URL Filtering is an essential part of Web Security in the Gateway.
For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required” A . RAD Kernel Space B . URLF Kernel Client C . URLF Online Service D . RAD User Space
What is the simplest and most efficient way to check all dropped packets in real time? A . fw ctl zdebug * drop in expert mode B . Smartlog C . cat /dev/fwTlog in expert mode D . tail -f SFWDIR/log/fw log |grep drop in expert mode
The two procedures available for debugging in the firewall kernel are
i fw ctl zdebug
ii fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two A . (i) Is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to get an output via command line whereas (11) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line B . (i) is used to debug the access control policy only, however (n) can be used to debug a unified policy C . (i) is used to debug only issues related to dropping of traffic, however (n) can be used for any firewall issue including NATing, clustering etc. D . (i) is used on a Security Gateway, whereas (11) is used on a Security Management Server
What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type? A . dlpda B . dlpu C . cntmgr D . cntawmod
You have configured IPS Bypass Under Load function with additional kernel parameters ids_tolerance_no_stress=15 and ids_tolerance_stress-15 For configuration you used the *fw ctl set’ command After reboot you noticed that these parameters returned to their default values.
What do you need to do to make this configuration work immediately and stay permanent? A . Set these parameters again with “fw ctl set” and edit appropriate parameters in $FWDIR/boot/modules/ fwkern.conf B . Use script $FWDIR/bin IpsSetBypass.sh to set these parameters C . Set these parameters again with “fw ctl set” and save configuration with “save config” D . Edit appropriate parameters in $FWDIR/boot/modules/fwkern.conf
What are some measures you can take to prevent IPS false positives? A . Exclude problematic services from being protected by IPS (sip, H 323, etc ) B . Use IPS only in Detect mode C . Use Recommended IPS profile D . Capture packets. Update the IPS database, and Back up custom IPS files
Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct answer. A . fw monitor Cpo -0x1ffffe0 B . fw monitor Cp0 ox1ffffe0 C . fw monitor Cpo 1ffffe0 D . fw monitor Cp0 Cox1ffffe0