If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?

Because of a pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?

Phase 1 uses________.

Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:

RequireD. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.200.200.5.

The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.

Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?

What statement is true regarding Visitor Mode?

Which of these security policy changes optimize Security Gateway performance?

With deployment of SecureClient, you have defined in the policy that you allow traffic only to an encrypted domain. But when your mobile users move outside of your company, they often cannot use SecureClient because they have to register first (i.e. in Hotel or Conference rooms). How do you solve this problem?

Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?

You install and deploy SecurePlatform with default settings. You allow Visitor Mode in the Remote Access properties of the Gateway object and install policy, but SecureClient refuses to connect.
What is the cause of this?

Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?