您好,欢迎来到江浙沪招生考试网 !

设为首页|加入收藏|联系我们|网站地图|

江浙沪招生考试网

您现在的位置: test4exam >> 历年真题 >> it认证题库 >> 正文

思科认证CISCO 642-524 题库

日期:2015/8/31 13:38:52 来源:本站原创 访问量:

  1. Tom works as a network administrator for the TIS company. The primary adaptive security appliance in an

  active/standby failover configuration failed, so the secondary adaptive security appliance was automatically

  activated. Tom then fixed the problem. Now he would like to restore the primary to active status. Which one of the

  following commands can reactivate the primary adaptive security appliance and restore it to active status while

  issued on the primary adaptive security appliance?

  A. failover reset

  B. failover primary active

  C. failover active

  D. failover exec standby

  Answer: C

  2. For the following commands, which one enables the DHCP server on the DMZ interface of the Cisco ASA with

  an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?

  A. dhcpd address 10.0.1.100-10.0.1.108 DMZ

  dhcpd dns 192.168.1.2 dhcpd enable DMZ

  B. dhcpd address range 10.0.1.100-10.0.1.108

  dhcpd dns server 192.168.1.2 dhcpd enable DMZ

  C. dhcpd range 10.0.1.100-10.0.1.108 DMZ

  dhcpd dns server 192.168.1.2 dhcpd DMZ

  D. dhcpd address range 10.0.1.100-10.0.1.108

  dhcpd dns 192.168.1.2 dhcpd enable

  Answer: A

  3. Look at the following exhibit carefully, which one of the four diagrams displays a correctly configured network

  for a transparent firewall?

  TestInside Cisco 642-524

  A. 1

  B. 2

  C. 3

  D. 4

  Answer: D

  4. What is the effect of the per-user-override option when applied to the access-group command syntax?

  TestInside Cisco 642-524

  A. The log option in the per-user access list overrides existing interface log options.

  B. It allows for extended authentication on a per-user basis.

  C. It allows downloadable user access lists to override the access list applied to the interface.

  D. It increases security by building upon the existing access list applied to the interface. All subsequent users are

  also subject to the additional access list entries.

  Answer: C

  5. John works as a network administrator for the TIS company. According to the exhibit, the only traffic that John

  would like to allow through the corporate Cisco ASA adaptive security appliance is inbound HTTP to the DMZ

  network and all traffic from the inside network to the outside network. John also has configured the Cisco ASA

  adaptive security appliance, and access through it is now working as expected with one exception: contractors

  working on the DMZ servers have been surfing the Internet from the DMZ servers, which (unlike other Company

  XYZ hosts) are using public, routable IP addresses. Neither NAT statements nor access lists have been configured

  for the DMZ interface.

  What is the reason that the contractors are able to surf the Internet from the DMZ servers?

  (Note: The 192.168.X.X IP addresses are used to represent routable public IP addresses even though the

  192.168.1.0 network is not actually a public routable network.)

  A. An access list on the outside interface permits this traffic.

  B. NAT control is not enabled.

  C. The DMZ servers are using the same global pool of addresses that is being used by the inside hosts.

  TestInside Cisco 642-524

  D. HTTP inspection is not enabled.

  Answer: B

  6. In order to recover the Cisco ASA password, which operation mode should you enter?

  A. configure

  B. unprivileged

  C. privileged

  D. monitor

  Answer: D

  7. Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance?

  (Choose three.)

  A. For the security appliance to inspect packets for signs of malicious application misuse, you must enable

  advanced (application layer) protocol inspection.

  B. If you want to enable inspection globally for a protocol that is not inspected by default or if you want to

  globally disable inspection for a protocol, you can edit the default global policy.

  C. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP

  addresses for legitimate client-server connections through the security appliance.

  D. If inspection for a protocol is not enabled, traffic for that protocol may be blocked.

  Answer: BCD

  8. Observe the following commands, which one verifies that NAT is working normally and displays active NAT

  translations?

  A. show ip nat all

  B. show running-configuration nat

  C. show xlate

  D. show nat translation

  Answer: C

  9. Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use

  the same port for source and destination, so they can pose challenges to a firewall. Which three items are true

  TestInside Cisco 642-524

  about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)

  A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a

  large range of ports.

