Pass the Cisco CCNP Security 300-206 exam. “Implementing Cisco Edge Network Security Solutions (SENSS)”: https://www.lead4pass.com/300-206.html (Total Questions: 445 Q&As). I know you most want to get here for free 300-206 dumps. The latest free 300-206 exam practice questions and 300-206 pdf help you improve your skills and exam experience!
QUESTION 1 Which Cisco ASA object group type offers the most flexibility for grouping different services together based on arbitrary protocols? A. network B. ICMP C. protocol D. TCP-UDP E. service Correct Answer: E
QUESTION 2 Which technology can drop packets with a spoofed source address Instead of forwarding them? A. ICUP redirects B. SNMPv3 C. ICMP unreachable messages D. uRPF E. TACACS+ Correct Answer: C
QUESTION 3 Control plane thresholding limit for which protocols A. ICMP B. BGP C. ARP Correct Answer: B The queue-thresholding feature policy supports the following TCP/UDP-based protocols: Bgp,dns,ftp,http,igmp,snmp,ssh,syslog,telnet,Tftp,host-protocols
QUESTION 4 An engineer is hardening the management plane for an ASA. Which protocol is affected by this hardening? A. BGP B. IKE C. ICMP D. ARP Correct Answer: C
QUESTION 5 A Cisco ASA is configured in multiple context mode and has two user-defined contexts– Context_A and Context_B. From which context are device logging messages sent? A. Admin B. Context_A C. Context_B D. System Correct Answer: A
QUESTION 6 A network engineer wants to add new view to an IOS device configured with RBAC. Which privilege is required for that task? A. Level 16 B. Level 15 C. root view D. admin view Correct Answer: B
QUESTION 7 Which setting is optional when configuring two Cisco ASA firewalls for failover? A. identical RAM installed B. same context mode C. same AnyConnect images D. identical licenses Correct Answer: D
QUESTION 8 Which VTP mode supports private VLANs on a switch? A. transparent B. server C. client D. off Correct Answer: A
QUESTION 9 Which two statements about Cisco IDS are true? (Choose two.) A. It is preferred for detection-only deployment. B. It is used for installations that require strong network-based protection and that include sensor tuning. C. It is used to boost sensor sensitivity at the expense of false positives. D. It is used to monitor critical systems and to avoid false positives that block traffic. E. It is used primarily to inspect egress traffic, to filter outgoing threats. Correct Answer: AD
An SNMP host is an IP address to which SNMP notifications and traps are sent. To configure SNMFV3 hosts, which option must you configure in addition to the target IP address? A. the Cisco ASA as a DHCP server, so the SNMFV3 host can obtain an IP address B. a username, because traps are only sent to a configured user C. SSH, so the user can connect to the Cisco ASA D. the Cisco ASA with a dedicated interface only for SNMP, to process the SNMP host traffic. Correct Answer: B The username can be seen here on the ASDM simulator screen shot:
QUESTION 12 In which way are management packets classified on a firewall that operates in multiple context mode? A. by their interface IP address B. by the routing table C. by NAT D. by their MAC addresses Correct Answer: A
QUESTION 13 Which three options are default settings for NTP parameters on a Cisco device? (Choose three.) A. NTP authentication is enabled. B. NTP authentication is disabled. C. NTP logging is enabled. D. NTP logging is disabled. E. NTP access is enabled. F. NTP access is disabled. Correct Answer: BDE
Watch the Cisco CCNP Security 300-206 video tutorial online
We have a number of Cisco, Cisco, IBM, Cisco, and other exam experts. We update exam data throughout the year. Top exam pass rate! We have a large user base. We are an industry leader! Choose Lead4Pass to pass the exam with ease!
Free Cisco CCNP Security 300-206 exam exercise questions and answers, 300-206 pdf and 300-206 video practice questions. These will help you improve your exam experience. I know you want to easily get 300-206 certification! It’s not hard! Experts recommend https://www.lead4pass.com/300-206.html help you easily get certified.
