EMT Practice Test

1. Question Content...


Question List

Question1: Who plays the role of the trusted third party, when client and server communicate via Kerberos?

Question2: Which of these are the features of a Blue Coat Director? (Choose all that apply) (a) Install and update configurations of a group of ProxySG
(b) Distribute and control content of a group of ProxySG
(c) Managing SSL VPN configuration
(d) Monitoring ProxySG Performance

Question3: Hostname of the BCAAA= serverl
DNS suffix =bluecoat.com
Hostname of the Bluecoat SG = sgo1
Referring to the above information, what is the correct syntax for the SPN command in the Domain Controller?

Question4: At which checkpoint does the rewrite () perform the TWURL modification?

Question5: SGOS is based on which other operating system?

Question6: In which two of these cases must you specify a virtual URL to be used in conjunction with Kerberos authentication? (Select two)

Question7: When creating a policy-driven trace, which CPL property specifies the name of the policy trace file into which matching transactions are traced?

Question8: CPL is required when creating which types of policy?

Question9: When a URL-based trigger is used in CPL, the compiler analyzes the source to determine the most efficient trigger to achieve the desired result.

Question10: When configuring reverse proxy with SSL, what are the 3 possible options of ensuring host affinity?
(Choose all that apply)
(a) client-ip
(b) ssl-session-id
(c) accelerator-cookie
(d) server-ip

Question11: http://www.bluecoat.com/index.html?user=bobkent
For the above URL, will the trigger url.regex=!\.html$ match or miss?

Question12: Which of the following methods can the Windows SSO utilize to derive a user name? (Choose all that apply)
(a) Domain Controller Querying
(b) Direct Client Querying
(c) Direct Client Querying, if unsuccessful then Domain Controller Querying (d) Domain Controller Querying, if unsuccessful then Direct Client Querying

Question13: ProxySG is configured to permit error but guest authentication is not configured. What will happen to a user who initiates a connection to the Internet?

Question14: The ProxySG simultaneously opens multiple server connections to retrieve objects referenced on a web page before the client actually issues the requests for those objects. This statement best describes which ProxySG caching technique?

Question15: A policy trace can be enabled for any layer type.

Question16: Which of the following are some of the general requirements for using Kerberos Authentication? (Choose all that apply)
(a) SGOS 4.2x or higher
(b) Internet Explorer 5
(c) Transparent Proxy Deployment
(d) Windows 2000 and above

Question17: Which of the following are true when enabling the early intercept attribute for a proxy service? (Choose all that apply)
(a) It is automatically enabled when the detect protocol attribute is enabled.
(b) The ProxySG completes the three-way TCP handshake with the client before establishing a connection to the upstream server.
(c) It can be used with any protocol.

Question18: What are the available actions for any given category, when defining ProxyClient content filtering configuration? (Choose all that apply)
(a) Allow
(b) Deny
(c) Temporanily Allow
(d) Warm

Question19: A service can be configured to listen in explicit and transparent mode simultaneously.

Question20: Which of the following authentication mode will allow you to visibly challenge the user upon inactivity timeout? (Choose all that apply)
(a) Form based authentication
(b) Cookie Surrogate
(c) IP surrogate
(d) Session based surrogate a & b only

Question21: When writing CPL, should layers containing the most general rules usually appear near the beginning or the end of a policy file?

Question22: With ProxySG failover, the failover Virtual IP address can be the same as the IP address assigned to the master.

Question23: In an SSL transaction in which the server's certificate is not from a trusted authority, which entity generates the warning that is displayed in a web browser?

Question24: ProxySG can cache videos played by Adobe Flash based video player (e.g. on YouTube) as HTTP objects.

Question25: Is it possible to run more than one version of a BCAAA processor on a Windows computer?

Question26: By default, what method does the ProxySG use to balance traffic load among members of a forwarding group?

Question27: An HTTP request containing which header instructs the content server to return whether the requested object has been modified since the last visit?

Question28: At which checkpoint does the rewrite_url_prefix perform the TWURL modification?

Question29: Which regular expression should you test against a URL to match both http and https schemes?

