What type of attack is being mitigated on the Cisco ASA appliance?
Refer to the exhibit. What type of attack is being mitigated on the Cisco ASA appliance?
You have completed this exercise when you have configured and successfully tested dynamic network object NAT w
CORRECT TEXT
You are a network security engineer for the Secure-X network. You have been tasked with
implementing dynamic network object NAT with PAT on a Cisco ASA. You must configure the
Cisco ASA such that the source IP addresses of all internal hosts are translated to a single IP
address (using different ports) when the internal hosts access the Internet.
To successfully complete this activity, you must perform the following tasks:
• Use the Cisco ASDM GUI on the Admin PC to configure dynamic network object NAT with PAT
using the following parameters:
• Network object name: Internal-Networks
• IP subnet: 10.10.0.0/16
• Translated IP address: 192.0.2.100
• Source interface: inside
• Destination interface: outside
NOTE: The object (TRANSLATED-INSIDE-HOSTS) for this translated IP address has already
been created for your use in this activity.
NOTE: Not all ASDM screens are active for this exercise.
NOTE: Login credentials are not needed for this simulation.
• In the Cisco ASDM, display and view the auto-generated NAT rule.
• From the Employee PC, generate traffic to SP-SRV by opening a browser and navigating to
http://sp-srv.sp.public.
• From the Guest PC, generate traffic to SP-SRV by opening a browser and navigating to
http://sp-srv.sp.public.
• At the CLI of the Cisco ASA, display your NAT configuration. You should see the configured
policy and statistics for translated packets.
• At the CLI of the Cisco ASA, display the translation table. You should see dynamic translations
for the Employee PC and the Guest PC. Both inside IP addresses translate to the same IP
address, but using different ports.
You have completed this exercise when you have configured and successfully tested dynamic
network object NAT with PAT.
What are the two policy types that can use a web reputation profile to perform reputation-based processing?
What are the two policy types that can use a web reputation profile to perform reputation-based
processing? (Choose two.)
why isn’t the syslog server receiving any syslog messages?
In your role as network security administrator, you have installed syslog server software on a
server whose IP address is 10.10.2.40. According to the exhibits, why isn’t the syslog server
receiving any syslog messages?
Which three pieces of information are required to implement transparent user identification using Context Dire
Which three pieces of information are required to implement transparent user identification using
Context Directory Agent? (Choose three.)
what will happen if syslog server 10.10.2.40 fails?
According to the logging configuration on the Cisco ASA, what will happen if syslog server
10.10.2.40 fails?
Which method does Cisco recommend for collecting streams of data on a sensor that has been virtualized?
Which method does Cisco recommend for collecting streams of data on a sensor that has been
virtualized?
Which statement is true of the logging configuration on the Cisco ASA?
Which statement is true of the logging configuration on the Cisco ASA?
Which configuration mode enables a virtual sensor to monitor the session state for unidirectional traffic?
Which configuration mode enables a virtual sensor to monitor the session state for unidirectional
traffic?
Which configuration could cause this behavior?
Over the period of one day, several Atomic ARP engine alerts fired on the same IP address. You
observe that each time an alert fired, requests on the IP address exceeded replies by the same
number. Which configuration could cause this behavior?