You have been asked to use ASDM to change the global application inspection settings on an ASA at the edge
of your network.
Which of the following panes in the firewall configuration navigation tree can you use to achieve this task?
(Select the best answer.)
A.
Access Rules
B.
Service Policy Rules
C.
Filter Rules
D.
Advanced
Explanation:
You can use the Service Policy Rules pane in the firewall configuration navigation tree of Cisco Adaptive
Security Device Manager (ASDM) to change the global application inspection settings on a Cisco Adaptive
Security Appliance (ASA) at the edge of your network. Application inspection is one of the actions that can be
applied to traffic with a policy map. Services that embed IP addresses in the packet or that utilize dynamically
assigned ports for secondary channels require deep packet inspection, which is provided by Application layer
protocol inspection. Some traffic, such as Internet Control Message Protocol (ICMP) traffic, might be dropped if
inspection for that protocol is not enabled. You can use ASDM to make changes to the global policy by
navigating to the Service Policy Rules pane, highlighting the inspection policy, and clicking Edit, as shown in the
following exhibit:
From the Edit Service Policy Rule dialog box, click the Rule Actions tab, where you will find the protocol
inspection configurations for the global policy. For example, you could select the check box next to the ICMP
field in the following exhibit to enable the ASA to inspect ICMP traffic so that ICMP replies from valid ICMP
requests are not inadvertently dropped:
The Access Rules pane in ASDM cannot be used to change the global application inspection settings on an
ASA at the edge of your network. The Access Rules pane is used to configure security policies related to
controlling access to your network. All inbound traffic must pass through the firewall? by default, no traffic can
pass unless an access rule is configured to permit it. The Access Rules pane is shown in the following exhibit:
The Filter Rules pane in ASDM cannot be used to change the global application inspection settings on anASA at the edge of your network. The Filter Rules pane is used to configure Uniform Resource Locator (URL)
filtering, which prevents inappropriate Internet usage on a secure network. Typically, URL filtering is not
handled directly by the ASA but by some other server that must be enabled via the URL Filtering Servers pane
before you can add filter rules. When a user makes a request for content from an outside address, the ASA
sends a message to the filtering serverĶ¾ if the response from the filtering server indicates that there is no filter
prohibiting access to that URL, the ASA will allow the requested content. The Filter Rules pane is shown in the
following exhibit:
The Advanced pane in ASDM cannot be used to change the global application inspection settings on an ASA at
the edge of your network. From the Advanced pane, you are able to configure several advanced firewall
protection features, such as encrypted traffic inspection, IP audit, and fragment size. The Advanced pane is
shown in the following exhibit:
Cisco: Configuring Application Layer Protocol Inspection: Configuring Application Inspection
More:
QUESTION
Which three statements are characteristics of DHCP Spoofing? (Choose three.)
A. Arp Poisoning
B. Modify Traffic in transit
C. Used to perform man-in-the-middle attack
D. Physically modify the network gateway
E. Protect the identity of the attacker by masking the DHCP address
F. Can access most network devices
Answer: BCD
Explanation:
In DHCP spoofing attacks, the attacker takes over the DHCP server role and can serve IP addresses and his IP address as default gateway. By doing that he performs a man-in-the-middle attack, and because all the traffic passes through his computer he can modify traffic in transit and he physically changed the default gateway.
QUESTION
In which two situations should you use in-band management? (Choose two)
A. when a network device fails to forward packets
B. when management applications need concurrent access to the device
C. when you require ROMMON access
D. when you require administrator’s access from multiple locations
E. when the control plane fails to respond
Answer: BD
QUESTION
Which three statements describe DHCP spoofing attacks? (Choose three.)
A. They can modify traffic in transit.
B. They are used to perform man-in-the-middle attacks.
C. They use ARP poisoning.
D. They can access most network devices.
E. They protect the identity of the attacker by masking the DHCP address.
F. They are can physically modify the network gateway.
Answer: ABF
QUESTION
What security feature allows a private IP address to access the Internet by translating it to a public address?
A. NAT
B. hairpinning
C. Trusted Network Detection
D. Certification Authority
Answer: A
QUESTION
Which Sourcefire event action should you choose if you want to block only malicious traffic
from a particular end user?
A. Allow with inspection
B. Allow without inspection
C. Block
D. Trust
E. Monitor
Answer: A
QUESTION
Which NAT type allows only objects or groups to reference an IP address?
A. dynamic NAT
B. dynamic PAT
C. static NAT
D. identity NAT
Answer: B
QUESTION
Which feature allows a dynamic PAT pool to select the next address in the PAT pool instead of the next port of an existing address?
A. next IP
B. round robin
C. dynamic rotation
D. NAT address rotation
Answer: B
Get these new questions from: https://www.braindump2go.com/210-260.html