CCNP Security FAQ : Configuration of AAA on the Cisco Security Appliance Q1. What is the best way to authenticate an H.323 connection? A. Authenticate to the H.323 server B. Telnet to the H.323 server C. Virtual Telnet to the PIX Firewall for authentication D. Virtual HTTP to the Cisco Secure ACS for authentication Answer: C Q2. What three services are used to … [Read more...]
CCNP Security FAQ : Overview of AAA and the Cisco Security Appliance
CCNP Security FAQ : Overview of AAA and the Cisco Security Appliance Q1. Which platform does Cisco Secure ACS for Windows version 3.3 currently support? A. Windows XP Professional B. Windows 2000 Server C. Windows NT Workstation D. Windows 2000 Professional Answer: B Q2. What is a new feature of Cisco Secure ACS for Windows version 3.3? A. A password generator B. A … [Read more...]
CCNP Security FAQ : Content Filtering on the Cisco Security Appliance
CCNP Security FAQ : Content Filtering on the Cisco Security Appliance Q1. How does the Security Appliance filter Java applets and ActiveX objects? A. By commenting out the <OBJECT> </OBJECT> tags or the <APPLET> </APPLET> tags in the HTML page. B. By deleting the <OBJECT CLASSID> </OBJECT> tags or the <APPLET> </APPLET> tags … [Read more...]
CCNP Security FAQ : Adaptive Security Device Manager
CCNP Security FAQ : Adaptive Security Device Manager Q1. How many tabs does ASDM have under its Configuration button? A. Three B. Five C. Nine D. Six Answer: C Q2. How do you connect to ASDM? A. By accessing the Security Appliance through Telnet and entering ASDM B. By entering http://inside_interface_ip in your browser C. By entering https://inside_interface_ip … [Read more...]
CCNP Security FAQ : Configuring Access VPNs
CCNP Security FAQ : Configuring Access VPNs Q1. What is the Easy VPN Server functionality known as Initial Contact? A. Ability to cause the Easy VPN Server to delete any existing connections, thus preventing SA synchronization problems B. The first connection between an Easy VPN Client and Easy VPN Server C. The initial message sent from the Easy VPN Server to the Easy … [Read more...]
CCNP Security FAQ : Virtual Private Networks
CCNP Security FAQ : Virtual Private Networks Q1. Which type of encryption is stronger? A. Group 2 Diffie-Hellman B. AES-128 C. 3DES D. AES-192 E. DES Answer: D Q2. Which service uses UDP port 500? A. IPSec B. OAKLEY C. IKE D. None of these answers are correct Answer: C Q3. Which service uses TCP port 50? A. aIKE B. AH C. OAKLEY D. ESP E. None of these … [Read more...]
CCNP Security FAQ : Routing and the Cisco Security Appliance
CCNP Security FAQ : Routing and the Cisco Security Appliance Q1. Which dynamic routing protocols are supported by the Cisco Security Appliance? A. RIP B. OSPF C. BGP D. EIGRP Answer: E Q2. Which command do you use to configure static routes? A. interface B. mroute C. route D. static E. None of these answers are correct Answer: C Q3. Which command do you use to … [Read more...]
CCNP Security FAQ : Syslog and the Cisco Security Appliance
CCNP Security FAQ : Syslog and the Cisco Security Appliance Q1. What is the command for sending syslog messages to the Telnet session? A. logging console B. logging monitor C. telnet logging D. send log telnet Answer: B Q2. Which of the following is the correct command syntax to set the logging level to 5 for syslog message 403503? A. logging message 403503 level … [Read more...]
CCNP Security FAQ : Security Contexts
CCNP Security FAQ : Security Contexts Q1. What are the benefits of using security context over multiple firewall units? A. It reduces the overall cost of the security platform. B. Management of the firewalls becomes a much easier task. C. It uses less physical space. D. All of these answers are correct. Answer: D Q2. What determines the amount of security contexts a … [Read more...]
CCNP Security FAQ : Modular Policy Framework
CCNP Security FAQ : Modular Policy Framework Q1. What part of the Modular Policy Framework assigns a Traffic Class? A. Service map B. Priority map C. Class map D. Policy map Answer: 1.c Q2. Which match command will match a specific TCP port? A. match flow B. match rtp C. match tunnel-group D. match dscp E. None of these answers are correct Answer: E Q3. Which … [Read more...]