  B. It supports SIP with NAT but not with PAT.

  C. It supports multimedia with or without NAT.

  D. It supports RTSP, H.323, Skinny, and CTIQBE.

  Answer: ACD

  10. What is the result if the WebVPN url-entry parameter is disabled?

  A. The end user is unable to access pre-defined URLs.

  B. The end user is unable to access any CIFS shares or URLs.

  C. The end user is able to access CIFS shares but not URLs.

  D. The end user is able to access pre-defined URLs.

  Answer: D

  11. You work as a network engineer at TestInside.com, you are asked to examine the current Modular Policy

  Framework configurations on the LA-ASA Adaptive Security Appliances using the Cisco Adaptive Security

  Device Manager (ASDM) utility. You need to answer the multiple-choice questions in this simulation by use of

  the appropriate Cisco ASDM configuration screens.

  A host on the partnernet network attempts to use FTP to download a file from InsideHost,which resides on the

  inside interface of the security appliance.What does the security appliance do with the traffic from the partnernet

  host?

  TestInside Cisco 642-524

  A. Sends it to the Cisco ASA Advanced Inspection and Prevention(AIP)-Security Services Module(SSM)for

  inspection before forwarding it to its destination

  TestInside Cisco 642-524

  B. Sends it to the Cisco ASA 5500 Series Content Security and Control(CSC)SSM for inspection before

  forwarding it to its destination

  C. Forwards it directly to its destination

  D. Forwards it directly to its destination unless the connection limit is already met

  Answer: D

  12. You work as a network engineer at TestInside.com, you are asked to examine the current Modular Policy

  Framework configurations on the LA-ASA Adaptive Security Appliances using the Cisco Adaptive Security

  Device Manager (ASDM) utility. You need to answer the multiple-choice questions in this simulation by use of

  the appropriate Cisco ASDM configuration screens.

  Which traffic does the security appliance inspect globally(regardless of the interface on which the traffic enters the

  security appliance)?(Choose 3)

  TestInside Cisco 642-524

  A. HTTP

  B. DNS

  TestInside Cisco 642-524

  C. GTP

  D. H.323 H.225

  Answer: ABD

  13. You work as a network engineer at TestInside.com, you are asked to examine the current Modular Policy

  Framework configurations on the LA-ASA Adaptive Security Appliances using the Cisco Adaptive Security

  Device Manager (ASDM) utility. You need to answer the multiple-choice questions in this simulation by use of

  the appropriate Cisco ASDM configuration screens.

  A host on the partnernet network makes a VoIP call to 172.20.1.15,which is statically mapped to an IP phone on

  the inside network.What does the security appliance do with the VoIP traffic between host 172.20.1.15 and the

  host on the partnernet network?

  TestInside Cisco 642-524

  A. Sends it to the AIP-SSM for inspection before forwarding it to its destination

  B. Sends it to the CSC-SSM for inspection before forwarding it to its destination

  TestInside Cisco 642-524

  C. Forwards it directly to its destination unless the connection limit is already met

  D. Applies low latency queuing as it exits the partnernet interface

  Answer: D

  14. You work as a network engineer at TestInside.com, you are asked to examine the current Modular Policy

  Framework configurations on the LA-ASA Adaptive Security Appliances using the Cisco Adaptive Security

  Device Manager (ASDM) utility. You need to answer the multiple-choice questions in this simulation by use of

  the appropriate Cisco ASDM configuration screens.

  A host on the outside network sends e-mail to the public e-mail server.What does the security appliance do with

  the traffic from the outside host?

  TestInside Cisco 642-524

  A. Sends it to the AIP-SSM for inspection before forwarding it to its destination

  B. Sends it to the CSC-SSM for inspection before forwarding it to its destination

  TestInside Cisco 642-524

  C. Forwards it directly to its destination

  D. Forwards it directly to its destination unless the connection limit is already met

  Answer: A

  15. You work as a network engineer at TestInside.com, you are asked to examine the current Modular Policy

  Framework configurations on the LA-ASA Adaptive Security Appliances using the Cisco Adaptive Security

  Device Manager (ASDM) utility. You need to answer the multiple-choice questions in this simulation by use of

  the appropriate Cisco ASDM configuration screens.

  A host on the partnernet network attempts to access the public web server via HTTP.What does the security

  appliance do with traffic from the partnernet?

