just4dumps's picture
From just4dumps rss RSS  subscribe Subscribe

642-515 

Testinside : IT Certification Material Provider
Testinside offers incredible career enhancing opportunities. We are a team of IT professionals that focus on providing our customers with the most up to date material for any IT certification exam. This material is so effective that we Guarantee you will pass the exam or your money back.

 
 
 
Tags:  test  questions 
Views:  99
Published:  January 10, 2011
 
0
download

Share plick with friends Share
save to favorite
Report Abuse Report Abuse
 
Related Plicks
testkiller, test killer, testkiller.me, MCSE, CCNA, A+, Oracle, brain dumps, online certification te

testkiller, test killer, testkiller.me, MCSE, CCNA, A+, Oracle, brain dumps, online certification te

From: shahid_anw
Views: 466 Comments: 0
Hi,

My name shahid, Im network administer passed mcse exams by Microsoft, CCNA and CCNP by Cisco. Now I'm prepairing Exams DBA by Oracle.I found testkiller website for passing certification exams wi (more)

 
640 802 exam-a-demo-q&a

640 802 exam-a-demo-q&a

From: cishaw
Views: 1023 Comments: 0
640 802 exam-a-demo-q&a
 
How to Create Questions for Quizzes or Surveys

How to Create Questions for Quizzes or Surveys

From: alice303
Views: 87 Comments: 0

 
See all 
 
More from this user
$49.95 just4dumps 000-M12

$49.95 just4dumps 000-M12

From: just4dumps
Views: 442
Comments: 0
$49.95 just4dumps 642-902

$49.95 just4dumps 642-902

From: just4dumps
Views: 411
Comments: 0
310-055

310-055

From: just4dumps
Views: 523
Comments: 0
642-566

642-566

From: just4dumps
Views: 591
Comments: 0
FC0-GR1

FC0-GR1

From: just4dumps
Views: 425
Comments: 0
000-667

000-667

From: just4dumps
Views: 381
Comments: 0
See all 
 
 
 URL:          AddThis Social Bookmark Button
Embed Thin Player: (fits in most blogs)
Embed Full Player :
 
 

Name

Email (will NOT be shown to other users)

 
 
 
Comments: (watch)
 
 
Notes:
 
