This chapter looked at the Cisco PIX Device Manager (PDM) as a graphical interface tool to facilitate configuration and monitoring one or more PIX Firewalls. While particularly useful for those administrators who lack a solid knowledge of the PIX Firewall command-line interface (CLI), the PDM is an easy tool for any administrator to use to access most of the PIX functionality.
PDM monitoring features include real-time graphs and data, including connection, IDS, and throughput information for the selected PIX Firewall. You can view up to five days of historical data. The tabbed-page graphical interface with Windows Explorer-like controls on the left side makes it easy to check setting, configuration, or performance.
PDM v2.1, which runs on any PIX Firewall supporting the v6.2 operating system, added two wizards to greatly simplify the basic PIX Firewall setup, as well as both site-to-site and remote access VPN connections.
The failover features are available on the larger PIX devices to provide rapid and reliable redundancy. The two units that make up a failover pair must be physically identical. After configuring the primary unit, the standby will receive the configuration, making it identical to the primary right down to the IP and MAC addresses. Each time the primary boots up, the configuration is copied to the standby unit, or a write standby command can be used to accomplish the same thing.
Password recovery and OS upgrade procedures were also covered.
1.? |
Which one of the following statements is false about Cisco PIX Device Manager (PDM)?
|
|
2.? |
Which one of the following statements is false about PDM v2.1?
|
|
3.? |
Which one of the following statements is false about web browsers for PDM v2.1?
|
|
4.? |
Which one of the following commands will upgrade the PDM software?
|
|
5.? |
Which command would launch PDM?
|
|
6.? |
If a write erase and reload command are issued on a PIX, what command will prompt for the minimum configuration required to run PDM?
|
|
7.? |
Which one is not a PDM Wizard in v2.1?
|
|
8.? |
How many missed failover hellos trigger a PIX failover?
|
|
9.? |
Which PIX platform can’t be used with the failover feature?
|
|
10.? |
Which two pairs of software licenses can be used for a PIX failover pair?
|
|
11.? |
Which failover method yields the least disruption of dataflows?
|
|
12.? |
Which is a PIX 500 Firewall password recovery lockout utility name?
|
|
13.? |
Which one statement is true about PIX password recovery?
|
|
14.? |
To use the copy tftp flash command for OS upgrades, what two conditions must be true?
|
|
15.? |
Which is a PIX Firewall OS filename?
|
|
Answers
1.? |
C. It’s a wizards-based application used exclusively for feature setup. While it has two wizards, it can also be used for routine admin and monitoring |
2.? |
B. It will run on any PIX Firewall. It will run only on those supporting OS v6.2 |
3.? |
B. All versions of Netscape are supported on all three platforms. Netscape 6.x or 7 aren’t supported |
4.? |
A. pixfirwall# copy tftp flash:pdm |
5.? |
C. https://192.168.1.1 |
6.? |
C. setup |
7.? |
B. AAA setup |
8.? |
B. 2 |
9.? |
A. 506/506e |
10.? |
A. Unrestricted (UR)/Unrestricted (UR). and C. Unrestricted (UR)/Failover (FO) |
11.? |
C. Stateful failover |
12.? |
D. np62.bin |
13.? |
C. Password recovery is dependent on the PIX platform and the current OS version |
14.? |
D. and C. PIX Firewall unit is currently running an OS versions 5.1.1 or later, and PIX Firewall unit has a DES or 3DES activation key |
15.? |
A. pix622.bin |