CCNP Security 642-618 Practice Exam (76-80)

QUESTION NO: 76
Which statement about SNMP support on the Cisco ASA appliance is true?
A. The Cisco ASA appliance supports only SNMPv1 or SNMPv2c.
B. The Cisco ASA appliance supports read-only and read-write access.
C. The Cisco ASA appliance supports three built-in SNMPv3 groups in Cisco ASDM: Authentication and Encryption, Authentication Only, and No Authentication, No Encryption.
D. The Cisco ASA appliance can send SNMP traps to the network management station only using SNMPv2.
Answer: C

QUESTION NO: 77
On Cisco ASA Software Version 8.4.1, which four inspections are enabled by default in the global policy? (Choose four.)
A. HTTP
B. ESMTP
C. SKINNY
D. ICMP
E. TFTP
F. SIP
Answer: B,C,E,F

QUESTION NO: 78
Which two statements about traffic shaping capability on the Cisco ASA appliance are true? (Choose two.)
A. Traffic shaping can be applied to all outgoing traffic on a physical interface or, in the case of the Cisco ASA 5505 appliance, on a VLAN.
B. Traffic shaping can be applied in the input or output direction.
C. Traffic shaping can cause jitter and delay.
D. You can configure traffic shaping and priority queuing on the same interface.
E. With traffic shaping, when traffic exceeds the maximum rate, the security appliance drops the excess traffic.
Answer: A,C

QUESTION NO: 79
Which command option/keyword in Cisco ASA 8.3 NAT configurations makes the NAT policy interface independent?
A. interface
B. all
C. auto
D. global
E. any
Answer: E

QUESTION NO: 80
Which statement about access list operations on Cisco ASA Software Version 8.3 and later is true?
A. If the global and interface access lists are both configured, the global access list is matched first before the interface access lists.
B. Interface and global access lists can be applied in the input or output direction.
C. In the inbound access list on the outside interface that permits traffic to the inside interface, the destination IP address referenced is always the “mapped-ip” (translated) IP address of the inside host.
D. When adding an access list entry in the global access list using the Cisco ASDM Add Access Rule window, choosing “any” for Interface applies the access list entry globally.
Answer: D

Lead2Pass CCNP Security 642-618 exam questions which contain almost 100% correct answers are tested and approved by senior Cisco lecturers and experts. They have been devoting themselves to providing candidates with the best study materials to make sure what they get are valuable. 642-618 practice tests are written to the highest standards of technical accuracy which can make you succeed in the exam.