CCNP Security FAQ : System Management/Maintenance

CCNP Security FAQ : System Management/Maintenance

Q1. Which command upgrades a PIX Firewall 525 device running a 6.3 OS version to 7.0?
A. install
B. setup
C. copy 7.0
D. copy tftp flash

Answer: D

Q2. Which binary file is required to perform a password recovery procedure on a PIX device running OS version 6.3?
A. np63.bin
B. pix52.bin
C. bh52.bin
D. pass52.bin

Answer: A

Q3. What circumstance(s) warrant(s) the use of a boothelper disk in the OS upgrade procedure?
A. A corrupt binary image
B. A PIX 520 device
C. A PIX device running a 6.0 or later PIX OS
D. No circumstance warrants the use of a boothelper disk

Answer: B

Q4. To what is the console password set after a successful password recovery procedure?
A. password.
B. cisco.
C. secret.
D. It is erased and set to blank

Answer: D

Q5. How many privilege levels are there on the PIX Firewall?
A. 2
B. 16
C. 32
D. 4

Answer: B

Q6. Which of the following is the highest level of privilege to which a user account can be assigned?
A. 32
B. 16
C. 8
D. 15

Answer: D

Q7. Which command changes the SSH password for login?
A. change ssh password
B. secret
C. password
D. ssh pass

Answer: C

Q8. What is the default amount of time a Telnet session can be idle?
A. 2 minutes
B. 15 minutes
C. 5 minutes
D. 12 minutes

Answer: C

Q9. Which of the following pieces of information are sent to an SNMP management station by the PIX Firewall?
A. Link up and link down
B. Running configuration
C. Show command outputs
D. Authentication failure

Answer: A, D

Q10. Which version of SSH does the PIX Firewall support?
A. 2.1
B. 2.2
C. 3.1
D. 1

Answer: D

Q11. How many ways can you access the PIX Firewall?

Answer: You can access the PIX Firewall through Telnet, SSH, PDM, and the console port.

Q12. What is the command to change the Telnet password?

Answer: passwd or Password

Q13. Which command would you use to view the privilege level assigned to the access-list command?

Answer: show running-config privilege command access-list

Q14. Which version of SSH does PIX Firewall support?

Answer: The ASA Security Appliance supports SSH version 1.

Q15. What is the activation key?

Answer: The activation key is the license key or number for the ASA Security Appliance.

Q16. Give one reason why you would need to change the activation key on your Security Appliance.


  • Your Cisco ASA 5100 does not have failover activated.
  • Your PIX Firewall does not currently have VPN-DES or VPN-3DES encryption enabled.
  • You are upgrading from a connection-based license to a feature-based license.

Q17. How many privilege levels are available on the PIX Firewall?

Answer: 16

Q18. How do you determine which version of the Security Appliance operating system is installed?

Answer: The show version command displays the version information on your PIX Firewall.

Q19. Which command would you use to create locally a user called mason with a password of Fr33 on the PIX Firewall?

Answer: username mason password Fr33

Q20. How do you find out what your activation key is?

Answer: Use the show activation-key command for versions earlier than 6.2, and use the show version command for Version 6.2 and later.

More Resources

About the author


Leave a Comment