CCSP Cisco Secure PIX Firewall Advanced Exam Certification Guide, Second Edition [Electronic resources]

Greg Bastien; Earl Carter; Christian Degu

نسخه متنی -صفحه : 191/ 74
نمايش فراداده

  • "Do I Know This Already?" Quiz

    Foundation Topics" portion of the chapter, helps you determine how to spend your limited study time.

    1.

    Which of the following causes a failover event?

    1. A reboot or power interruption on the active PIX Firewall

    2. Low HTTP traffic on the outside interface

    3. Issuance of the failover active command on the standby PIX Firewall

    4. Low memory utilization for several consecutive seconds

    2.

    What is the command to view failover configuration?

    1. show failover

    2. failover

    3. view failover

    4. show me failover

    3.

    Which of the following is/are replicated in stateful failover operation?

    1. Configuration

    2. TCP connection table, including timeout information for each connection

    3. Translation (xlate) table

    4. Negotiated H.323 UDP protocols

    5. All of the above

    4.

    Which of the following is not replicated in stateful failover operation?

    1. User authentication (uauth) table

    2. ISAKMP and IPSec SA table

    3. ARP table

    4. Routing information

    5. All of the above

    5.

    What is the command to force configuration replication to the standby unit?

    1. write standby

    2. copy to secondary

    3. force secondary

    4. force conf

    6.

    Which of the following is a stateful failover hardware restriction?

    1. The stateful failover configuration is supported only by PIX Firewall 535 models.

    2. Only fiber connections can be used in a stateful failover hardware configuration.

    3. A PIX Firewall with two FDDI cards cannot use stateful failover, because an additional FDDI interface is not supported.

    4. There is no hardware restriction for stateful failover configuration.

    7.

    What command assigns an IP address to the standby Cisco PIX Firewall?

    1. secondary ip address ip address

    2. failover ip address if-name ip-address

    3. ip address ip address secondary

    4. ip address ip address failover

    8.

    What is the command to configure a LAN-based failover?

    1. conf lan failover

    2. failover ip LAN

    3. failover lan interface if-name

    4. lan interface failover

    9.

    What is an advantage of a LAN-based failover?

    1. It quickly fails over to a peer when a power failure on the active unit takes place.

    2. It does not have the 6-foot-cable distance limitation for failover communication.

    3. It is preconfigured on the PIX Firewall.

    4. All of the above

    10.

    What is the default failover poll, in seconds?

    1. 10 seconds

    2. 15 seconds

    3. 30 seconds

    4. 25 seconds

    11.

    Which of the following is true about the serial link cable connection in a PIX Firewall failover configuration?

    1. Serial link cable can transfer data at 100 Mbps.

    2. The two units maintain the heartbeat network over the cable.

    3. Network link status is not communicated over the serial link.

    4. Keepalive packets and configuration replication are communicated over the serial link.

    The answers to the "Do I Know This Already?" quiz are found in Appendix A, "Answers to the ''''Do I Know This Already?'''' Quizzes and Q&A Sections." The suggested choices for your next step are as follows: