| Question 1 | Which command will clear the logging buffer? -
A. clear logging -
B. flush log -
C. delete log -
D. clear buffer |
| A1: | Answer A is correct. The clear logging command clears all the log entries in the logging bugger. Answers B, C, and D do not exist and are therefore incorrect. |
| Question 2 | Which command will ensure a specific timestamp is attached to a message before it is sent to a syslog server? -
A. logging timestamp -
B. signed message log -
C. unique log -
D. flagged entry |
| A2: | Answer A is correct. The logging timestamp command attaches a timestamp to messages destined to a syslog server. Answer B does not exist and is therefore incorrect. Answer C does not exist and is therefore incorrect, and answer D does not exist and is therefore incorrect. |
| Question 3 | Which command enables syslog traps? -
A. enable smtp -
B. set trap syslog -
C. logging trap -
D. enable trap |
| A3: | Answer C is correct. The logging trap command enables the log levels for syslog traps. Answer A does not exist and is therefore incorrect. Answers B and D also do not exist, so they are incorrect. |
| Question 4 | Which command is used to specify a syslog server? |
| A4: | Answer B is correct. The logging host command specifies the location of the syslog server. Answer A does not exist and is therefore incorrect. Answer C is incorrect because the host command changes the prompt hostname to 192.168.1.11. Answer D is an incomplete command and is therefore incorrect. |
| Question 5 | What are syslog servers used for? |
| A5: | Answer D is correct. Syslog servers are used to collect system messages. Answer A is incorrect because NMSs are used to collect SNMP traps. Answer B is incorrect because PDM files are located on the PIX and are used for HTTP interfaces to the PIX. Answer C is incorrect because host configuration files are located on TFTP servers. |
| Question 6 | When connecting to the PIX firewall using SSH, what are the username and password? -
A. The username is pix , and the password is pix . -
B. The username is pix , and the password is the enable password. -
C. The username is pix , and the password is the Telnet password. -
D. The username is pix , and the password is CISCO . |
| A6: | Answer C is correct. When connecting to the PIX firewall, the username is always pix and the password is the current Telnet password. Answer D is incorrect because the password CISCO is not the default Telnet password; cisco in all lowercase is. Answer A is incorrect because the password might not necessarily be the word pix . The password is whatever the Telnet password is, making answer C more correct. Answer B is incorrect also because the password used is the Telnet password and not the enable password. |
| Question 7 | Which command is used to collect time from an NTP server? -
A. ntp-server -
B. ntp server -
C. server-ntp -
D. sync-serve r |
| A7: | Answer B is correct. The ntp server command enables you to synchronize the PIX clock with an NTP server. Multiple servers can be used at the same time by entering the command multiple times. Answer A is incorrect because the ntp-server command does not exist. Answers C and D are also incorrect because these commands do not exist. |
| Question 8 | Which command clears all existing RSA keys? -
A. clear rsa-keys -
B. clear ca zeroize rsa -
C. zeroize rsa -
D. ca zeroize rsa |
| A8: | Answer D is correct. The ca zeroize rsa command clears all RSA-generated keys from flash. Answer A is incorrect because the clear rsa-key command does not exist. Answer B is incorrect because the clear ca zeroize rsa command does not exist. Answer C is incorrect because the zeroize rsa command is missing the ca part. |
| Question 9 | What does the telnet command do? -
A. Allows you to Telnet from the PIX to another device -
B. Allows specific computers to Telnet into the PIX -
C. Enables Telnet traffic to pass through the PIX -
D. Blocks Telnet traffic on the outside interface |
| A9: | Answer B is correct. The telnet command allows you to specify who can Telnet into the PIX firewall. By entering an IP address and mask, you can enable a specific host or a whole subnet to have Telnet access. Answer A is incorrect because the command is used to define who can Telnet into the PIX, not who can Telnet out of it. Answer C is incorrect because the Telnet traffic is automatically allowed through the PIX firewall in the outbound direction. The telnet command does not control who can Telnet across the PIX. Answer D is incorrect because access-list commands can be used to prevent Telnet access across the PIX firewall. |
| Question 10 | When connecting to the PIX using SSH, you see a period (.). What does this mean? -
A. The SSH connection has failed. -
B. The SSH is generating server keys. -
C. The SSH connection has timed out. -
D. SSH has not been configured. |
| A10: | Answer B is correct. The . is displayed when the PIX is generating server keys to use for encryption. Answer A is incorrect because a text message displays stating that the connection has failed, and not the . symbol. Answer C is incorrect because a text message stating that a timeout has occurred appears ”not the . symbol. Answer D is incorrect because, if the SSH has not been configured, you get a connection failure message and not the . symbol. |