Question30: Which of the following Health Checks can be defined for a forwarding host? (Choose all that apply) (a) ICMP
(b) TCP
(C) HTTP
(d) HTTPS

Question31: When analyzing an authentication error, which of these diagnostic tools provides the most detailed information about the protocol-level messages among the client, the ProxySG, and the authentication server?

Question32: NTLM credentials or Kerberos credentials: Which credentials typically require more trips between the ProxySG and the domain controller?

Question33: In CPL, what is the difference between Deny and Force Deny?

Question34: Which type of SGOS worker performs most transactions with an authentication server?

Question35: A cookie without an expire value will ___

Question36: On the ProxySG, where can you specify whether a client is permitted to allow an untrusted server certificate? (Select all that apply)

Question37: Which of the following format can be used in troubleshooting authortization and authorization related problems in ProxySG? (Choose all that apply)
(a) x-sc-authentication-error
(b) x-sc-authentication-timeout
(c) x-sc-authorlzation-error
(d) x-sc-authorization-timeout

Question38: How can you test whether an authentication realm has been properly configured on the ProxySG without requiring valid user credentials?

Question39: The ProxySG policy engine allows an administrator to create policy based on any MIME type, File Extension or File Signature (first bytes in the response body).

Question40: Which policy file can be automatically updated when the ProxySG detects changes to an external source?

Question41: Which header cannot be sent together with an HTTP 407 status code from the ProxySG?

Question42: What happens when a disk is removed from a ProxySG while it is running?

Question43: By default, how often is the standard SSL trust package updated?

Question44: When ProxyClient is installed on a mobile workstation, from where is the ProxyClient software normally downloaded?

Question45: Which authentication modes would result in a user-agent receiving a HTTP 401-Unauthorized status codes from the proxy? (Choose all that apply)
(a) origin-ip-redirect
(b) proxy-ip
(c) origin-cookie
(d) form-cookie-redirect

Question46: Which level(s) of global policy trace contain information about proxy transactions? (Select all that apply)

Question47: Which of the following steps are not required when configuring a transparently deployed ProxySG to intercept HTTPS traffic?

Question48: Which statement is correct about Proxy-Authorization header?

Question49: When the ProxySG determines whether a user is a member of an LDAP group, is that considered authentication or authorization?

Question50: When performing anti-virus scanning using Blue Coat appliances, how does the ProxySG determine what specific actions to perform for high-performance or maximum-security deployments?

Question51: Which of the following is NOT true about global and per-rule policy tracing?

Question52: Organize these CPL components into descending order based on how they are organized in policy.

Question53: Which policy file is processed last?

Question54: When the ProxySG processes a client request to a server that requires a client certificate, from where does the ProxySG obtain the certificate during transaction processing?

Question55: Which of the following statements are true about Reverse Proxy deployment? (Choose all that apply) (a) Forwarding hosts in the forwarding file must be defined as "server" style (b) Default-scheme in forwarding file is supported
(c) Protocol conversion between HTTPS <- ->HTTP are automatic
(d) ProxySG should be set with default DENY policy

Question56: http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.domain=bluecoat.com match or miss?

Question57: When permitting guest authentication, what is one way that can require users to specifically state that they wish to authenticate as a guest?

Question58: Which of the following access log formats are supported by the ProxySG? (Choose all that apply) (a) ELFF
(b) SQUID
(c) Websense
(d) NCSA

Question59: What is the meaning of the metacharacter \ (backslash) in regular expressions?

Question60: In which of the following ways can Access Logging be enabled? (Choose all that apply.) (a) By a CLI command
(b) In the Management Console under Access Logging
(C) By adding another layer to VPM policy

Question61: When the ProxySG processes a client request to a server that requires a client certificate, how does the ProxySG determine which certificate to present to the server?

Question62: The ProxySG acts as both an ICAP client and ICAP server.

Question63: Objects that require more server-side bandwidth and response time are less likely to be deleted from the cache. This statement best describes which ProxySG caching technique?

Question64: In Kerberos authentication that uses BCAAA, which two entities negotiate the shared key that is used during the authentication? (Select two)

Question65: In CPL, which of the following are possible results of a policy processing transaction? (Select all that apply)

Question66: An excessively high internal CPU temperature can be detected and reported by the ProxySG.