  TestInside Cisco 642-524

  A. Sends it to the AIP-SSM for inspection before forwarding it to its destination

  B. Sends it to the CSC-SSM for inspection before forwarding it to its destination

  TestInside Cisco 642-524

  C. Forwards it directly to its destination

  D. Forwards it directly to its destination unless the connection limit is already met

  Answer: C

  16. You work as a network engineer at TestInside.com, you are asked to examine the current Modular Policy

  Framework configurations on the LA-ASA Adaptive Security Appliances using the Cisco Adaptive Security

  Device Manager (ASDM) utility. You need to answer the multiple-choice questions in this simulation by use of

  the appropriate Cisco ASDM configuration screens.

  A host on the outside network makes a VoIP call to a host on the inside network.What does the security appliance

  do with the traffic from the host on the outside network?

  TestInside Cisco 642-524

  A. Sends it to the AIP-SSM for inspection before forwarding it to its destination

  B. Sends it to the CSC-SSM for inspection before forwarding it to its destination

  TestInside Cisco 642-524

  C. Forwards it directly to its destination

  D. Drops it

  Answer: D

  17. Which three tunneling protocols and methods are supported by the Cisco VPN Client? (Choose three.)

  A. IPsec over TCP

  B. IPsec over UDP

  C. ESP

  D. AH

  Answer: ABC

  18. Which two options are correct about the impacts of this configuration? (Choose two.)

  class-map INBOUND_HTTP_TRAFFIC

  match access-list TOINSIDEHOST

  class-map OUTBOUND_HTTP_TRAFFIC

  match access-list TOOUTSIDEHOST

  policy-map MYPOLICY

  class INBOUND_HTTP_TRAFFIC

  inspect http

  set connection conn-max 100

  policy-map MYOTHERPOLICY

  class OUTBOUND_HTTP_TRAFFIC

  inspect http

  service-policy MYOTHERPOLICY interface inside

  service-policy MYPOLICY interface outside

  A. Traffic that matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum

  connection limits.

  B. Traffic that enters the security appliance through the inside interface is subject to HTTP inspection.

  C. Traffic that enters the security appliance through the outside interface and matches access control list

  TOINSIDEHOST is subject to HTTP inspection and maximum connection limits.

  TestInside Cisco 642-524

  D. Traffic that enters the security appliance through the inside interface and matches access control list

  TOOUTSIDEHOST is subject to HTTP inspection.

  Answer: CD

  19. Take the following configuration shown in the exhibit carefully, what traffic will be logged to the AAA server?

  A. Only authenticated and authorized console connection information will be logged in the accounting database.

  B. All outbound TCP connection information will be logged in the accounting database.

  C. No information will be logged. This is not a valid configuration because TACACS+ connection information

  cannot be captured and logged.

  D. All connection information will be logged in the accounting database.

  Answer: B

  20. What are the two purposes of the same-security-traffic permit intra-interface command? (Choose two.)

  A. It allows all of the VPN spokes in a hub-and-spoke configuration to be terminated on a single interface.

  B. It enables Dynamic Multipoint VPN.

  C. It permits communication in and out of the same interface when the traffic is IPSec protected.

  TestInside Cisco 642-524

  D. It allows communication between different interfaces that have the same security level

  Answer: AC

  21. How many unique transforms will included in a single transform set while configuring a crypto ipsec

  transform-set command?

  A. three

  B. two

  C. four

  D. one

  Answer: B

  22. Study the following exhibit carefully, the Cisco ASA adaptive security appliance is using software version 8.0

  with the default configuration. Configure the interfaces displayed in the exhibit with the security levels that are

  shown, and enable the interfaces. Management-only mode is disabled on m0/0. Which two statements correctly

  describe these interfaces? (Choose two.)

  A. Interface m0/0 can access interface g0/2, but interface g0/2 cannot access interface m0/0 unless it is given

  permission.

  B. Interface g0/1 can access interface m0/0, and interface m0/0 can access interface g0/1.

  C. Interface g0/1 cannot access interface m0/0 unless it is given permission, and interface m0/0 cannot access

  interface g0/1 unless it is given permission.

  TestInside Cisco 642-524

  D. No traffic can flow between the g0/2 and g0/3 interfaces.

  Answer: AD

  23. John works as a network administrator , according to the following exhibit. Descriptions are added to class

  maps for each part of the modular policy framework. Which text should John add to the description command to

  describe the TO_SERVER class map?

