|
New Dumps needed: email: lagniol562@gmail.com
|
Nice collection with answers thanks
|
Question 1. Why is it beneficial for virtual classroom instructions to know approximately how much time each lesson within a virtual classroom session take? A. Knowing how much time a lesson takes allows the instructor to adjust timelines if the participants want to go deeper or need more time. B. Participants will pay better attention because there will be less time to review. C. The timing of each lesson can help participants understand the relative importance of each instructional section. D. The instructor can manage time by stopping discussions demonstrate and comments before the participants are finished. E. Making effective timing decisions demonstrates leadership in the virtual classroom. Answer: A Explanation: Question 2. Which three preparation tasks help create an effective audio environment for a virtual classroom session? (Choose three) A. Use only a wireless internet connection. B. Know how to make your phone. C. Work in a space that is free of background noise. D. Hold session in the early morning. E. Put a “trainingin Progress” sign on your door or desk. F. Use an unidirectional microphone Answer: C, E, F Explanation: Question 3. Why is it important for evaluation strategies to be highly specific? A. Virtual instructors might rationalize or make excuse for unmet learning objectives. B. Different stakeholders in organization often have competing properties and agendas. C. Management might reward or punish depending on post session behavior on the job. D. It is important to be factual about what went well, what needs important, and how it will be improved. Answer: D Explanation: Question 4. Which action is most effective if you want to gauge the ability of the group to use formulas during a virtual classroom session in Microsoft Excel slide? A. Share your application, using an expense report template; demonstrate how to input formulas in an Excel spread sheet. B. Share your application, select a cell and type the first part of formula; ask participants to type the rest into chat. C. Call on aparticipantand ask that person to verbally state what the correct formula would be; given a specific set of criteria D. Pass control of your desktop to a participant and ask that person to type in the correct formula; ask the group to continue. Answer: B Explanation: Question 5. What is a key consideration for deciding whether you should record a virtual classroom session? A. Session recordings that are posted to a company intranet may be subject to attribute laws. B. Participants may demand to know in advance what you plan to do with the recording. C. Conflicts about confidentially may cause participants to be less interactive. D. Participants may be distracted by concerns about what their recorded voice like. Answer: A Explanation: Question 6. What are two industry best practices for timing of virtual classroom sessions? (Choose two) A. Spend at least 5 minutes on each slide to allow cognitive load. B. Sessions should be approximately 60 to 90 minutes in length. C. Twenty percent of your slides should contain 80 percent of the information in the session. D. Add 5 minutes to the agenda for every five participants that are attending your session. E. Ensure that interactivity occurs every 5 minutes on average. Answer: B Explanation: Correct answer: AE Question 7. Which three questions are the most appropriate to ask if your manager asks you to coordinate and schedule a virtual session that you message will conduct next week on strategic planning? (Choose three) A. Do you want participants to be able to interact with you and each other, and if so, how? B. Are your slides ready, and are they optimally designed (for example, following the six by sixrule)? C. Will session attendance be mandatory or optional for participants? D. Approximately how many participants will be attending, and from where? E. Do the various activities support the learning objectives of the session? F. How will the learning gains or effectiveness of the session be measured? G. Is an LMS adequate for the needs of our company, or do we need an LCMS? Answer: E, F, G Explanation: Question 8. What are two key reasons why you should record and critique your own presentation on to two days before facilitating an important training session? (Choose two) A. To ensure that your communication is as clear and succinct as possible. B. To consider two creative ways to adapt the course to an asynchronous format. C. To