PassGuide 642-515PassGuide.com-MakeYouSucceedToPass IT ExamsCisco 642-515Securing Networks with ASAAdvancedQ resetsconnections from xyz.com users who attempt to deliver files via FTPB. Resets connections from abc.com and xyz.com users when they attempt to retrieve files viaFTP; logs any user connections that attempt to deliver files via FTPC. Resets and logs connections from abc.com users when they attempt to retrieve files viaFTP; resets all FTP connections from xyz.com users; resets any user connections thatattempt to deliver files via FTPD. Resets and logs connections from abc.com users only when they attempt to retrieve filesvia FTP: resets connections from xyz.com users only when they attempt to deliver files viaFTPAnswer: CQUESTION: 13Which two internal channels are used for communication between the Cisco ASAAIP-SSMand the Cisco ASA security appliance? (Choose two.)A. Session channelB. Command channelC. Inline channelD. Promiscuous channelE. Control channelF.Data channelPassGuide 642-515PassGuide.com-MakeYouSucceedToPass IT ExamsAnswer: E, FQUESTION: 14Refer to the exhibit.An administrator is editing user-specific policy. The administrator hasconfigured a group policy for Sales to use the IP address pool that is defined by the poolVPNPOOL and to allow as many as three simultaneous logins. Based on the exhibit, when thisuser connects, what will be the IP address assigned to the connection and what will be thenumber of simultaneous logins allowed for this user? (Choose two.)A. The user will receive an IP address from the VPNPOOL.B. The user will be allowed to make only one connection.C. The user will be allowed to make connections up to the limit that is defined in the defaultgroup policy.D. The user will be assigned the IP address from the user-specific policy.E. The user will be allowed to make as many as three simultaneous connections.F.The user will receive an IP address from the address pool that is definedinthe default grouppolicy.Answer: B, DQUESTION: 15Which three Cisco Modular Policy Framework features are bidirectional? (Choose three.)A.AIP policyB. QoS input policingC. CSC policyD. QoS priority queueE.Application inspectionPassGuide 642-515PassGuide.com-MakeYouSucceedToPass IT ExamsF.QoS output policingAnswer: A, C, EQUESTION: 16Youhave been tasked to configure your Cisco ASA security appliance for multiple VLANs thatuse one physical interface.Youmust make sure that the switchinwhich the physical CiscoASA security appliance interface is connected has been configured for the appropriate VLANtagging protocol. Which VLAN tagging protocol will the Cisco ASA security appliance use tocommunicate with this switch?A. IEEE 802.1XB. IEEE 802.1QC. IEEE 802.1AED. ISLE. IEEE 802.3Answer: BQUESTION: 17Refer to the exhibit. If a host on the inside network attempted an HTTP connection to a host atIP address 172.26.10.100, which address pool would the Cisco ASA security appliance use forthe NAT?A. 192.168.8.101 - 192.168.8.105B. 192.168.8.106 - 192.168.8.110C. 192.168.8.20 - 192.168.8.110D. 192.168.8.20 - 192.168.8.100Answer: DQUESTION: 18Youare the administrator for Cisco ASA security appliances that are used for site-to-site VPNsbetween remote and corporate offices.Youhave used the Service Policy Rule Wizard withinASDM to configure low-latency queuing for unified communications on all the appropriateASAs. Users are still having issues with unified communications between the remote andcorporate offices.Assuming that the Cisco Unified Communications equipment is functioningproperly and that the VPN configurations are correct, which of these choices is most likely thePassGuide 642-515PassGuide.com-MakeYouSucceedToPass IT Examscause of the problems?A.Apriority queue must be created on the interface where the site-to-site VPN tunnel isterminated.B. The DSCP, expedite forward, ef (46), was used to determine unified communications trafficwithin the Service Policy Rule Wizard.C. The tunnel group and DSCP traffic matching criteria were configured within the ServicePolicy Rule Wizard.D. Both a policing and priority queue must be applied on the interface to expedite the voiceand control data flows.Answer: AQUESTION: 19What are the three main components of Cisco Modular Policy Framework? (Choose three.)A. Security policyB. Policy mapC. Security mapD. Route mapE. Class mapF.Interface mapG.Traffic policyH. Service policyAnswer: B, E, HQUESTION: 20When configuring port forwarding for a clientless SSL VPN connection, which end userprivilege level is required at the endpoint if port forwarding is to work?A. Guest levelB.Administrator levelC. System levelD. User levelAnswer: BQUESTION: 21Youare configuring bookmarks for the clientless SSL VPN portal on your Cisco ASA securityappliance. Which four of these choices are supported bookmark types? (Choose four.)A. RDPB. HTTPC. SSHD. HTTPSE. TelnetF.FTPPassGuide 642-515PassGuide.com-MakeYouSucceedToPass IT ExamsG. CIFSAnswer: B, D,F,GQUESTION: 22Refer to the exhibit.Youhave been