  TIS-asa1(config)#access-list UDP permit udp any any

  TIS-asa1(config)#access-list TCP permit tcp any any

  TIS-asa1(config)#access-list PUBLIC_WEB permit ip any 10.10.10.100 255.255.255.255

  TIS-asa1(config)#class-map ALL_VDP

  TIS-asa1(config-cmap)#description "This class-map matches all UDP traffic"

  TIS-asa1(config-cmap)#match access-list VDP

  TIS-asa1(config-cmap)#class-map ALL_TCP

  TIS-asa1(config-cmap)#description "This class-map matches all TCP traffic"

  TIS-asa1(config-cmap)#match access-list TCP

  TIS-asa1(config-cmap)#class-map ALL_WEB_SERVER

  TIS-asa1(config-cmap)#description "This class-map matches all HTTP traffic"

  TIS-asa1(config-cmap)#match port tcp eq http

  TIS-asa1(config-cmap)#class-map TO_SERVER

  TIS-asa1(config-cmap)#match access-list PUBLIC_WEB

  A. description "This class-map matches all TCP traffic for the public web server."

  B. description "This class-map matches all HTTP traffic for the public web server."

  C. description "This class-map matches all HTTPS traffic for the public web server."

  D. description "This class-map matches all IP traffic for the public web server."

  Answer: D

  TestInside Cisco 642-524

  24. What is the reason that you want to configure VLANs on a security appliance interface?

  A. for use in conjunction with device-level failover to increase the reliability of your security appliance

  B. for use in transparent firewall mode, where only VLAN interfaces are used

  C. to increase the number of interfaces available to the network without adding additional physical interfaces or

  security appliances

  D. for use in multiple context mode, where you can map only VLAN interfaces to contexts

  Answer: C

  25. By default, the AIP-SSM IPS software is accessible from the management port at IP address 10.1.9.201/24.

  Which CLI command should an administrator use to change the default AIP-SSM management port IP address?

  A. interface

  B. hw module 1 recover

  C. setup

  D. hw module 1 setup

  Answer: C

  26. Which one of the following commands can provide detailed information about the crypto map configurations

  of a Cisco ASA adaptive security appliance?

  A. show ipsec sa

  B. show crypto map

  C. show run ipsec sa

  D. show run crypto map

  Answer: D

  27. Which three potential groups are of users for WebVPN? (Choose three.)

  A. employees accessing specific internal applications from desktops and laptops not managed by IT

  B. administrators who need to manage servers and networking equipment

  C. employees that only need occasional corporate access to a few applications

  D. users of a customer service kiosk placed in a retail store

  Answer: ACD

  TestInside Cisco 642-524

  28. Which three features can the Cisco ASA adaptive security appliance support? (Choose three.)

  A. BGP dynamic routing

  B. 802.1Q VLANs

  C. OSPF dynamic routing

  D. static routes

  Answer: BCD

  29. Which one of the following commands will prevent all SIP INVITE packets, such as calling-party and

  request-method, from specific SIP endpoints?

  A. Use the match calling-party command in a class map. Apply the class map to a policy map that contains the

  match request-methods command.

  B. Group the match commands in a SIP inspection class map.

  C. Use the match request-methods command in an inspection class map. Apply the inspection class map to an

  inspection policy map that contains the match calling-party command.

  D. Group the match commands in a SIP inspection policy map.

  Answer: B

  30. Which two statements are true about multiple context mode? (Choose two.)

  A. Multiple context mode does not support IPS, IPsec, and SSL VPNs, or dynamic routing protocols.

  B. Multiple context mode enables you to create multiple independent virtual firewalls with their own security

  policies and interfaces.

  C. Multiple context mode enables you to add to the security appliance a hardware module that supports up to four

  independent virtual firewalls.

  D. When you convert from single mode to multiple mode, the security appliance automatically adds an entry for

  the admin context to the system configuration with the name "admin."

  Answer: BD

  31. How do you ensure that the main interface does not pass untagged traffic when using subinterfaces?

  A. Use the vlan command on the main interface.

  B. Use the shutdown command on the main interface

  C. Omit the nameif command on the subinterface

  TestInside Cisco 642-524

  D. Omit the nameif command on the main interface.

  Answer: D

  32. For creating and configuring a security context, which three tasks are mandatory? (Choose three.)

  A. allocating interfaces to the context

  B. assigning MAC addresses to context interfaces

  C. creating a context name

  D. specifying the location of the context startup configuration

  Answer: ACD

  33. Study the exhibit carefully. Which two types of failover is this adaptive security appliance configured for?

  (Choose two.)

