#101. You users defined in a Windows 2000 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in NGX?
#102. John is the Security Administrator for a public hospital. New health-care legislation requires logging for all traffic accepted through the perimeter Security Gateway. What must John do, to ensure implied rules meet the new requirement?
#104. You have two Nokia Appliances: one IP530 and one IP380. Both Appliances have IPSO 3.9 and VPN-1 Pro NGX installed in a distributed deployment. Can they be members of a gateway cluster?
#105. Sonny is the Security Administrator for a company with a large call center. The management team in the center is concerned that employees may be installing and attempting to use peer-topeer file-sharing utilities, during their lunch breaks. The call center’s network is protected by an internal Security Gateway, which is configured to drop peer-to-peer file-sharing traffic. Which application should Bonny use, to determine the number of packets dropped by each Gateway?
#109. Jack’s project is to define the backup and restore section of his organization’s disaster recovery plan for his organization??s distributed NGX installation. Jack must meet the following required and desired objectives: Required Objective: The security policy repository must be backed up no less frequently than every 24 hours. Desired Objective: The NGX components that enforce the Security Policies should be backed up no less frequently than once a week. Desired Objective: Back up NGX logs no less frequently than once a week. Jack’s disaster recovery plan is as follows: 1. Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure the organization’s routine backup software to back up the files created by the upgrade_export command. 2. Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night. 3. Use the cron utility to run the upgrade export command each Saturday night on the Log Servers. Configure an automatic, nightly logswitch. Configure the organization’s routine backup software to back up the switched logs every night. Jack’s plan:
#110. Exhibit: As a Security Administrator, you must configure anti-spooling on Security Gateway interfaces, to protect your internal networks. What is the correct anti-spooling setting on interface ETH1 in this network diagram? NOTE: In the DMZ, mail server 192.168.16.10 is statically translated to the object “mail_valid”, with IP address 210.210.210.3. The FTP server 192.168.16.15 is statically translated to the object “ftp_vaild”, with IP address 210.210.210.5
gen. 0.07
Forum
Master braindump