Slide 1: TestInside Cisco 642-515 CCSP Certification 642-515 CCSP Cisco Securing Networks with ASA Advanced Practice Exam: 642-515 Exams Exam Number/Code: 642-515 Exam Name: Securing Networks with ASA Advanced Questions and Answers: 90 Q&As ( CCSP ) "Securing Networks with ASA Advanced", also known as 642-515 exam, is a Cisco certification.With the complete collection of questions and answers, TestInside has assembled to take you through 90 Q&As to your 642-515 Exam preparation. In the 642-515 exam resources, you will cover every field and category in Cisco Certification helping to ready you for your successful Cisco Certification. Quality and Value for the 642-515 Exam TestInside Practice Exams for Cisco CCSP Certification 642-515 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development. E x a m : 642-515 TestInside provide the professional Q&A. 1. We offer free update service for three month. After you purchase our product, we will offer free update in time for three month. 2. High quality and Value for the 642-515 Exam. 642-515 simulation test questions, including the examination question and the answer, complete by our senior IT lecturers and the CCSP product experts, included the current newest 642-515 examination questions. 3. 100% Guarantee to Pass Your CCSP exam and get your CCSP Certification. If you do not pass the Cisco Certification 642-515 exam (Securing Networks with ASA Advanced) on your first attempt using our TestInside testing engine and pdf file, we will give you a FULL REFUND of your purchasing fee. use TestInside 642-515 Q&A ensure you pass the exam at your first try. TestInside professional provide CCSP 642-515 the newest Q&A, completely covers 642-515 test original topic. With our complete CCSP resources, you will minimize your CCSP cost and be ready to pass your 642-515 tests on Your First Try, 100% Money Back Guarantee included! Cisco 642-515 Test belongs to one of the CCSP certified test, if needs to obtain the CCSP certificate, you also need to participate in other related test, the details you may visit the CCSP certified topic, in there, you will see all related CCSP certified subject of examination. TestInside Testing Engine Features Comprehensive questions and answers about 642-515 exam 642-515 exam questions accompanied by exhibits Verified Answers Researched by Industry Experts and almost 100% correct 642-515 exam questions updated on regular basis
Slide 2: Same type as the certification exams, 642-515 exam preparation is in multiple-choice questions (MCQs). Tested by multiple times before publishing Try free 642-515 exam demo before you decide to buy it in Test-Inside.com. Note:This pdf demo do not include the question's picture. Exam : Cisco 642-515 Title : Securing Networks with ASA Advanced 1. Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.) A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports. B. It supports SIP with NAT but not with PAT. C. It supports multimedia with or without NAT. D. It supports RTSP, H.323, Skinny, and CTIQBE. Answer: ACD 2. You work as a network administrator for your company. Study the exhibit carefully. ASDM is short for Adaptive Security Device Manager. You are responsible for multiple remote Cisco ASA security appliances administered through Cisco ASDM. Recently, you have been tasked to configure one of these Cisco ASA security appliances for SSL VPNs and are requiring a client certificate, as shown. How will this configuration affect your next ASDM connection to this Cisco ASA security appliance? A. You would be required to download the identity certificate of the remote Cisco ASA security appliance. B. You would be asked to present an identity certificate. If you did not have one, the Cisco ASA security appliance would prompt you for authentication credentials, consisting of a username and password. C. Your connection would be handled the way it is always handled by this Cisco ASA security appliance. D. You would be required to have an identity certificate that the Cisco ASA security appliance can use for authentication. Answer: D 3. What is the reason that you want to configure VLANs on a security appliance interface? A. for use in conjunction with device-level failover to increase the reliability of your security appliance B. for use in transparent firewall mode, where only VLAN interfaces are used C. to increase the number of interfaces available to the network without adding additional physical interfaces or security appliances D. for use in multiple context mode, where you can map only VLAN interfaces to contexts Answer: C 4. Study the following exhibit carefully. You work as the network administrator of a corporate Cisco ASA security appliance with a Cisco ASA AIP-SSM. You are asked to use the AIP-SSM to protect corporate DMZ web servers. The AIP-SSM has been configured, and a service policy has been configured to identify the traffic to be passed to the AIPSSM. On which two interfaces would application of the service policy for the AIP-SSM be most effective while causing the least amount of impact to Cisco ASA security appliance performance? (Choose two.) A. Internet interface B. dmz interface C. globally on all interfaces D. outside interface Answer: BD
Slide 3: 5. While implementing QoS, which two types of queues are available on the Cisco ASA security appliance? (Choose two.) A. weighted fair B. round robin queue C. low latency queue D. best effort queue Answer: CD 6. Which three commands can display the contents of flash memory on the Cisco ASA adaptive security appliance? (Choose three.) A. show disk0: B. show memory C. dir D. show flash: Answer: ACD 7. Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.) A. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection. B. If you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy. C. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client-server connections through the security appliance. D. If inspection for a protocol is not enabled, traffic for that protocol may be blocked. Answer: BCD 8. Refer to the exhibit. You have configured a Layer 7 policy map to match the size of HTTP header fields that are traversing the network. Based on this configuration, will HTTP headers that are greater than 200 bytes be logged? A. No, because the reset action for headers greater than 100 bytes would be the first match. B. Yes, because the log action for headers greater than 200 bytes would be the last match. C. Yes, because the reset action for headers greater than 100 bytes and the log action for headers greater than 200 bytes would both be applied. D. No, because reset or log actions are a part of the service policy and the Layer 7 policy map. Answer: A 9. For creating and configuring a security context, which three tasks are mandatory? (Choose three.) A. allocating interfaces to the context B. assigning MAC addresses to context interfaces C. creating a context name D. specifying the location of the context startup configuration Answer: ACD 10. Which one of the following commands can provide detailed information about the crypto map configurations of a Cisco ASA adaptive security appliance? A. show ipsec sa B. show crypto map C. show run ipsec sa D. show run crypto map Answer: D 11. The following exhibit shows a Cisco ASA security appliance configured to participate in a VPN cluster. According to the exhibit, to which value will you set the priority to increase the chances of this Cisco ASA security appliance
