When you hide a rule in a Rule Base, how can you then disable the rule?
A. When a rule is hidden, it is automatically disabled. You do not need to disable the rule again.
B. Clear Hide from Rules drop-down menu, then right-click and select "Disable Rule (s)".
C. Open the Rule Menu, and select Hide and view hidden rules. Select the rule, right-click, and select Disable.
D. Uninstall the Security Policy, and then disable the rule.
E. Run cpstop and cpstart on the SmartCenter Server, then disable the rule.
正解:B
質問 2:
When you hide a rule in a Rule Base, how can you disable the rule?
A. When a rule is hidden, it is automatically disabled. You do not need to disable the rule again.
B. Clear Hide from Rules drop-down meun, then right-click and select "Disable Rule (s)".
C. Open the Rule Meun, and select Hide and view hidden rules. Select the rule, right-click, and select Disable.
D. Uninstall the Security Policy, and then disable the rule.
E. Run cpstop and cpstart on the SmartCenter Server, then disable the rule.
正解:B
質問 3:
Jerry is concerned that a denial-of-service (DoS) attack may affect his VPN Communities.
He decides to implement IKE DoS protection. Jerry needs to minimize the performance impact of implementing this new protection. Which of the following configuraions is MOST appropriate for Jerry?
A. Set Support IKE DoS protection from identified source to "Stateless," and Support IKE DoS protection from unidentified source to "Puzzles".
B. Set "Support IKE DoS protection" from identified source, and "Support IKE DoS protection" from unidentified source to "Stateless".
C. Set Support IKE DoS protection from identified source to "Puzzles", and Support IKE DoS protection from unidentified source to "Stateless".
D. Set Support IKE DoS protection from identified source to "Stateless", and Support IKE DoS protection from unidentified source to "None".
E. Set Support IKE DoS Protection from identified source, and Support IKE DoS protection from unidentified source to "Puzzles".
正解:B
質問 4:
Jack's project is to define the backup and restore section of his organization's disaster recovery plan for his organization's distributed NGX installation. Jack must meet the following required and desired objectives:
Required Objective: The security policy repository must be backed up no less frequently than every 24 hours.
Desired Objective: The NGX components that enforce the Security Policies should be backed up no less frequently than once a week.
Desired Objective: Back up NGX logs no less frequently than once a week.
Administrators should be able to view backed up logs in SmartView Tracker.
Jack's disaster recovery plan is as follows:
1.*Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure the organization's routine backup software to back up the files created by the upgrade_export command.
2.*Configure the SecurePoatform backup utility to back up the Security Gateway every Saturday night.
3.*Use the cron utility to run the upgrade_export command each Saturday night on the Log Servers. Configure an automatic, nightly logexport, Configure the organization's routine backup software to backup the exported logs every night.
Jack's plan:
A. Does not meet the required objective.
B. Meets the required objective and both desired objectives.
C. Meets the required objective but does not meet either desired objective.
D. Meets the required objective and only one desired objective
正解:D
質問 5:
Steve tries to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. Steve sees the following screen. What is the problem?
A. Steve must enable Advanced Routing on each Security Gateway.
B. Steve must enable VPN Directional Match on the gateway object's VPN tab.
C. Steve must enable directional_match (true) in the objects_5_0.c file on SmartCenter Server.
D. Steve must enable VPN Directional Match on the VPN Advanced screen, in Global properties.
E. Steve must enable a dynamic-routing protocol, such as OSPF, on the Gateways.
正解:D
小村** -
私はフィリピン出身です。試験に合格するには156-915試験ガイドで十分です。