Ensurepass

Question 311

What command syntax would you use to turn on PDP logging in a distributed environment?

A. pdp tracker on

B. pdp log=1

C. pdp track=1

D. pdp logging on

 

Answer: A

 

 

Question 312

Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

A. Captive Portal

B. TACACS

C. Check Point Password

D. Windows password

 

Answer: A

 

 

Question 313

Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

A. TACACS

B. Check Point Password

C. Windows password

D. LDAP

 

Answer: D

 

 

Question 314

What gives administrators more flexibility when configuring Captive Portal instead of LDAP query for Identity Awareness authentication?

A. Captive Portal is more secure than standard LDAP

B. Captive Portal is more transparent to the user

C. Nothing, LDAP query is required when configuring Captive Portal

D. Captive Portal works with both configured users and guests

 

Answer: D

 

 

Question 315

Your company has two headquarters, one in London, and one in New York. Each office includes several branch offices. The branch offices need to communicate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of:

A. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the Community center, and its branches as satellites. The mesh Community includes only New York and London Gateways.

B. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one for London and New York headquarters.

C. One star Community with the option to mesh the center of the star: New York and London Gateways added to the center of the star with the mesh center Gateways option checked; all London branch offices defined in one satellite window, but, all New York branch offices defined in another satellite window.

D. Two mesh and one star Community: One mesh Community is set up for each of the headquarters and its branch offices. The star Community is configured with London as the center of the Community and New York is the satellite.

 

Answer: A

 

 

Question 316

Your company has two headquarters, one in London, one in New York. Each of the headquarters includes several branch offices. The branch offices only need to communicate with the headquarters in their country, not with each other, and the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities among the branch offices and their headquarters, and between the two headquarters? VPN Communities comprised of:

A. Three star Communities: The first one is between New York headquarters and its branches. The second star Community is between London headquarters and its branches. The third star Community is between New York and London headquarters but it is irrelevant which site is “center” and which “satellite”.

B. One star Community with the option to mesh the center of the star: New York and London Gateways added to the center of the star with the “mesh center Gateways” option checked; all London branch offices defined in one satellite window; but, all New York branch offices defined in another satellite window.

C. Two mesh and one star Community: Each mesh Community is set up for each site between headquarters their branches. The star Community has New York as the center and London as its satellite.

D. Three mesh Communities: one for London headquarters and its branches; one for New York headquarters and its branches; and one for London and New York headquarters.

 

Answer: A

 

 

Question 317

Match the terms with their definitions:

<!–[if !vml]–>image022<!–[endif]–>

A. A-3, B-4, C-1, D-2

B. A-2, B-3, C-4, D-1

C. A-3, B-2, C-1, D-4

D. A-3, B-2, C-4, D-1

 

Answer: D

 

 

Question 318

Which of these attributes would be critical for a site-to-site VPN?

A. Strong data encryption

B. Centralized management

C. Scalability to accommodate user groups

D. Strong authentication

 

Answer: A

 

 

Question 319

Which of the following is NOT true for Clientless VPN?

A. User Authentication is supported.

B. Secure communication is provided between clients and servers that support HTTP.

C. The Gateway accepts any encryption method that is proposed by the client and supported in the VPN.

D. The Gateway can enforce the use of strong encryption.

 

Answer: B

 

 

Question 320

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?

A. Manually import your partner’s Access Control List.

B. Manually import your partner’s Certificate Revocation List.

C. Create a new logical-server object to represent your partner’s CA.

D. Exchange exported CA keys and use them to create a new server object to represent your partner’s Certificate Authority (CA).

 

Answer: D

 

 

Comments are closed.