Config Router

  • Google Sheets
  • CCNA Online training
    • CCNA
  • CISCO Lab Guides
    • CCNA Security Lab Manual With Solutions
    • CCNP Route Lab Manual with Solutions
    • CCNP Switch Lab Manual with Solutions
  • Juniper
  • Linux
  • DevOps Tutorials
  • Python Array
You are here: Home / Cisco / CCNP Security FAQ : Firewall Technologies and the Cisco Security Appliance

CCNP Security FAQ : Firewall Technologies and the Cisco Security Appliance

March 4, 2020 by Scott

CCNP Security FAQ : Firewall Technologies and the Cisco Security Appliance

Q1. True or false: Packet filtering on IOS routers provides security as good as that on the Cisco Security Appliances.
A. True
B. False

Answer: A

Q2. What design features enable Cisco Security Appliances, such as the PIX Firewall, to outperform conventional application firewalls?
A. Adaptive Security Algorithm
B. Super-packet filtering
C. Purpose-built, real-time operating environment
D. Hot standby proxy processing
E. Cut-through proxy support

Answer: C

Q3. True or false: With AAA Authentication disabled, cut-through proxy technology allows users to do anything they want after authenticating at the firewall.
A. True
B. False

Answer: B

Q4. What steps are required to add an ARP entry to a Cisco PIX Firewall if the PIX failed to learn it through other means?
A. Edit the /etc/interfaces/outside/arp.conf file.
B. Use the arp command in global configuration mode.
C. Add the ARP entry using the GUI.
D. Use the set arp command in interface config mode.

Answer: B

Q5. True or false: There is no limit to the number of connections an application proxy firewall can handle.
A. True
B. False

Answer: B

Q6. True or false: The Adaptive Security Algorithm requires a tremendous amount of processing by the firewall. Although the PIX Firewall is not very efficient at processing the ASA, it can handle the task.
A. True
B. False

Answer: B

Q7. True or false: Redundancy allows you to configure two or more PIX Firewalls in a cluster to protect critical systems.
A. True
B. False

Answer: B

Q8. Of the three firewall technologies, which one generates a separate connection on behalf of the requestor and usually operates at the upper layers of the OSI reference model?
A. Stateful inspection
B. Packet filtering
C. High-speed packet filtering
D. Application proxy
E. None of these answers are correct

Answer: D

Q9. Which of the following is not one of the three basic firewall technologies?
A. Stateful inspection
B. Packet filtering
C. High-speed packet filtering
D. Application proxy
E. None of these answers are correct

Answer: C

Q10. Which firewall technology is commonly implemented on a router?
A. Stateful inspection
B. Packet filtering
C. High-speed packet filtering
D. Application proxy
E. None of these answers are correct

Answer: D

Q11. What items does a packet filter look at to determine whether to allow the traffic?

Answer: Source address/port, destination address/port, and protocol.

Q12. What are the advantages of the Cisco Security Appliance family of firewalls over competing firewall products?

Answer: The Cisco Security Appliance has a single embedded operating system, the Adaptive Security Algorithm, cut-through proxy, and redundancy.

Q13. How many Security Appliances can you operate in a high-availability cluster?

Answer: The Security Appliance can be configured in a failover configuration consisting of two firewalls.

Q14. What is the ASA, and how does the Cisco Security Appliance use it?

Answer: The Adaptive Security Algorithm is what the Security Appliance uses to perform stateful inspection. The ASA not only tracks the session information in the state table but also randomly generates TCP sequence numbers to ensure that a session cannot be hijacked.

Q15. Why is cut-through proxy more efficient than traditional proxy?

Answer: Cut-through proxy is a feature that the Cisco Security Appliance uses to authenticate and authorize a user during the initial creation of the session. Cut-through proxy uses the ASA to track session information but does not perform any proxy services. This greatly increases the firewall’s performance compared to traditional proxy firewalls.

Q16. What are the advantages of a real-time embedded system?

Answer: The advantages are improved security, functionality, and performance.

More Resources

  • CCNP Security FAQ
  • CCNP Security VPN FAQ
  • CCNP Secure IPS FAQ
  • CCNA Security FAQ
  • Network Security FAQ
  • CCNA Exam Answers Cisco Learning Network
  • CCNA Frequently Asked Questions
  • CCNA Exam Questions with Explanation
  • CCNA Cyber Ops FAQ

Related

Filed Under: Cisco Tagged With: CCNP Security FAQ, Firewall Technologies and the Cisco Security Appliance

Recent Posts

  • How do I give user access to Jenkins?
  • What is docker volume command?
  • What is the date format in Unix?
  • What is the difference between ARG and ENV Docker?
  • What is rsync command Linux?
  • How to Add Music to Snapchat 2021 Android? | How to Search, Add, Share Songs on Snapchat Story?
  • How to Enable Snapchat Notifications for Android & iPhone? | Steps to Turn on Snapchat Bitmoji Notification
  • Easy Methods to Fix Snapchat Camera Not Working Black Screen Issue | Reasons & Troubleshooting Tips to Solve Snapchat Camera Problems
  • Detailed Procedure for How to Update Snapchat on iOS 14 for Free
  • What is Snapchat Spotlight Feature? How to Make a Spotlight on Snapchat?
  • Snapchat Hack Tutorial 2021: Can I hack a Snapchat Account without them knowing?

Copyright © 2025 · News Pro Theme on Genesis Framework · WordPress · Log in