You are troubleshooting a Security Gateway, attempting to determine which chain is causing a problem. What command would you use to show all the chains through which traffic passed?
A. [Expert@HostName]# fw ctl chain
B. [Expert@HostName]# fw ctl zdebug all
C. [Expert@HostName]# fw monitor -e "accept;" -p all
D. [Expert@HostName]# fw ctl debug -m
正解:C
質問 2:
You are a system administrator and would like to configure Geo Protection on your gateway to comply with a new corporate policy. What must you have to do this?
A. DNS resolution on the gateway
B. Valid IPS contract and software blade licensing
C. The latest IPS update
D. Geo Protection is enabled by default
正解:B
質問 3:
While troubleshooting high CPU usage on cores 3 and 4 on a cluster, you notice the following output of fwaccel stats -s:
What could be a possible cause of the high CPU usage?
A. The Secure Network Dispatcher (SND) is having to process too much inbound traffic from the NICs.
B. Connections are not being accelerated by SecureXL, and all packets are being forwarded to firewall kernel instances for inspection.
C. The Secure Network Dispatcher (SND) is working too hard to distribute the traffic to the acceleration layer.
D. Connections are being partially accelerated by SecureXL, but too many packets are still being processed by the firewall kernel.
正解:B
質問 4:
In IPS which of the two initial profiles is the more resource intensive?
A. Standard
B. Default
C. Prevention
D. Recommended
正解:B
質問 5:
You have just taken over as a firewall administrator. Your company is using Geo Protections on your gateway, but you want to verify that the protections are up-to-date. How can you see when these were updated?
A. Check the time stamp of $FWDIR/tmp/geo_location_tmp/updates/IpToCountry.csv.
B. Check asm_update_version_geo in GuiDBedit.
C. In the IPS tree Protections > Select Check for Update.
D. In the IPS tree Protections > Geo Protections and check the profile name which is mm/dd/yy.
正解:A
質問 6:
What operating systems support unnumbered VTIs?
A. GAIA and Secure Platform
B. Secure Platform and IPSO
C. GAIA and IPSO
D. Solaris and IPSO
正解:C
質問 7:
You are a system administrator and you are working with Support. Support asked you to enable kernel core dumps on the files. You are unsure if this has already been set. You run the command chkconfig -list kdump. Does the screen capture tell you if kernel dumps are enabled on this gateway?
A. All values should be set to "on". A kernel core dump will not be created.
B. Kdump has nothing to do with kernel core file generation.
C. Yes kernel dump has been enabled and kernel files should be captured.
D. There is not enough information to determine if kernel core files will be generated.
正解:C
質問 8:
Which command should you use to stop kernel module debugging (excluding SecureXL)?
A. fw debug fwd off; vpn debug off
B. fw debug fwd off
C. fw ctl debug 0
D. fw ctl zdebug - all
正解:C
質問 9:
Henry is attempting to verify VPN connectivity between two hosts, x and y. Of the following commands, which could be BEST used to verify connectivity of this VPN?
A. [Expert@HostName]# fw monitor -e "(ip_p=X) or (ip_p=Y, port(Z)), accept;" -o /var/log/fw_mon.cap
B. [Expert@HostName]# fw monitor -e "host(x.x.x.x) and host(y.y.y.y), accept;" -o /var/log/fw_mon.capw monitor -e "accept;" -o /var/log/fw_mon.cap
C. [Expert@HostName]# fw monitor -e "((src=x.x.x.x , dst=y.y.y.y) or (src=y.y.y.y, dst=x.x.x.x)), accept;" x-o /var/log/fw_mon.cap
D. [Expert@HostName]# fw monitor -e "ip_p=X, accept;" -o /var/log/fw_mon.cap
正解:C
Tsuruoka -
156-115.77とても見やすく内容もわかりやすい
効率的にまとまっている156-115.77参考書だと思います。