Info For 500-258 Exam 100% Pass: PassLeader provides you with the newest 500-258 65q exam questions updated in recent days to prepare your 500-258 certification exams. Our best 500-258 65q exam dumps will offer you the newest questions and answers with premium VCE and PDF format to download. And PassLeader also offer you the latest free version VCE Player!
Vendor: Cisco
Exam Code: 500-258
Exam Name: Cisco ASA Express Security
QUESTION 1
Refer to the exhibit. After a remote user established a Cisco AnyConnect session from a wireless card through the Cisco ASA appliance of a partner to a remote server, the user opened the Cisco AnyConnect VPN Client Statistics Details screen.
What are the two sources of the IP addresses that are marked A and B? (Choose two.)
A. IP address that is assigned to the wireless Ethernet adapter of the remote user
B. IP address that is assigned to the remote user from the Cisco ASA address pool
C. IP address of the Cisco ASA physical interface of the partner
D. IP address of the Cisco ASA virtual HTTP server of the partner
E. IP address of the default gateway router of the remote user
F. IP address of the default gateway router of the partner
Answer: BC
QUESTION 2
Refer to the exhibit. A NOC engineer needs to tune some postlogin parameters on an SSL VPN tunnel. From the information shown, where should the engineer navigate to, in order to find all the postlogin session parameters?
A. “engineering” Group Policy
B. “contractor” Connection Profile
C. DefaultWEBVPNGroup Group Policy
D. DefaultRAGroup Group Policy
E. “engineer1” AAA/Local Users
Answer: A
QUESTION 3
Refer to the exhibit. When the user “contractor” Cisco AnyConnect tunnel is established, what type of Cisco ASA user restrictions are applied to the tunnel?
A. full restrictions (no Cisco ASDM, no CLI, no console access)
B. full restrictions (no read, no write, no execute permissions)
C. full restrictions (CLI show commands and Cisco ASDM monitoring permissions only)
D. full access with no restrictions
Answer: D
QUESTION 4
You are configuring bookmarks for the clientless SSL VPN portal without the use of plug- ins. Which three bookmark types are supported? (Choose three.)
A. RDP
B. HTTP
C. FTP
D. CIFS
E. SSH
F. Telnet
Answer: BCD
QUESTION 5
When preconfiguring a Cisco AnyConnect profile for the user group, which file is output by the Cisco AnyConnect profile editor?
A. user.ini
B. user.html
C. user.pcf
D. user.xml
Answer: D
QUESTION 6
Datagram Transport Layer Security (DTLS) was introduced to solve performance issues. Choose three characteristics of DTLS. (Choose three.)
A. It uses TLS to negotiate and establish DTLS connections.
B. It uses DTLS to transmit datagrams.
C. It is disabled by default.
D. It uses TLS for data packet retransmission.
E. It replaces underlying transport layer with UDP 443.
F. It uses TLS to provide low-latency video application tunneling.
Answer: ABE
QUESTION 7
Which three options are characteristics of WebType ACLs? (Choose three.)
A. They are assigned per-connection profile.
B. They are assigned per-user or per-group policy.
C. They can be defined in the Cisco AnyConnect Profile Editor.
D. They support URL pattern matching.
E. They support implicit deny all at the end of the ACL.
F. They support standard and extended WebType ACLs.
Answer: BDE