become self-aware of any use of slang or colloquialisms if the session is for a global audience. D. To determine whether the course needs to be redesigned for a global audience. E. To show program stakeholders exactly what you will be doing. Answer: A, B Explanation: Question 9. How does the use of virtual cueing devices (such as using a highlighter tool or partner) support the process of logic and learning? A. Paves the way for social learning. B. Helps focus attentionon relevant content areas C. Promotes discussion and collaboration D. Engages auditory and less-visual learners Answer: D Explanation: Question 10. What are three appropriate reasons for asking open-ended questions? (Choose three) A. Initiate discussion B. Uncover experiences of participants C. Resolve conflict D. Stimulate critical thinking E. Challenge viewpoints F. Identify dominant participants Answer: C, D, E Explanation:
|
Question 1. What happens if all CTI ports for the configured CTI Port Group are busy when a new call arrives? A. CallManager will forward the call to the directory number configured for forward-on busy for this CTI Route Point in CallManager. B. Caller will receive ringing treatment. C. An exception is raised, but the call is accepted and processed. D. Caller will receive network busy treatment. E. CallManager will forward the caller to the directory number configured in IPCC Express for overflow. Answer: A Explanation: Question 2. Which agent will be selected when the Resource Selection Criteria is set to circular routing? A. the next available agent, based on the last agent selected and the agent order in the Resources list B. the agent who has been in the Available state for the longest amount of time C. the next available agent with the highest priority, as determined by the agent order in the Resources list D. the agent assigned to the selected Resource Group and is thus qualified to be selected Answer: A Explanation: Question 3. Which two Customer Response Solution deployment scenarios are valid for Cisco Unified Communications? (Choose two.) A. Contact Center Express communication with ICM via a co-resident PG B. Contact Center Express using the Enterprise CTI-OS toolkit C. IP IVR integrating with the Enterprise version to function as a queue point and self-service platform D. Contact Center Express communicating with ICM via a standalone PG on an expansion server E. Contact Center Express using the Enterprise Outbound option Answer: A, C Explanation: Question 4. In CRS Administration, what is created on the Communications Manager when you add a Unified CM Telephony group? A. CRS CTI Route Point B. CTI Ports C. CRS Call Control Group D. Communications Manager Call Control Group Answer: B Explanation: Question 5. Which interface is used to configuration debug parameter for log files? A. Data store control center B. Alarm and Trace Configuration C. System parameter D. Control center Answer: B Explanation: Question 6. What is the main function of the CRS Editor? A. remotely manages the LDAP Directory B. creates CRS Engine reports C. creates application scripts for call flows D. manages the CRS Server Answer: C Explanation: Question 7. In Cisco Unified Contact Center Express, where is wrap-up data enabled? A. in CSQ configuration on Application Administration B. in workflow groups on Cisco Desktop Administrator C. in the Cisco Supervisor Desktop D. in resource configuration on Application Administration Answer: B Explanation: Question 8. Refer to the exhibit. What is the purpose of the Repair button in the Cisco Unified Contact Center Express 5.0 Installation Wizard? A. repair the Cisco Unified Communications Manager cluster associated with this Cisco CRS system B. remove a version of Cisco CRS that the user had attempted but failed to remove previously C. recover a Cisco CRS system D. reinstall the same version of Cisco CRS on top of the currently installed version Answer: C Explanation: Question 9. What is a benefit of using sub flows? A. creates a framework for CRS Server status reporting B. decreases latency through increased bandwidth on CRS Server C. collects information about callers to agents D. decreases the amount of flows E. provides more efficient management of flows that are called by multiple other flows Answer: E Explanation: Question 10. In the CRS Application Editor, where do you start the debugger? A. Toolbar B. Step palette C. Variable window D. Design window Answer: A Explanation:
|