Question67: What type of filesystem does SGOS use?

Question68: Which of the following are obvious advantages of having a ProxySG deployed in a Reverse Proxy environment? (Choose all that apply)
(a)The ProxySG has built in DOS protection to guard the actual web server from denial-ofservice attacks (b) Increased performance with caching provides an improved Web Experience (c) Consistent default behavior of cache expiration and validation directives (d) SSL termination on ProxySG allow SSL offloading, therefore eliminating bottleneck on the web server side.

Question69: Apparent Data Type objects can be created in the VPM for which of the following file types?
(Choose all that apply)
(a) Windows DLL
(b) Windows Exe
(c) Windows Ocx
(d) Windows Cab

Question70: A Web Authentication layer in the VPM can be best implemented in which type of policy layer in CPL?

Question71: After creating CPL in the local policy file, the policy is imported into the VPM CPL file so that it can be viewed through the Visual Policy Manager.

Question72: Health checks are automatically created under which scenarios? (Choose all that apply) (a) When a forwarding host is created.
(b) When a failover group is created.
(c) When the DRTR is enabled.
(d) When a SOCKS gateway is created.

Question73: If a CPL rule contains more than one trigger, how are the triggers evaluated?

Question74: If the ProxySG and a client cannot successfully authenticate the use of Kerberos credentials during authentication in a realm where use of Kerberos credentials is enabled, what happens to the authentication request?

Question75: When the ProxySG processes installed policy as part of a client transaction, how does it handle a rule that contains a syntax error?

Question76: Which types of requests are likely to be served the fastest?

Question77: When authenticating a guest user in an LDAP realm, which of these CPL properties would best be used to specify that the guest user should be part of the pre-defined LDAP group MobileUsers?

Question78: Which of the following options are configured when implementing failover on ProxySG appliances?
(Choose all that apply)
(a) Multicast address for advertisements
(b) Relative Priority
(c) Virtual MAC address
(d) Group Secret to hash information sent in multicast announcements

Question79: Which policy file is processed first?

Question80: By default, are proxy transactions allowed or denied?

Question81: Steaming traffic is better managed by using ProxySG's admission control features.

Question82: Which one of these statements best describes how the ProxySG locates an object in its cache?

Question83: In a cookie in the user's web browser, in a ProxySG authentication cache, or on the authentication server:
Where are surrogate authentication credentials stored?

Question84: How can you instruct the ProxySG to disregard the HTTP request header Pragma: no-cache?

Question85: What are the advantages that you may get in deploying ProxySG with WCCP? (Choose all the apply) (a) Scalability
(b) Redundancy
(c) Load Balancing
(d) Security

Question86: How must you configure the RTMP proxy service to process Flash traffic originating at youtube.com?

Question87: When performing Kerberos authentication with an explicit proxy connection, the hostname in the proxy configuration of the web browser must be which of the following?

Question88: http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.path=products/proxysg match or miss?

Question89: What is the protocol used for Blue Coat Director to communicate with ProxySG?

Question90: Which standard CA certificate list on the ProxySG is normally used in processing client-server SSL transactions?

Question91: In CPL, rules that have similar syntax can be grouped into what?

Question92: Which of the following are the benefits of using Bandwidth Management with the ProxySG? (Choose all that apply)
(a) Ensuring mission critical application receives minimum amount of bandwidth (b) Compressing certain type of traffic classes before transmitting it over the WAN (c) Prioritizing certain traffic classes
(d) Rate limiting application to prevent "hogging" of network bandwidth.

Question93: If multiple users from different IP addresses have been authenticated as guest users into the same authentication realm, how can you distinguish among them in the Management Console display of currently logged-in users?

Question94: If a user cannot be derived through the Window SSO realm, then the client will .

Question95: When creating a TCP tunnel service in explicit mode, you must also configure a forwarding host?

Question96: A global policy trace can be invoked from which two of these sources? (Select two)

Question97: When creating policy in the VPM, where can you instruct the ProxySG to enable or disable pipelining of referenced objects?

Question98: Is it possible to run more than one version of a BCAAA acceptor on a Windows computer?