Slide 4: becoming the cluster master? A. 100 B. 0 C. 10 D. 1 Answer: C 12. Which three features can the Cisco ASA adaptive security appliance support? (Choose three.) A. BGP dynamic routing B. 802.1Q VLANs C. OSPF dynamic routing D. static routes Answer: BCD 13. You are the network administrator for your company. Study the exhibit carefully. You are responsible for a Cisco ASA security appliance configured with a local CA. According to the exhibit below, what is the reason that the user student1 will use this password? A. retrieval of the Cisco ASA security appliance identity certificate B. retrieval of the digital certificate from the local CA on the Cisco ASA security appliance C. the initial authentication to the SSL VPN server D. authentication to the SSL VPN server Answer: B 14. Which two statements about the downloadable ACL feature of the security appliance are correct? (Choose two.) A. Downloadable ACLs are supported using TACACS+ or RADIUS. B. Downloadable ACLs enable you to store full ACLs on a AAA server and download them to the security appliance. C. The security appliance supports only per-user ACL authorization. D. The downloadable ACL must be attached to a user or group profile on a AAA server. Answer: BD 15. Which two statements are true about multiple context mode? (Choose two.) A. Multiple context mode does not support IPS, IPsec, and SSL VPNs, or dynamic routing protocols. B. Multiple context mode enables you to create multiple independent virtual firewalls with their own security policies and interfaces. C. Multiple context mode enables you to add to the security appliance a hardware module that supports up to four independent virtual firewalls. D. When you convert from single mode to multiple mode, the security appliance automatically adds an entry for the admin context to the system configuration with the name "admin." Answer: BD 16. Observe the following exhibit carefully. When TCP connections are tunneled over another TCP connection and latency exists between the two endpoints, each TCP session would trigger a retransmission, which can quickly spiral out of control when the latency issues persist. This issue is often called TCP-over-TCP meltdown. According to the presented Cisco ASDM configuration, which Cisco ASA security appliance configuration will most likely solve this problem? A. Compression B. MTU size of 500 C. Keepalive Messages D. Datagram TLS Answer: D 17. Cisco ASA 5500 Series Adaptive Security Appliances are easy-to-deploy solutions that integrate world-class firewall, Unified Communications (voice/video) security, SSL and IPsec VPN, intrusion prevention (IPS), and content
Slide 5: security services in a flexible, modular product family. You are asked to configure a Cisco ASA 5505 Adaptive Security Appliance as an Easy VPN hardware client. In the process of configuration, you defined a list of backup servers for the security appliance to use. After several hours of being connected to the primary VPN server, the security appliance fails. You notice that your Easy VPN hardware client has now connected to a backup server that is not defined within the configuration of the client. Where did your Easy VPN hardware client get this backup server? A. The connection profile that was configured on the primary VPN server was pushed to your Easy VPN hardware client and overwrote the list of backup servers that you had configured. B. The group policy that was configured on the primary VPN server was pushed to your Easy VPN client and overwrote the list of backup servers that you had configured. C. The backup servers that you listed were not configured as VPN servers, so the Easy VPN hardware client used the list of backup servers retrieved from the primary server. D. The backup servers that you listed were no longer available, so the Easy VPN hardware client used the list of backup servers that it retrieved from the primary server. Answer: B 18. Tom works as a network administrator for the CISCO company. The primary adaptive security appliance in an active/standby failover configuration failed, so the secondary adaptive security appliance was automatically activated. Tom then fixed the problem. Now he would like to restore the primary to active status. Which one of the following commands can reactivate the primary adaptive security appliance and restore it to active status while issued on the primary adaptive security appliance? A. failover reset B. failover primary active C. failover active D. failover exec standby Answer: C 19. Which two options are correct about the impacts of this configuration? (Choose two.) class-map INBOUND_HTTP_TRAFFIC match access-list TOINSIDEHOST class-map OUTBOUND_HTTP_TRAFFIC match access-list TOOUTSIDEHOST policy-map MYPOLICY class INBOUND_HTTP_TRAFFIC inspect http set connection conn-max 100 policy-map MYOTHERPOLICY class OUTBOUND_HTTP_TRAFFIC inspect http service-policy MYOTHERPOLICY interface inside service-policy MYPOLICY interface outside A. Traffic that matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum connection limits. B. Traffic that enters the security appliance through the inside interface is subject to HTTP inspection. C. Traffic that enters the security appliance through the outside interface and matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum connection limits. D. Traffic that enters the security appliance through the inside interface and matches access control list TOOUTSIDEHOST is subject to HTTP inspection. Answer: CD 20. You work as a network security administrator for your company. Now, you are asked to configure the corporate Cisco ASA security appliance to take the following steps on its outside interface: --rate limit all IP traffic from telecommuting system engineers to the insidehost --drop all HTTP requests from the Internet to the web server that have a body length greater than 1000 bytes
Slide 6: --prevent users on network 192.168.6.0/24 from using the FTP PUT command to store .exe files on the FTP server In order to achieve this objective, which set of Modular Policy Framework components will be included? A. one Layer 7 class map, two Layer 7 policy maps, three Layer 3/4 class maps, one Layer 3/4 policy map B. three Layer 7 policy maps, one Layer 3/4 class map, one Layer 3/4 policy map C. one Layer 7 class map, one Layer 7 policy map, three Layer 3/4 class maps, one Layer 3/4 policy map D. two Layer 7 class maps, one Layer 7 policy map, three Layer 3/4 class maps, one Layer 3/4 policy map Answer: A More 642-515 Information Related 642-515 Exams 642-515 642-545 642-542 642-552 642-513 642-502 642-503 642-523 642-532 642-521 642-551 642-522 Securing Networks with ASA Advanced Implementing Cisco Security Monitoring, Analysis and Response System Cisco SAFE Implementation Exam Securing Cisco Network Devices Exam Securing Hosts Using Cisco Security Agent Exam (HIPS) Securing Networks with Cisco Routers and Switches Exam(SNRS) Securing Networks with Cisco Routers and Switches Securing Networks with PIX and ASA Securing Networks Using Intrusion Prevention Systems Exam (IPS) Cisco Secure PIX Firewall Advanced Securing Cisco Network Devices Exam(SND) Securing Networks with PIX and ASA Exam(SNPA) Other Cisco Exams 642-445 350-018LAB 642-746 642-587 642-531 642-067 642-564 642-145 646-392 642-533 642-243 350-022 350-018 642-523 642-566 646-011 646-391 642-511 642-982 646-967

   
Time on Slide Time on Plick
Slides per Visit Slide Views Views by Location