Question 1. Which DHCP server gives secondary codecs in Cisco TelePresence CTS-3000 and CTS-3200 systems their IP addresses? A. DHCP server on the voice VLAN B. DHCP server on the primary codec C. DHCP server on the Cisco Unified Communications Manager D. DHCP server on the CiscoTelePresence Manager Answer: B Question 2. How do you calibrate the light meter from the Cisco recommended RRA tool kit? A. Press the Auto Adjust button on the meter. B. Turn the meter on and off. C. Cover the sensor with the cap and press the Zero button. D. Cover the sensor with the cap and press the Light Source button. Answer: C Question 3. What two options does an administrator have using WebUI for CTMS in Monitoring/Room Testing for any active meeting? (Choose two.) A. add a CTS System to a meeting B. view network statistics C. view meeting statistics D. start loopback E. force switch Answer: A, B Question 4. The Cisco Telepresence room Fluffy does not have an email account listed in the Unified CM. This is preventing the Cisco Telepresence Manager from synchronizing with the email address for the Cisco Telepresence Room in the Calendar server. Refer to the exhibit. You are using Cisco Telepresence Manager and have just added a new room in the Cisco Unified Communications Manager and have made test calls successfully. You run the Discover Rooms option under Discovery Service successfully. You then go into the Rooms section and see the status. Which is the cause of the problem? A. The Cisco Telepresence room Fluffy does not have an email account listed in the Unified CM. This is preventing the Cisco Telepresence Manager from synchronizing with the email address for the Cisco Telepresence Room in the Calendar server. B. The Cisco Telepresence room Fluffy has an email address listed in the Unified CM. The Calendar server does not have an account for the email address provided by the Unified CM. C. The Cisco Telepresence room Fluffy has an email address listed in the Unified CM. The Calendar server has an account for the email address provided by the Unified CM. The Cisco Telepresence Manager does not have proper privileges to view this account. D. The Cisco Telepresence room Fluffy has an email address listed in the Unified CM. The Calendar server has an account for the email address provided by the Unified CM. The Cisco Telepresence Manager cannot authenticate to the LDAP server and cannot log into the Calendar server to synchronize with the account. Answer: C Question 5. During the RRA, how should you hold the light sensor when taking the majority of light measurements? A. Horizontally, so it gets the direct lighting from ceiling light fixtures. B. Vertically, toward the displays to measure the light they put off. C. Horizontally, toward any untreated windows to measure light coming in. D. Vertically, so it is reading light as if it were hitting the participant's face. Answer: D Question 6. At a minimum, what must an administrator configure in the CUCM for the Cisco Telepresence Multipoint Switch? A. SIP trunk and route pattern B. H.323 gateway and route pattern C. H.323 gateway, route pattern, route list and route group D. SIP trunk, route pattern, route list and route group E. H.323 gateway, route pattern and route group F. route pattern, route list and route group Answer: A Question 7. Which QoS mapping is specific to Cisco Telepresence? A. CoS 5 to map to a DSCP value of 40 B. CoS 4 to map to a DSCP value of 46 C. CoS 3 to map to a DSCP value of 48 D. CoS 5 to map to a DSCP value of 16 E. CoS 4 to map to a DSCP value of 32 Answer: E Question 8. How is VIP mode enabled for a scheduled multipoint Cisco Telepresence meeting? A. through the Cisco IP phone interface B. through theWebUI on the CTMS C. through the CiscoTelepresence Manager D. through calendar scheduling interface Answer: B Question 9. Which three statements about the cabling of a Cisco Telepresence 3000 are true? (Choose three.) A. All speakers connect to the primary codec. B. All video cameras connect to the primary codec. C. All 65 inch plasma displays connect to the primary codec. D. Microphones connect to the corresponding codec. E. Speakers connect to the corresponding codec. F. Video cameras connect to the corresponding codec. G. Plasma displays connect to the corresponding codec. Answer: A, F, G Question 10. DRAG DROP Answer:
|
