QUESTION 101 How would you say PIX is acting like when the PIX firewall is not configured with a static/conduit to permit explicit access from the outside to the inside and data sent to inside addresses result in the firewall dropping the packets sent to it?
A. A black hole router
B. A brouter
C. A bridge
D. A router
E. None of the above Answer: E
QUESTION 102 The addresses on the inside of a packet-filtering router are configured from the network 10.0.0.0/8. Which of the following access-list entries on the outside gateway router would prevent spoof attacks to this network?
A. access-list 101 deny ip 10.0.0.0 0.0.0.255 0.0.0.0 255.255.255.255
B. access-list 101 deny ip 10.0.0.0 255.0.0.0 0.0.0.0 0.0.0.0
C. access-list 101 deny ip any 10.0.0.0 255.255.255
D. access-list 1 deny 10.0.0.0
E. access-list 101 deny ip 10.0.0.0 0.255.255.255 any Answer: C
QUESTION 103 Exhibit: Host A and B are communicating by a ping use of TCP. A packet is sent from A to B, B replies back to A, and A acknowledges B's reply. Selected information from this dialogue is shown. Based on the information provided what will be the correct values for the final acknowledgment from A:
A. Ack=38689 Seq=91734
B. Ack=38689 Seq=91732
C. Ack=38700 Seq=91633 D. Ack=38690 Seq=91733 Answer: B
QUESTION 104 Exhibit: The Network Administrator at Cisco Highway decides to take a detailed look at the traffic going through the router. Which of the following represents the proper steps that should be taken to ensure that debugging does not overwhelm the router, while still allowing the administrator to see if the user's traffic reached the router?
A. config t int ethernet9 no ip route-cache access-list 1 permit ip 10.1.1.0 255.255.255.0
B. config t int ethernet1 no ip route-cache access-list 1 permit 10.1.1.0 0.0.0.255 end debig ip packet detail 1
C. config t int ethernet0 no ip route-cache access-list 1 permit ip 10.1.1.0 0.0.0.255 end debug ip packet detail 1
D. config t int ethernet1 no ip route-cache end debug ip packet detail 10.1.1.0 0.0.0.0.255 any
E. config t int ethernet1 no ip route-cache access-list 1 permit 10.1.1.0 255.255.255.0 end debug ip packet detail 1 Answer: B
QUESTION 105 The newly appointed Cisco Highway trainee technician wants to know what an Inter Switch Link (ISL) is. What will your reply be?
A. An ISL is a protocol to interconnect switches across ATM only.
B. An ISL is a Cisco proprietary protocol for interconnecting multiple switches.
C. An ISL is a protocol to interconnect switches across FDDI only.
D. An ISL is an IEEE protocol to interconnect multiple switches.
E. An ISL is an IEEE protocol to interconnect multiple switches across Fast Ethernet. Answer: B
QUESTION 106 Which of the following commands will permit a PIX Firewall to be configured for a dual NAT environment?
A. nat [(ifname)] 0 access-list
B. sysopt permit dnat
C. alias
D. bidirectional nat
E. pat [(ifname)] 0 access-list Answer: C
QUESTION 107 Exhibit: What will happen when a user attempts to telnet from network 1.1.1.X to network 3.3.3.X when taking the IPSec example and IPSec with IKE as shown, into account?
A. The telnet will succeed with decrypted traffic only.
B. The telnet will succeed and the traffic will be directionally encrypted.
C. The telnet will fail due to asymmetric access lists.
D. The telnet will fail because access-list 101 should have been applied to router A's interface 1.1.1.2. Answer: B
QUESTION 108 Which of the following SMTP command has the ability to identify the SMTP client to the SMTP server?
A. IDENT
B. SEND