Question99: Log format variable rs(Content-Type) always refers to Content-type header value sent from the proxySG to the client.

Question100: By, default is a Forwarding layer in the VPM processed before or after a Web Access layer?

Question101: To create policy that tests only for the authentication error of expired_credentials, can you use the VPM, CPL, or either?

Question102: Which statement is correct about WWW-Authenticate header?

Question103: What is the meaning of the metacharacter (question mark) in regular expressions?

Question104: What are the possible ways of creating bandwidth classes?
(a) Using Management Console
(b) Defining them in a JavaScript file and uploading it to ProxySG
(c) Using CLI

Question105: What criterion is NOT used to determine location awareness of a ProxyClient

Question106: Which one of these statements best describes how policy checkpoints evaluate the installed policy on a ProxySG?

Question107: You can NOT use a self-signed certificate when intercepting SSL traffic.

Question108: Which of these proxy services must be enabled on the ProxySG to allow communication with an SNMP server?

Question109: When implementing failover with ProxySG appliances, configurations and policies on the master are automatically replicated to members of the failover group.

Question110: Which of these must be specified on a ProxySG to enable its access logs to be used by Blue Coat Reporter? (Select all that apply)

Question111: In CPL, what is the difference between Allow and OK?

Question112: When a TCP health check responds as "healthy" then

Question113: What type of SGOS software worker can be invoked to perform pipelining of HTTP requests?

Question114: When a downstream ProxySG requests an object that already is cached in an upstream ProxySG, the downstream ProxySG checks the object's freshness with the origin content server.

Question115: Log format variable s-ip always refers to

Question116: What is the pre-defined username that can be used to allow guest users to access content via the ProxySG?

Question117: In which types of ProxySG realms does the ProxySG join the Active Directory domain associated with an IWA realm?

Question118: Which method of controlling downloads of certain file types has the LOWEST efficiency in terms of response time, bandwidth use and execution time on ProxySG?

Question119: Where does ProxySG object caching usually result in the most bandwidth savings?

Question120: Which of the following steps have to be performed to support Kerberos Authentication?
(Choose all that apply)
(a) A virtual URL that resolves to the IP of the ProxySG.
(b) Registering the BCAAA as a Service Principal Name.
(c) Configuring IWA Realm.
(d) Configuring Explicit Proxy.

Question121: The HTTP request header Pragma: no-cache performs the same function as what other header?

Question122: When configuring forwarding in PoxySG, what are the possible load balancing methods?
(Choose all that apply)
(a) Round Robin
(b) Fastest ICMP Reply
(c) Least Connections
(d) Least Delay

Question123: url.regex=!\.html$ d\ DENY
What is the effect of the above CPL code?

Question124: The Content-encoding header is used to declare the MIME type and compression method used in a HTTP response.

Question125: Name two settings that can be configured in a forwarding group to define which hosts in the group receive traffic. (Select all that apply)

Question126: A <cache>policy layer in CPL can best be implemented in which type of VPM layer?

Question127: Can you simultaneously use policy created in the VPM and written in CPL?

Question128: Which method of controlling downloads of certain file types works fastest on ProxySG?

Question129: What type of authentication challenge is issued when using the Policy Substitution Realm?

Question130: When a backup ProxySG takes over because the master fails, which of the following will occur?

Question131: When SGOS processes a client HTTP request, how many server workers are associated with each client worker?

Question132: Which Blue Coat product is best suited for simultaneously administering a large number of ProxySG appliances?

Question133: In explicit proxy, what will happen to a connection that is made when there is no such service running in the ProxySG?

Question134: Where do you most appropriately configure the ProxySG to decide whether to authenticate guest users?

Question135: By default, which standard keyring is used to authenticate a ProxySG to other devices?

Question136: When a ProxyClient setup file is manually on a client's computer, what data transfer takes place before ProxyClient is installed?

Question137: Which of the following statements are true about dynamic bypass list? (Choose all that apply) (a) Configured polices will not be enforced on client request if the request matches an entry in the bypass list.
(b) Dynamic bypass entries are lost when ProxySG is restarted
(c) If request made to a site in a forwarding policy is in the bypass list, the site is inaccessible (d) Dynamic bypass parameters can be configured on Management Console and CLI.

