Exam A
QUESTION 1
Two CMAs can be created for a single Customer, for High availability (HA). Which of these statements is NOT correct for this type of CMA configuration?
A. The HA scheme requires one Primary CMA and one Secondary CMS, housed on different MDS computers
B. Should a CMA fail for any reason, the Standby CMA can continue operation without service interruption
C. Administrators make Security Policy changes thr0ough the Active CMA only
D. The CMAs must be synchronized to maintain the same information
E. If the Active CMA’s data has not recently been synchronized with the standby CMA, it can no longer be used to replace the Active CMA if fail over occurs
Correct Answer: E
QUESTION 2
The Eventia Reporter Add-on for Provider-1 does not have its own package. It is installed, removed, enabled and disabled using which of the following scripts?
A. EVRSetup
B. Cpconfig
C. Sysconfig
D. Setuptutil
E. SVRSetup
Correct Answer: E
QUESTION 3
Which of the following statement is TRUE about Global Objects?
A. A Global Object must have a different IP address than of the remote module on which it is installed
B. Global Objects can share names if both the Provider-1 configuration and the remote Security Gateway are at version VPN-1 NGX
C. A Global Object can’t share the IP address of the remote module on which the Global Policy is installed
D. Global Objects shared object names included in the Security Policy to which they are assigned
E. Global Objects can only be edited in the Global SmartDashboard
Correct Answer: E
QUESTION 4
In Provider-1 NGX, which servers are predefined as global services for use in the Global SmartDashboard?
A. Only Firewall-1 control connections are predefined
B. All services are predefined in VPN-1 NGX, except VOIP related services
C. All services are predefined in VPN-1 NGX, except the required user-defined CPMI service
D. All services are predefined in VPN-1 NGX
E. None of the services are predefined
Correct Answer: D
QUESTION 5
For which of the following components in a Provider-1 NGX deployment can a SmartCenter Server be configured as a backup?
A. MLM
B. Secondary MDS
C. Primary MDS and a Secondary CMA
D. Primary CMA not backed up by a Secondary CMA
E. Primary MDS
Correct Answer: D
QUESTION 6
Which of the following Administrator types can migrate a SmartCenter Management Server into the Provider-1 system as a CMA?
A. Provider-1 Superuser
B. Both the Provider-1 and Customer Superusers
C. Both the Provider-1 and Customer Managers
D. Provider-1 Manager
E. Customer Manager
Correct Answer: B
QUESTION 7
Secure communication from CMAs to the Security Gateways uses which type of encryption?
A. Traffic between CMAs and Security Gateways is not encrypted. Therefore, no encryption is used
B. 256-bit SSL encryption
C. 128-bit SSL encryption
D. IKE with pre-shared secret
E. RSA encryption
Correct Answer: C
QUESTION 8
A Global VPN Community can be used in which of the following:
A. In the implied rules of the customer-defined security policy
B. At any point in the Customer-defined security policy
C. In the Global security Policy, only above the customer-defined rules
D. In the global Security Policy, only below the customer-defined rules
E. In the Stealth rules associated with the Administrator Security Policy
Correct Answer: B
QUESTION 9
Which of the following services must be allowed through the NOC firewall to give a remote MDG access to the MDS?
A. CP_GUI
B. CPMI
C. FW1_CPMI
D. TCP_GUI
E. FW1_MGMT
Correct Answer: B
QUESTION 10
Global SmartDefense settings may be modified within specific customer security policies.
A. True, all aspects of a Global Policy may be modified within Individual Customer Security Policies, if the Administrator has Superuser privileges
B. True, but only if the Global Policy is “merged” with the customer’s existing Security Policy
C. True, unlike globally defined rules, global SmartDefense settings are not read-only and may be modified
D. True, but only if the Global Policy is applied to the customer but not installed. Once installed, the policy can’t be modified
E. False, all aspects of a Global Policy are read-only and can’t be modified within individual customer policies
Correct Answer: C
QUESTION 11
Which of the following views allows Administrators to create and configure a new CMA?
A. System status view
B. General view, Network Objects mode
C. Global Policies view, Security Policies mode
D. General view, customer contents mode
E. General view, MDS Contents mode
Correct Answer: D
QUESTION 12
Exhibit:
If a NOC firewall separates the Provider-1 MDS machine and the MDG ( as shown below), what would you need to do, to allow the MDG to connect to the MDS?
A. Create a specific RPC service and rule on the NOC firewall for MDG traffic
B. Create a rule the NOC firewall that allows CPD and CPD_amon traffic to pass from the MDG to the MDS object
C. Create a UDP service and rule on the NOC firewall for MDG traffic
D. Create a rule on the NOC firewall that allows CPMI traffic to pass from the MDG to the MDS object
Correct Answer: D
