Download New Updated (Spring 2015) Cisco 642-618 Actual Tests 41-50

Ensurepass

 

 

QUESTION 41

For which purpose is the Cisco ASA CLI command aaa authentication match used?

 

A.      Enable authentication for SSH and Telnet connections to the Cisco ASA appliance.

B.      Enable authentication for console connections to the Cisco ASA appliance.

C.      Enable authentication for connections through the Cisco ASA appliance.

D.      Enable authentication for IPsec VPN connections to the Cisco ASA appliance.

E.       Enable authentication for SSL VPN connections to the Cisco ASA appliance.

F.       Enable authentication for Cisco ASDM connections to the Cisco ASA appliance.

 

Correct Answer: C

 

 

QUESTION 42

On the Cisco ASA Software Version 8.3 and later, which type of NAT configuration can be used to translate the source and destination IP addresses of the packet?

 

A.      auto NAT

B.      object NAT

C.      one-to-one NAT

D.      many-to-one NAT

E.       manual NAT

F.       identity NAT

 

Correct Answer: E

 

 

QUESTION 43

Which option is one requirement before a Cisco ASA appliance can be upgraded from Cisco ASA Software Version 8.2 to 8.3?

 

A.      Remove all the pre 8.3 NAT co
nfigurations in the startup configuration.

B.      Upgrade the memory on the Cisco ASA appliance to meet the memory requirement of Cisco ASA Software Version 8.3.

C.      Request new Cisco ASA licenses to meet the 8.3 licensing requirement.

D.      Upgrade Cisco ASDM to version 6.2.

E.       Migrate interface ACL configurations to include interface and global ACLs.

 

Correct Answer: B

 

 

QUESTION 44

Which statement about the Cisco ASA botnet traffic filter is true?

 

A.      The four threat levels are low, moderate, high, and very high.

B.      By default, the dynamic-filter drop blacklist interface outside command drops traffic with a threat level of high or very high.

C.      Static blacklist entries always have a very high threat level.

D.      A static or dynamic blacklist entry always takes precedence over the static whitelist entry.

 

Correct Answer: C

 

 

QUESTION 45

Refer to the exhibit. Which Cisco ASA CLI commands configure these static routes in the Cisco ASA routing table?

 

clip_image001

 

A.        route dmz 10.2.2.0 0.0.0.255 172.16.1.10

route dmz 10.3.3.0 0.0.0.255 172.16.1.11

 

B.        route dmz 10.2.2.0 0.0.0.255 172.16.1.10 1

route dmz 10.3.3.0 0.0.0.255 172.16.1.11 1

 

C.        route dmz 10.2.2.0 0.0.0.255 172.16.1.10

route dmz 10.3.3.0 0.0.0.255 172.16.1.11 2

 

D.        route dmz 10.2.2.0 255.255.255.0 172.16.1.10

route dmz 10.3.3.0 255.255.255.0 172.16.1.11

 

E.         route dmz 10.2.2.0 255.255.255.0 172.16.1.10 1

route dmz 10.3.3.0 255.255.255.0 172.16.1.11 1

 

F.         route dmz 10.2.2.0 255.255.255.0 172.16.1.10

route dmz 10.3.3.0 255.255.255.0 172.16.1.11 2

 

Correct Answer: F

 

 

QUESTION 46

Which statement about static or default route on the Cisco ASA appliance is true?

 

A.      The admin distance is 1 by default.

B.      From the show route output, the [120/3] indicates an admin distance of 3.

C.      A default route is specified using the 0.0.0.0 255.255.255.255 address/mask combination.

D.      The tunneled command option is used to enable route tracking.

E.       The interface-name parameter in the route command is an optional parameter if the static route points to the next-hop router IP address.

 

Correct Answer: A

 

 

QUESTION 47

Refer to the exhibit. Which Cisco ASA configuration has the minimum number of the required configuration commands to enable the Cisco ASA appliance to establish EIGRP neighborship with its two neighboring routers?

 

clip_image002

 

A.        router eigrp 1

network 10.0.0.0 255.0.0.0

 

B.        router eigrp 1

network 10.0.0.0 255.0.0.0

network 192.168.1.0 255.255.255.0

network 192.168.2.0 255.255.255.0

 

C.        router eigrp 1

network 10.1.1.0 255.255.255.0

network 10.2.2.0 255.255.255.0

 

D.        router eigrp 1

network 10.1.1.0 255.255.255.0

network 10.2.2.0 255.255.255.0

network 192.168.1.0 255.255.255.0

network 192.168.2.0 255.255.255.0

 

E.         router eigrp 1

network 0.0.0.0 255.255.255.255

 

Correct Answer: A

 

 

QUESTION 48

Which configuration step is the first to enable PIM-SM on the Cisco ASA appliance?

 

A.      Configure the static RP IP address.

B.      Enable IGMP forwarding on the required interface(s).

C.      Add the required static mroute(s).

D.      Enable multicast routing globally on the Cisco ASA appliance.

E.       Configure the Cisco ASA appliance to join the required multicast groups.

 

Correct Answer: D

 

 

 

 

 

 

 

 

 

 

 

QUESTION 49

Refer to the exhibit. Which option describes the problem with this botnet traffic filter configuration on the Cisc
o ASA appliance?

 

clip_image003

 

A.      The traffic classification ACL is not defined.

B.      The use of the dynamic database is not enabled.

C.      DNS snooping is not enabled.

D.      The threat level range for the traffic to be dropped is not defined.

E.       The static black and white list entries should use domain name instead of IP address.

 

Correct Answer: C

 

 

QUESTION 50

In the default global policy, which traffic is matched for inspections by default?

 

A.      match any

B.      match default-inspection-traffic

C.      match access-list

D.      match port

E.       match class-default

 

Correct Answer: B

Free VCE & PDF File for Cisco 642-618 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …