Hello dan,basically you have what it's called: "NAT exemption"when the condition on the access-list nonat-dmz and nonat-inside happens, the firewall lets the traffic to go out without translation, this is common used for VPN interesting traffic. And ...
PiX Firewall by design is a firewall, (security levels, nat-control, packet inspection at level 7, etc) CBAC does emulate the packet inspection that a PIX Firewall does, here is a link with pretty good information about the CBAC capabilities and the ...