QUESTION NO: 51
On Cisco ASA Software Version 8.4.1 and later, which three EtherChannel modes are supported? (Choose three.)
A. active mode, which initiates LACP negotiation
B. passive mode, which responds to LACP negotiation from the peer
C. auto mode, which automatically responds to either PAgP or LACP negotiation from the peer
D. on mode, which enables static port-channel mode
E. off mode, which disables dynamic negotiation
Answer: A,B,D
Tag: Pass4sure 642-618
CCNP Security 642-618 Practice Exam (46-50)
QUESTION NO: 46
Which statement about the Cisco ASA botnet traffic filter is true?
A. The four threat levels are low, moderate, high, and very high.
B. By default, the dynamic-filter drop blacklist interface outside command drops traffic with a threat level of high or very high.
C. Static blacklist entries always have a very high threat level.
D. A static or dynamic blacklist entry always takes precedence over the static whitelist entry.
Answer: C
CCNP Security 642-618 Practice Exam (36-40)
QUESTION NO: 36
By default, how does a Cisco ASA appliance process IP fragments?
A. Each fragment passes through the Cisco ASA appliance without any inspections.
B. Each fragment is blocked by the Cisco ASA appliance.
C. The Cisco ASA appliance verifies each fragment and performs virtual IP re-assembly before the full IP packet is forwarded out.
D. The Cisco ASA appliance forwards the packet out as soon as all of the fragments of the packet have been received.
Answer: C