Question 1. Which two of these statements describe why Cisco offers the security solution with the lowest operational cost? (Choose two.) A. Cisco ensures third-party integration. B. Cisco is able to meet PCI requirements. C. Cisco solves the broadest suite of threats. D. Cisco maximizes training costs for the IT group. E. Cisco has established partnerships with all key players. Answer: C, E Question 2. How does preliminary technical discovery benefit the customer? A. A technology strategy is presented to the customer. B. Information regarding an existing customer network is analyzed, which allows an appropriate solution to be developed. C. The account team analyzes and validates the business requirements. D. Detailed technical requirements are defined and documented. Answer: B Question 3. Which security management offering helps customers to readily and accurately identify, manage, and mitigate network attacks and to maintain network security compliance? A. Cisco Security Agent B. Cisco Security Manager C. Cisco NAC D. Cisco Network Assistant E. Cisco Security MARS Answer: E Question 4. What is one way that Cisco Security can decrease customer implementation costs? A. by using the existing infrastructure B. through dedicated security appliances C. through better security management products D. by reducing the number of people to train Answer: A Question 5. How does the Cisco ASA with the CSC module protect the network? (Choose two.) A. It blocks incoming e-mail and web threats. B. It guarantees regulatory compliance. C. It prevents network intrusion with an IPS. D. It provides VoIP enhancements. E. It prevents loss of sensitive information with integrated antivirus protection. Answer: A, E Question 6. How does security technology assessment drive continuous improvements? A. by recommending remediation measures, such as optimizing device configurations, planning capacity, and resolving quality issues B. by assessing the current state of the customer operations C. by assessing the realization of ROI and other benefits of the security system D. by defining project milestones Answer: A Question 7. Why do end users need to be aware of the security policy? A. Some security decisions are usually in their hands. B. They need to be aware of every threat. C. They should avoid responsibility for their actions. D. They should understand the probability of every risk. Answer: A Question 8. Which two of these choices describe how the secure network access solution provides value to the customer? (Choose two.) A. permits a man-in-the-middle attack B. makes mobility more cost-effective C. provides an unencrypted solution D. reduces the amount of equipment E. allows for secure Internet browsing Answer: B, D Question 9. How does the Cisco SDN relate to compliance? A. It is point product-based. B. It uses anomaly detection to secure a device. C. It addresses a large majority of PCI requirements. D. It uses IP protocol 50 (ESP) to securely communicate to network devices. Answer: C Question 10. Which Cisco solution provides host protection against security violations by focusing on the behavior of the device? A. Cisco PIX Firewall B. NAC Appliance C. host Analyzer D. Cisco Security Agent E. Cisco Adaptive Security Appliance Answer: D
|
Question 1. Question 2. A Windows server is running Command View and HP Replication Solutions Manager (RSM). While executing an RSM replication script, it is rebooted by the addition of new security patches from Microsoft. What happens to that script? A. System shutdown is delayed until the replication script is finished. B. Any snapshots andsnapclones currently in progress are suspended. C. Running replication tasks are queued and continued after the reboot. D. The replication script is aborted and will require a manual restart. Answer: C Question 3. What would you use to obtain a Recovery Point Objective (RPO) of zero in failsafe mode and a low performance impact? A. A latency less than or equal to 10ms in enhanced asynchronous replication mode B. A latency less than or equal to 120ms in asynchronous replication mode C. A4Gb/s link with low latency in synchronous replication mode D. An8Gb/s link with medium to high latency in synchronous replication mode Answer: C Question 4. What is a demand allocated snapshot also known as? A. Replica snapshot B. Dynamic snapshot C. Instantaneous snapshot D. Virtual snapshot Answer: D Question 5. When implementing VMware Site Recovery Manager (SRM) in a Continuous Access EVA environment, what is required in addition to the SRM software? A. Replication Solution Manager host agent B. HP EVAx000 VDS1.0 and VDS1.1/VSS Hardware Providers C. HPStorageWorks EVA Virtualization Adapter D. HP EVA VDS/VSS 2.0 Hardware Providers Answer: C Question 6. What is meant by the