Latest 156-215.71 Real Exam Download 431-440
Which of the following statements about file-type recognition in Content Inspection is TRUE?
A. Antivirus status is monitored using SmartView Tracker.
B. A scan failure will only occur if the antivirus engine fails to initialize.
C. All file types are considered “at risk”, and are not configurable by the Administrator or the Security Policy.
D. The antivirus engine acts as a proxy, caching the scanned file before delivering it to the client.
Which antivirus scanning method does not work if the Gateway is connected as a node in proxy mode?
A. Scan by Direction
B. Scan by File Type
C. Scan by Server
D. Scan by IP Address
Which OPSEC server can be used to prevent users from accessing certain Web sites?
How do you control the maximum number of mail messages in a spool directory?
A. In the Gateway object’s SMTP settings under the Advanced window
B. in the smtp.conf file on the Security Management Server
C. In the Security Server window in Global Properties
D. In IPS SMTP settings
If you experience unwanted traffic from a specific IP address, how can you stop it most quickly?
A. Check anti-spoofing settings
B. Configure a rule to block the address
C. Create a SAM rule
D. Activate an IPS protection
URL filtering policy can make exceptions for specific sites by being enforced:
A. Only for specific sources and destinations.
B. For all traffic, except on specific sources and destinations.
C. For alt traffic, except blocked sites.
D. For all traffic. There are no exceptions.
The URL Filtering Policy can be configured to monitor URLs in order to:
A. Log sites from blocked categories.
B. Redirect users to a new URL.
C. Block sites only once.
D. Alert the Administrator to block a suspicious site.
Which type of resource could a Security Administrator use to control access to specific file shares on target machines?
What rules send log information to Dshield.org when Storm Center is configured?
A. Determined in IPS, Dshield Storm Center configuration: Security Management Server sends logs from rules with tracking set to either Alert or one of the specific User Defined Alerts
B. Determined by the Global Properties configuration: Log defined in the Log and Alerts section, rules with tracking sent to Account or SNMP trap.
C. Determined in Web Intelligence, configuration: Information Disclosure is configured; rules with tracking set to User Defined Alerts or SNMP trap.
D. Determined by the Dshield Storm Center Logging setting in Logs and Master of the Security Management Server object rules with tracking set to Log or None.
A security audit has determined that your unpatched Web application server is accessing a SQL server. Which IPS setting will allow the Security Gateway to prevent this error page from displaying information about the SQL server in your DMZ?
A. In Web Intelligence / General / HTTP Protocol Inspection, enables ASCII only response headers.
B. In web intelligence / HTTP Protocol Inspection, select the box Enforce Strict HTTP response parsing.
C. In application intelligence / FingerPrint Scrambling / WEB Apps, Select the Scramble error message checkbox.
D. In Web Intelligence / Information Disclosure / Error Concealment