Page 1

Exam 642­523 study material Made available by



Free 642­523 Exam Preparation Questions Exam 642­523: Securing Networks with PIX and ASA

For Latest 642­523 Exam Questions and study guides­ visit­­523.html

Question: 1 For the following commands, which one enables the DHCP server on the DMZ interface of the Cisco ASA with an address pool of and a DNS server of A. dhcpd address DMZ dhcpd dns dhcpd enable DMZ B. dhcpd address range dhcpd dns server dhcpd enable DMZ C. dhcpd range DMZ dhcpd dns server dhcpd DMZ D. dhcpd address range dhcpd dns dhcpd enable Answer: A Question: 2 Which description is correct about the output provided in the exhibit?

A. The ACLOUT access list has been designed to allow the IP address with the network address of to have unrestricted access to the web server at IP address B. The ACLOUT access list has been designed to deny the IP address web access to the host with a network address of C. The ACLIN access list permits web access from host to all hosts behind the Cisco ASA. D. The ICMPDMZ access list denies all ICMP traffic bound for the bastion host except echo replies Answer: A Question: 3 What is the effect of the per-user-override option when applied to the access-group command syntax? For Latest 642­523 Exam Questions and study guides­ visit­­523.html

A. The log option in the per-user access list overrides existing interface log options. B. It allows for extended authentication on a per-user basis. C. It allows downloadable user access lists to override the access list applied to the interface. D. It increases security by building upon the existing access list applied to the interface. All subsequent users are also subject to the additional access list entries. Answer: C Question: 4 In order to recover the Cisco ASA password, which operation mode should you enter? A. Configure B. Unprivileged C. Privileged D. Monitor Answer: D Question: 5 Observe the following commands, which one verifies that NAT is working normally and displays active NAT translations? A. show ip nat all B. show running-configuration nat C. show xlate D. show nat translation Answer: C Question: 6 What is the result if the WebVPN url-entry parameter is disabled? A. The end user is unable to access pre-defined URLs. B. The end user is unable to access any CIFS shares or URLs. C. The end user is able to access CIFS shares but not URLs. D. The end user is able to access pre-defined URLs. Answer: D Question: 7 Which three tunneling protocols and methods are supported by the Cisco VPN Client? (Choose three.) A. IPsec over TCP B. IPsec over UDP C. ESP D. AH Answer: A, B, C

For Latest 642­523 Exam Questions and study guides­ visit­­523.html

For complete Exam 642-523 Training kits and Self-Paced Study Material Visit:

For Latest 642­523 Exam Questions and study guides­ visit­­523.html

Exam 642-523 preparation questions  

Exam 642-523 study material -Made available by Examsking for Exam 642-523 such as Exam 642-523 preparation questions in 642-523 pdf formats,...

Read more
Read more
Similar to
Popular now
Just for you