Which two configurations are the minimum needed to enable EIGRP on the Cisco ASA appliance?
(Choose two.)

Refer to the exhibit and to the four HTTP inspection requirements and the Cisco ASA
configuration.

Which two statements about why the Cisco ASA configuration is not meeting the specified HTTP
inspection requirements are true? (Choose two.)
1. All outside clients can use only the HTTP GET method on the protected 10.10.10.10 web
server.
2. All outside clients can access only HTTP URIs starting with the “/myapp” string on the protected
10.10.10.10 web server.
3. The security appliance should drop all requests that contain basic SQL injection attempts (the
string “SELECT” followed by the string “FROM”) inside HTTP arguments.

4. The security appliance should drop all requests that do not conform to the HTTP protocol.

Scenario: To access Cisco ASDM, click the PC icon in the Topology window, ASDM and answer
the following question as:

Which statement about the Cisco ASA configuration is true?

DRAG DROP
Based on this NAT command, drag the IP address network on the left to the correct NAT address
type on the right.
Nat(inside, outside) source dynamic 10.0.1.0_obj 192.168.1.7_obj destination static
209.165.200.226_Server 209.265.201.21_Server

DRAG DROP
Drag the Cisco ASR modes from the left to the correct description on the right.

DRAG DROP
Click and drag the supported ASA QoS option on the left to the correct description on the right.
(Some of the options on the left are not used)

DRAG DROP
Drag the correct three access list entries (from the left) and drop them (on the right) in the order
that is used when the interface ACL and global ACL are configured. Not all access list entries are
required.

Scenario: To access Cisco ASDM, click the PC icon in the Topology window, ASDM and answer
the following question as:

Which two statements about the running configuration of the Cisco ASA are true? (Choose Two)

Scenario: To access Cisco ASDM, click the PC icon in the Topology window, ASDM and answer
the following question as:

The Cisco ASA administration must enable the Cisco ASA to automatically drop suspicious botnet
traffic. After the Cisco ASA administrator entered the initial configuration, the Cisco ASA is not
automatically dropping the suspicious botnet traffic. What else must be enabled in order to make it
work?

CORRECT TEXT
Instructions
This item contains a simulation task. Refer to the scenario and topology before you start. When
you are ready, open the Topology window and click the required device to open the GUI window
on a virtual terminal. Scroll to view all parts of the Cisco ASDM screens.
Scenario
Click the PC icon to launch Cisco ASDM. You have access to a Cisco ASA 5505 via Cisco ASDM.
Use Cisco ASDM to edit the Cisco ASA 5505 configurations to enable Advanced HTTP
Application inspection by completing the following tasks:
1. Enable HTTP inspection globally on the Cisco ASA
2. Create a new HTTP inspect Map named: http-inspect-map to:
a. Enable the dropping of any HTTP connections that encounter HTTP protocol violations
b. Enable the dropping and logging of any HTTP connections when the content type in the HTTP
response does not match one of the MIME types in the accept filed of the HTTP request
Note: In the simulation, you will not be able to test the HTTP inspection policy after you complete
your configuration. Not all Cisco ASDM screens are fully functional.

After you complete the configuration, you do not need to save the running configuration to the
start-up config, you will not be able to test the HTTP inspection policy that is created after you
complete your configuration. Also not all the ASDM screens are filly functional.