Pass the Microsoft Business Intelligence 70-462 exam. “Administering Microsoft SQL Server 2012 Databases”: https://www.lead4pass.com/70-462.html (Total Questions: 321 Q&As). I know you most want to get here for free 70-462 dumps. The latest free 70-462 exam practice questions and 70-462 pdf help you improve your skills and exam experience!
This exam measures your ability to accomplish the technical tasks listed below.
Install and configure (20–25%)
Maintain instances and databases (15–20%)
Optimize and troubleshoot (15–20%)
Manage data (20–25%)
Implement security (15–20%)
Implement high availability (5–10%)
Who should take this exam?
This exam is intended for database professionals who perform installation, maintenance, and configuration tasks. Other responsibilities include setting up database systems, making sure those systems operate efficiently, and regularly storing, backing up, and securing data from unauthorized access.
Test your Microsoft Business Intelligence 70-462 exam level
QUESTION 1 You want to simulate read, write, checkpoint, backup, sort, and read-ahead activities for your organization\\’s SQL Server 2012 deployment. Which of the following tools would you use to accomplish this goal? A. SQLIO B. SQLIOSim C. SQLIOStress D. chkdsk Correct Answer: B
QUESTION 2 You use Microsoft SQL Server 2012 to develop a database application. You need to create an object that meets the following requirements: Takes an input variable Returns a table of values Cannot be referenced within a view Which object should you use? A. Scalar-valued function B. Inline function C. User-defined data type D. Stored procedure Correct Answer: D
QUESTION 3 You administer a SQL Server 2012 server that contains a database named SalesDb. SalesDb contains a schema named Customers that has a table named Regions. A user named UserA is a member of a role named Sales. UserA is granted the Select permission on the Regions table and the Sales role is granted the Select permission on the Customers schema. You need to ensure that the Sales role, including UserA, is disallowed to select from the Regions table. Which Transact-SQL statement should you use? A. REVOKE SELECT OK Schema::Customers FROM UserA B. REVOKE SELECT ON Object::Regions FROM UserA C. EXEC sp_addrolemember \\’Sales\\’, \\’UserA\\’ D. DENY SELECT ON Schema::Customers FROM Sales E. EXEC sp_droprolemember \\’Sales\\’, \\’UserA\\’ F. REVOKE SELECT ON Schema::Customers FROM Sales G. DENY SELECT ON Object::Regions FROM UserA H. REVOKE SELECT ON Object::Regions FROM Sales I. DENY SELECT ON Schema::Customers FROM UserA J. DENY SELECT ON Object::Regions FROM Sales Correct Answer: J References: http://msdn.microsoft.com/en-us/library/ms188369.aspxhttp://msdn.microsoft.com/en-us/library/ms187750.aspxhttp://msdn.microsoft.com/en-us/library/ff848791.asp
QUESTION 4 You have configured Resource Governor with three resource pools. You have assigned the first resource pool a minimum CPU and memory value of 20%. You have assigned the second resource pool a minimum CPU and memory value of 30%. You want to assign maximum CPU and memory values to the third resource pool. What is the maximum CPU and memory value you can assign to this resource pool? A. 30% B. 50% C. 70% D. 100% Correct Answer: B The maximum resource value assigned to the third pool is 65%; the sum of the minimum resource values assigned to the other pools is 50%. Note: MIN_CPU_PERCENT and MAX_CPU_PERCENT These settings are the minimum and maximum guaranteed average CPU bandwidth for all requests in the resource pool when there is CPU contention. You can use these settings to establish predictable CPU resource usage for multiple workloads that is based on the needs of each workload. For example, assume the Sales and Marketing departments in a company share the same database. The Sales department has a CPU-intensive workload with high-priority queries. The Marketing department also has a CPU-intensive workload, but has lower-priority queries. By creating a separate resource pool for each department, you can assign a minimum CPU percentage of 70 for the Sales resource pool and a maximum CPU percentage of 30 for the Marketing resource pool. This ensures that the Sales workload receives the CPU resources it requires and the Marketing workload is isolated from the CPU demands of the Sales workload. Note that the maximum CPU percentage is an opportunistic maximum. If there is available CPU capacity, the workload uses it up to 100 percent. The maximum value only applies when there is contention for CPU resources. In this example, if the Sales workload is switched off, the Marketing workload can use 100 percent of the CPU if needed. References: https://docs.microsoft.com/en-us/sql/relational-databases/resource-governor/resource-governor-resource-pool