expression replication relationships = 3:1 in the HP StorageWorks Enterprise Virtual Array Compatibility Reference Guide? (Select two.) A. Using synchronous replication, a maximum of three hops between any two Enterprise Virtual Arrays is supported. B. OneEnterprise Virtual Array may have replicated volumes on three other Enterprise Virtual Arrays. C. Three Enterprise Virtual Arrays may have replicated volumes on a fourth Enterprise Virtual Array. D. Using asynchronous replication, a maximum of three links between any two Enterprise Virtual Arrays is supported. E. OneEnterprise Virtual Array may have a single volume replicated to three other Enterprise Virtual Arrays. Answer: B, C Question 7. When designing EVA8100 and EVA4400 in a five-fabric 8-port to 4-port configuration, which ratio of host ports to replication ports is supported? A. 1:4 B. 2:4 C. 3:1 D. 4:2 Answer: C Question 8. When building a six-fabric configuration using FC-to-IP, how many dedicated gateways are required? A. 2 B. 8 C. 4 D. 12 Answer: C Question 9. Implementing N_Port ID virtualization (NPIV) in a SAN provides certain advantages. Which statements are true about implementing such a solution? (Select two.) A. NPIV is required if there is 2:1 or greater server-to-uplink ratio on a fully populated enclosure with 16 server blades. B. You can only take advantage of NPIV when configured with HP Brocade SAN switches inCClass blade enclosures. C. In large fabrics, NPIV helps to avoid exceeding domain count limits with multiple blade enclosures. D. NPIV makes a singleFibre Channel port appear as multiple virtual ports, each having its own N_Port ID and virtual WWN. E. NPIV must be managed separately from the switches. However, it uses the common Fabric OS so that it can e consistently managed with the F. Answer: C, D Question 10. Which functionality allows them to maintain a copy of the original Vdisk and, while in a normalized state, is A. Automatically updated whenever the sourceVdisk is updated? B. Synchronizedmirrorclones C. Synchronous Continuous Access D. Synchronized containers E. Enhanced asynchronous Continuous Access Answer: A
|
Question 1. Click the Exhibit button. A user on port ge-0/0/12 fails an 802.1x authentication attempt. What is the next action of Switch A? A. It puts the Authenticator in the HELD status where all EAPOL packets are discarded until the default hold timer expires. B. It communicates with the RADIUS server to confirm the user's password. C. It transmits an EAP-Identity-Request packet immediately after it sends out EAP-Failure. D. It tries to authenticate the user using MAC radius authentication. Answer: C Explanation: Question 2. Click the Exhibit button. Based on the configuration in the exhibit, why are you seeing drops in the best-effort queue on the SRX Series platform? A. The drop-profile fill level is set too low. B. Packets are dropped by a firewall policy. C. The best-effort queue is being shaped. D. The scheduler is not being applied correctly. Answer: C Explanation: Question 3. Click the Exhibit button. Based on the output shown in the exhibit, why is VSTP not working for VLAN 100? A. No interfaces are assigned to VLAN 100. B. Your MSTI is misconfigured. C. RSTP is configured in addition to VSTP. D. No native VLAN is configured. Answer: A Explanation: Question 4. If your WAN-edge router is multihomed to different ISPs, which two BGP attributes would you modify to affect outbound traffic? (Choose two.) A. MED B. origin C. local preference D. community Answer: B, C Explanation: Question 5. When 802.1X, MAC-RADIUS, and Captive Portal are enabled on an interface, which authentication sequence occurs? A. The authentication sequence is based on the order of the configuration. B. If MAC-RADIUS is rejected, Captive Portal will start. If Captive portal is timed out, 802.1X will start. C. If 802.1X times out, then MAC-RADIUS will start. If MAC-RADIUS is timed out by the RADIUS server, then Captive Portal will start. D. If 802.1X times out, then MAC-RADIUS will start. If MAC-RADIUS is rejected by the RADIUS server, then Captive Portal will start. Answer: D Explanation: Question 6. A medium-sized enterprise has some devices that are 802.1X capable and some that are not. Any device that fails authentication must be provided limited access through a VLAN called NONAUTH. How do you provide this access? A. Configure NONAUTH VLAN as the guest VLAN. B. Configure NONAUTH VLAN as the server-reject VLAN. C. Configure NONAUTH VLAN as the guest VLAN and the server-reject VLAN