QUESTION 76 (Topic 1)
Which statement about CRLs is true?
A. CRLs are distributed automatically by the CA. B. CDP can be used to automatically validate a CRL. C. The base CRL contains only a subset of the certificates issued by a given CA. D. CRLs contain the serial number, revocation date, and reason code for withdrawn certificates.
Answer: D
QUESTION 77 (Topic 1)
A customer wants to use an SA device to front-end its intranet and block access to its Wiki, but also provide access to sites like Google, Yahoo, and MSN. Which two settings must be
configured to support this scenario? (Choose two.)
A. Web access control policies B. selective rewrite C. passthrough proxy D. DNS
="cursor: auto; margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left">
Answer: AD
QUESTION 78 (Topic 1)
Which Host Checker feature uses a software module running on the IVE device to validate an endpoint’s compliance?
A. Secure Virtual Workspace (SVW) B. Integrity Measurement Verifier (IMV) C. Integrity Measurement Collector (IMC) D. Endpoint Security Assessment Plug-In (ESAP)
Answer: B
QUESTION 79 (Topic 1)
Which three statements about role mapping are true? (Choose three.)
A. Role mapping can be based on a user attribute value. B. Role mapping can be configured first, before creating the actual roles. C. Role mapping can be based on a certificate and its data. D. Role mapping can be based on custom expressions. E. Role mapping can be based on VLAN assignment.
Answer: ACD
QUESTION 80 (Topic 1)
Cache Cleaner can be configured with which three IVE components? (Choose three.)
A. sign-in policy B. resource profile C. realm authentication policy t> D. user role E. resource policy
Answer: CDE
QUESTION 81 (Topic 1)
Which three client endpoint agents can produce and auto-upload logs when configured to do so? (Choose three.)
A. Host Checker B. Terminal Services C. Installer Service D. Advanced Endpoint Defense E. Meetings
Answer: ABE
QUESTION 82 (Topic 1)
What must be done before a VS admin can create a Network Connect profile?
A. Split tunneling must be enabled on the Network Connect profile. B. The virtual system must use 802.1q-tagged VLANs. C. The root admin must specify the IP addresses to be used for Network Connect IP address pools. D. The VS admin must be sure to use ESP as the transport method and open UDP port 4500 on the firewall.
Answer: C
QUESTION 83 (Topic 1)
Which two statements are true about upgrading clusters? (Choose two.)
A. style="font-size: 10pt" color="#000000">Active/passive upgrades require less times to complete than active/active clusters. B. Active/passive upgrades do not disrupt network operation. C. Active/active upgrades require disabling only one node. D. Active/active upgrades disrupt network operation.
Answer: BD
QUESTION 84 (Topic 1)
Which two values can you configure in a Form POST policy in the IVE to post to a Web- enabled application? (Choose two.)
A. query string B. IVE session variables C. user-agent D. LDAP attributes
Answer: BD
QUESTION 85 (Topic 1)
Which series of steps describes the appropriate method for upgrading an active/active cluster?
A. 1) upgrade master; 2) reboot backup; 3) join backup again B. 1) disable nodes; 2) upgrade individual devices; 3) enable nodes C. 1) upgrade individual nodes; 2) reboot nodes; 3) enable nodes D. 1) disable nodes; 2) upgrade one device; 3) enable nodes
Answer: B
FreeInstant Access to Instant Access to