2013年7月14日星期日

Cisco certification 642-617 exam training materials

To help you prepare for 642-617 examination certification, we provide you with a sound knowledge and experience. The questions designed by IT-Tests.com can help you easily pass the exam. The IT-Tests.com Cisco 642-617 practice including 642-617 exam questions and answers, 642-617 test, 642-617 books, 642-617 study guide.


Although there are other online Cisco 642-617 exam training resources on the market, but the IT-Tests.com's Cisco 642-617 exam training materials are the best. Because we will be updated regularly, and it's sure that we can always provide accurate Cisco 642-617 exam training materials to you. In addition, IT-Tests.com's Cisco 642-617 exam training materials provide a year of free updates, so that you will always get the latest Cisco 642-617 exam training materials.


IT-Tests.com's training materials can test your knowledge in preparing for the exam, and can evaluate your performance within a fixed time. The instructions given to you for your weak link, so that you can prepare for the exam better. The IT-Tests.com's Cisco 642-617 exam training materials introduce you many themes that have different logic. So that you can learn the various technologies and subjects. We guarantee that our training materials has tested through the practice. IT-Tests.com have done enough to prepare for your exam. Our material is comprehensive, and the price is reasonable.


Exam Code: 642-617

Exam Name: Cisco (Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0))

IT-Tests.com provide you with the comprehensive Cisco 642-617 exam information to help you to succeed. Our training materials are the latest study materials which bring by experts. We help you achieve your success. You can get the most detailed and accurate exam questions and answers from us. Our Training Tools are updated in a timely manner in accordance with the changing of Exam Objectives. In fact, the success is not far away, go down along with IT-Tests.com, then you will come to the road to success.


Cisco certification 642-617 exam has become a very popular test in the IT industry, but in order to pass the exam you need to spend a lot of time and effort to master relevant IT professional knowledge. In such a time is so precious society, time is money. IT-Tests.com provide a training scheme for Cisco certification 642-617 exam, which only needs 20 hours to complete and can help you well consolidate the related IT professional knowledge to let you have a good preparation for your first time to participate in Cisco certification 642-617 exam.


642-617 (Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0)) Free Demo Download: http://www.it-tests.com/642-617.html


NO.1 hich Cisco ASA feature enables the ASA to do these two things? 1) Act as a proxy for the server and
generate a SYN-ACK response to the client SYN request. 2) When the Cisco ASA receives an ACK back
from the client, the Cisco ASA authenticates the client and allows the connection to the server.
A. TCP normalizer
B. TCP state bypass
C. TCP intercept
D. basic threat detection
E. advanced threat detection
F. botnet traffic filter
Answer: C

Cisco   642-617   642-617 test questions

NO.2 Refer to the exhibit.
Which two CLI commands will result? (Choose two. )
A. aaa authorization network LOCAL
B. aaa authorization network default authentication-server LOCAL
C. aaa authorization command LOCAL
D. aaa authorization exec LOCAL
E. aaa authorization exec authentication-server LOCAL
F. aaa authorization exec authentication-server
Answer: C,D

Cisco test questions   642-617   642-617   642-617   642-617 test questions

NO.3 By default, which access rule is applied inbound to the inside interface?
A. All IP traffic is denied.
B. All IP traffic is permitted.
C. All IP traffic sourced from any source to any less secure network destinations is permitted.
D. All IP traffic sourced from any source to any more secure network destinations is permitted
Answer: C

Cisco   642-617 questions   642-617

NO.4 Refer to the exhibit.
What is the resulting CLI command?
A. match request uri regex _default_GoToMyPC-tunnel drop-connection log
B. match regex _default_GoToMyPC-tunnel drop-connection log
C. class _default_GoToMyPC-tunnel drop-connection log
D. match class-map _default_GoToMyPC-tunnel drop-connection log
Answer: C

Cisco test answers   642-617 test   642-617 demo

NO.5 In which type of environment is the Cisco ASA MPF set connection advanced-options tcp-statebypass
option the most useful?
A. SIP proxy
B. WCCP
C. BGP peering through the Cisco ASA
D. asymmetric traffic flow
E. transparent firewall
Answer: D

Cisco   642-617   642-617 study guide   642-617 dumps

NO.6 By default, which traffic can pass through a Cisco ASA that is operating in transparent mode without
explicitly allowing it using an ACL.?
A. ARP
B. BPDU
C. CDP
D. OSPF multicasts
E. DHCP
Answer: A

Cisco   642-617 test answers   642-617 test answers   642-617 exam prep   642-617 study guide

NO.7 Refer to the exhibit.
Which two statements about the class maps are true? (Choose two.)
A. These class maps are referenced within the global policy by default for HTTP inspection.
B. These class maps are all type inspect http class maps.
C. These class maps classify traffic using regular expressions.
D. These class maps are Layer 3/4 class maps.
E. These class maps are used within the inspection_default class map for matching the default inspection
traffic.
Answer: B,E