D. Configure a separate VLAN for each type of user: 802.1X and non-802.1X. Answer: C Explanation: Question 7. Click the Exhibit button. Host 1, Host 2, and Host 3 are connected to Switch A on interface ge-0/0/2. Host 1 and Host 2 have been authenticated through 802.1X, however Host 3 does not have an 802.1X supplicant. Referring to the configuration in the exhibit, how can Host 3 be authenticated? A. secure-authentication option of HTTP or HTTPS must be configured for Captive Portal. B. MAC RADIUS authentication must be configured for Host 3 instead of Captive Portal. C. A new authentication-profile must be configured because 802.1X and Captive Portal cannot have the same authentication-profile. D. The 802.1X server failback feature must be configured for Host 3 to allow non-802.1X clients to authenticate. Answer: B Explanation: Question 8. A user complains about connectivity problems from their IP address (10.1.1.87) to a server (10.65.1.100). Which Junos command can help verify connectivity in the network? (Choose two.) A. mroute B. traceoptions C. ping D. clear bgp neighbor Answer: B, C Explanation: Question 9. Click the Exhibit button. The exhibit shows the output of an OSPF router LSA. Which interface ID represents the router's loopback address? A. ID 10.1.1.0 B. ID 10.0.3.4 C. ID 10.0.3.3 D. ID 10.0.2.4 Answer: B Explanation: Question 10. Click the Exhibit button. Referring to the output in the exhibit, why does the router prefer the path toward interface ge- 0/0/0.0 for the 20.0.0.0/8 route? A. The origin is IGP. B. The origin is unknown. C. The AS path is longer. D. Multihop is enabled. Answer: A Explanation:
|
Question 1. You are concerned about the latency introduced in processing packets through the IPS signature database and want to configure the SRX Series device to minimize latency. You decide to configure inline tap mode. Which two statements are true? (Choose two) A. When packets pass through for firewall inspection, they are not copied to the IPS module. B. Packets passing through the firewall module are copied to the IPS module for processing as the packets continue through the forwarding process. C. Traffic that exceeds the processing capacity of the IPS module will be dropped. D. Traffic that exceeds the processing capacity of the IPS module will be forwarded without being inspected by the IPS module. Answer: B, D Explanation: Inline Tap mode is supported in 10.2. It will have a positive impact on performance and will only be supported in dedicated mode. The processing will essentially be the same as it is in dedicated inline mode, however instead of flowd simply placing the packet in the IDPD queue to be processed, it will make a copy of the packet, put that in the queue, and forward on the original packet without waiting for IDPD to perform the inspection. This will mean that the IDP will not be a bottleneck in performance. The one limitation around this feature is that some attacks may be able to pass through the SRX without being blocked such as single packet attacks. However, even though the single packet attacks may not be blocked, most attacks will be blocked, and even in the case that an attack is let through the SRX can still close down the session and even send TCP resets if it is a TCP protocol and the Close Connection option is set. Question 2. You create a custom attack signature with the following criteria: -- HTTP Request: -- Pattern: *\x<404040...40 -- Direction Client to Server Which client request would be identified as an attack? A. FTP GET.,\x404040...40 B. HTTP GET *\404040..40 C. HTPPOST.*\x404040...40 D. HTTP GET *\x4040401.40 Answer: D Explanation: Signature-based attack objects will be the most common form of attack object to configure. This is where you use regular expression matching to define what attack objects should be matched by the detector engine. The provided regular expression matches HTTP GET request containing *\x4040401..40. Here \x – hex based numbers, . - any symbol. Reference: http://www.juniper.net/techpubs/en_US/idp5.1/topics/example/simple/intrusiondetection- prevention-custom-attack-object-compound-signature.html Question 3. Click the Exhibit button. In the exhibit, what does the configured screen do? A. It blocks TCP connection from a host when more than 1000 successive TCP connections are received B. It blocks TCP connections for a host when more than 1000 connections are received within 3600 seconds. C. It blocks TCP connection attempts from a host when more than 10 connection attempts are