MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1: A System Administrator begins receiving widespread reports of traffic latency and disruption from users and wants to determine which device in a network is causing the problem.Which step can the System Administrator take to rule out the XGS?
Question2: A financial company wants to establish one rule to prevent employees accessing an online game using TCP port 5432 during office hours.Which Application Object in Network Access Policy should the System Administrator use to accomplish this?
Question3: A System Administrator sees a lot of Ping_Sweep events reported as blocked on the network. However, because the Ping_Sweep signature only blocks the ping packet that triggers the event, most of the ping packets are allowed through the XGS.How can these suspicious packets be effectively blocked from the network?
Question4: A System Administrator has set the XGS protection interfaces in the environment to HA protection mode with the Hardware Bypass setting to Auto. The active XGS appliance loses power.What will happen to the protection interfaces on this appliance?
Question5: The System Administrator for a financial organization wants to register an XGS appliance to SiteProtector.There are two SiteProtector Sites:SiteProtector_1 in Strict mode has AgentManager_1 installed in it.SiteProtector_2 in Compatible mode has AgentManager_2 installed in it.The System Administrator has configured XGS SiteProtector Management policy as follows:In which SiteProtector instance should this XGS appear as Active based on the above policy given that there are no other network issues?
Question6: A System Administrator wants to install the XGS license files during the first time configuration of the appliance.How should the first time configuration wizard on the appliance be accessed?
Question7: The requirements are as follows:Avoid having to push certificates to all workstationsProtect users from fraudulent web sitesProtect all internal server from malicious attacksThe steps to implement this plan are as follows:Obtain an SSL Inspection license for the XGSObtain a certificate from a public CA and upload it to the XGS via Outbound SSL CertificatesObtain the certificate and private key of the internal public-facing web server and upload it to the XGSvia Inbound SSL CertificatesConfigure Outbound SSL Inspection Settings to block connections if the server certificate is invalid orself-signedCreate Outbound SSL Inspection rules that inspect all trafficCreate Inbound SSL Inspection rules that only decrypt traffic destined for the internal web server IPaddressAfter implementing the plan, the System Administrator finds that users are blocked when trying to access the private company intranet site.What should the System Administrator do to allow the users to access the intranet?
Question8: A System Administrator want to configure an XGS so that only when the SQL_Injection security event is enabled in the IPS policy and triggered, the XGS performs a packet capture of the complete connection from the point of the event triggering.How should the System Administrator configure the XGS?
Question9: Security Policies of an organization demand that no network traffic should be allowed by XGS without inspection in case of XGS power failure or traffic beyond XGS capabilities.What should be the settings for built-in Hardware Bypass and Unanalyzed Policy?
Question10: An oil and gas Company uses XGS appliances to protect its SCADA environment. This critical environment is completely isolated from other systems and the Internet and no proxy is available either.Therefore, Automatic updates are not allowed.Which two updates can be uploaded and applied manually? (Choose two.)
Question11: A System Administrator has reviewed recent changes on the XGS from the Local Management Interface (LMI) and has determined that a fix pack has been applied that may be inhibiting network functionality. The System Administrator plans to remove the fix pack during the next change control window.Which step should be taken?
Question12: A System Administrator wants to perform Hardware diagnostics because a network adapter is suspected of being faulty.What command should be used from the console?
Question13: A System Administrator discovered the XGS appliance is unstable after upgrading firmware to the newest version.How should the device be restored to the previous stable state?
Question14: A System Administrator wants to configure the Automated Service and Support Request feature.Where can settings for this be configured.
Question15: A System Administrator has an XGS 4100 appliance that has a single 8-port RJ-45 copper Network Interface Module (NIM) installed.What is the maximum number of in-line network segments, of any media type, that could be protected?
Question16: Which configuration should be used to ensure that traffic flow is not interrupted when the hypervisor kernel moves traffic to a different ESXi host?
Question17: A System Administrator has been seeing a lot of SSLv2-Weak_Cipher attacks reported on the network and wants to increase the severity of the events.How can this be accomplished?
