최신IBM Security Network Protection (XGS) V5.3.2 System Administration - C2150-620무료샘플문제
문제1
A company wants to implement user authentication for access to HTTP/HTTPS services against active directory using a single domain controller and multiple XGS appliances.
Which authentication deployment method should be used to achieve this?
A company wants to implement user authentication for access to HTTP/HTTPS services against active directory using a single domain controller and multiple XGS appliances.
Which authentication deployment method should be used to achieve this?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제2
A System Administrator has heard that many shopping web sites are infected due to a new vulnerability affecting shopping cart modules used by many open source e-Commerce platforms. The vulnerability only affects shopping sites using SSL.
At the System Administrator's organization, all web-based shopping applications are blocked as required by company policy. Rule 1 was already in place to accomplish this.
Outbound SSL inspection was also enabled. The System Administrator has added Rule2 in an attempt to optimize inspection and better enforce company requirements.
Which analysis of this Network Access Policy is correct with regard to packet inspection optimization?
A System Administrator has heard that many shopping web sites are infected due to a new vulnerability affecting shopping cart modules used by many open source e-Commerce platforms. The vulnerability only affects shopping sites using SSL.
At the System Administrator's organization, all web-based shopping applications are blocked as required by company policy. Rule 1 was already in place to accomplish this.
Outbound SSL inspection was also enabled. The System Administrator has added Rule2 in an attempt to optimize inspection and better enforce company requirements.
Which analysis of this Network Access Policy is correct with regard to packet inspection optimization?
정답: B
문제3
A System Administrator notices a large amount of bandwidth being used by one of the web application servers on an unexpected destination port.
Which method can the System Administrator use to review a sample of that traffic?
A System Administrator notices a large amount of bandwidth being used by one of the web application servers on an unexpected destination port.
Which method can the System Administrator use to review a sample of that traffic?
정답: A
문제4
A System Administrator wants to send a message to an SNMP Manager on a network where FIPS mode is used for additional security. The requirement is to monitor the link status of the interface.
Which type of SNMP response object is needed?
A System Administrator wants to send a message to an SNMP Manager on a network where FIPS mode is used for additional security. The requirement is to monitor the link status of the interface.
Which type of SNMP response object is needed?
정답: B
설명: (KoreaDumps 회원만 볼 수 있음)
문제5
A specialized third- party appliance protects customer networks by detecting any data transmissions that do not meet the minimum security standards. The security officer wants to be alerted when machines on the customer network send data out of the internal LAN using a low encryption level and prevent them from doing so until the minimum level of encryption is met.
How can the XGS be configured to contain the exposed risk?
A specialized third- party appliance protects customer networks by detecting any data transmissions that do not meet the minimum security standards. The security officer wants to be alerted when machines on the customer network send data out of the internal LAN using a low encryption level and prevent them from doing so until the minimum level of encryption is met.
How can the XGS be configured to contain the exposed risk?
정답: D
문제6
A System Administrator wants to configure two XGS appliances in an active/active high availability (HA) setup so that network traffic can fail over to the secondary XGS without missing inspection of any packets. The diagram below shows the current cabling setup between the redundant firewalls and routers and the 4 built in ports on the XGS appliances:
What is wrong with the cabling diagram?
A System Administrator wants to configure two XGS appliances in an active/active high availability (HA) setup so that network traffic can fail over to the secondary XGS without missing inspection of any packets. The diagram below shows the current cabling setup between the redundant firewalls and routers and the 4 built in ports on the XGS appliances:
What is wrong with the cabling diagram?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)