Adobe certification Adobe
Apple certification Apple
Avaya certification Avaya
BlackBerry certification BlackBerry
CA Technologies certification CA Technologies
Check Point certification Check Point
Cisco certification Cisco
Citrix certification Citrix
CIW certification CIW
CompTIA certification CompTIA
CWNP certification CWNP
EC-Council certification EC-Council
EMC certification EMC
Exin certification Exin
FileMaker certification FileMaker
Fortinet certification Fortinet
GIAC certification GIAC
GIAC certification Google
HP certification HP
HRCI certification HRCI
IBM certification IBM
Isaca certification Isaca
ISC certification ISC
ISEB certification ISEB
iSQI certification iSQI
Juniper certification Juniper
LPI certification LPI
McAfee certification McAfee
NetApp certification NetApp
Oracle certification Oracle
Pegasystems certification Pegasystems
PMI certification PMI
Riverbed certification Riverbed
SAP certification SAP
SAS certification SAS Institute
SOA certification SOA
Symantec certification Symantec
Teradata certification Teradata
VMware certification VMware
All Exams

Cisco 642-515 Exam -

Free 642-515 Sample Questions:

1. Which three features can the Cisco ASA adaptive security appliance support? (Choose three.)
A. BGP dynamic routing
B. 802.1Q VLANs
C. OSPF dynamic routing
D. static routes
Answer: B, C, D

2. Tom works as a network administrator for the CISCO company. The primary adaptive security appliance in an active/standby failover configuration failed, so the secondary adaptive security appliance was automatically activated. Tom then fixed the problem. Now he would like to restore the primary to active status. Which one of the following commands can reactivate the primary adaptive security appliance and restore it to active status while issued on the primary adaptive security appliance?
A. failover reset
B. failover primary active
C. failover active
D. failover exec standby
Answer: C

3. Which two statements are true about multiple context mode? (Choose two.)
A. Multiple context mode does not support IPS, IPsec, and SSL VPNs, or dynamic routing protocols.
B. Multiple context mode enables you to create multiple independent virtual firewalls with their own security policies and interfaces.
C. Multiple context mode enables you to add to the security appliance a hardware module that supports up to four independent virtual firewalls.
D. When you convert from single mode to multiple mode, the security appliance automatically adds an entry for the admin context to the system configuration with the name "admin."
Answer: B, D

4. Which three statements correctly describe protocol inspection on the Cisco ASA adaptive security appliance? (Choose three.)
A. For the security appliance to inspect packets for signs of malicious application misuse, you must enable advanced (application layer) protocol inspection.
B. If you want to enable inspection globally for a protocol that is not inspected by default or if you want to globally disable inspection for a protocol, you can edit the default global policy.
C. The protocol inspection feature of the security appliance securely opens and closes negotiated ports and IP addresses for legitimate client­server connections through the security appliance.
D. If inspection for a protocol is not enabled, traffic for that protocol may be blocked.
Answer: B, C, D

5. Which one of the following commands can provide detailed information about the crypto map configurations of a Cisco ASA adaptive security appliance?
A. show ipsec sa
B. show crypto map
C. show run ipsec sa
D. show run crypto map
Answer: D

6. Multimedia applications transmit requests on TCP, get responses on UDP or TCP, use dynamic ports, and use the same port for source and destination, so they can pose challenges to a firewall. Which three items are true about how the Cisco ASA adaptive security appliance handles multimedia applications? (Choose three.)
A. It dynamically opens and closes UDP ports for secure multimedia connections, so you do not need to open a large range of ports.
B. It supports SIP with NAT but not with PAT.
C. It supports multimedia with or without NAT.
D. It supports RTSP, H.323, Skinny, and CTIQBE.
Answer: A, C, D

7. Which two options are correct about the impacts of this configuration? (Choose two.)
match access­list TOINSIDEHOST
class­map OUTBOUND_HTTP_TRAFFIC match access­list TOOUTSIDEHOST policy­map MYPOLICY
inspect http
set connection conn­max 100
inspect http
service­policy MYOTHERPOLICY interface inside service­policy MYPOLICY interface outside
A. Traffic that matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum connection limits.
B. Traffic that enters the security appliance through the inside interface is subject to HTTP inspection.
C. Traffic that enters the security appliance through the outside interface and matches access control list TOINSIDEHOST is subject to HTTP inspection and maximum connection limits.
D. Traffic that enters the security appliance through the inside interface and matches access control list TOOUTSIDEHOST is subject to HTTP inspection.
Answer: C, D

8. What is the reason that you want to configure VLANs on a security appliance interface?
A. for use in conjunction with device­level failover to increase the reliability of your security appliance
B. for use in transparent firewall mode, where only VLAN interfaces are used
C. to increase the number of interfaces available to the network without adding additional physical interfaces or security appliances
D. for use in multiple context mode, where you can map only VLAN interfaces to contexts
Answer: C