Securing Networks with PIX and ASA
Which of these commands enables the DHCP server on the DMZ interface of the Cisco ASA with
an address pool of 10.0.1.100-10.0.1.108 and a DNS server of 192.168.1.2?
A. dhcpd address 10.0.1.100-10.0.1.108 DMZ
dhcpd dns 192.168.1.2 dhcpd enable DMZ
B. dhcpd range 10.0.1.100-10.0.1.108 DMZ
dhcpd dns server 192.168.1.2 dhcpd DMZ
C. dhcpd address range 10.0.1.100-10.0.1.108
dhcpd dns 192.168.1.2 dhcpd enable
D. dhcpd address range 10.0.1.100-10.0.1.108
dhcpd dns server 192.168.1.2 dhcpd enable DMZ
Refer to the exhibit. Based on this output, which of the following statements is true?
A. The ACLOUT access list has been designed to allow the IP address with the network address
of 192.168.6.0 to have unrestricted access to the web server at IP address 192.168.1.11.
B. The ACLIN access list permits web access from host 192.168.6.10 to all hosts behind the
C. The ICMPDMZ access list denies all ICMP traffic bound for the bastion host except echo
D. The ACLOUT access list has been designed to deny the IP address 192.168.1.11 web access
to the host with a network address of 192.168.6.0.
Which mode of operation must you enter in order to recover the Cisco ASA password?
Which command both verifies that NAT is working properly and displays active NAT
A. show running-configuration nat
B. show nat translation
C. show xlate
D. show ip nat all
The Cisco VPN Client supports which three of these tunneling protocols and methods? (Choose
A. IPsec over TCP
B. IPsec over UDP
Answer: A, B, C
Refer to the exhibit. A network administrator wants to authenticate remote users who a