Q1. - (Topic 2)
While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block?
1) Select Active Mode tab in SmartView Tracker.
2) Select Tools > Block Intruder.
3) Select Log Viewing tab in SmartView Tracker.
4) Set Blocking Timeout value to 60 minutes.
5) Highlight connection that should be blocked.
A. 3, 5, 2, 4
B. 1, 5, 2, 4
C. 1, 2, 5, 4
D. 3, 2, 5, 4
Answer: B
Q2. - (Topic 3)
Which of the following methods is NOT used by Identity Awareness to catalog identities?
A. AD Query
B. GPO
C. Captive Portal
D. Identity Agent
Answer: B
Q3. - (Topic 2)
In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy > Global Properties > FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to communicate to the Security Gateway on port __________.
A. 259
B. 256
C. 80
D. 900
Answer: B
Q4. - (Topic 2)
A marketing firm's networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Monitor
C. SmartDashboard
D. SmartView Status
Answer: C
Q5. - (Topic 3)
Which of these attributes would be critical for a site-to-site VPN?
A. Strong data encryption
B. Centralized management
C. Scalability to accommodate user groups
D. Strong authentication
Answer: A
Q6. - (Topic 3)
Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems?
A. The Security Policy is not correct.
B. You can't use any port other than the standard port 900 for Client Authentication via HTTP.
C. The service FW_clntauth_http configuration is incorrect.
D. The configuration file $FWDIR/conf/fwauthd.conf is incorrect.
Answer: D