Module 21 Flashcards
What are examples of the ASA command line interface being similar to the router IOS?
-Command prompts are similar
-Supports abbreviation of commands and keywords
-Use of the Tab key to complete a partial command
-Use of the help key (?) after a command to view more syntax
The ASA 5506-X with FIREPOWER Services ships with a default config that is sometimes sufficient for?
Basic SOHO deployment
What are different ways config changes can be made with ASAs?
-Manually using CLI
-Interactively using CLI Setup Initialization wizard
-Using the Adaptive Security Device Manager (ASDM) setup wizard
How can an ASA be restored to its factory default global config mode command?
By using the configure factory-default global config mode command
What is the privileged EXEC password automatically configured with?
MD5
What must happen in order for a stronger encryption using AES to be enabled?
A primary passphrase must e configured and AES encryption must be enabled
What command is used to change the primary passphrase?
key config-key password-encryption
What is the G1/1 interface frequently configured as on the ASA?
The outside interface to the ISP
What are the basic configurations of interfaces on the ASA?
IP addressing, naming, and setting the security level
What is a BVI (bridged virtual interfaces)?
Interfaces grouped together
What can you do with a BVI?
You can configure it with a single name and IP address
Do you still need to configure other settings on individual interfaces in a BVI?
Yes
What are ways interfaces can be configured with addresses?
Manually, by DHCP, or over PPPoE
What happens when an interface is configured with DHCP on an ASA?
A default route from an upstream device can automatically be configured
When must a default route be manually configured on an ASA?
If DHCP is not configured
What connections can ASA be configured to accept for remote management on an ASA?
Connections over Telnet or SSH
What are objects?
reusable components for use in configuration
How are objects used?
They make it easy to maintain configurations in the place of inline IP addresses, services, names, and so on
How do objects make it easy to maintain configurations?
It can be modified in one place and the change will be reflected in all other places that are referencing it
What are the two types of objects?
Network objects and service objects
What do network objects include?
-Host addresses
-Subnets
-Ranges of addresses
-FQDNs (fully qualified domain name)
What do service objects refer to?
Different network services and protocols
What are object groups?
Collection of objects that are related
Where can network objects groups be used?
In configurations including ACLs and NAT
