CCSP Cisco Secure PIX Firewall Advanced Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

Answer: a, b

Answer: a, c, e

Answer: b, c, d

Answer: e

Answer: a

Answer: b, c

Answer: d

Answer: c

Answer: b

Answer: d

Answer: CiscoWorks Common Services provides the user authentication for both Firewall MC and AUS.

Answer: Service groups enable you to associate multiple protocols with a single name.

Answer: Firewall MC enables you to configure static translation rules, dynamic translation rules, and translation exception rules (NAT 0 ACL).

Answer: Through Firewall MC, you can configure firewall rules, AAA rules, and web filter rules.

Answer: AUS supports PIX Firewall software images, PDM software images, and PIX configuration files.

Answer: You cannot add PIX configuration files directly through the AUS interface. They must be deployed from Firewall MC.

Answer: Static translation rules define a permanent mapping between private IP addresses and public IP addresses.

Answer: Address translation pools enable you to associate a name with a group of addresses that will be used to create dynamic address translations for outbound traffic.

Answer: A network object associates a name with a range of network addresses, which are specified by an IP address and a network mask.

Answer: Through Firewall MC, you can configure the following device settings: PIX operating system version, interfaces, failover, routing, PIX Firewall administration, logging, servers and services, advanced security, and Firewall MC controls.

Answer: To create a dynamic translation rule, you must first define an address translation pool that specifies the addresses to be used for the dynamic translation.

Answer: Workflow enables you to require approval for configuration changes and deployment operations. This enables you to divide the responsibility of updating firewall configurations between multiple people. Configuration changes become activities, and deploying those activities becomes jobs.

Answer: AUS can manage firewalls with dynamic addresses because the managed firewalls initiate the communication with the AUS server.

Answer: Firewall MC supports the following types of building blocks: network objects, service definitions, service groups, AAA server groups, and address translation pools. Building blocks enable you to optimize your configuration. Basically, you can use the names of the building blocks in place of corresponding data values when configuring device settings or defining rules.

Answer: Firewall MC supports Activity Reports, Configuration Differences reports, and Device Setting Reports.

Answer: Each device setting in a managed configuration can either be inherited, mandatory, or overridden.

Answer: The four steps used to import a device into Firewall MC are as follows: select the target group, select the import type, define the firewall basic information, and review the device details.

Answer: The steps involved in adding an image to AUS are as follows: download the image file, and add the image to AUS.