Question138: Perl statements can be included into CPL code as part of policy processing.

Question139: Where can you get the SNMP MIBs for the version of SGOS running on your ProxySG?

Question140: The bcreportermain_v1 access log format has a configurable ordering of fields, and this custom order is reflected in a log file header.

Question141: Which one of these statements is NOT true about the ProxySG object cache?

Question142: ICAP responses may be cached on a ProxySG, i.e, for some Web requests ICAP processing may be completed without involving ProxyAV

Question143: When one ProxySG forwards HTTP requests to another ProxySG, does the originating ProxySG send a server-style GET request or a proxy-style GET request?

Question144: Which of the following statements are true about Bandwidth Management Hierarchies and Priorities?
(Choose all that apply)
(a) Child classes can have children of their own.
(b) If no limit is set, packets are sent as soon as they arrive.
(c) Priorities are set to a class to give precedence over other classes.
(d) If there is excess bandwidth, the child class will always get the first opportunity to use it.

Question145: In a typical client HTTP request, identify the four principal policy checkpoints in the order they are reached.

Question146: When a user has credentials in an IWA realm and already has been authenticated into that realm, what happens when CPL code directs that user to be authenticated as a guest?

Question147: If cookie surrogates are used with a user agent that does not support cookies, how does the ProxySG respond?

Question148: The ProxySG is intercepting Flash traffic. Client A requests an on-demand 100MB Flash video and watches the first 50MB of it before terminating the media player. Client B requests the same on-demand Flash video, starts at the 25MB mark, and plays the remainder of the video. In normal conditions without any policy specifically controlling caching, how is the video served to Client B?

Question149: When SGOS processes a client HTTP request, how is a client worker started?

Question150: Can the ProxySG initiate a transaction that does not correspond to a client action?

Question151: Is SGOS a 32-bit or 64-bit operating system?

Question152: Which of the following options are configured when implementing failover on ProxySG appliances?
(Choose all that apply)
(a) Multicast address for advertisements
(b) Relative Priority
(c) Virtual MAC address
(d) Group Secret to hash information sent in multicast announcements

Question153: When a ProxySG is configured to use authentication mode auto with Kerberos credentials and a transparent proxy connection, which actual mode is typically used?

Question154: In a network with three ProxySG appliances using IWA realms with BCAAA, what is the minimum number of BCAAAs that must be deployed, independent of performance considerations?

Question155: In a transparent proxy that is intercepting HTTP, how can an administrator allow instant messaging over HTTP to pass through ProxySG if they do not have IM license on the ProxySG?

Question156: http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.host=bluecoat.com match or miss?

Question157: What are the two functions of configuring forwarding in ProxySG? (Choose all that apply)

Question158: Bandwidth minimum does not work in an explicit deployment model.

Question159: While configuring Blue Coat directory, what is an Overlay?

Question160: Which of the following are true when attempting to deny access to file types?

Question161: Name two ways by which the ProxySG can determine that a DDOS attack is in progress. (Select two)

Question162: Which of the following statements are true? (Choose all that apply)
(a) The SGOS object store utilizes a directory structure so that objects in cache can be accessed rapidly (b) Information about a single object in cache be retrieved from the Management console or the CLI (c) There are two object caches, the object cache which resides on disk and the object cache which resides in RAM
(d) The SGOS object store is separated by protocol (HTTP cache, FTP cache, etc.)

Question163: Is it must the ProxySG use BCAAA to perform user authentication to an IWA realm?

Question164: The ProxySG ICAP implementation is fully compatible with which of the following applications? (Choose all that apply)
(a) Finjan SurfinGate
(b) Webwasher
(c) AntiVirus Scan Engine (SAVSE)
(d) Trend Micro InterScan

Question165: Which of the following statements are true about ProxySG Protocol Detection feature?
(Choose all that apply)
(a) Protocol detection is performed on the server's response.
(b) Protocol detection is performed on the client's request.
(c) Enabling Detect Protocol option will automatically enable early intercept attribute in proxy services.
(d) Protocol detection is performed by looking at the TCP port number.

