Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Cisco IOS Firewall Authentication Proxy Questions Answers

Cisco IOS Firewall Authentication Proxy Questions Answers

Sep 22,2009 by alperen

small font medium font large font
image

Questions

1. 

What protocol does the authentication proxy use to trigger an authentication session?

  1. Telnet

  2. HTTPS

  3. TFTP

  4. HTTP


2. 

Which two protocol authentication servers can be used with authentication proxy?

  1. TACACS

  2. Kerberos

  3. RADIUS

  4. TACACS+

3. 

Authentication proxy allows how many attempts to enter a valid user name and password?

  1. 1

  2. 3

  3. 5

  4. unlimited

4. 

True or False. User profile entries stored on the AAA server are made up of permit and deny statements used to create temporary ACL entries on the firewall router.

  1. True

  2. False

5. 

In the temporary ACL entry permit icmp host 192.168.1.10 host 192.168.4.2, which address probably represents the authenticated user?

  1. 192.168.1.10

  2. 192.168.4.2

  3. It can be either on

  4. There’s no way to kno

6. 

True or False. Authentication proxy is supported on all router platforms since v12.2.

  1. True

  2. False

7. 

In the ip auth-proxy auth-cache-time units command, what are the idle timer units?

  1. Bits

  2. Seconds

  3. Minutes

  4. Hours

8. 

Which technology does authentication proxy use to provide secure authentication?

  1. HTTPS

  2. DirectX

  3. JavaScript

  4. All of the above


9. 

According to the text, which of the following is the reason to configure CBAC with authentication proxy?

  1. CBAC’s attack prevention feature

  2. CBAC is so easy to configur

  3. Authentication proxy doesn’t create ACEs to support returning data traffi

  4. CBAC has its own authentication function

10. 

The IOS Firewall authentication proxy feature works with which technology?

  1. Dial-in connection

  2. Console connections

  3. HTTP sessions

  4. Telnet sessions

11. 

What additional IOS feature allows the authentication proxy to work with NAT services?

  1. AAA Accounting

  2. CBAC

  3. VPN client

  4. One-time passwords

12. 

Which command is not a step in setting up an IOS Firewall authentication proxy?

  1. Configuring the HTTP server

  2. Configuring the authentication proxy

  3. Configuring AAA

  4. Configuring CBAC

13. 

How many open sessions does authentication proxy support before refusing additional sessions?

  1. 24

  2. 40

  3. 100

  4. 500

14. 

When creating the inbound ACL on the firewall for authentication proxy, all traffic is typically blocked except which one of the following that’s absolutely required?

  1. Outbound traffic to the AAA server

  2. Local user Telnet traffic

  3. Return traffic from the AAA server

  4. Local user HTTP traffic


15. 

When configuring the authentication proxy features, all commands are variations of which of the following?

  1. Rtr1#ip auth-proxy auth

  2. Rtr1(config)#ip auth-proxy auth

  3. Rtr1(config-if)#ip auth-proxy auth

  4. Rtr1(config-ap)#ip auth-proxy auth

Answers

1. 

D. HTTP

2. 

C. and D. RADIUS and TACACS+

3. 

C. Five tries

4. 

B. False. User profiles contain only permit statements.

5. 

A. 192.168.1.10

6. 

A. False. IOS versions (12.2) support authentication proxy on the SOHO 70, 800, uBR900, 1720, 2600, 3600, 7100, 7200, and 7500 series routers.

7. 

C. Minutes (default 60)

8. 

C. JavaScript

9. 

C. Authentication proxy does not create ACEs to support returning data traffic.

10. 

C. HTTP sessions

11. 

B. CBAC

12. 

D. Configuring CBAC

13. 

B. 40

14. 

C. Return traffic from the AAA server

15. 

B. Rtr1(config)#ip auth-proxy auth


306 times read

Related news
» Authentication Proxy Configuration on the Router
by alperen posted on Sep 19,2009
» Idle Timer
by alperen posted on Sep 16,2009
» Verify Authentication Proxy Configuration
by alperen posted on Sep 20,2009
» The auth-proxy Interface Configuration
by alperen posted on Sep 19,2009
» The ip auth-proxy name Command
by alperen posted on Sep 19,2009
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

admin

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.