|
Question 1.
Which functionality is provided by a NAT address pool with Symantec Enterprise Firewall?
A. port translation
B. port forwarding
C. IP address hiding
D. MAC address hiding
Answer: C
Question 2.
Which three statements are true about Security Gateway Management interface (SGMi)? (Choose three.)
A. it can be used to view active connections.
B. It can be used to configure the security gateway as a DNS server.
C. It pushes configuration data to multiple cluster nodes automatically.
D. It provides centralized logging, alerting and reporting with the Symantec Event Manager for
Security Gateways plug-in
Answer: A, B, C
Question 3.
What is used to upgrade the firmware of a Symantec Gateway Security 300 Series?
A. SSH
B. TFTP
C. SNMP
D. Infrared
E. HTTPS
Answer: B
Question 4.
Which of the following tools is distributed with the Symantec Enterprise Firewall?
A. SYSLOG
B. Remote log
C. TCPDUMP
Answer: C
Question 5.
Which Symantec Gateway Security 300 Series technology provides extended user authentication?
A. LDAP.
B. CHAP
C. Secure ID
D. RADIUS
Answer: D
Question 6.
Which three are supported connection types for the Symantec Gateway Security 300 Series?
A. Dialup
B. PPPoA
C. PPPoE
D. Firewire
E. Ethernet
F. Token Ring
Answer: A, C, E
Question 7.
Your ISP provides a changing IP address. Which feature of Symantec Gateway Security 300 Series allows external connections by name?
A. BIND DNS client
B. BIND DNS server
C. Dynamic DNS client
D. Dynamic DNS server
Answer: C
Question 8.
Your client computer has a static address of 192.168.100.25. You plug your client computer into one of the LAN ports on the Symantec Gateway Security 360, but cannot establish a connection to the appliance's management interface.
Which two configuration settings could you assign to your client to establish a management connection? (Choose two).
A. IP 192.168.0.1
B. IP 192.168.0.123
C. Mask 255.255.255.0
D. Mask 255.255.255.240
Answer: B, C
Question 9.
Which action is performed when the Symantec Gateway Security 300 Series is unable to pass its self check test after a Live Update?
A. It goes into disaster-recovery mode
B. It attempts to restart the interrupt Live Update
C. It defaults to the factory firmware stored in protected memory
D. It becomes unusable until the PROM chip is replaced with a pre-programmed one
Answer: C
Question 10.
What are two characteristics of the Symantec Gateway Security 300 Series content filtering lists?
(Choose two).
A. support wild cards
B. do not support wild cards
C. hold a maximum of 100 entries
D. hold a maximum of 128 entries
Answer: A, C
Question 11.
How does the addition of Live Update to the Symantec Gateway Security 300 Series improve its management capabilities?
A. It keeps virus definitions up-to-date
B. Appliance firmware is easily updated
C. Client Anti Virus software is updated automatically
D. OS patches are automatically distributed throughout your network
E. Firewall rules are automatically downloaded and installed on the device
Answer: B
Question 12.
Which two events will generate Symantec Gateway Security 300 Series SNMP messages? (Choose two).
A. Cold startup
B. Blocked connections
C. SGMI authentication failure
D. Trojan communication attempts
Answer: A, C
Question 13.
What is the recommended method to perform remote management on the Symantec Gateway Security 300 Series?
A. Through a VPN tunnel
B. Form the command line interface
C. Form Internet Explorer 5.5 or greater
D. By providing the admin account with a complex password
Answer: A
Question 14.
How can you configure the security gateway to permit remote management from home in the event when the VPN fails?
The IP addressing for your Symantec Gateway Security 320 is:
LAN:192.168.0.1
WAN:209.195.22.1
Your home IP is: 24.108.33.24
A. Allow remote management from IP range 24.108.33.1 to 24.108.33.32 and connect to
http://209.195.22.1:8080
B. Allow remote management from IP range 24.108.33.0 to 24.108.33.1 and connect to
ghttp://209.195.22.1:8088
C. Allow remote management from IP range 24.108.33.24 to 24.108.33.24 and connect to
http://209.195.22.1:8080
D. Allow remote management from IP range 24.108.33.24 to 24.108.33.24 and connect to
http://209.195.22.1:8088
Answer: D
Question 15.
What is the maximum size of the address pool supported by the Symantec Gateway Security 300 Series DHCP service?
A. 64
B. 125
C. 253
D. 65535
Answer: C
Question 16.
