Free VCE & PDF File for Cisco 156-510 Real Exam
Exam A
QUESTION 1
You can tell if CPMAD is enabled because you see the message “FireWall-1: Starting cpmad (Malicious Activity Detection)” whenyou perform a fwstart. True of false?
A. False
B. True
Correct Answer: A QUESTION 2
When installing FW-1 on a Windows NT platform, what state should IP forwarding be in for correct FW-1 operation?
A. Enabled
B. Disabled
Correct Answer: A QUESTION 3
What is true about detecting “blocked connection port scanning”?
A. It requires less memory than general port scanning
B. It is less secure than general port scanning
C. It is more secure than general port scanning
D. It requires more memory than general port scanning
Correct Answer: AB QUESTION 4
In a load sharing MEP environment accessed by secuRemote.What is true about gateway selection?
A. SecuRemote will choose the gateway closest to the server
B. SecuRemote will use the first gateway to respond
C. SecuRemote will chose the gateway randomly
D. SecuRemote will prefer its primary gateway if both respond
Correct Answer: C QUESTION 5
Which two types of overlapping encryption domains are supported by FW-1?
A. Partial overlap
B. Full overlap
C. Proper subset
D. Partial subset
Correct Answer: BC QUESTION 6
What does LDAP stand for?
A. Link level Direct Access Process
B. Layered Directory Administration Protocol
C. Layer Dependent Administration process
D. Lightweight Directory Access Protocol
Correct Answer: D QUESTION 7
By default a Windows NT platform enables both TCP/IP and IPX. What does FW-1 do with any IPX traffic?
A. Logs it, then drops it
B. Allows it through without being inspected
C. Drops all traffic regardless
D. Inspects the traffic and decide whether to allow it through
Correct Answer: B QUESTION 8
When using IP pools for MEP VPN access, where would you specify the pool to be used for a particular gateway?
A. The NAT screen of the gateway’s properties configuration
B. The ADVANCED screen of the gateway’s properties configuration
C. The VPN screen of the gateway’s properties screen
D. The TOPOLOGY screen of the gateway’s properties configuration
Correct Answer: A QUESTION 9
What is the maximum limit to the number of secondary management modules allowed?
A. No limit
B. 4
C. 2
D. 1
E. 8
Correct Answer: A QUESTION 10
What is a land attack?
A. It causes incomplete TCP connections
B. It involves gaining access by imitating an authorized IP address
C. It involves scanning for ports on an IP address that will allow access
D. It causes a server to send packets to itself
Correct Answer: D QUESTION 11
If CPMAD terminates, how can you restart it?
A. By using the GUI log client
B. It automatically starts itself
C. By using fw cpmadstart
D. By using fwstop/fwstart
Correct Answer: D
Free VCE & PDF File for Cisco 156-510 Real Exam