Datasheet
9E0 - 100
Leading the way in IT testing and certification tools, www.testking.com
- 5 -
The ca authenticate command is not saved to the PIX Firewall configuration. However, the
public keys embedded in the received CA (and RA) certificates are saved in the configuration
as part of the RSA public key record (called the "RSA public key chain").
Reference: PIX Firewall Software Version 6.3 Commands
QUESTION NO: 3
Using the Cisco PIX and using port re-mapping, a single valid IP address can support
source IP address translation for up to 64,000 active xlate objects.
This is an example of which technology?
A. PAT
B. DRE
C. SET
D. GRE
E. NAT
Answer: A
Explanation:
To allow all of the hosts access to the outside, we use Port Address Translation (PAT). If one
address is specified in the global statement, that address is port translated. The PIX allows
one port translation per interface and that translation supports up to 65,535 active xlate objects
to the single global address. The first 1023 are reserved.
Reference: Cisco Secure PIX Firewall (Ciscopress) page 91
Using nat, global, static, conduit, and access-list Commands and Port Redirection on PIX
QUESTION NO: 4
With regards to the PIX Firewall, which two terms are correct from the below list?
A. All PIX Firewalls provide at least two interfaces, which by default, are called outside
and inside.
B. All PIX Firewalls provide at least two interfaces, which by default, are called Eth1 and
Eth2.
C. All PIX Firewalls provide at least two interfaces, which by default, are called Right
and Left.
D. All PIX Firewalls provide at least two interfaces, which by default, are called Internet
and External.
Answer: A
Explanation:
With a default configuration, Ethernet0 is named outside with a security level of 0 and
Ethernet1 is named inside and assigned a security level of 100.
Reference: Cisco Secure PIX Firewall (Ciscopress) page 56
QUESTION NO: 5