Instructions
This item contains a simulation task. Refer to the scenario and topology before you start. When you are ready, open the Topology window and click the required
device to open the GUI window on a virtual terminal. Scroll to view all parts of the Cisco ASDM screens.
Scenario
Click the PC icon to launch Cisco ASDM. You have access to a Cisco ASA 5505 via Cisco ASDM. Use Cisco ASDM to edit the Cisco ASA 5505 configurations to
enable Advanced HTTP Application inspection by completing the following tasks:
1. Enable HTTP inspection globally on the Cisco ASA
2. Create a new HTTP inspect Map named: http-inspect-map to:
a. Enable the dropping of any HTTP connections that encounter HTTP protocol violations
b. Enable the dropping and logging of any HTTP connections when the content type in the HTTP response does not match one of the MIME types in the accept filed
of the HTTP request
Note: In the simulation, you will not be able to test the HTTP inspection policy after you complete your configuration. Not all Cisco ASDM screens are fully functional.
After you complete the configuration, you do not need to save the running configuration to the start-up config, you will not be able to test the HTTP inspection policy
that is created after you complete your configuration. Also not all the ASDM screens are filly functional.
Which three are global correlation network participatio…
Which three are global correlation network participation modes? (Choose three.)
Which two methods can be used to access the Cisco AIP-S…
Which two methods can be used to access the Cisco AIP-SSM CLI? (Choose two.)
Where in the ACS are the individual downloadable ACL st…
Where in the ACS are the individual downloadable ACL statements configured to achieve the most scalable deployment?
Which two options will result from the Cisco ASA config…
Refer to the exhibit.
Which two options will result from the Cisco ASA configuration? (Choose two.)
Which Cisco ASA platform should be selected if the requ…
Which Cisco ASA platform should be selected if the requirements are to support 35,000 connections per second, 600,000 maximum connections, and traffic
shaping?
Which statement about the NAT/PAT configuration is true?
Refer to the Exhibit.
Which statement about the NAT/PAT configuration is true?
which access rule is applied inbound to the inside inte…
By default, which access rule is applied inbound to the inside interface?
how long is the attacker who is performing the scan shunned?
When the Cisco ASA detects scanning attacks, how long is the attacker who is performing the scan shunned?
What else must be enabled in order to make it work?
Scenario: To access Cisco ASDM, click the PC icon in the Topology window, ASDM and answer the following question as:
The Cisco ASA administration must enable the Cisco ASA to automatically drop suspicious botnet traffic. After the Cisco ASA administrator entered the initial
configuration, the Cisco ASA is not automatically dropping the suspicious botnet traffic. What else must be enabled in order to make it work?