Issuu on Google+

     

Exam

: Nortel 920-235

Title

: Nortel VPN Gateway Rls.7.0 Configuration & Management

Version : R6.1

www.prepking.com   


Prepking - King of Computer Certification Important Information, Please Read Carefully Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com..

www.prepking.com   


1. How does TunnelGuard protect the network after a user has authenticated to the Portal? A. The TunnelGuard agent checks the client machine for keyboard loggers and other malicious applications. B. The TunnelGuard agent checks the client machine for policy compliance at boot up and restricts network access on failure. C. The TunnelGuard agent periodically checks the client machine for policy compliance and restricts network access on failure. D. The TunnelGuard agent continually checks the client machine for suspicious activity, restricts network access, and reports problems to the network administrator. Answer: C 2. Which types of certificates must be installed on the Nortel VPN Gateway (NVG) to enable end-to-end encryption? A. client certificate installed on NVG, client certificate installed on backend server(s) B. client certificate installed on NVG and server certificate installed on backend server(s) C. client certificate installed on NVG and server certificate installed on backend server(s) D. server certificate installed on NVG and server certificate installed on backend server(s) Answer: D 3. Which attribute(s) can be specified in an access rules definition? A. IP address only B. IP address and TCP/UDP port C. IP address, TCP/UDP port, and application path D. IP address, TCP/UDP port, application path, and cookie value Answer: C 4. Which feature allows you to configure a policy that requires a client to have a trusted certificate in order to authenticate? A. client filter www.prepking.com   


B. server filter C. TunnelGuard D. authentication filter Answer: A 5. Which CLI area enables you to configure authentication methods? A. /cfg/sys/aaa B. /cfg/vpn #/aaa C. /cfg/ssl/aaa/auth D. /cfg/sys/aaa/remote Answer: B 6. Which statement is correct with respect to PortalGuard? A. VPN authorization is disabled. B. VPN authentication is disabled. C. No additional license is required. D. Users must log into the Portal before accessing the backend Portal. Answer: B 7. Which statement is correct with respect to WTS links? A. Only Internet Explorer is supported. B. The WTS link cannot be pre-configured with client settings. C. An embedded ICA client applet runs in any Web browser version. D. An embedded RDP client applet eliminates the need for a locally installed version. Answer: D 8. How would a service provider differentiate backend customer networks in a hosted VPN solution? A. It would assign a unique VLAN ID to each customer. B. It would assign a unique Portal IP address to each customer. C. It would assign unique user account names to each customer. D. It would assign a dedicated authentication server to each customer. Answer: A 9. Which protocol does the Nortel VPN Gateway use to secure branch office tunnels? A. IKE B. IPSec C. HTTPS D. SOCKS-over-SSL Answer: B 10. How is the SSL VPN client deployed to a client machine? www.prepking.com   


A. It is installed along with the NetDirect client. B. It is automatically installed when the user connects to the Web Portal. C. It must be installed prior to the client connecting to the Nortel VPN Gateway. D. It is manually downloaded and installed after the user authenticates to the Web Portal. Answer: C 11. Which Nortel VPN Gateway feature allows service providers to offer hosted VPN services? A. NetDirect B. PortalGuard C. TunnelGuard D. Secure Services Partitioning Answer: D 12. Which feature must be enabled in Internet Explorer to support the IE Cache Wiper? A. Java VM B. WebDAV C. Active X D. Direct X Answer: C 13. Which authentication method should be used to query an Active Directory user database? A. Local B. LDAP C. NTLM D. RADIUS Answer: B 14. Which attribute of a certificate does a Certificate Revocation List (CRL) reference? A. issue date B. serial number C. period of validity D. subject public key Answer: B 15. Which Nortel SSL device supports only SSL acceleration (i.e., no VPN support)? A. VPN Gateway 3050 B. SSL VPN Module 1000 C. Application Switch 2424-SSL D. Ethernet Routing Switch 8661 SAM Answer: D www.prepking.com   


16. When connecting to a Nortel VPN Gateway cluster via SSH, to which IP address should you connect? A. portal IP B. virtual IP C. interface IP D. management IP Answer: D 17. Which CLI area displays the operational state of all devices in a Nortel VPN Gateway cluster? A. /info/isdlist B. /info/isdstate C. /info/isdcur D. /info/MIP/state Answer: A 18. If the Nortel VPN Gateway is correctly configured for SSL acceleration but you cannot get a Web page response, which three reasons could be the cause? (Choose three.) A. The SSL server is not listening on the correct port. B. The front-end switch does not recognize the SSL headers. C. The VIP is not set to load balance the decrypted HTTP service. D. The VPN Gateway is not in the same subnet as the Web server. E. Filtering has not been enabled on the correct Nortel Application Switch ports. Answer: ACE 19. What differentiates the Clientless and Enhanced Clientless browser access modes? A. user groups B. Java applets C. authentication D. full network access Answer: B 20. If the admin account password has been lost and there are no other accounts that belong to the admin group, how do you regain access to the admin account? A. Login as the oot user and use the passwd command to reset the admin password. B. Login as the per user and use the configuration menu to reset the admin password. C. Login as the oot user and use the configuration menu to reset the admin password. D. Login as the oot user and perform a factory installation to set a new admin password. Answer: D 21. The Nortel VPN Gateway has been configured with a valid certificate and SSL acceleration has been correctly configured. However, the backend Web servers are not listening on the correct port. What will you www.prepking.com   


