CCNP SECURITY FIREWALL 642-617 Q&AS – New Questions (11-15)

Section 4 – New Questions

QUESTION 11
When a Cisco ASA is configured in multiple context mode, within which configuration are the interfaces allocated to the security contexts?
A.    each security context
B.    system configuration
C.    admin context (context within the admin role)
D.    context startup configuration file (.cfg file)
Answer: B

Continue reading

CCNP SECURITY FIREWALL 642-617 Q&AS – Advanced Troubleshooting (16-18)

Section 3 – Advanced Troubleshooting

QUESTION 16
When troubleshooting a Cisco ASA (running 8.2.2) that is operating in transparent firewall mode, what should you verify to ensure proper operation?
A.    The Cisco ASA has not been configured for inside static or dynamic NAT.
B.    The Cisco ASA global IP address belongs to the same subnet as the directly connected interfaces.
C.    The outside and inside interface are connected to different Layer 3 subnets.
D.    The Cisco ASA is using a dedicated management interface for management access.
E.    The Cisco ASA is configured for ARP inspection.
Answer: B

Continue reading

CCNP SECURITY FIREWALL 642-617 Q&AS – Advanced Troubleshooting (11-15)

Section 3 – Advanced Troubleshooting

QUESTION 11
Which three Cisco ASA configuration commands are used to enable the Cisco ASA to log only the debug output to syslog? (Choose three.)
A.    logging Hst test message 711001
B.    logging debug-trace
C.    logging trap debugging
D.    logging message 711001 level 7
E.    logging trap test
Answer: BCD

Continue reading