Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/15

Click to flip

15 Cards in this Set

  • Front
  • Back
You can see a listing of all the disabled logging messages with the following EXEC command:
You can see a listing of all the disabled logging messages with the following EXEC command:

Firewall# show logging message
Choose this log severity if only firewall error conditions should be recorded and no one will regularly view the message logs
severity level 3 (errors).
needs question
If you are primarily interested in seeing how traffic is being filtered by the firewall access lists, choose severity level 4 (warnings).
needs question
If you need an audit trail of firewall users and their activity, choose severity level 5 (notifications).
needs question
If you will be using a firewall log analysis application, you should choose severity level 6 (informational). This is the only level that produces messages about connections that are created, as well as the time and data volume usage.
To change a message's severity level, use the following configuration command:
Firewall(config)# logging message message-number [level level]
By default, this logging message number is generated when a deny access list entry is matched with a traffic flow. Only the overall ACL is listed in the message, with no reference to the actual denying ACL entry,
By default, logging message 106023 (default severity level 4, warnings) is generated when a deny access list entry is matched with a traffic flow. Only the overall ACL is listed in the message, with no reference to the actual denying ACL entry,
This ASA command displays the contents of the translation slots.
The show xlate command displays the contents of the translation slots.
This command specifies that all routes that match the addresses in the access list is advertised with a user defined next hop.
The set ip next-hop command specifies that all routes that match the addresses in the access list is advertised with a user defined next hop.
Which happens first on a cisco router- regular routing or policy routing?
If you look at the Cisco IOS Order of Operations, Policy routing always happens BEFORE regular routing.
Where are policy/route maps applied on cisco devices
you need to apply this policy/route-map to the interface where the traffic is coming in.
Defines a route map to control where packets are output. This command puts the router into route-map configuration mode.
Router(config)# route-map map-tag [permit | deny] [sequence-number]
Router(config-route-map)# set ip next-hop
next-hop: Sets next hop to which to route the packet.
Identifies the route map to use for PBR. One interface can have only one route map tag; but you can have several route map entries, each with its own sequence number.
Router(config-if)# ip policy route-map map-tag
Route/Policy maps are applied in which cisco router submode
interface submode

Router(config-if)# ip policy route-map map-tag