Module 21: ASA Firewall Configuration

Question 1

What is a security level?

Answer 1

Used to differentiate the outside interface from the inside

Question 2

What do security levels range from?

Answer 2

0-100

Question 3

What is the least secure security level?

Answer 3

0

Question 4

Does outbound traffic have a implicit deny or permit?

Answer 4

PERMIT

Question 5

Traffic crossed interfaces of the same level has a implicit deny or permit?

Answer 5

PERMIT

Question 6

Inbound traffic is … by default?

Answer 6

DENY

Question 7

any exception to inbound traffic requires a ???

Answer 7

ACL

Question 8

What security level does a DMZ typically have?

Answer 8

level 50

Question 9

What interface is used by convention for the OUTSIDE interface on a ASA

Answer 9

Gi 1/1

Question 10

What interface is used by convention for the INSIDE or DMZ interfaces on a ASA

Answer 10

Gi 1/2-Gi 1/8

Question 11

What is a object group in a ASA?

Answer 11

lets you “group” objects, this could be a collection of IP addresses, networks, port numbers, etc.

Question 12

How many types of object groups are there

Answer 12

5 types of object groups

Question 13

Are ASA acl’s named? or numbered?

Answer 13

Always named

Question 14

What do security levels apply even without ACL’s

Answer 14

they apply access control because of interface security levels

Question 15

How many types of ACL’s do ASA’s support

Answer 15

5 Types of ACLs