CCNP Practice Exam For ISCW Study:
Firewalls And Other Cisco Security Features
Vital Reading And Watching For All Cisco Certification Candidates:
The July 2010 CCNP Changes (And How To Beat Them!)
To help you beat the July 31, 2010 deadline for the ISCW exam, here are seven practice exam questions on Cisco router and switch security features.
The answers can be found at the bottom of the page, and when you're done with this exam, head to our CCNP Practice Exam page for more free practice questions!
Join our Twitter conversation on the left side of this page for immediate notification on the posting of new answers and questions, additions to our YouTube Cisco Certification Channel, and more!
Be sure to check out our CCNP Guaranteed Pass offer!
Enjoy the questions!
Chris Bryant
CCIE #12999
"The Computer Certification Bulldog"
chris@thebryantadvantage.com
 
Question 1:
Which of the following is/are not typically found in a DMZ?
A. FTP server
B. email server
C. end user PC
D. e-commerce server
Question 2:
Which of the following commands is required to run SDM in a secure fashion?
A. ip http authentication local
B. ip http proxy
C. ip http server
D. ip http secure-server
Question 3:
What are the options for the ACL applied to inbound traffic on the untrusted interface?
A. Extended ACL only
B. Either a named, extended, or standard ACL
C. Standard ACL only
D. Named ACL only
Question 4:
Which of the following is true of TCP and UDP as they related to the IOS Firewall Set?
A. TCP applications can be protected on a per-application basis.
B. TCP generic inspection can be applied.
C. UDP applications can be protected on a per-application basis.
D. UDP generic inspection can be applied.
Question 5:
Which of the following accurately describes the Basic Firewall Wizard?
A. can be used to configure a DMZ
B. no capability to configure a DMZ
C. can configure multiple outside interfaces
D. no capability to configure multiple outside interfaces
Question 6:
Which of the following can the Basic Firewall Wizard configure?
A. multiple inside interfaces
B. multiple outside interfaces
C. DMZ
D. custom application rules
Question 7:
When a specific user profile is retrieved from a RADIUS or TACACS+ server and is applied to that user only, what IOS Firewall feature is in effect?
A. SDM
B. Offline Authentication
C. Authentication Proxy
D. Fail Closed
The answers are posted at the bottom of the page!
Earn Your CCNP With The Personal Guarantee Of Chris Bryant, CCIE #12933:
“I GUARANTEE You'll Pass The Current CCNP Exams - BSCI, ONT, ISCW, and BCMSN - Before The July 31, 2010 Cutoff Date With My CCNP Study Packages ...
... And If You Don't Pass FOR ANY REASON Before That Time, I'll Give You a 100% Free CCNP Study Package Download For The New Exam Track!"
You Also Get A FREE CCNA Security Study Package, Valued at $67, With The Purchase Of Any CCNP Study Package!
Answers:
1. C. You'll find many different server types in a DMZ, but not end user PCs.
2. A, C, D. Additionally, the local user must have privilege level 15 to log in to SDM.
3. A. The ACL applied to inbound traffic on the untrusted interface must be an extended ACL.
4. A, B, C, D. Generic inspection and per-application inspection can be configured for both TCP- and UDP-based applications.
5. B, D. That's why we call it "Basic"! (You can configure multiple inside interfaces, though.)
6. A. The Basic wizard can't configure custom app rules, either.
7. C. That's the Authentication Proxy (AP).
For more free ISCW practice exams, head to our CCNP Practice Exams page!
|
