642-825 Implementing Secure Converged Wide Area Networks Exam Review


Cisco ™

642-825 Implementing Secure Converged Wide Area Networks



Note 1: 642-825 Exhibit and all related diagrams are not shown in demo questions.
Note 2: 642-825 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.

Demo Question 20.


The Basic Firewall wizard has been used to configure a router as shown in the diagram below: Based on the information above, what is the purpose of the highlighted access list statement?

A. to establish a DMZ by preventing traffic from interface VLAN10 being sent out interface Fa0/0
B. to prevent spoofing by blocking traffic entering interface Fa0/0 with a source address in the same subnet as interface VLAN10
C. to prevent spoofing by blocking traffic entering Fa0/0 with a source address in the RFC 1918 private address space
D. to establish a DMZ by preventing traffic from interface Fa0/0 being sent out interface VLAN10
E. None of the above


Display Answer


Purchase Full Version:


642-825 Printable PDF Prep Guide $49.95 BUY NOW!

642-825 Test Simulation Engine $69.95 BUY NOW!

642-825 PDF & Test Simulation Engine $99.95 BUY NOW!




Answer: B

Explanation: SDM, a configuration and management tool for Cisco IOS routers using a GUI, offers a simple method to set up the Cisco IOS Firewall. Depending on the number of router interfaces, you will select either the Basic Firewall Configuration wizard, which supports only one outside interface and one or more inside interfaces, or the Advanced Firewall Configuration wizard, which, in addition to the inside and outside interfaces, also supports a DMZ interface. When the firewall features are configured on the router, the wizard finishes and you are placed in the Edit Firewall Policy / ACL tab of the Firewall and ACL menu. In this window, you can review and modify the configured options. The figure illustrates how to view the ACL entries applied for the originating traffic (ACL 100 in this example); in other words, you examine the ACL that is applied to the inside interface in inbound direction. Example: ACL 100 is applied inbound to the inside interface. It prevents spoofing by denying packets sourced from 200.0.0.0/30 network, which is configured on the outside interface. The ACL also blocks packets sourced from the broadcast address and the 127.0.0.0/8 network and permits all other traffic. The inspection rule name in this example is SDM_LOW In this example, the firewall is active from the Fa0/0 to S0/0/0 direction, where Fa0/0 is in the inside (trusted) interface and S0/0/0 is the outside (untrusted) interface. You can also verify that the firewall is active by the firewall icon displayed inside the router icon.



  • Based on the latest 642-825 exam objectives!
  • Designed like actual 642-825 exam questions!
  • 100% Verified Realistic 642-825 Exam Questions and Answers!
  • Exhibits, Drag&Drop and Simulation 642-825 Questions Included!
  • Constantly Updated Guide to Reflect the Current 642-825 Exams!
  • Detailed Explanations for Most Guide Practice Exams!
 Sponsored Links
Japan Exam



SCDME
310-100
$49.95 Get Detail

CCI
1D0-441 1D0-442

$59 Get Detail

MCSE 2003 Security
70-270 70-290
70-291 70-292
70-293 70-294
70-298 70-299

$239 Get Detail

SSBB
310-600
$49.95 Get Detail

SCWCD
310-081 310-220

$59 Get Detail


Australia
Great thanks to EliteCertify for such excellent products! It really helped me a lot for passing 3Com 3M0-212. The practice ...


Demark
Took my last CCNP test last Friday. EliteCertify tests really made the difference, I passed every one on the first ...


England
Many thanks to your complete solution in 3Com Test Simulation Engine, Study Guides and PDF practice exams which are very ...





Keyword
View Cart      Check Out
This site is both PayPal and VeriSign Verified. 128-bit SSL Encryption!
More questions about Order Security?