CCNP Security FAQ : Security Contexts
Q1. What are the benefits of using security context over multiple firewall units?
A. It reduces the overall cost of the security platform.
B. Management of the firewalls becomes a much easier task.
C. It uses less physical space.
D. All of these answers are correct.
Q2. What determines the amount of security contexts a Security Appliance can have?
A. Hardware model.
B. OS software version.
C. License purchased.
D. There is no limit.
E. The hardware model and license purchased.
Q3. What is the name used for the default administrative context?
Q4. Where can you store context configuration files?
A. FTP server
B. Flash memory DIMM
C. TFTP server
D. HTTP server
E. All of these answers are correct
Q5. The Security Appliance classifies traffic flows by using which of the following characteristics of the packet?
B. Destination address
C. Source address
D. Port type
E. Both VLAN and destination address
Q6. Which command enables multiple security context mode?
A. multiple-context enable
B. context-mode multiple
C. mode multiple
D. enable multimode
E. None of these answers are correct
Q7. Which of the following does the invisible parameter in the allocate-interface command do?
A. Disables an interface for the whole system
B. Hides physical interface properties from non-administrative users of a context
C. Enables transparent firewall support in a context
D. Hides a list of privileged commands from users of a context
Q8. Which command identifies the location from which the system downloads the context configuration file?
C. remote-config context
D. copy tftp flash
Q9. What are the two methods used to direct traffic flows to a security context?
Q10. Using Figure 9-2, configure the security contexts for PIXFX1. Assume that Context1 to Context3 store their configuration files on the web server configs.cisco.com in the directory/configlets using the username PIXCONFIG and password CISCO123. Context 2 stores its configuration on the Flash drive. All nonadministrative contexts use the naming scheme context[x].cfg.
Q11. How do you enable multiple security contexts?
Q12. What are the interface limitations of a security context when the firewall is in transparent mode?
Q13. What happens to the configuration files when multiple context mode is enabled?
Q14. What are the potential problems when you change the config-url setting for a context that is live?
Q15. What are the limitations of the allocate-interface command?
The numeric portion of the mapped name must include the same quantity of numbers as the subinterface range.
Q16. What does clear configure context do?