Download Free VCE Files: CCNA, A+ Certification, MCSE – Cert4sure CCNP Security,Cisco Cisco 642-618 Demos, Recenty Updated Cisco 642-618 Certification With Accurate Answers

Cisco 642-618 Demos, Recenty Updated Cisco 642-618 Certification With Accurate Answers

Flydumps bring you the best Cisco 642-618 exam preparation materials which will make you pass in the first attempt.And we also provide you all the Cisco 642-618 exam updates as Flydumps announces a change in its Cisco 642-618 exam syllabus,we inform you about it without delay.

QUESTION 87
Which two configurations are required on the Cisco ASAs so that the return traffic from the
10.10.10.100 outside server back to the 10.20.10.100 inside client can be rerouted from the Active Ctx B context in ASA Two to the Active Ctx A context in ASA One? (Choose two.)

A. stateful active/active failover
B. dynamic routing (EIGRP or OSPF or RIP)
C. ASR-group
D. no NAT-control
E. policy-based routing
F. TCP/UDP connections replication

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 88
Which two statements about the class maps are true? (Choose two.)

A. These class maps are referenced within the global policy by default for HTTP inspection.
B. These class maps are all type inspect http class maps.
C. These class maps classify traffic using regular expressions.
D. These class maps are Layer 3/4 class maps.
E. These class maps are used within the inspection_default class map for matching the default inspection traffic.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 89
Which three Cisco ASA configuration commands are used to enable the Cisco ASA to log only the debug output to syslog? (Choose three.)
A. logging list test message 711001
B. logging debug-trace
C. logging trap debugging
D. logging message 711001 level 7
E. logging trap test

Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Which five options are valid logging destinations for the Cisco ASA? (Choose five.)
A. AAA server
B. Cisco ASDM
C. buffer
D. SNMP traps
E. LDAP server
F. email
G. TCP-based secure syslog server

Correct Answer: BCDFG Section: (none) Explanation
Explanation/Reference:
QUESTION 91
When configuring security contexts on the Cisco ASA, which three resource class limits can be set using a rate limit? (Choose three.)
A. address translation rate
B. Cisco ASDM session rate
C. connections rate
D. MAC-address learning rate (when in transparent mode)
E. syslog messages rate
F. stateful packet inspections rate

Correct Answer: CEF Section: (none) Explanation
Explanation/Reference:
QUESTION 92
Which two statements about Cisco ASA redundant interface configuration are true? (Choose two.)
A. Each redundant interface can have up to four physical interfaces as its member.
B. When the standby interface becomes active, the Cisco ASA sends gratuitous ARP out on the standby interface.
C. Interface duplex and speed configurations are configured under the redundant interface.
D. Redundant interfaces use MAC address-based load balancing to load share traffic across multiple physical interfaces.
E. Each Cisco ASA supports up to eight redundant interfaces.

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:
QUESTION 93
The Cisco ASA must support dynamic routing and terminating VPN traffic. Which three Cisco ASA options will not support these requirements? (Choose three.)
A. transparent mode
B. multiple context mode
C. active/standby failover mode
D. active/active failover mode
E. routed mode
F. no NAT-control
Correct Answer: ABD Section: (none) Explanation

Explanation/Reference:
QUESTION 94
Which two functions will the Set ASDM Defined User Roles perform? (Choose two.)

A. enables role based privilege levels to most Cisco ASA commands
B. enables the Cisco ASDM user to assign privilege levels manually to individual commands or groups of commands
C. enables command authorization with a remote TACACS+ server
D. enables three predefined user account privileges (Admin=Priv 15, Read Only=Priv 5, Monitor Only=Priv 3)

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 95
Which two statements about Cisco ASA failover troubleshooting are true? (Choose two.)
A. With active/active failover, failover link troubleshooting should be done in the system execution space.
B. With active/active failover, ASR groups must be enabled.
C. With active/active failover, user data passing interfaces troubleshooting should be done within the context execution space.
D. The failed interface threshold is set to 1. Using the show monitor-interfacecommand, if one of the monitored interfaces on both the primary and secondary Cisco ASA appliances is in the unknown state, a failover should occur.
E. Syslog level 1 messages will be generated on the standby unit only if the logging standbycommand is used.

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 96
When troubleshooting a Cisco ASA that is operating in multiple context mode, which two verification steps should be performed if a user context does not pass user traffic? (Choose two.)
A. Verify the interface status in the system execution space.
B. Verify the mac-address-table on the Cisco ASA.
C. Verify that unique MAC addresses are configured if the contexts are using nonshared interfaces.
D. Verify the interface status in the user context.
E. Verify the resource classes configuration by accessing the admin context.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 97
On Cisco ASA Software Version 8.3 and later, which two sets of CLI configuration commands result from this Cisco ASDM configuration? (Choose two.)

A. nat (inside) 1 10.1.1.10 global (outside) 1 192.168.1.1
B. nat (outside) 1 192.168.1.1 global (inside 1 10.1.1.10
C. static(inside,outside) 192.168.1.1 10.1.1.10 netmask 255.255.255.255 tcp 0 0 udp 0
D. static(inside,outside) tcp 192.168.1.1 80 10.1.1.10 80
E. object network 192.168.1.1 nat (inside,outside) static 10.1.1.10
F. object network 10.1.1.10 nat (inside,outside) static 192.168.1.1
G. access-list outside_access_in line 1 extended permit tcp any object 10.1.1.10 eq http access-group outside_access_in in interface outside
H. access-list outside_access_in line 1 extended permit tcp any object 192.168.1.1 eq http access-group outside_access_in in interface outside

Correct Answer: FG Section: (none) Explanation
Explanation/Reference:
QUESTION 98
On the Cisco ASA Software Version 8.4.1, which three parameters can be configured using the set connection command within a policy map? (Choose three.)
A. per-client TCP and/or UDP idle timeout
B. per-client TCP and/or UDP maximum session time
C. TCP sequence number randomization
D. maximum number of simultaneous embryonic connections
E. maximum number of simultaneous TCP and/or UDP connections
F. fragments reassembly options

Correct Answer: CDE Section: (none) Explanation
Explanation/Reference:
QUESTION 99
On Cisco ASA Software Version 8.4.1, which four inspections are enabled by default in the global policy? (Choose four.)
A. HTTP
B. ESMTP
C. SKINNY
D. ICMP
E. TFTP
F. SIP

Correct Answer: BCEF Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Which two statements about traffic shaping capability on the Cisco ASA appliance are true? (Choose two.)
A. Traffic shaping can be applied to all outgoing traffic on a physical interface or, in the case of the Cisco ASA 5505 appliance, on a VLAN.
B. Traffic shaping can be applied in the input or output direction.
C. Traffic shaping can cause jitter and delay.
D. You can configure traffic shaping and priority queuing on the same interface.
E. With traffic shaping, when traffic exceeds the maximum rate, the security appliance drops the excess traffic.
Correct Answer: AC Section: (none) Explanation

Explanation/Reference:

Cisco 642-618 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of Cisco 642-618. We provide our customers with the excellent 7×24 hours customer service.We have the most professional Cisco 642-618 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our Cisco 642-618 free pdf