Q1. Which technology can be deployed with a Cisco ASA 1000V to segregate Layer 2 access within a virtual cloud environment?
A. Cisco Nexus 1000V
B. Cisco VSG
C. WSVA
D. ESVA
Answer: A
Q2. What is the default behavior of NAT control on Cisco ASA Software Version 8.3?
A. NAT control has been deprecated on Cisco ASA Software Version 8.3.
B. It will prevent traffic from traversing from one enclave to the next without proper access configuration.
C. It will allow traffic to traverse from one enclave to the next without proper access configuration.
D. It will deny all traffic.
Answer: A
Q3. What are two high-level task areas in a Cisco Prime Infrastructure life-cycle workflow? (Choose two.)
A. Design
B. Operate
C. Maintain
D. Log
E. Evaluate
Answer: A,B
Q4. Which two parameters must be configured before you enable SCP on a router? (Choose two.)
A. SSH
B. authorization
C. ACLs
D. NTP
E. TACACS+
Answer: A,B
Q5. What is the best description of a unified ACL on a Cisco firewall?
A. An ACL with both IPv4 and IPv6 functionality.
B. An IPv6 ACL with IPv4 backwards compatibility.
C. An IPv4 ACL with IPv6 support.
D. An ACL that supports EtherType in addition to IPv6.
Answer: A
Explanation:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_co nfig/ intro_intro.html
Q6. You are configuring a Cisco IOS Firewall on a WAN router that is operating as a Trusted Relay Point (TRP) in a voice network. Which feature must you configure to open data-channel pinholes for voice packets that are sourced from a TRP within the WAN?
A. CAC
B. ACL
C. CBAC
D. STUN
Answer: D
Q7. Which statement about the Cisco Security Manager 4.4 NAT Rediscovery feature is true?
A. It provides NAT policies to existing clients that connect from a new switch port.
B. It can update shared policies even when the NAT server is offline.
C. It enables NAT policy discovery as it updates shared polices.
D. It enables NAT policy rediscovery while leaving existing shared polices unchanged.
Answer: D
Q8. Which two web browsers are supported for the Cisco ISE GUI? (Choose two.)
A. HTTPS-enabled Mozilla Firefox version 3.x
B. Netscape Navigator version 9
C. Microsoft Internet Explorer version 8 in Internet Explorer 8-only mode
D. Microsoft Internet Explorer version 8 in all Internet Explorer modes
E. Google Chrome (all versions)
Answer: A,C
Q9. Which Cisco Security Manager form factor is recommended for deployments with fewer than 25 devices?
A. only Cisco Security Manager Standard
B. only Cisco Security Manager Professional
C. only Cisco Security Manager UCS Server Bundle
D. both Cisco Security Manager Standard and Cisco Security Manager Professional
Answer: A
Q10. You have installed a web server on a private network. Which type of NAT must you implement to enable access to the web server for public Internet users?
A. static NAT
B. dynamic NAT
C. network object NAT
D. twice NAT
Answer: A