- Email support@dumps4free.com
Topic 2: Exam Pool B
What is a benefit of using Cisco FMC over Cisco ASDM?
A.
Cisco FMC uses Java while Cisco ASDM uses HTML5.
B.
Cisco FMC provides centralized management while Cisco ASDM does not.
C.
Cisco FMC supports pushing configurations to devices while Cisco ASDM does not.
D.
Cisco FMC supports all firewall products whereas Cisco ASDM only supports Cisco ASA
devices
Cisco FMC provides centralized management while Cisco ASDM does not.
Reference: https://www.cisco.com/c/en/us/products/collateral/security/firesightmanagement-
center/datasheetc78-736775.html
What is a capability of Cisco ASA Netflow?
A.
It filters NSEL events based on traffic
B.
It generates NSEL events even if the MPF is not configured
C.
It logs all event types only to the same collector
D.
It sends NetFlow data records from active and standby ASAs in an active standby
failover pair
It filters NSEL events based on traffic
What is the result of running the crypto isakmp key ciscXXXXXXXX address 172.16.0.0 command?
A.
authenticates the IKEv2 peers in the 172.16.0.0/16 range by using the key
ciscXXXXXXXX
B.
authenticates the IP address of the 172.16.0.0/32 peer by using the key ciscXXXXXXXX
C.
authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key
ciscXXXXXXXX
D.
secures all the certificates in the IKE exchange by using the key ciscXXXXXXXX
authenticates the IKEv1 peers in the 172.16.0.0/16 range by using the key
ciscXXXXXXXX
Configure a Crypto ISAKMP Key
In order to configure a preshared authentication key, enter the crypto isakmp key
command in global configuration mode:
crypto isakmp key cisco123 address 172.16.1.1
https://community.cisco.com/t5/vpn/isakmp-with-0-0-0-0-dmvpn/td-p/4312380
It is a bad practice but it is valid. 172.16.0.0/16 the full range will be accepted as possible
PEER
https://www.examtopics.com/discussions/cisco/view/46191-exam-350-701-topic-1-
question-71-
discussion/#:~:text=Command-reference-is-not-decisive,172.16.1.128-ci
sco123%0ACSR%2D1(config)%23
Testing without a netmask shows that command interpretation has a preference for /16 and
/24. CSR-1(config)#crypto isakmp key cisco123 address 172.16.0.0
CSR-1(config)#do show crypto isakmp key | i cisco
default 172.16.0.0 [255.255.0.0] cisco123
CSR-1(config)#no crypto isakmp key cisco123 address 172.16.0.0
CSR-1(config)#crypto isakmp key cisco123 address 172.16.1.0
CSR-1(config)#do show crypto isakmp key | i cisco
default 172.16.1.0 [255.255.255.0] cisco123
CSR-1(config)#no crypto isakmp key cisco123 address 172.16.1.0
CSR-1(config)#crypto isakmp key cisco123 address 172.16.1.128
CSR-1(config)#do show crypto isakmp key | i cisco default 172.16.1.128 cisco123
CSR-1(config)#
What is provided by the Secure Hash Algorithm in a VPN?
A.
integrity
B.
key exchange
C.
encryption
D.
authentication
integrity
What is a key difference between Cisco Firepower and Cisco ASA?
A.
Cisco ASA provides access control while Cisco Firepower does not.
B.
Cisco Firepower provides identity-based access control while Cisco ASA does not.
C.
Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA
does not.
D.
Cisco ASA provides SSL inspection while Cisco Firepower does not.
Cisco Firepower natively provides intrusion prevention capabilities while Cisco ASA
does not.
| Page 29 out of 126 Pages |
| Previous |