How many LAN ports does the Symantec Gateway Security 320 have?
A. 1
B. 2
C. 4
D. 8
E. 10
Answer: C
Question 17.
You want configure the Symantec Gateway Security 360R to use WAN2 30% of the time. Which three steps must you carry out to achieve this? (Choose three).
A. Set WAN1 port to normal mode
B. Set WAN2 port to normal mode
C. Set WAN1 port to backup mode
D. Set WAN2 port to backup mode
E. Set the percentage of traffic to pass through WAN1 port to 70%
F. Set the percentage of traffic to pass through WAN2 port to 30%
Answer: A, B, E
Question 18.
You manage a Symantec Gateway Security 300 Series for your company. Your company employs a lot of contractors who work for short durations with the company, but who require VPN access. This has resulted in considerable administration on your behalf, updating user account on the appliance, and ensuring that only those contractors who currently require access will have it.
What can you do to simplify this process?
A. Allow only gateway-to-gateway VPN tunnels on the appliance
B. Configure the appliance to update the user account list by importing a CSV listing the currently
authorized users
C. Install a LDAP server on you network and configure the appliance to use the LDAP server to
authenticate VPN connection attempts
D. Install a RADIUS server on your network and configure the appliance to use the RADIUS
server to authenticate VPN connection attempt
Answer: D
Question 19.
Which should you use to configure a rule that applies to any source or any destination when deploying the Symantec Gateway Security 5400 series?
A. Default
B. Universe
C. All subnets
D. 255.255.255.255
Answer: B
Question 20.
Which Symantec Gateway Security 5400 Series model is a 1U form factor?
A. 5420
B. 5421
C. 5440
D. 5441
Answer: A
|
Question 1. Which two configurations are made using the QoS Setup Wizard? (Choose two.) A. Assign applications to traffic classes. B. Use ToS/DSCP values for traffic classes. C. Exclude subnets from QoS management. D. Select dedicated vs. over-subscribed circuits. Answer: A, D Question 2. Which three locations in WebView allow you to confirm that the endpoints are configured properly? (Choose three.) A. Monitor > Endpoints B. Acceleration > Endpoints C. Device Setup > Endpoints D. Compression > Endpoints E. Admin > Maintenance > Display Configuration Answer: A, D, E Question 3. When defining an application for AppFlow acceleration, which two must be configured on the WX device? (Choose two.) A. Define application type. B. Enable AppFlow for the application. C. Enable monitoring for the application. D. Define source and destination IP addresses. Answer: A, B Question 4. What are three key prE.installation/configuration considerations when deploying a WX device? (Choose three.) A. cabling B. community topology C. requires a license key D. requires two IP addresses E. registration server designation Answer: A, B, E Question 5. Why is SNMPv2 used to monitor the WX platform? A. SNMPv1 is reaD.only on WX devices. B. SNMPv1 is not supported by WX devices. C. SNMPv2 supports both 32- and 64-bit counters. D. SNMPv2 does put and get commands to WX devices. Answer: C Question 6. Which three types of optimization does the WX 60 device perform when Exchange 2000 and Outlook 2000 are used in the network? (Choose three.) A. Fast Connection Setup B. TCP Acceleration (AFP) C. Network Sequence Caching D. AppFlow's MAPI acceleration E. Molecular Sequence Reduction Answer: B, D, E Question 7. Which three must be configured for the Packet Capture tool to collect all required data? (Choose three.) A. Enter the password. B. Modify the delete time to 3 hours. C. Set the interface to local, remote or both. D. Increase the snap length of the Packet Capture configuration. E. Set the Packet Capture size to greater than the actual data flow. Answer: A, C, E Question 8. Which Packet Flow Acceleration feature is most effective for short-lived TCP sessions? A. Active Flow Pipelining B. Fast Connection Setup C. TCP Acceleration (AFP) D. Forward Error Correction Answer: B Question 9. Which three methods can you use for route discovery on a WX platform? (Choose three.) A. Enable RIP. B. Enable OSPF. C. Periodically poll any router. D. Import routes from a TFTP server. Answer: A, B, D Question 10. What happens when you enable QoS bandwidth detection? (Choose two.) A. Circuit speed is reduced by 2% for overhead. B. WAN speed can be configured to the LAN speed. C. Bandwidth is adjusted based on minimum and maximum settings. D. WAN bandwidth is detected based on acknowledgement of metapackets. Answer: B, D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.