Cisco demo   642-617 exam   642-617 test answers   642-617

NO.8 Which Cisco ASA platform should be selected if the requirements are to support 35,000 connections
per second, 600,000 maximum connections, and traffic shaping?
A. 5540
B. 5550
C. 5580-20
D. 5580-40
Answer: B

Cisco   642-617   642-617   642-617   642-617 answers real questions

NO.9 Referto the exhibit.
Which Cisco ASA feature can be configured using this Cisco ASDM screen?
A. Cisco ASA command authorization using TACACS+
B. AAA accounting to track serial, ssh, and telnet connections to the Cisco ASA C. Exec Shell access
authorization using AAA
D. cut-thru proxy
E. AAA authentication policy for Cisco ASDM access
Answer: D

Cisco test answers   642-617   642-617 certification training

NO.10 Refer to the exhibit.
The Cisco ASA is dropping all the traffic that is sourced from the internet and is destined to any security
context inside interface. Which configuration should be verified on the Cisco ASA to solve this problem?
A. The Cisco ASA has NAT control disabled on each security context.
B. The Cisco ASA is using inside dynamic NAT on each security context.
C. The Cisco ASA is using a unique MAC address on each security context outside interface.
D. The Cisco ASA is using a unique dynamic routing protocol process on each security context.
E. The Cisco ASA packet classifier is configured to use the outside physical interface to assign the
packets to each security context.
Answer: C

Cisco   642-617   642-617   642-617   642-617 dumps   642-617 dumps

NO.11 The Cisco ASA must support dynamic routing and terminating VPN traffic. Which three Cisco ASA
options will not support these requirements? (Choose three.)
A. transparent mode
B. multiple context mode
C. active/standby failover mode
D. active/active failover mode
E. routed mode
F. no NAT-control
Answer: A,B,D

Cisco   642-617   642-617 exam

NO.12 Refer to the exhibits.
Which five options should be entered into the five fields in the Cisco ASDM Add Static Policy NAT Rule
screen? (Choose five.)
access-list POLICY_NAT_ACL extended permit ip host 172.16.0.10 10.0.1.0 255.255.255.0 static
(dmz,outside) 192.168.2.10 access-list POLICY_NAT_ACL
A. dmz = Original Interface
B. outside = Original Interface
C. 172.16.0.10 = Original Source
D. 192.168.2.10 = Original Source
E. 10.0.1.0/24 = Original Destination
F. 192.168.2.10 = Original Destination
G. dmz = Translated Interface
H. outside = Translated Interface
I. 192.168.2.10 = Translated Use IP Address
J. 172.16.0.10 = Translated Use IP Address
Answer: A,C,E,H,I

Cisco certification   642-617   642-617   642-617

NO.13 Which four types of ACL object group are supported on the Cisco ASA (release 8.2)? (Choose four.)
A. protocol
B. network
C. port
D. service
E. icmp-type
F. host
Answer: A,B,D,E

Cisco practice test   642-617 exam simulations   642-617   642-617 exam prep

NO.14 Refer to the exhibit.
A Cisco ASA in transparent firewall mode generates the log messages seen in the exhibit. What should be
configured on the Cisco ASA to allow the denied traffic?
A. extended ACL on the outside and inside interface to permit the multicast traffic
B. EtherType ACL on the outside and inside interface to permit the multicast traffic
C. stateful packet inspection
D. static ARP mapping
E. static MAC address mapping
Answer: A

Cisco exam dumps   642-617 braindump   642-617 exam   642-617 test answers

NO.15 A customer is ordering a number of Cisco ASAs for their network. For the remote or home office, they
are purchasing the Cisco ASA 5505. When ordering the licenses for their Cisco ASAs, which two licenses
must they order that are "platform specific" to the Cisco ASA 5505? (Choose two.)
A. AnyConnect Essentials license
B. per-user Premium SSL VPN license
C. VPN shared license
D. internal user licenses
E. Security Plus license
Answer: D,E

Cisco exam   642-617 demo   642-617

The site of IT-Tests.com is well-known on a global scale. Because the training materials it provides to the IT industry have no-limited applicability. This is the achievement made by IT experts in IT-Tests.com after a long period of time. They used their knowledge and experience as well as the ever-changing IT industry to produce the material. The effect of IT-Tests.com's Cisco 642-617 exam training materials is reflected particularly good by the use of the many candidates. If you participate in the IT exam, you should not hesitate to choose IT-Tests.com's Cisco 642-617 exam training materials. After you use, you will know that it is really good.


没有评论:

发表评论