Configuring Basic Firewall Policies on Cisco ASA

Question 1

Name three features the Cisco ASA provides?

Answer 1

Simple packet filtering using standard or extended access lists, Layer 2 transparent implementation,
Support for remote-access SSL VPN connections

Question 2

Which Cisco ASA models are designed for small and branch offices?

Answer 2

5505, 5512-x

Question 3

When used in an access policy, which component could identify multiple servers?

Answer 3

Object groups

Question 4

What is an accurate description of the word inbound as it relates to an ASA?

Answer 4

Traffic from a device that is located on a low-security interface, Traffic that is exiting any interface

Question 5

When is traffic allowed to be routed and forwarded if the source of the traffic is from a device located off of a low-security interface if the destination device is located off of a high-security interface?

Answer 5

This traffic is allowed if the initial traffic was inspected and this traffic is the return traffic, If there is an access list that is permitting this traffic

Question 6

What tools could be used to configure or manage an ASA?

Answer 6

CSM, ASDM, CLI

Question 7

Name an element, which is part of the Modular Policy Framework on the ASA, are used to classify traffic?

Answer 7

Class maps

Question 8

When you configure the ASA as a DHCP server for a small office, what default gateway will be assigned for the DHCP clients to use?

Answer 8

The ASAs inside IP address

Question 9

When you configure network address translation for a small office, devices on the Internet will see the ASA inside users as coming from which IP address?

Answer 9

The outside address of the ASA

Question 10

You’re interested in verifying whether the security policy you implemented is having the desired effect. How can you verify this policy without involving end users or their computers?

Answer 10

Use the Packet Tracer tool