Question166: When will a policy trace report a rule processing result of "N/A"?

Question167: In a hybrid configuration using the ProxySG in conjunction with the Blue Coat Cloud Service Web Security Module, how does the ProxySG determine when content filtering should be processed by the Cloud Service and not the ProxySG?

Question168: When configuring Blue Coat Director, how can an administrator be authenticated? (Choose all that apply.) (a) Local configured accounts and password
(b) RADIUS
(c) IWA
(d) TACACS+

Question169: When a <proxy> policy layer has set one or more actions to yes, when are these actions performed?

Question170: There is a hard coded limit to the number of concurrent connections allowed through the ProxySG.

Question171: Which authentication mode is generally more secure: Origin IP or Origin Cookie?

Question172: If you wish to use an SSL trust package other than the one that is supplied by Blue Coat, how do you configure the ProxySG to use the alternate package?

Question173: When a client receives an HTTP 302 response from a server, the client will form a new request based on the header.

Question174: When using a transparent proxy connection, the ProxySG detects Flash traffic using listeners for which proxy service by default?

Question175: After creating CPL in the local policy file, the ProxySG imports the policy into the VPM-CPL file so that it can be viewed in the Visual Policy Manager.

Question176: What is a precondition for using L2 MAC rewrite with WCCP?

Question177: The authentication mode origin-ip-redirect allows an administrator to assign a Time To Live (TTL) for the surrogate credentials. Meanwhile the authentication mode origin-cookie-redirect does not provide this feature.

Question178: Which of the following cashing techniques utilize retrieval workers to keep the contents of the cache fresh?
(Choose all that apply.)
(a) Cost-based Deletion
(b) Asynchronous Adaptive Refresh
(c) Popularity Contest

Question179: What are the two main functions of configuring forwarding in ProxySG? (Choose all that apply) (a) To accelerate application
(b) Reverse Proxy
(c) To support Proxy Chaining
(d) To intercept SSL

Question180: The Access Control List (ACL) option in the management console (configured by the menu item Configuration >Authentication >Console access) will be enforced for which types of administrative accounts? (Choose all that apply)
(a) LDAP realm account
(b) Local realm account
(c) Built-in account
(d) IWA realm account

Question181: If a CPL rule is not part of a policy layer, when is it processed?

Question182: If a mobile client is using ProxyClient and sends traffic through a ProxySG, which content filtering policy has priority?

Question183: In a CPL back reference of the form $(n), are references numbered from right to left or from left to right?

Question184: Which one of these statements is NOT true about the caching architecture of the ProxySG?

Question185: If a user agent that does not support authentication tries to request content through a connection on which the ProxySG requires authentication, how can you best resolve the issue?

Question186: Which client deployment methods support the 407 Proxy Authentication Required response code?
(Choose all that apply)
(a) Proxy Auto Configuration files
(b) WCCP
(c) Proxy settings in browser
(d) Inline Bridging

Question187: True or false: The ProxySG can apply policy to Flash traffic without requiring the installation of an add-on license.

Question188: What does this CPL layer do?

Question189: Without asking a user or physically inspecting their computer, how can you determine which version of web browser they are using to make requests that are intercepted by the ProxySG? (Select all that apply)

Question190: Which of these possible problems does a nearly-full ProxySG disk indicate? (Select all that apply)

Question191: The ProxySG compiles CPL code at installation time and performs optimizations that might not have been written into the code.

Question192: Which statement best describes the payload that is encapsulated by GRE (Generic RoutingEncapsulation) protocol and what layer GRE uses for delivery

Question193: Which authentication realm is NOT supported for authenticating administrators to the management console?

Question194: What is the meaning of the metacharacter * (asterisk) in regular expressions?

Question195: In CPL, using the define category construct with a list of 1,000 URLs usually produces more efficient code than explicitly specifying each individual URL as a separate test.

Question196: By default, what type of authentication challenge will the user-agent receive if the authentication node is set to AUTO?

Question197: http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.scheme=http match or miss?

Question198: Which of the following hostnames are NOT matched by the regular expression "www (0 9) (0-9)? \ .foo\
.com")