Q1. Refer to the exhibit 

which two statement about the given IPV6 ZBF configuration are true? (Choose two)

A. It provides backward compability with legacy IPv6 inspection

B. It inspect TCP, UDP,ICMP and FTP traffic from Z1 to Z2.

C. It inspect TCP, UDP,ICMP and FTP traffic from Z2 to Z1.

D. It inspect TCP,UDP,ICMP and FTP traffic in both direction between z1 and z2.

E. It passes TCP, UDP,ICMP and FTP traffic from z1 to z2.

F. It provide backward compatibility with legacy IPv4 inseption.

View Answer

Q2. What are the three response types for SCEP enrollment requests? (Choose three.)

A. PKCS#7

B. Reject

C. Pending

D. PKCS#10

E. Success

F. Renewal

View Answer

Q3. When you are configuring QoS on the Cisco ASA appliance Which four are valid traffic selection criteria? (Choose four)

A. default-inspection-traffic

B. qos-group

C. DSCP

D. VPN group

E. tunnel group

F. IP precedence

View Answer

Q4. What IOS feature can prevent header attacks by using packet-header information to classify traffic?

A. CAR

B. FPM

C. TOS

D. LLQ

E. TTL

View Answer

Q5. Which two statements about VPLS and VPWS are true? (Choose two)

A. VPLS Layer 2 VPNs support both full-mesh and hub-and-spoke implementations

B. VPWS only sends the data payload over an MPLS core

C. VPLS is intended for applications that require point-to-point access

D. VPWS supports multicast using a hub-and-spoke architecture

E. VPLS is intended for applications that require multipoint or broadcast access

F. VPWS supports point-to-point integration of Layer 2 and Layer 3 services over an MPLS cloud

View Answer

Q6. When configuration Cisco IOS firewall CBAC operation on Cisco routers, the “inspection rule” can be applied at which two location?(Choose two)

A. at the trusted and untrusted interfaces in the inbound direction.

B. at the trusted interface in the inbound direction.

C. at the trusted and untrusted interfaces in the outbound direction.

D. at the untrusted interface in the inbound direction.

E. at the trusted interface in the outbound direction.

F. at the trusted interface in the outbound direction.

View Answer

Q7. What command specifies the peer from which MSDP SA message are accepted?

A. IP msdpsa-filter in <peer>[list<acl>] [route-map <map> ]

B. Ipmsdp default-peer <peer>

C. Ipmsdp mesh-group

D. Ipmsdp originator-id <interface>

View Answer

Q8. Refer to the exhibit. 

Which effect of this Cisco ASA policy map is true?

A. The Cisco ASA is unable to examine the TLS session.

B. The server ends the SMTP session with a QUIT command if the algorithm or key length is insufficiently secure.

C. it prevents a STARTTLS session from being established.

D. The Cisco ASA logs SMTP sessions in clear text.

View Answer

Q9. Refer to the exhibit. What protocol format is illustrated?

A. GR

B. AH

C. ESP

D. IP

View Answer

Q10. Which command can you enter to cause the locally-originated Multicast Source Discovery Protocol Source- Active to be prevented from going to specific peers?

A. ip msdp mesh-group mesh-name {<peer-address>|<peer-name>}

B. ip msdp redistribute [list <acl>][asn as-access-list][route-map <map>]

C. ip msdp sa-filter out <peer> [list<acl>] [route-map<map>]

D. ip msdp default-peer {<peer-address> | <peer-name>}[prefix-list<list>]

E. ip msdp sa-filter in <peer> [list<acl>][route-map <map>]

View Answer