Are these machines correctly configured for a ClusterXL deployment?
You are preparing computers for a new ClusterXL deployment. For your cluster, you plan to use four machines with the following configurations:
Cluster Member 1: OS: SecurePlatform, NICs: QuadCard, memory: 256 MB, Security Gateway version:
VPN-1 NGX
Cluster Member 2: OS: SecurePlatform, NICs: four Intel 3Com, memory: 512 MB, Security Gateway version: VPN-1 NGX Cluster Member 3: OS: SecurePlatform, NICs: four other manufacturers, memory: 128 MB, Security Gateway version: VPN-1 NGX SmartCenter Pro Server: MS Windows Server 2003, NIC: Intel NIC (one), Security Gateway and primary SmartCenter Server installed version: VPN-1 NGX
Are these machines correctly configured for a ClusterXL deployment?
How do you configure the FTP resource object and the action column in the rule to achieve this goal?
You have an internal FTP server, and you allow uploading, but not downloading. Assume Network Address Translation (NAT) is set up correctly and you want to add an inbound rule with: Source: Any Destination: FTP server Service: an FTP resource object.
How do you configure the FTP resource object and the action column in the rule to achieve this goal?
What could cause this behavior?
Wayne configures an HTTP Security Server to work with the content vectoring protocol to screen forbidden sites. He has created a URI resource object using CVP with the following settings:
Use CVP
Allow CVP server to modify content
Return data after content is approved
He adds two rules to his Rule Base: one to inspect HTTP traffic going to known forbidden sites, the other to allow all other HTTP traffic.
Wayne sees HTTP traffic going to those problematic sites is not prohibited.
What could cause this behavior?
Which VoIP Domain object type can you use?
You are configuring the VoIP Domain object for a Skinny Client Control Protocol (SCCP) environment protected by VPN-1 NGX. Which VoIP Domain object type can you use?
Which type of address translation should you use, to ensure the two networks access each other through the VPN
You want to create an IKE VPN between two VPN-1 NGX Security Gateways, to protect two networks. The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind the peer’s Gateway. Which type of address translation should you use, to ensure the two networks access each other through the VPN tunnel?
Which of the following commands shows full synchronization status?
Which of the following commands shows full synchronization status?
How would you configure the rule?
You must set up SIP with a proxy for your network. IP phones are in the 172.16.100.0 network. The Registrar and proxy are installed on host 172.16.100.100. To allow handover enforcement for outbound calls from SIP-net to network Net_B on the Internet, you have defined the following objects:
Network object: SIP-net: 172.16.100.0/24
SIP-gateway: 172.16.100.100
VoIP Domain object: VoIP_domain_A
1.End-point domain: SIP-net
2.VoIP gateway installed at: SIP-gateway host object
How would you configure the rule?
Which is the BEST configuration option?
Jennifer wants to protect internal users from malicious Java code, but she does not want to strip Java scripts. Which is the BEST configuration option?
Which VoIP Domain object type can you use?
You are configuring the VoIP Domain object for an H.323 environment, protected by VPN-1 NGX. Which VoIP Domain object type can you use?
How do you block the connection in real time and verify the connection is successfully blocked?
You receive an alert indicating a suspicious FTP connection is trying to connect to one of your internal hosts. How do you block the connection in real time and verify the connection is successfully blocked?