CCNP SECURITY FIREWALL 642-617 Q&AS – PRE-PRODUCTION DESIGN (11-15)

Section 1 -  Pre-Production Design

QUESTION 11
A customer is ordering a number of Cisco ASAs for their network. For the remote or home office, they are purchasing the Cisco ASA 5505. When ordering the licenses for their Cisco ASAs, which two licenses must they order that are "platform specific" to the Cisco ASA 5505? (Choose two.)
A.    AnyConnect Essentials license
B.    per-user Premium SSL VPN license
C.    VPN shared license
D.    internal user licenses
E.    Security Plus license
Answer: DE

Continue reading

CCNP Security FIREWALL 642-617 q&aS – Pre-Production Design (1-5)

Section 1 -  Pre-Production Design

QUESTION 1
Using the default modular policy framework global configuration on the Cisco ASA, how does the Cisco ASA process outbound HTTP traffic?
A.    HTTP flows are not permitted through the Cisco ASA, because HTTP is not inspected bydefault.
B.    HTTP flows match the inspection_default traffic class and are inspected using HTTP inspection.
C.    HTTP outbound traffic is permitted, but all return HTTP traffic is denied.
D.    HTTP flows statefully inspected using TCP stateful inspection.
Answer: D

Continue reading