Create Next App

checkpoint 156_11577

Custom view settings

Exam contains 43 questions

Page 7 of 8

Question 37 🔥

When you have your directional VPN enforcement rule set to "Internal_Clear" , what does this represent?

Which database solution meets these requirements?

A. All interfaces are designated "External"

Highly voted

B. VOIP traffic

Highly voted

C. Do not perform directional VPN enforcements on this traffic

Highly voted

D. All interfaces are designated as "Internal"

Highly voted

Discussion of the question

Question 38 🔥

You are using an IPV6 environment and find that you need additional access control and want to set up some directional VPN rules. How can you restrict access based on destination?

Which database solution meets these requirements?

A. This can only be done in Traditional Mode VPN.

Highly voted

B. Directional VPN enforcement feature is not supported for IPv6.

Highly voted

C. Enable Global Properties > Advanced > IPv6 for directional VPN enforcement.

Highly voted

D. Set your rule match to "All_gwtogw" and create a new rule.

Highly voted

Discussion of the question

Question 39 🔥

You are trying to set "VPN Directional Match" on the VPN column but the "Directional Match Condition" option is not there. Why is this missing?

Which database solution meets these requirements?

A. The peer does not support this feature.

Highly voted

B. This can only be done in Traditional Mode.

Highly voted

C. You must turn this feature on through Global Properties > VPN > Advanced, then select Enable VPN Directional Match in VPN column.

Highly voted

D. This must be enabled on the Gateway in "Advanced Settings".

Highly voted

Discussion of the question

Question 40 🔥

How do you designate the "enforcement point gateway" for the peers involved in "VPN Directional Enforcement"?

Which database solution meets these requirements?

A. From the WebUI’s of the peers add a static route to the "designated enforcement point".

Highly voted

B. In the file $FWDIR/conf/user.def on each peer with a route entry to the enforcement point gateway.

Highly voted

C. Designate this gateway in the VPN community properties.

Highly voted

D. Editing file $FWDIR/conf/vpn_route.conf on each peer with a route entry to the enforcement point gateway.

Highly voted

Discussion of the question

Question 41 🔥

What is the limit to the number of VPN directions that can be configured in a single rule?

Which database solution meets these requirements?

A. There is no limit.

Highly voted

B. It is limited to the number of communities that exist in your dashboard.

Highly voted

C. You may only configure one direction per rule.

Highly voted

D. After configuring ten you must use a standard bi-directional condition.

Highly voted

Discussion of the question

Question 42 🔥

How does the "Directional Enforcement" rule manage subsequent packet inspection?

Which database solution meets these requirements?

A. "Directional Enforcement" is only applied to the first packet of the connection, including packets in the opposite direction.

Highly voted

B. "Directional Enforcement" is applied to all packets in the connection.

Highly voted

C. "Directional Enforcement" applies only to the first packet of the connection, but does not include the packets in the opposite direction.

Highly voted

D. "Directional Enforcement" is considered trusted traffic and therefore is not inspected.

Highly voted

Discussion of the question

Ready to Pass Your Certification Test

checkpoint 156_11577

Exam contains 43 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us