made within 1000 microseconds. D. It blocks TCP connections from the host for 1000 seconds when a host is identified as a TCP scan source Answer: C Explanation: The command prevents port scan attacks. A port scan attack occurs when an attacker sends packets with different port numbers to scan available services. The attack succeeds if a port responds. To prevent this attack, the device internally logs the number of different ports scanned from a single remote source. For example, if a remote host scans 10 ports in 0.005 seconds (equivalent to 5000 microseconds, the default threshold setting), the device flags this behavior as a port scan attack, and rejects further packets from the remote source. Reference: http://www.juniper.net/techpubs/software/junos-es/junos-es93/junos-es-swcmdref/portscan.html Question 4. Click the Exhibit button In the exhibit, Customer A and Customer B connect to the same SRX Series device. ISP1 and ISP2 are also directly connected to the SRX device. Customer A's traffic must use ISP1, and Customer B's traffic must use ISP2. Which configuration will create the required routing tables? A. set routing-options rib-groups fbf import-rib [ custA.inet.0 custB.inet.0 ] B. set routing-options rib-groups fbf export-rib [ custA.inet.0 custB.inet.0 ] C. set routing-options rib-groups fbf import-rib [ custA.inet.0 custB.inet.0 inet.0 ] D. set routing-options rib-groups fbf export-rib [ custA.inet.0 custB.inet.0 inet.0 ] Answer: C Explanation: Question 5. You must configure a site-to-site VPN connection between your company and a business partner. The security policy of your organization states that the source of incoming traffic must be authenticated by a neutral party to prevent spoofing of an unauthorized source gateway. What accomplishes this goal? A. Use a manual key exchange to encrypt/decrypt traffic. B. Generate internal Diffie-Hellman public/private key pairs on each VPN device and exchange public keys with the business partner. C. Use a third-party certificate authority and exchange public keys with the business partner. D. Use a private X.509 PKI certificate and verify it against a third-party certificate revocation list (CRL). Answer: C Explanation: Question 6. Company A and Company B are using the same IP address space. You are using static NAT to provide dual translation between the two networks. Which two additional requirements are needed to fully allow end-to-end communication? (Choose two.) A. route information for each remote device B. persistent-nat C. required security policies D. no-nat-traversal Answer: A, C Explanation: Reference: http://www.juniper.fr/techpubs/en_US/junos10.4/topics/example/nat-twice-configuring.html http://kb.juniper.net/library/CUSTOMERSERVICE/technotes/Junos_NAT_Examples.pdf Question 7. Your company is deploying a new WAN that uses transport over a private network infrastructure to provide an any-to-any topology. Your manager is concerned about the confidentiality of data as it crosses the WAN. Scalability of the SRX Series device's ability to perform IKE key exchanges is a key consideration. Which VPN design satisfies your manager's concerns? A. a transparent IPSec VPN B. a hub-and-spoke VPN C. a point-to-multipoint VPN D. a group VPN Answer: D Explanation: Reference: http://juniper.fr/techpubs/software/junos-security/junos-security10.2/junos-securityswconfig-security/topic-45780.html Question 8. Click the Exhibit button Senior management reports that your company's network is being attacked by hackers exploiting a recently announced vulnerability. The attack is not being detected by the DP on your SRX Series device. You suspect that your attack database is out of date. You check the version of the attack database and discover it is several weeks old. You configured your device to download updates automatically as shown in the exhibit. What must you do for the automatic update to function properly? A. Change the interval to daily by adding set automatic interval 1 to the configuration and commit the change. B. Enable the automatic updates by adding set automatic enable to the configuration and commit the change. C. Set the time zone on your device. D. Change the URL of the update site to use https:// instead of http://. Answer: B Explanation: Question 9. You obtained a license tile from Juniper Networks for the SRX Series Services Gateway IPS feature set. You want to install the license onto the SRX Series device. Which statement is accurate? A. The license file is automatically downloaded from the online