CCSP 642-515 SNAA Real Exam Questions

The Securing Networks with ASA Advanced exam is one of the exams associated with the CCSP, CCNP Security and Cisco ASA Specialist certifications. Candidates can prepare for this exam by taking the SNAA course. This exam includes simulations and tests a candidate’s knowledge and ability to describe, configure, verify and manage the Cisco ASA Security Appliance product.

1: Which two of these choices are types of queues available on the Cisco ASA security appliance when implementing QoS? (Choose two.)
A.weighted fair queue
B.last in first out queue
C.policing queue
D.low latency queue
E.custom queue effort queue
G.round robin queue
Correct Answers: D F

2: Which two internal channels are used for communication between the Cisco ASA AIP-SSM and the Cisco ASA security appliance? (Choose two.)
A.session channel
B.command channel
C.inline channel
D.promiscuous channel
E.control channel channel
Correct Answers: E F

3: Which three Cisco Modular Policy Framework features are bidirectional? (Choose three.)
A.AIP policy
B.QoS input policing
C.CSC policy
D.QoS priority queue
E.application inspection
F.QoS output policing
Correct Answers: A C E

4: You have been tasked to configure your Cisco ASA security appliance for multiple VLANs that use one physical interface. You must make sure that the switch in which the physical Cisco ASA security appliance interface is connected has been configured for the appropriate VLAN tagging protocol. Which VLAN tagging protocol will the Cisco ASA security appliance use to communicate with this switch?
A.IEEE 802.1X
B.IEEE 802.1Q
C.IEEE 802.1AE
E.IEEE 802.3
Correct Answers: B

5: What are the three main components of Cisco Modular Policy Framework? (Choose three.) policy
B.policy map map
D.route map
E.class map
F.interface map
G.traffic policy
H.service policy
Correct Answers: B E H

6: When configuring port forwarding for a clientless SSL VPN connection, which end user privilege level is required at the endpoint if port forwarding is to work?
A.guest level
B.administrator level
C.system level
D.user level
Correct Answers: B

7: You are configuring bookmarks for the clientless SSL VPN portal on your Cisco ASA security appliance. Which four of these choices are supported bookmark types? (Choose four.)
Correct Answers: B D F G

8: You are the administrator of a Cisco ASA security appliance. Your management has asked you to configure the Cisco ASA security appliance, using Modular Policy Framework to block executables with the .exe file extension from being downloaded. Which regular expression must you create to match the .exe file extension?
Correct Answers: C

9: Which of these commands causes the Cisco CSC-SSM to load a new software image from a remote TFTP server, via the CLI?
A.hw module 1 recover boot
B.hw module 1 recover config
C.hw module 1 recover reload
D.copy tftp hardware:module1
Correct Answers: A

10: Which three types of encapsulation does the Cisco ASA security appliance support for IPsec NAT transparency? (Choose three.)
A.L2TP over IPsec
B.IPsec over GRE
C.IPsec over TCP
D.IPsec over UDP
E.IPsec over PPTP
Correct Answers: C D F

Download  |  Password: