Your manager requires you to setup a new corporate VPN between all your branch offices. He requires you to choose the strongest and most secure available algorithms for the headquarters to the Research and Development branch office. In addition, you must use high performance algorithms for all sales offices with shorter key length for the VPN keys. How would you configure this scenario?
A. This can be done either in traditional mode or simplified VPN using 2 different communities and the headquarters as the center for both communities.
B. This can only be done in traditional mode VPNs while not using simplified VPN settings.
C. This can not be achieved at all as all algorithms need to be the very same for all VPNs.
D. This can be done in a single community, but the encrypt action in the security Rule Base needs to be configured for exceptions.
正解:A
質問 2:
Which of the following methods will provide the most complete backup of an R75 configuration?
A. Policy Package Management
B. Database Revision Control
C. upgrade_export command
D. Copying the $PWDIR\conf and $CPDIR\conf directories to another server
正解:C
質問 3:
How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out via a rule or policy mis-configuration?
A. fw unload policy
B. cpstop
C. fw unloadlocal
D. fw delete all.all@localhost
正解:C
質問 4:
Which authentication type requires specifying a contact agent in the Rule Base?
A. Client Authentication with Partially Automatic Sign On
B. Client Authentication with Manual Sign On
C. User Authentication
D. Session Authentication
正解:D
質問 5:
You are running a R75 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?
A. manual backup
B. snapshot
C. upgrade_export
D. backup
正解:B
質問 6:
In the Security Policy shown here, which rule inhibits Rule 4?
A. Rule 2
B. Rule 1
C. No rule inhibits Rule 4.
D. Rule 3
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Public keys and digital certificates do NOT provide which of the following?
A. Nonrepudiation
B. Data integrity
C. Authentication
D. Availability
正解:D
質問 8:
For VPN routing to succeed, what must be configured?
A. VPN routing is not configured in the Rule Base or Community objects. Only the native-routing mechanism on each Gateway can direct the traffic via its VTI configured interfaces.
B. A single rule in the Rule Base must cover all traffic on the central (HUB) Security Gateway for the VPN domain.
C. No rules need to be created; implied rules that cover inbound and outbound traffic on the central (HUB) Gateway are already in place from Policy > Properties > Accept VPN-1 Control Connections.
D. At least two rules in the Rule Base must be created, one to cover traffic inbound and the other to cover traffic outbound on the central (HUB) Security Gateway.
正解:B
斉藤** -
156-215.75ソフトバージョンをダウンロードできるのも非常にありがたいです。これだけ内容が充実しているのにこの安さは正直驚きです。