see in the Web browser when you attempt to connect to the SSL Virtual IP address? A. the Browser-based Interface of the Nortel VPN Gateway B. HTTP 302 redirect to the site specified in the SSL server configuration C. a "Cannot contact web server" message because the backend server request timed out D. a security warning resulting from an untrusted certificate from the SSL server Answer: C 22. Which three features require license installation? (Choose three.) A. PortalGuard B. WholeSecurity C. Virtual Desktop D. SSL Acceleration E. Secure Service Partitioning Answer: ACE 23. How does the Nortel VPN Gateway provide end-to-end SSL security? A. It routes SSL traffic from clients directly to backend servers. B. The backend servers initiate a secure connection to clients through the VPN Gateway. C. It establishes an SSL session with backend servers and proxied re-encrypted traffic from SSL clients. D. It terminates client HTTPS sessions and initiates HTTP sessions to back end servers. Answer: C 24. Which protocol does the NetDirect VPN client use to secure communications between the client and the VPN Gateway? A. IKE B. SSL C. IPsec D. HTTPS Answer: B 25. Which attribute(s) can be specified in a network definition? A. single IP address only B. destination subnet or host name C. source and destination IP address D. source and destination IP address range (lower and upper IP) Answer: B 26. Which action can the oot user perform? A. FTP software image installation B. serial software image download www.prepking.com   


C. recovery of a lost admin password D. CD image software image installation Answer: A 27. Which protocol does the Web Portal use to facilitate the Port Forwarder applet? A. ICMP B. IPsec C. SNMP D. SOCKS Answer: D 28. Which CLI area will display the versions of code stored on the Nortel VPN Gateway? A. /cfg/sys/software/cur B. /boot/software/cur C. /boot/code/current_version D. /boot/load/software Answer: B 29. Which benefit does SSL acceleration provide with respect to client session persistency? A. It enables persistency to be based on session count. B. It enables persistency to be based on the cookie name and value. C. It enables persistency to be based source IP address and TCP port. D. It enables persistency to be based destination IP address and TCP port. Answer: B 30. Which CLI area will display the configured Syslog servers? A. /cfg/sys/syslog/list B. /cfg/sys/syslog/show_ip C. /cfg/system/syslog/cur D. /cfg/sys/server/cur Answer: A 31. When a client machine fails the TunnelGuard SRS policy compliance check, how can the client session be handled? A. The Nortel VPN Gateway can either tear down the session or allow restricted access. B. The Nortel VPN Gateway will teardown the session and disable client login for a specified interval. C. The Nortel VPN Gateway will allow restricted access, but it will not check the client machine again. D. The Nortel VPN Gateway will allow restricted access and log the user's network activity to a remediation server. Answer: A www.prepking.com   


32. Which protocol manages the exchange of key information? A. AH B. IKE C. ESP D. IPsec Answer: B 33. Which CLI menu is used for system diagnostics and troubleshooting? A. info B. boot C. maint D. stats Answer: C 34. How does the Virtual Desktop feature provide client endpoint security after it is launched? A. It encrypts all user files with a user-defined password. B. It allows new files to be encrypted and stored locally on the client machine. C. The client session activity is encrypted and erased when the session ends. D. The client disk activity is logged and checked against known malicious software signatures. Answer: C 35. Which Nortel VPN Gateway feature allows service providers to offer managed SSL and IPsec VPN solutions? A. PortalGuard B. Split Networks C. Secure Service Partitioning D. Single System Image clustering Answer: C 36. On the Portal login page, which option in the Login Service drop-down list uses a pre-ordered list of authentication methods? A. portal B. default C. authorder D. pre-defined Answer: B 37. What does the VPN Quick Setup Wizard help an administrator configure? A. basic Web portal B. DNS server access www.prepking.com   


C. remote access tunnel D. basic VPN Gateway cluster Answer: A 38. Which client filters are created by the TunnelGuard Quick Setup Wizard? A. tg_pass, tg, fail B. tg_passed, tg_failed C. tg_passed, tg_notpassed D. tg_accepted, tg_failed Answer: B 39. How does Split Administration facilitate system management? A. The service provider manages the entire VPN Gateway configuration. B. The customer is granted management access to their own VPN domain via CLI and BBI. C. The service provider manages the global configuration and the customer manages their own Portal configuration. D. The customer is granted the ability to create new VPN domains. Answer: C 40. Which tabs are available on the Portal page when the user type is set to advanced? A. Home, Files, and Advanced B. Home, Access, Tools, Advanced C. Home, Files, Tools and Advanced D. Home, Documents, Tools, Advanced Answer: C 41. Which statement best describes the Web Portal? A. It is a browser-based single point of access for web-based email solutions. B. It is a web-based interface allowing remote access to Intranet resources via an SSL connection. C. It is a secure end-to-end solution providing IP routing, WAN connectivity and IPsec security for the enterprise. D. It is a web-based VPN solution that provides secure network access via IPsec tunnels. Answer: B 42. Which process uses a complex mathematical computation to verify the integrity of the transmitted data? A. encryption B. cryptography C. one-way hash D. key generation Answer: C www.prepking.com   


100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/920-235.htm


Pass4sure 920-235 dumps