  TIS-asa1# show failover

  Failover On

  Cable status: N/A-LAN-based failover enabled

  Failover unit Primary

  Failover LAN Interface: Ianfail GigabitEthernet0/2 (up)

  Unit Poll frequency 15 seconds, holdtime 45 seconds

  Interface Poll frequency 15 seconds

  Interface Policy 1

  Monitored Interfaces 4 of 250 maximum

  Group 1 last failover at: 15:54:49 UTC Sept 17 2006

  Group 2 last failover at: 15:55:00 UTC Sept 17 2006

  A. stateful failover

  B. LAN-based failover

  C. cable-based failover

  D. Active/Active failover

  Answer: BD

  34. Which two descriptions are correct about configuring passive RIP on the security appliance based on the

  following exhibit? (Choose two.)

  TestInside Cisco 642-524

  A. You must specify a classful network IP address to define a network for the RIP routing process.

  B. If you enable passive RIP, all interfaces must operate in passive mode.

  C. There is no limit to the number of networks you can specify for the RIP routing process.

  D. Enabling passive RIP mode causes the security appliance to receive all RIP routing updates but send only a

  default route to neighboring routers.

  Answer: AC

  35. Which of these identifies basic settings for the security appliance, including a list of contexts?

  A. network configuration

  B. admin configuration

  C. system configuration

  D. primary configuration

  TestInside Cisco 642-524

  Answer: C

  36. Study the exhibit carefully. The security policy for TIS Corporation allows only the following traffic through

  the corporate adaptive security appliance:

  --outbound NTP traffic from the inside network to any outside destination

  --FTP traffic from the inside network to the FTP server on the DMZ

  --outbound HTTP traffic from the inside network to any outside destination

  --FTP traffic from the outside 192.168.6.0/24 network to the FTP server on the DMZ

  --any HTTP traffic from the outside to the web server on the DMZ

  The network administrator configured access rules according to the security policy requirements but made two

  mistakes. Which are two mistakes? (Choose two.)

  A. missing ACE

  B. incorrect destination address

  C. missing ACL

  D. incorrect order of ACLs

  TestInside Cisco 642-524

  Answer: BD

  37. An administrator wants to protect a DMZ web server from SYN flood attacks. Which command does not

  allow the administrator to place limits on the number of embryonic connections?

  A. set connection

  B. nat

  C. static

  D. HTTP-map

  Answer: D

  38. Which option correctly describes the order to upgrade the license (activation key) for your security appliance

  from Cisco ASDM?

  A. Step 1 Obtain an activation key from http://www.cisco.com/go/license by providing the serial number for the

  security appliance as it appears on the chassis of the security appliance.

  Step 2 Reboot the security appliance to ensure that the image in flash and the running image are the same.

  Step 3 Go to Configuration > Device Management > System Image/Configuration > Activation Key in Cisco

  ASDM and enter the activation key as a four- or five-element hexadecimal string with no spaces.

  Step 4 Click Update Activation Key in the Activation Key panel.

  Step 5 Reload the security appliance to activate the flash activation key.

  B. Step 1 Obtain an activation key from http://www.cisco.com/go/license by providing the serial number for the

  security appliance as it appears in the show version command output.

  Step 2 Reboot the security appliance to ensure that the image in flash and the running image are the same.

  Step 3 Go to Configuration > Device Management > System Image/Configuration > Activation Key in Cisco

  ASDM and enter the activation key as a four- or five-element hexadecimal string with one space between each

  element.

  Step 4 Click Update Activation Key in the Activation Key panel.

  Step 5 Reload the security appliance to activate the flash activation key.

  C. Step 1 Obtain an activation key from http://www.cisco.com/go/license by providing the serial number for the

  security appliance as it appears in the show version command output.

  Step 2 Go to Configuration > Device Management > System Image/Configuration > Activation Key in Cisco

  ASDM and enter the activation key as a three- or four-element hexadecimal string with one space between each

  TestInside Cisco 642-524

  element.

  Step 3 Click Update Activation Key in the Activation Key panel.

  Step 4 Click Save in the Cisco ASDM toolbar.

