Date: 2010-10-18 15:38 Author: pass4line Click: 24
Securing Networks with ASA Foundation
Exam Number/Code : 642-524
Exam Name : Securing Networks with ASA Foundation
Questions and Answers : 62 Q&As
Update Time: 2010-10-18
Exam4test 642-524 Exam Description
Cisco 642-524 practice exams and questions are constantly being updated. You can check the quality of our practice test updates by visiting our latest news page or signing up to our newsletter for recent updates and new releases to our practice exams. You are not about to purchase a disposable product. 642-524 practice exam updates are supplied free of charge for up to 180 days. Regardless of how soon you decide to take the actual 642-524 examination certification, you will be able to walk into the 642-524 testing room with confidence using Exam4test 642-524 training resources.
Passing the Cisco 642-524 exam has never been faster or easier, now with actual questions and answers, without the messy 642-524 braindumps that are frequently incorrect. Exam4test Unlimited Access Exams are not only the cheaper way to pass without resorting to Cisco 642-524 dumps, but at only $99.00 you get access to ALL of the 642-524 exams from every certification vendor.
This is more than a Cisco 642-524 practice exam, this is a compilation of the actual questions and answers from the Cisco Server Administrator test. Where our competitor’s products provide a basic 642-524 practice test to prepare you for what may appear on the Cisco 642-524 exam,642-524 training mateirals and prepare you for surprises, the Cisco 642-524 exam and Cisco 642-524 exam questions are complete, comprehensive and guarantees to prepare you for your Cisco 642-524 exam.
642-524 exam will provide you with Cisco 642-524 exam questions and verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. Our Exam4test Cisco 642-524 exam is not just questions and answers. They are your access to high technical expertise and accelerated learning capacity.
It is well known that 642-524 exam test is the hot exam of Cisco certification. Exam4test offer you all the Cisco 642-524 Q&A and Cisco 642-524 braindumps of the 642-524 real test . It is the 642-524 examination of the perfect combination and it will help you pass Cisco 642-524 exam at the first time.
Exam4test 642-524 Exam Dumps
Exam : Cisco 642-524 exam
Title : Securing Networks with ASA Foundation
1. Refer to the exhibit. A network administrator wants to authenticate remote users who are accessing the WEB1 server from the Internet. When a remote user initiates a session to the WEB1 server, the ASA1 security appliance will verify the credentials of the user with the TX_ACS AAA server via RADIUS. To accomplish this, the administrator must load and configure Cisco Secure ACS software on the TX_ACS AAA server. During the process, the administrator must correctly configure the AAA client information in the Cisco Secure ACS network configuration window.
What must the administrator place in field A (AAA Client Hostname) and field B (AAA Client IP Address)?
A. ATX_ACS
B10.0.1.10
B. AWEB1
B172.16.1.2
C. AASA1
B10.0.1.1
D. ABOB
B192.168.2.10
Answer: C
2. Refer to the exhibit. Given the configuration that is shown, what traffic will be logged to the AAA server?
A. All connection information will be logged in the accounting database.
B. All outbound TCP connection information will be logged in the accounting database.
C. Only authenticated and authorized console connection information will be logged in the accounting database.
D. No information will be logged. This is not a valid configuration because TACACS+ connection information cannot be captured and logged.
Answer: B
3. To require users to authenticate before accessing the corporate DMZ servers, the network security administrator needs to configure cut-through proxy authentication via RADIUS. Which three tasks are required to accomplish this goal? (Choose three.)
A. Specify a AAA server group.
B. Designate an authentication server.
C. Add users to the local user database.
D. Configure per-user override.
E. Configure a rule that specifies which traffic flow to authenticate.
F. Assign ACLs to users or groups.
Answer: ABE
4. Which two statements accurately describe the downloadable ACL feature of the security appliance? (Choose two.)
A. Downloadable ACLs are the only supported authorization method that works without authentication.
B. Downloadable ACLs enable you to store full ACLs on a AAA server and download them to the security appliance.
C. Downloadable ACLs are supported using TACACS+ or RADIUS.
D. The downloadable ACL must be attached to a user or group profile on a AAA server.
E. The security appliance supports only per-user ACL authorization.
F. Downloadable ACLs cannot be manually removed; they must expire based on the configured timeout.
Answer: BD
5. The network security administrator for XYZ Corporation wants to apply specific restrictions to one network user, Bob, who works from home and accesses the corporate network from the outside interface of the security appliance. The administrator decides to use the downloadable ACL feature of the security appliance to control network access for this user. Authentication of inbound traffic is already configured on the security appliance, and Bob already has a user account on the Cisco Secure ACS. Which three tasks does the administrator need to complete in order to accomplish the goal of limiting network access for Bob via downloadable ACLs? (Choose three.)
A. Enable inbound authorization on the security appliance.
B. Configure the security appliance to use downloadable ACLs.
C. Attach the downloadable ACL to the user profile for Bob on the Cisco Secure ACS.
D. In the authorization configuration of the security appliance, specify the RADIUS server where the user account for Bob resides.
E. Configure the Cisco Secure ACS to use downloadable ACLs.
F. Configure the downloadable ACLs on the Cisco Secure ACS.
Answer: CEF