QUESTION NO: 46
Which statement about the Cisco ASA botnet traffic filter is true?
A. The four threat levels are low, moderate, high, and very high.
B. By default, the dynamic-filter drop blacklist interface outside command drops traffic with a threat level of high or very high.
C. Static blacklist entries always have a very high threat level.
D. A static or dynamic blacklist entry always takes precedence over the static whitelist entry.
Answer: C
Tag: 642-618 Exam
CCNP Security 642-618 Practice Exam (11-15)
QUESTION NO: 11
On Cisco ASA Software Version 8.4.1 and later, when you configure the Cisco ASA appliance in transparent firewall mode, how is the Cisco ASA management IP address configured?
A. using the IP address global configuration command
B. using the IP address GigabitEthernet 0/x interface configuration command
C. using the IP address BVI x interface configuration command
D. using the bridge-group global configuration command
E. using the bridge-group GigabitEthernet 0/x interface configuration command
F. using the bridge-group BVI x interface configuration command
Answer: C
CCNP Security (FIREWALL) Written Exam v2.0 Now Available
CCNP Security (FIREWALL) Written Exam v1.0 642-617 (Last day to test May 28, 2012), Candidates that have scheduled the written exam on June 1, 2012 or later should prepare using the 642-618 FIREWALL Exam Topics v2.0.
642-618 FIREWALL Exam Topics v2.0
Exam Description
The 642-618 Deploying Cisco ASA Firewall Solutions (FIREWALL v2.0) exam is associated with the CCNP Security and Cisco Firewall Specialist certifications. This exam tests a candidate’s knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA Firewall Solutions course.