,B,C
Q4. Which function in the Cisco ADSM ACL Manager pane allows an administrator to search for a specfic element?
A. Find
B. Device Management
C. Search
D. Device Setup
Answer: A
Q5. What is the lowest combination of ASA model and license providing 1 Gigabit Ethernet interfaces?
A. ASA 5505 with failover license option
B. ASA 5510 Security+ license option
C. ASA 5520 with any license option
D. ASA 5540 with AnyConnect Essentials License option
Answer: B
Q6. An administrator installed a Cisco ASA that runs version 9.1. You are asked to configure the firewall through Cisco ASDM.
When you attempt to connect to a Cisco ASA with a default configuration, which username and password grants you full access?
A. admin / admin
B. asaAdmin / (no password)
C. It is not possible to use Cisco ASDM until a username and password are created via the username usernamepassword password CLI command.
D. enable_15 / (no password)
E. cisco / cisco
Answer: D
Q7. Which three logging methods are supported by Cisco routers? (Choose three.)
A. console logging
B. TACACS+ logging
C. terminal logging
D. syslog logging
E. ACL logging
F. RADIUS logging
Answer: A,C,D
Q8. Which two statements about Cisco IOS Firewall are true? (Choose two.)
A. It provides stateful packet inspection.
B. It provides faster processing of packets than Cisco ASA devices provide.
C. It provides protocol-conformance checks against traffic.
D. It eliminates the need to secure routers and switches throughout the network.
E. It eliminates the need to secure host machines throughout the network.
Answer: A,C
Q9. Which two options are protocols and tools that are used by the management plane when discussing Cisco ASA general management plane hardening? ( Choose two )
A. Unicast Reverse Path Forwarding
B. NetFlow
C. Routing Protocol Authentication
D. Threat detection
E. Syslog
F. ICMP unreachables
G. Cisco URL Filtering
Answer: B,E
Explanation: http://www.cisco.com/web/about/security/intelligence/firewall-best-practices.html
Q10. Which two SNMPv3 features ensure that SNMP packets have been sent securely? (Choose two.)
A. host authorization
B. authentication
C. encryption
D. compression
Answer: B,C