Actualtests CCSP 642-515
Posted on | October 7, 2008 |
Securing Networks with ASA Advanced: 642-515 Exam
642-515 SNAA
Securing Networks with ASA Advanced
Exam Number: 642-515
Associated Certifications: CCSP
Duration: 90 minutes (60 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Exam DescriptionThe Securing Networks with ASA Advanced exam is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNAA course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify and manage the Cisco ASA Security Appliance product.
Exam TopicsThe following topics are general guidelines for the content likely to be included. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Configure and verify NAT, dynamic routing, and switching on Security Appliances
Configure and verify VLANS using ASDM
Configure and verify dynamic routing protocols and route redistribution using ASDM
Configure and verify policy NAT using ASDM
Configure and verify application layer protocol inspection and Modular Policy Framework for Security Appliances
Describe the Layer 7 advanced protocol handling capabilities of the Security Appliance
Configure and verify Layer 7 application layer protocol inspection using ASDM
Configure and verify Modular Policy Framework using ASDM
Configure and verify secure connectivity using IPsec VPNs
Describe the features and capabilities of digital certificates
Describe how to use digital certificate enrollment with the Security Appliance and Cisco VPN client
Configure and verify remote access VPNs with digital certificates using ASDM
Configure and verify IPsec VPN clients with digital certificates using ASDM
Configure and verify site-to-site VPNs with digital certificates using ASDM
Configure and verify advanced remote access features using ASDM
Configure and verify the ASA 5505 as a remote access client using ASDM
Configure and verify QoS for tunnel traffic using ASDM
Configure and verify secure connectivity using SSL VPNs
Describe the features and capabilities of SSL VPNs
Configure and verify the local certificate authority using ASDM
Configure and verify clientless access including smart tunnels, plug-ins and bookmarks using ASDM
Configure and verify port forwarding using ASDM
Configure the Security Appliance for SSL VPN client access using ASDM
Configure and verify the AnyConnect VPN client
Configure and verify CSD using ASDM
Configure and verify DAP using ASDM
Configure and verify AIP-SSM and CSC-SSM modules
Explain the function that AIP-SSM and CSC-SSM perform within a network
Configure and verify AIP-SSM
Configure and verify CSC-SSM
Product DescriptionExam Number/Code: 642-515
Exam Name:Securing Networks with ASA Advanced
“Securing Cisco Network Devices Exam(SND)”, also known as 642-515 exam, is a Cisco certification. With the complete collection of questions and answers, Actualtests has assembled to take you through 62 Q&As to your 642-515 Exam preparation. In the 642-515 exam resources, you will cover every field and category in CCSP helping to ready you for your successful Cisco Certification.
Free Demo Download Actualtests offers free demo for 642-515 exam (Securing Networks with ASA Advanced).You can check out the interface, question quality and usability of our practice exams before you decide to buy it.
QUESTION 11
Certkiller .com site is site up as follows:
Aggregation-layer Cisco Catalyst 6500 Series Switches
Redundant supervisors
Certkiller .com is deploying a new version of Cisco IOS
Which supervisor redundancy mode or modes will allow an older version of Cisco IOS to
be maintained on a standby supervisor?
Actualtests.com - The Power of Knowing
A. RPR and RPR+
B. RPRR and SSO
C. SSO only
D. RPR only
Answer: D
QUESTION 12
Which command enables virtual firewalls on the FWSM?
A. Mode Context
B. Enable context
C. Enable virtual
D. Mode Multiple
Answer: D
QUESTION 13
Exhibit:
You work as a network administrator at Certkiller .com. You carefully study the exhibit.
Which command enables Telnet management of the FWSM from the remote
management workstation at 192.168.1.23?
A. telnet 192.168.1.0 255.255.255.0
B. telnet 10.0.1.0 255.255.255.0 outside
C. telnet 192.168.1.23 255.255.255.255 outside
D. telnet 10.0.1.2 outside
Answer: C
QUESTION 14
A POP3 and an SMTP server must be visible at the same address through an FWSM.
Which type of NAT is required?
A. Static NAT
B. Identity NAT
C. Policy dynamic NAT
D. dynamic NAT
Actualtests.com - The Power of Knowing
Answer: A
QUESTION 15
Which three statements are requirements for configuring a web browser to work with the
NAM Cisco Traffic Analyzer? (Choose three.)
A. Enable Java and JavaScript
B. Configure the browser to accept all cookie
C. Set the browser to accept all cookies
D. Configure the browser to check for newer versions of pages every time it loads a page
E. Install the Cisco Traffic Analyzer application
F. Set the browser cache to clear itself automatically when the use exits the browser
Answer: A,B,D
QUESTION 16
Certkiller .com has installed an FWSM in the data center. Which feature must be
configured to enable FTP to work?
A. Transparent mode
B. Deep packet inspection
C. Dynamic PAT
D. Access lists
E. Dynamic NAT
Answer: B
QUESTION 17
Which three are valid SPAN sources for the NAM? (Choose three.)
A. A VLAN
B. An EtherChannel
C. A line card
D. A port group
E. An MPLS tunnel
F. A port
Answer: A,B,F
QUESTION 18
Certkiller .com network is configured as follows:
NetFlow is on for all core switch interfaces
The NAM receives NDE packets from each switch
Reports show aggregate data for all interfaces
How would you view data for specific interfaces on a given switch?
Actualtests.com - The Power of Knowing
A. Enable NetFlow only on the interfaces that you want to view
B. Create a custom NDE data source in Cisco Traffic Analyzer and specify the interfaces
that you want to view
C. Create ACLs on the NAM data ports to filter the NDE traffic
D. Limit the NDE data capture by specifying the VLANs that apply to the interfaces that
you want to view
Answer: B
QUESTION 19
Which step will configure high availability on two IDSMs in in-line mode?
A. Install the IDSMs in separate chassis
B. Enable software bypass on the backup IDSM
C. Enable hardware bypass on the primary IDSM
D. Configure an EtherChannel between the two IDSMs
Answer: B
QUESTION 20
A switch is running RSTP and is connected to a switch running 802.1D. What happens
when a spanning-tree reconvergence is triggered?
A. Both switches revert to STP mode
B. The switch running 802.1D reverts to RSTP mode
C. The switch running RSTP reverts to 802.1D mode
D. The switches can’t converge
Answer: C
Free download:pass4sure CCSP 642-515
Free download?testking CCSP 642-515
Comments
Leave a Reply