エントリーレベルから、アソシエイト、プロフェッショナル、エキスパート(CCIE / CCDE)、最上級レベルのアーキテクトまで、5つのレベルで構成されています。642-524認定はCCSPの中での一つ重要的な試験科目である。KILLTESTの642-524問題集
をご紹介いたします。KILLTESTでは、642-524問題集を用意して、認定資格取得のために強力なサポートを行っています。KILLTESTの642-524模擬試験
問題集は常に最新であり、すごく人気があります、この642-524問題集が申し分のない学習資料と思います、精度が高くて、何よりこの642-524問題集は合格することを保証して、万が一不合格になる場合全額返済します。
これから642-524 無料問題集みんなと分かち合います
1.Tom works as a network administrator for the P4S company. The primary adaptive security
appliance in an active/standby failover configuration failed, so the secondary adaptive security
appliance was automatically activated. Tom then fixed the problem. Now he would like to restore
the primary to active status. Which one of the following commands can reactivate the primary
adaptive security appliance and restore it to active status while issued on the primary adaptive
security appliance?
A.failover reset
B.failover primary active
C.failover active
D.failover exec standby
Correct:C
2.For the following commands, which one enables the DHCP server on the DMZ interface of the
Cisco ASA with an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A.dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ
B.dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable DMZ
C.dhcpd range 10.0.1.100-10.0.1.108 DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ
D.dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable
Correct:A
7.Which three statements correctly describe protocol inspection on the Cisco ASA adaptive
security appliance? (Choose three.)
A.For the security appliance to inspect packets for signs of malicious application misuse, you must enable
advanced (application layer) protocol inspection.
B.If you want to enable inspection globally for a protocol that is not inspected by default or if you want to
globally disable inspection for a protocol, you can edit the default global policy.
C.The protocol inspection feature of the security appliance securely opens and closes negotiated ports
and IP addresses for legitimate client-server connections through the security appliance.
D.If inspection for a protocol is not enabled, traffic for that protocol may be blocked.
Correct:B C D
8.Observe the following commands, which one verifies that NAT is working normally and displays
active NAT translations?
A.show ip nat all
B.show running-configuration nat
C.show xlate
D.show nat translation
Correct:C
9.Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic
ports, and use the same port for source and destination, so they can pose challenges to a firewall.
Which three items are true about how the Cisco ASA adaptive security appliance handles
multimedia applications? (Choose three.)
A.It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to
open a large range of ports.
B.It supports SIP with NAT but not with PAT.
C.It supports multimedia with or without NAT.
D.It supports RTSP, H.323, Skinny, and CTIQBE.
Correct:A C D
10.What is the result if the WebVPN url-entry parameter is disabled?
A.The end user is unable to access pre-defined URLs.
B.The end user is unable to access any CIFS shares or URLs.
C.The end user is able to access CIFS shares but not URLs.
D.The end user is able to access pre-defined URLs.
Correct:D
これから642-524 無料問題集みんなと分かち合います
1.Tom works as a network administrator for the P4S company. The primary adaptive security
appliance in an active/standby failover configuration failed, so the secondary adaptive security
appliance was automatically activated. Tom then fixed the problem. Now he would like to restore
the primary to active status. Which one of the following commands can reactivate the primary
adaptive security appliance and restore it to active status while issued on the primary adaptive
security appliance?
A.failover reset
B.failover primary active
C.failover active
D.failover exec standby
Correct:C
2.For the following commands, which one enables the DHCP server on the DMZ interface of the
Cisco ASA with an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A.dhcpd address 10.0.1.100-10.0.1.108 DMZ dhcpd dns 192.168.1.2 dhcpd enable DMZ
B.dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns server 192.168.1.2 dhcpd enable DMZ
C.dhcpd range 10.0.1.100-10.0.1.108 DMZ dhcpd dns server 192.168.1.2 dhcpd DMZ
D.dhcpd address range 10.0.1.100-10.0.1.108 dhcpd dns 192.168.1.2 dhcpd enable
Correct:A
7.Which three statements correctly describe protocol inspection on the Cisco ASA adaptive
security appliance? (Choose three.)
A.For the security appliance to inspect packets for signs of malicious application misuse, you must enable
advanced (application layer) protocol inspection.
B.If you want to enable inspection globally for a protocol that is not inspected by default or if you want to
globally disable inspection for a protocol, you can edit the default global policy.
C.The protocol inspection feature of the security appliance securely opens and closes negotiated ports
and IP addresses for legitimate client-server connections through the security appliance.
D.If inspection for a protocol is not enabled, traffic for that protocol may be blocked.
Correct:B C D
8.Observe the following commands, which one verifies that NAT is working normally and displays
active NAT translations?
A.show ip nat all
B.show running-configuration nat
C.show xlate
D.show nat translation
Correct:C
9.Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic
ports, and use the same port for source and destination, so they can pose challenges to a firewall.
Which three items are true about how the Cisco ASA adaptive security appliance handles
multimedia applications? (Choose three.)
A.It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to
open a large range of ports.
B.It supports SIP with NAT but not with PAT.
C.It supports multimedia with or without NAT.
D.It supports RTSP, H.323, Skinny, and CTIQBE.
Correct:A C D
10.What is the result if the WebVPN url-entry parameter is disabled?
A.The end user is unable to access pre-defined URLs.
B.The end user is unable to access any CIFS shares or URLs.
C.The end user is able to access CIFS shares but not URLs.
D.The end user is able to access pre-defined URLs.
Correct:D