Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Getting Started with the Cisco PIX Firewall Questions and answers

Getting Started with the Cisco PIX Firewall Questions and answers

Feb 03,2010 by alperen

small font medium font large font
image

Questions

1. 

Which one of the following is not one of the six basic commands for initial PIX Firewall configuration?

  1. The ip address command

  2. The nat command

  3. The route command

  4. The conduit command

2. 

Which of the following commands would bring up (enable) a properly configured interface?

  1. no shutdown

  2. nameif ethernet2 dmz sec50

  3. interface e0 auto

  4. ip address outside 1.1.1.1 255.255.255.0

3. 

Which of the following firewall commands would allow a LAN host to successfully ping an Internet site?

  1. icmp permit any echo-reply outside

  2. icmp permit any echo-reply inside

  3. both would be required

  4. None of the above

4. 

Which command generated the following output?

1: Outbound ICMP echo request (len 32 id 7 seq 1004) 192.168.1.2 > 
172.16.1.78 > 172.16.4.50
2: Inbound ICMP echo reply (Len 32 id 26 seq 1004) 172.16.4.50 >
172.16.1.78 > 192.168.1.2

  1. show icmp

  2. show icmp traffic

  3. show icmp trace

  4. debug icmp trace

5. 

Which one of the following is not true about Network Time Protocol (NTP)?

  1. It’s an Internet standard protocol.

  2. It’s based on Coordinated Universal Time (UTC).

  3. Cisco Firewalls support all NTP service stratum.

  4. NTP devices are organized into associations.

6. 

Which command enables NTP services on a PIX Firewall?

  1. ntp authentication-key 9146 md5 HopeThisWorks

  2. ntp authenticate

  3. ntp trusted-key 9146

  4. ntp server 192.168.4.2 key 9146 source inside prefer

7. 

Which command shows the NTP configuration?

  1. show ntp config

  2. show ntp status

  3. show ntp associations

  4. show ntp

8. 

Which logging level would need to be set to capture the following output?

%PIX-5-304001: user 192.168.1.10 accessed URL 192.168.4.5/pr_sjones.gif

  1. 1

  2. 3

  3. 4

  4. 5

9. 

Which of the following will stop UDP-based logging?

  1. The PIX Firewall is unable to reach the Syslog server.

  2. The Syslog server is misconfigured.

  3. The disk on the Syslog server is full.

  4. None of the above.

10. 

Which PIX Firewall interface does the DHCP client default to?

  1. Inside

  2. Outside

  3. DMZ

  4. No default. It can be enabled anywhere.

11. 

Which of the following is not a PIX Firewall dhcp command?

  1. dhcpd address 192.168.1.6-192.168.1.254

  2. dhcpd dns 192.168.100.5 192.168.101.5

  3. dhcpd wins 192.168.100.5

  4. dhcpd ftp 192.168.100.5

  5. dhcpd enable

12. 

Which command specifies a Syslog server for logging messages?

  1. logging trap

  2. logging history

  3. logging on

  4. logging host

13. 

For the command pix(config)#logging trap 4, what severity levels will be logged?

  1. Level 4

  2. Levels 4 through 7

  3. Levels 1 through 4

  4. Levels 0 through 4

14. 

What severity level must be trapped to get FTP commands and WWW URLs?

  1. 3

  2. 5

  3. 6

  4. 7

15. 

Where does the dhcpd auto_config command get its source information?

  1. Firewall configuration

  2. CDP packets

  3. DHCP server service

  4. DHCP client service

Answers

1. 

D. The conduit command. This is an old (v4.x) command and would come after basic configuration to create exceptions

2. 

C. interface e0 auto

3. 

D. None of the above. The firewall icmp commands only manage ICMP traffic directed at router interfaces, not traffic passing through the device.

4. 

D. debug icmp trace

5. 

C. Cisco Firewalls support all NTP service stratum. PIX Firewalls do not support stratum 1.

6. 

B. ntp authenticate

7. 

D. show ntp

8. 

D. 5. The number after PIX indicates the level %PIX-5-304001:

9. 

D. None of the above. Each situation will stop TCP-based logging.

10. 

B. Outside

11. 

D. dhcpd ftp 192.168.100.5

12. 

D. logging host

13. 

D. Levels 0 through 4

14. 

C. 6

15. 

D. DHCP client service


518 times read

Related news
» ICMP ACL Statements
by alperen posted on Feb 04,2010
» FTP and URL Logging
by alperen posted on Feb 02,2010
» Firewalls and VPN Features Questions and answers
by alperen posted on Feb 10,2010
» Firewalls as a DHCP Client and Server
by alperen posted on Feb 02,2010
» Restricting What Log Messages Are Sent to the Server
by admin posted on Jul 21,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.