Exam Prep Questions

Question 1

What are the major areas on the PDM interface? (Select five.)

  • A. Maintain

  • B. Access Rules

  • C. Host/Network

  • D. System Properties

  • E. VPN

  • F. Transform Rules

  • G. Translation Rules


Answers B, C, D, E, and G are correct. The five main tabs used to configure and set up the PIX firewall are Access Rules, Host/Network, System Properties, VPN and Translation Rules. The Monitoring tab is also available, but it's not used for configuration. Answers A and F are not main screens used to configure the PIX and are therefore incorrect.

Question 2

On which operating systems is the PDM supported?

  • A. Linux, Sun Solaris, Windows

  • B. Sun Solaris, Windows, X Window System

  • C. Windows, Macintosh, Linux

  • D. Windows, Macintosh, Sun Solaris


Answer A is correct. The PDM is supported on Linux, Sun Solaris, and Windows. Although the PDM supports these vendor operating systems, not all OS versions are supported. Answer B is incorrect because not all versions of X Window System are supported, making this less correct than answer A; also X Window System in not an operating system. Answers C and D are incorrect because Macintosh is not supported, although the PDM might technically work on a Macintosh.

Question 3

When you start the PDM interface, you are shown only the Monitoring tab. What is wrong?

  • A. You are using a Macintosh Web browser.

  • B. Not all the commands in the PIX configuration are supported by the PDM.

  • C. The PIX firewall is a model 535, which is not fully supported by the PDM interface.

  • D. The PDM is being accessed via HTTP and not HTTPS.


Answer B is correct. Several commands are not supported by the PDM interface; the alias command is one such command. When unsupported commands are found, the PIX firewall allows only the Monitoring tab to be available. Answer A is incorrect because Macintosh Web browsers are not supported but do not prevent you from accessing the other interface tabs. Answer C is incorrect because the PDM is supported on the PIX 535. Answer D is incorrect because you cannot even access the PDM if you use HTTP; HTTPS is required.

Question 4

When configuring Java and ActiveX filters and service groups for ACL, which tab do you use?

  • A. Monitoring

  • B. Translation Rules

  • C. Access Rules

  • D. Access List Rules


Answer C is correct. The Access Rules tab enables you to configure access rules, AAA rules, and filter rules. Filter rules enable you to configure Java and ActiveX filters, and AAA rules allow the configuration of AAA service rules. Answer A is incorrect because the Monitoring tab is used only to monitor information rather than to configure settings. Answer B is incorrect because the Translation Rules tab is used for creating NAT and PAT address pool configurations. Answer D is incorrect because this tab does not exist.

Question 5

Which location enables you to delete global pools of IP addresses used for NAT?

  • A. Access Rules tab, Manage Pools button

  • B. System Properties tab, Manage Pools button

  • C. Translation Rules tab, Manage Pools button

  • D. Global Address tab, Manage Pools button


Answer C is correct. The Translation Rules tab contains a button called Manage Pools that enables you to add, delete, and view global pools used for NAT. Answer A is incorrect because the Access Rules tab is used to configure rules such as ACL, AAA, and filters. Further, the Manage Pools button doesn't exist on the Access Rules screen. Answer B is incorrect because, although the System Properties tab is used for several settings, NAT global pools is not one of them. Answer D is incorrect because the Global Address tab does not exist.

Question 6

The PIX PDM VPN tab supports VPN and IPSec commands.

  • A. True

  • B. False


Answer A is correct. The VPN tab supports both VPN and IPSec commands. This tab contains a tree list of configurable options, such as IPSec, IKE, Remote Access, VPN system options, and Easy VPN Remote settings. Therefore, Answer B is incorrect.

Question 7

To enable clients to connect to the PIX and use the PDM interface, which commands are needed? (Select two.)

  • A. enable http server

  • B. http server enable

  • C. http inside

  • D. http (inside)


Answers B and C are correct. First, you must enable the HTTP server function of the PIX firewall, which is done with the http server enable command. Next, you must define which clients are allowed to access the HTTP server. The http inside command allows anyone on the subnet of access via the inside interface. Answers A and D are incorrect because they are invalid commands and syntax.

Question 8

Which option is available on the System Properties tab? (Select four.)

  • A. Multicast

  • B. NAT

  • C. Transform sets

  • D. Failover

  • E. Logging

  • F. DHCP Server


Answers A, D, E, and F are correct. The System Properties tab allows for all the configuration setting not available on the other primary tabs. Answer B is incorrect because NAT is configured on the Translation Rules tab. Answer C is incorrect because transform sets are configured on the VPN tab.

Question 9

Where do you configure Auto Update settings on the PDM?

  • A. Host/Network, Auto Update

  • B. System Properties, Auto Update

  • C. Host/Network, Image Server

  • D. System Properties, Image Server


Answer B is correct. The auto update configuration settings are configured on the System Properties tab under the Auto Update link. This enables the firewall to be remotely managed by a server that supports the auto update specification, so that software updates can be sent from a centralized remote server such as a Cisco Secure Policy Manager (CSPM). Answers A, C, and D are incorrect because these options do not exist on these tabs.

Question 10

At which location would you configure the mroute options?

  • A. Host/Network, Multicast, IGMP

  • B. Translation Rules, Multicast

  • C. System Properties, Multicast

  • D. System Properties, Routing


Answer C is correct. The Multicast option on the System Properties tab enables you to configure the mroute options. The mroute command allows you to statically configure multicast routes. Answers A and B are incorrect because these locations do not exist. Answer D is incorrect because this location is where normal routing, not multicast routing, is configured.

CSPFA Exam Cram 2 (Exam 642-521)
CCSP CSPFA Exam Cram 2 (Exam Cram 642-521)
ISBN: 0789730235
EAN: 2147483647
Year: 2003
Pages: 218

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net