Question18: A financial company plans to deploy an XGS appliance to protect the company network and has the following requirements:6.5 Gbps total inspected throughputAverage latency must be less than 150 microseconds4 Gbps inspected outbound SSL throughputActive-Passive HA deploymentWhich model and NIM option will fulfill these requirements?
Question19: A System Administrator needs to create a pcap capture file which contains the FTP traffic inspected by the XGS and therefore has enabled the FTP_Get signature in the Default IPS Object.Which other action needs to be performed to ensure that the desired capture file is available in the Local Management interface (LMI) for this event only?
Question20: The System Administrator has configured the Advanced Tuning Parameter alpsd.ssl.inverse=1 (Man-in- the-Middle (MitM) approach) to allow Diffie-Hellman key exchange usage so traffic to their internal web portal can be decrypted.Which additional steps need to be taken to configure the XGS?
Question21: A System Administrator is planning to implement SSL Inspection for both outbound user traffic and inbound traffic to a company web server.The requirements are as follows:SSL Inspection should protect users from connections to fraudulent serversOutbound SSL Inspection should be limited to select web site categoriesAvoid having to deploy files, configurations, or certificates to user workstationsThe steps to implement this plan are as follows:Obtain an Inspection license for the XGSObtain a certificate from a public CA and upload it to the XGS via Outbound SSL CertificatesObtain the certificate and private key of the internal web server and upload it to the XGS via InboundSSL CertificatesAdd internal CA certificates for the company intranet to the trusted Certificate Authorities tab inOutbound SSL Inspection SettingsConfigure Outbound SSL Inspection Settings to block connections if the server certificate is self-signedor invalidCreate Outbound SSL Inspection rules that inspect only specific Domain Certificate CategoriesCreate Inbound SSL Inspection rules that only decrypt traffic destined for the internal web server IIaddressWhat will happen if an internal user attempts to access the company intranet?
Question22: A System Administrator needs to reinstall and XGS 4100 device.Which process step is required?
Question23: An Administrator has just configured a new XGS appliance to run in FIPS mode. After deploying the company policies to the appliance, the Administrator realizes the User Authentication feature is not working.What is the likely cause of the problem?
Question24: The System Administrator has discovered the XGS device is overloaded and is dropping legitimate traffic.Which setting is likely responsible for this behavior?
Question25: After making changes, the System Administrator wants to verify the appliance was registered with the SiteProtector system and that current policies were synchronized with SiteProtector.Which two methods can be used to accomplish this? (Choose two.)
Question26: A System Administrator wants to send a message to an SNMP Manager on a network where FIPS mode is used for additional security. The requirement is to monitor the link status of the interface.Which type of SNMP response object is needed?
Question27: The System Administrator has configured Outbound SSL Inspection Policy for five SSL-enabled web sites.How can the SSL decryption errors for each web site be detected?
Question28: A Security Administrator wants to enable a block page to alert users when they attempt to access HTTP websites that are blocked due to a Network Access policy (NAP) rule.How should the Administrator achieve this?
Question29: A System Administrator wants to integrate the XGS product with an existing SIEM deployment.Which configuration changes should be made to ensure that the SIEM product receives information about security attack incidents?
Question30: A specialized third- party appliance protects customer networks by detecting any data transmissions that do not meet the minimum security standards. The security officer wants to be alerted when machines on the customer network send data out of the internal LAN using a low encryption level and prevent them from doing so until the minimum level of encryption is met.How can the XGS be configured to contain the exposed risk?
Question31: A System Administrator makes a number of modifications to the management interface policy on an XGS appliance and then notices that the XGS is not responsive i.e. the Local Management Interface (LMI) and the Command Line Interface (CLI) via SSH cannot be contacted.How should this issue be investigated?
Question32: A customer is considering purchasing a 7100 XGS to protect its perimeter against Distributed Denial of Service (DDoS) attacks. Before making the purchase, a Customer Support Representative suggests reviewing the pam.chm file.Which pam.chm section will contain a comprehensive list of DDoS attacks?
Question33: A System Administrator wants to install a snapshot during the first time configuration of an XGS appliance.How can this be done?
Question34: A System Administrator notices a large amount of bandwidth being used by one of the web application servers on an unexpected destination port.Which method can the System Administrator use to review a sample of that traffic?