Exam 350-401 topic 1 question 722 discussion

Where did the Cisco exams gone? Can't find any in the site anymore.

A. ciscoasa(config)# access-list MAIL_AUTH extended permit udp any any eq http ciscoasa(config)# aaa authentication listener http outside redirect B. ciscoasa(config)# access-list MAIL_AUTH extended permit tcp any any eq www ciscoasa(config)# aaa authentication listener http inside redirect C. ciscoasa(config)# access-list MAIL_AUTH extended permit tcp any any eq http ciscoasa(config)# aaa authentication listener http inside port 43 D. ciscoasa(config)# access-list HTTP_AUTH extended permit udp any any eq http ciscoasa(config)# aaa authentication listener http outside port 43

Option 'C' & 'D' are incorrect, because HTTP uses port number 80. Option 'B' is incorrect, because we want to authenticate outside HTTP traffic against an internal web page (by requesting a username, & a password,) before redirecting traffic to the internet. "inside" is used for traffic originating from our local LAN (storage server) "outside" is used for traffic originating from outside of our local LAN (remote users, or any other user on the internet). https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/fwaaa.html#:~:text=the%20following%20commands%20authenticate%20all%20inside%20HTTP%20traffic

B is correct. just a strong feeling no idea why

Asa, I almost forgot it exists.

By a process of elimination

See: https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/fwaaa.html

B is the only one that makes any sense - eq www is correct to allow tcp port 80.

i'm in the same state ＞Where did the Cisco exams gone? Can't find any in the site anymore.

so all the AAA in different appliance are covered?

I didn't see ASA in the ENCOR, but if this question came up on the exam and it made me think, don't expect it

ASA configs now in the Encor exam?