Cisco ASA Network Object Configuration | Exam 400-251 Answers

Network Object Configuration Options | Cisco ASA 8.3(1) | Exam 400-251

Q: Which three options can be configured within the definition of a network object, as introduced in Cisco ASA version 8.3(1)? (Choose three.)

range of IP addressessubnet of IP addressessource IP NAT translation

Prev Question Next Question

Question

Which three options can be configured within the definition of a network object, as introduced in Cisco ASA version 8.3(1)? (Choose three.)

Answers

A. range of IP addresses

B. subnet of IP addresses

C. destination IP NAT translation

D. source IP NAT translation

E. source and destination FQDNs

F. port and protocol ranges.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

ABD.

Cisco ASA version 8.3(1) introduced a new network object model to simplify the configuration of network-related settings. Within this new model, there are several options that can be configured within the definition of a network object. Here are the details of each option:

A. Range of IP addresses: This option allows you to specify a range of IP addresses, which can be useful when defining a group of hosts that belong to a specific network segment. For example, you can define a network object for a range of IP addresses that includes all the hosts on a particular subnet.

B. Subnet of IP addresses: This option allows you to specify a subnet of IP addresses. This is similar to specifying a range of IP addresses, but instead of defining a specific range, you define a subnet mask that includes all the hosts on that subnet.

C. Destination IP NAT translation: This option allows you to configure NAT (Network Address Translation) for inbound traffic. You can specify a network object that represents a destination IP address or subnet, and then configure NAT settings such as the destination interface and translated address.

D. Source IP NAT translation: This option allows you to configure NAT for outbound traffic. You can specify a network object that represents a source IP address or subnet, and then configure NAT settings such as the source interface and translated address.

E. Source and destination FQDNs: This option allows you to use fully qualified domain names (FQDNs) to identify source and destination hosts. This can be useful when dealing with dynamic IP addresses or when you want to simplify configuration by using FQDNs instead of IP addresses.

F. Port and protocol ranges: This option allows you to specify a range of TCP or UDP ports and protocols. You can use this option to create network objects that represent specific applications or services, and then use those objects in access control lists (ACLs) or other settings.

In summary, the three options that can be configured within the definition of a network object in Cisco ASA version 8.3(1) are A. range of IP addresses, B. subnet of IP addresses, and either C. destination IP NAT translation or D. source IP NAT translation (but not both). Additionally, E. source and destination FQDNs and F. port and protocol ranges are other available options that can be configured within a network object.

Prev Question Next Question