  D. Step 1 Obtain an activation key from http://www.cisco.com/go/license by providing the serial number for the

  security appliance as it appears on the chassis of the security appliance.

  Step 2 Go to Configuration > Device Management > System Image/Configuration > Activation Key in Cisco

  ASDM and enter the activation key as a four- or five-element hexadecimal string with no spaces.

  Step 3 Click Update Activation Key in the Activation Key panel.

  tep 4 Click Save in the Cisco ASDM toolbar.

  Answer: B

  39. You are a network administrator for the TIS company. After the primary adaptive security appliance failed, the

  secondary adaptive security appliance was automatically activated. You fixed the problem. Now you would like to

  restore the primary to "active" status.

  When issued on the primary adaptive security appliance, which command would reactivate the primary adaptive

  security appliance and return it to "active" status?

  A. failover secondary standby group 1

  B. failover primary active

  C. failover active group 1

  D. failover secondary group 1

  Answer: C

  40. Which two scenarios correctly describe the impact of the configuration shown in the exhibit? (Choose two.)

  TestInside Cisco 642-524

  A. User addison enters the login command at the > prompt and logs in with the correct username and password

  when prompted. User addison can then enter the global configuration mode on the security appliance.

  B. User carter enters the enable command at the > prompt and logs in with the correct username and password

  when prompted. User carter can then enter the global configuration mode.

  C. User carter enters the login command at the > prompt and logs in with the correct username and password

  when prompted. User carter can then enter the global configuration mode on the security appliance.

  D. User kenny enters the enable command at the > prompt and logs in with the correct username and password

  when prompted. User kenny can then enter the global configuration mode.

  Answer: AD

  41. While configuring a crypto map, which command will be used to specify the peer to which IPsec-protected

  traffic could be forwarded?

  A. crypto-map policy 10 set 192.168.7.2

  B. crypto map set peer 192.168.7.2

  C. crypto map 20 set-peer insidehost

  D. crypto map peer7 10 set peer 192.168.7.2

  Answer: D

  TestInside Cisco 642-524

  42. Which three commands can verify that the boot image is asa802-k8.bin according to the exhibit? (Choose

  three.)

  A. show asdm image

  B. show bootvar

  C. show startup-config

  D. show version

  Answer: BCD

  43. Which feature prevents ARP spoofing?

  A. MAC fixup

  B. ARP inspection

  C. MAC inspection

  D. ARP fixup

  Answer: B

  44. Which two statements about the downloadable ACL feature of the security appliance are correct? (Choose

  two.)

  A. Downloadable ACLs are supported using TACACS+ or RADIUS.

  B. Downloadable ACLs enable you to store full ACLs on a AAA server and download them to the security

  appliance.

  C. The security appliance supports only per-user ACL authorization.

  D. The downloadable ACL must be attached to a user or group profile on a AAA server.

  TestInside Cisco 642-524

  Answer: BD

  45. What is the purpose of the url-list command in global configuration mode?

  A. Stop the end user from accessing pre-defined URLs.

  B. Allow end users access to URLs.

  C. Allow end users access to CIFS shares and URLs.

  D. Configure a set of URLs for WebVPN users to access.

  Answer: D

  46. Which three commands can display the contents of flash memory on the Cisco ASA adaptive security

  appliance? (Choose three.)

  A. show disk0:

  B. show memory

  C. dir

  D. show flash:

  Answer: ACD

  47. What does the following command used for?

  TIS-fw1(config)# filter activex 80 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0

  A. to filter Java traffic on HTTP from any host and to any host

  B. to filter ActiveX traffic on HTTP from any host and to any host

  C. to filter ActiveX traffic once it has been applied to an interface

  D. to filter ActiveX traffic from the default route

  Answer: B

  48. Which options can a clientless SSL VPN user access from a web browser without port forwarding, smart

  tunnels, or browser plug-ins?

  A. internal websites

  B. Microsoft Outlook Web Access

  C. files on the network, via FTP or the CIFS protocol

  D. web-enabled applications

  TestInside Cisco 642-524

  Answer: ABCD

相关阅读
·推荐文章

Copyright ©2013-2015 江浙沪招生考试网 All Rights Reserved.
地址: 苏州市姑苏区阊胥路483号(工投创业园)  电话:0512-85551931 邮编: 214000
邮箱: [email protected] 版权所有:苏州迈峰教育科技有限公司 苏ICP备15050684号-2