Which is the BEST configuration option to protect internal users from malicious Java code, without stripping J
Which is the BEST configuration option to protect internal users from malicious Java code, without
stripping Java scripts?
What is the correct order of steps?
Your VPN Community includes three Security Gateways. Each Gateway has its own internal network
defined as a VPN Domain. You must test the VPN-1 NGX route-based VPN feature, without stopping
the VPN. What is the correct order of steps?
Which Security Server can perform authentication tasks, but CANNOT perform content security tasks?
Which Security Server can perform authentication tasks, but CANNOT perform content security
tasks?
what does this command allow you to upgrade?
You are running a VPN-1 NG with Application Intelligence R54 SecurePlatform VPN-1 Pro Gateway.
The Gateway also serves as a Policy Server. When you run patch add cd from the NGX CD, what does
this command allow you to upgrade?
Which type of service should a Security Administrator use in a Rule Base to control access to specific shared
Which type of service should a Security Administrator use in a Rule Base to control access to specific
shared partitions on target machines?
Which of the following options will end the intruder’s access, after the next Phase 2 exchange occurs?
Assume an intruder has compromised your current IKE Phase 1 and Phase 2 keys. Which of the
following options will end the intruder’s access, after the next Phase 2 exchange occurs?
How would you configure a rule in a Security Policy to allow SIP traffic from end point Net_Ato end point Net_
How would you configure a rule in a Security Policy to allow SIP traffic from end point Net_Ato end
point Net_B, through an NGX Security Gateway?
what are Barak’s remaining steps?
Barak is a Security Administrator for an organization that has two sites using per shared secrets in its
VPN. The two sites are Oslo and London. Barak has just been informed that a new office is opening
in Madrid, and he must enable all three sites to connect via the VPN to each other. Three Security
Gateways are managed by the same Smart Center Server, behind the Oslo Security Gateway. Barak
decides to switch from per shared secrets to Certificates issued by the Internal Certificate Authority
(ICA). After creating the Madrid gateway object with the proper VPN Domain, what are Barak’s
remaining steps?
Disable “PrE. Shared Secret” on the London and Oslo gateway objects
Add the Madrid gateway object into the Oslo and London’s mesh VPN Community
Manually generate ICA Certificates for all three Security Gateways.
Configure “Traditional mode VPN configuration” in the Madrid gateway object’s VPN screen
Reinstall the Security Policy on all three Security Gateways.
How do you configure the FTP resource object and the action column in the rule to achieve this goal?
You have an internal FTP server, and you allow downloading, but not uploading. Assume Network
Address Translation is set up correctly, and you want to add an inbound rule with:
Source: Any
Destination: FTP server
Service: FTP resources object.
How do you configure the FTP resource object and the action column in the rule to achieve this
goal?
Which of the following might improve throughput performance?
Damon enables an SMTP resource for content protection. He notices that mail seems to slow down
on occasion, sometimes being delivered late. Which of the following might improve throughput
performance?