license server, you need not do anything. B. Transfer the file to the SRX Series device using FTP or SCP and install the license with the request system license addcommand. C. The license file must be decrypted with the openssl utility before being installed on the SRX Series device. D. Transfer the file to the SRX firewall using FTP or SCP and install the license with the request system license install-permanent command. Answer: B Explanation: Reference: http://www.juniper.net/techpubs/en_US/junos11.1/topics/reference/commandsummary/ request-system-license-add.html Question 10. You have been asked to configure a signature to block an attack released by a security vulnerability reporting agency. Which two characteristics of the attack must you understand to configure the attack object? (Choose two) A. the source port of the attacker B. a string or regular expression that occurs within the attack C. the context where the attack pattern is found within the packet D. the IPv4 routing header Answer: B, C Explanation: Reference: http://www.juniper.net/techpubs/en_US/nsm2011.1/topics/task/configuration/attacksignature- attack-object-creating-nsm.html
|
Question 1. On which three back-end authentication servers can you use the "userAttr" attribute? (Choose three.) A. certificate server B. NIS server C. RADIUS D. SiteMinder E. LDAP Answer: C, D, E Question 2. You have just finished creating an IVS on your device. You can log in to your IVS but you cannot access any backend resources. What should you troubleshoot first? A. Verify that you have associated your IVS to the correct VLAN. B. Verify that you have allocated enough users for your IVS. C. Verify that you are not blocked because of an untrusted certificate on the IVS. D. Verify that you have associated your IVS to the correct virtual IP. Answer: A Question 3. Which two network settings are accessible only through the root administrator and cannot be accessed by the VS administrator? (Choose two.) A. internal port IP address B. Network Connect filters C. DNS options D. hosts file Answer: A, B Question 4. Which operation would you use to extract the configuration in a format that can be read by a script? A. XML export B. Syslog capture C. Config export D. SNMPv3 trap Answer: A Question 5. When using Secure Virtual Workspace, where is the protected workspace created? A. in the IVE memory B. on the IVE hard drive C. on a trusted server D. on the client desktop Answer: D Question 6. In which format is the client-side log stored on the client? A. XML B. binary C. ASCII D. base64 Answer: C Question 7. You have just created a secure Web portal that will be accessed through the IVE device. Which two steps must you complete before creating the bookmark for accessing this portal? (Choose two.) A. Generate a trusted certificate for your IVE device. B. Verify that the IVE device has a trusted relationship with your Certificate Authority. C. Verify that "Allow browsing untrusted SSL websites" is selected in the "Web Options" role. D. Generate a certificate for the secure Web portal from your trusted Certificate Authority. Answer: B, D Question 8. You have correctly enabled meeting email notifications by defining the appropriate SMTP options on the IVE device's Secure Meeting configuration page. However, when new meetings are created, invitees do not receive the emails. What might be causing this problem? A. You have not specified the IVE device's fully qualified hostname on the Network configuration page. B. The time is not synchronized between the IVE device and the SMTP server. C. You have chosen to "Hide attendee names" when specifying meeting options. D. You have invited attendees with email addresses in a domain that is not registered on the Secure Meeting configuration page. Answer: A Question 9. Which three client endpoint agents can produce and auto-upload logs when configured to do so? (Choose three.) A. Meetings B. Installer Service C. Terminal Services D. Advanced Endpoint Defense E. Host Checker Answer: A, C, E Question 10. A company does not want to allow users to remotely download content through the IVE rewriter because of concerns that the content will be left behind on user PCs. Which three options should be investigated and used to help mitigate this risk? (Choose three.) A. Disable caching for all Web content. B. Use Secure Virtual Workspace. C. Use Cache Cleaner. D. Enable caching for all Web content. E. Enable caching in the Web browser. Answer: A, B, C
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.