Note that when performing the configuration, you should use the exact names highlighted in bold below…
Scenario:
You have been given the task of performing initial zone-based policy firewall configurations. You
will need to create zones, assign the zones to specific interfaces, and create zone pairs to allow
for traffic flow between interfaces. You will also need to define a zone-based policy firewall and
assign the policy to the zone pair. To access the router console ports, refer to the exhibit, click the
router for access, and perform the following tasks.
Note that when performing the configuration, you should use the exact names highlighted in bold
below:
Globally create zones and label them with the following names:
OUTSIDE
IHSIDE
Assign interfaces to zones as indicated in the exhibit
Create a zone pair for traffic flowing from the inside to outside zones named IH-TO-OUT –
Define a zone-based firewall policy named IH-TO-OUT-POLICY
Use the “match protocol” classification option to statefully inspect HTTP traffic and drop all other
traffic
Use a class-map named HTTP_POLICY
Apply zone-based firewall policy IN-TO-OUT-POLICY to the zone pair
What can be determined from the partial configuration shown?
Refer to the exhibit.
What can be determined from the partial configuration shown?
When is it feasible for a port to be both a guest VLAN and a restricted VLAN?
When is it feasible for a port to be both a guest VLAN and a restricted VLAN?
What can be determined from the information provided in the system image output?
Refer to the exhibit.
What can be determined from the information provided in the system image output?
Which three of these are sources used when the router is configured for URL filtering?
Which three of these are sources used when the router is configured for URL filtering? (Choose
three.)
which feature allows for non-802.1X-supported devices such as printers and fax machines to authenticate?
In an 802.1X environment, which feature allows for non-802.1X-supported devices such as
printers and fax machines to authenticate?
which three of the following?
The advantages of virtual tunnel interfaces (VTIs) over GRE VPN solutions are which three of the
following? (Choose three.)
which new feature has been added to the zone-based policy firewall?
In Cisco IOS 15.0.1M code for the router platform, which new feature has been added to the zone-based policy firewall?
which three protocols that are shown may have limitations or complications when using NAT?
When configuring NAT, which three protocols that are shown may have limitations or
complications when using NAT? (Choose three.)
Which two answers are potential results of an attacker that is performing a DHCP server spoofing attack?
Which two answers are potential results of an attacker that is performing a DHCP server spoofing
attack? (Choose two.)