Q51. Which action is needed to set up SSH on the Cisco ASA firewall? 

A. Create an ACL to aloew the SSH traffic to the Cisco ASA. 

B. Configure DHCP for the client that will connect via SSH. 

C. Generate a crypto key 

D. Specify the SSH version level as either 1 or 2. 

E. Enable the HTTP server to allow authentication. 


Q52. Which set of commands enables logging and displays the log buffer on a Cisco ASA? 

A. enable logging 

show logging 

B. logging enable 

show logging 

C. enable logging int e0/1 

view logging 

D. logging enable 

logging view config 


Q53. What is the default violation mode that is applied by port security? 

A. restrict 

B. protect 

C. shutdown 

D. shutdown VLAN 


Q54. When access rule properties are configured within ASDM, which traffic direction type is required by global and management access rule? 

A. Any 

B. Both in and out 

C. In 

D. Out 


Q55. In your role as network security administrator, you have installed syslog server software on a server whose IP address is According to the exhibits, why isn’t the syslog server receiving any syslog messages? 

A. Logging is not enabled globally on the Cisco ASA. 

B. The syslog server has failed. 

C. There have not been any events with a severity level of seven. 

D. The Cisco ASA is not configured to log messages to the syslog server at that IP address. 


Explanation: By process of elimination, we know that the other answers choices are not correct so that only leaves us with the server must have failed. We can see from the following screen shots, that events are being generated with severity level of debugging and below, The IP address has been configured as a syslog server, and that logging has been enabled globally: 

\psfHome.TrashScreen Shot 2015-06-11 at 8.38.59 PM.png 

Q56. What is the default behavior of an access list on a Cisco ASA? 

A. It will permit or deny traffic based on the access list criteria. 

B. It will permit or deny all traffic on a specified interface. 

C. It will have no affect until applied to an interface, tunnel-group or other traffic flow. 

D. It will allow all traffic. 


Q57. What are three of the RBAC views within Cisco IOS Software? (Choose three.) 

A. Admin 


C. Root 

D. Super Admin 

E. Guest 

F. Super 

Answer: B,C,F 

Q58. Prior to a software upgrade, which Cisco Prime Infrastructure feature determines if 

the devices being upgraded have sufficient RAM to support te new software ? 

A. Software Upgrade Report 

B. Image Management Report 

C. Upgrade Analysis Report 

D. Image Analysis Report 


Q59. Which log level provides the most detail on the Cisco Web Security Appliance? 

A. Debug 

B. Critical 

C. Trace 

D. Informational 


Q60. Which Cisco switch technology prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast flood on a port? 

A. port security 

B. storm control 

C. dynamic ARP inspection 

D. BPDU guard 

E. root guard 

F. dot1x