QUESTION 5 DRAG DROP You are a database administrator of a Microsoft SQL Server 2012 environment. The environment contains two servers named SQLServer01 and SQLServer02. The database Contoso exists on SQLServer01. You plan to mirror the Contoso database between SQLServer01 and SQLServer02 by using database mirroring. You need to prepare the Contoso database for database mirroring. Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.) Select and Place:
QUESTION 6 You administer a Microsoft SQL Server database server. One of the databases on the server supports a highly active OLTP application. Users report abnormally long wait times when they submit data into the application. You need to identify which queries are taking longer than 1 second to run over an extended period of time. What should you do? A. use SQL Profiler to trace all queries that are processing on the server. Filter queries that have a Duration value of more than 1,000. B. Use sp_configure to set a value for blocked process threshold. Create an extended event session. C. Use the Job Activity monitor to review all processes that are actively running. Review the Job History to find out the duration of each step. D. Run the sp_who command from a query window. E. Run the DBCC TRACEON 1222 command from a query window and review the SQL Server event log. Correct Answer: A Use SQL Profiler to trace all queries that are processing on the server. Filter queries that have a Duration value of more than 1,000. Incorrect: Not B: The SQL Server lock monitor is responsible for implementing the logic to detect a blocking scenario if the `blocked process threshold\\’ value is greater than 0. However, the lock monitor only wakes up every 5 seconds to detect this condition (it is also looking for other conditions such as deadlocks). Therefore, if you set a `blocked process threshold\\’ value to 1, it will not detect a process that has been blocking for 1 second. The minimum time it can detect a blocked process is 5 seconds. Not E: The Traceflag 1222 Shows Deadlocks, not the Duration of an query. References: https://docs.microsoft.com/en-us/sql/tools/sql-server-profiler/sql-server-profiler
QUESTION 7 You install a Microsoft SQL Server 2012 instance. The instance will store data extracted from two databases running on Windows Azure SQL Database. You hire a data steward to perform interactive data cleansing and ad hoc querying and updating of the database. You need to ensure that the data steward is given the correct client tools to perform these tasks. Which set of tools should you install? A. SQL Server Management Studio and Distributed Replay Client B. Master Data Services and Data Quality Client C. Data Quality Client and Distributed Replay Client D. Data Quality Client and SQL Server Management Studio Correct Answer: B References: https://www.mssqltips.com/sqlservertutorial/3802/sql-server-master-data-services-architecture/
QUESTION 8 You have three tables that contain data for vendors, customers, and agents. You create a view that is used to look up telephone numbers for these companies. The view has the following definition: You need to ensure that users can update only the phone numbers by using this view. What should you do?
A. Alter the view. Use the EXPAND VIEWS query hint along with each SELECT statement. B. Drop the view. Re-create the view by using the SCHEMABINDING clause, and then create an index on the view. C. Create an AFTER UPDATE trigger on the view. D. Create an INSTEAD OF UPDATE trigger on the view. Correct Answer: D
QUESTION 9 You administer two instances of Microsoft SQL Server. You deploy an application that uses a database on the named instance. The application is unable to connect to the database on the named instance. You need to ensure that the application can connect to the named instance. What should you do? A. Start the SQL Server Browser Service. B. Configure the application as data-tiered. C. Open port 1433 on the Windows firewall on the server. D. Configure the named SQL Server instance to use an account that is a member of the Domain Admins group. Correct Answer: A
QUESTION 10 DRAG DROP You administer a Microsoft SQL Server 2012 instance that contains a database of confidential data. You need to encrypt the database files at the page level. You also need to encrypt the transaction log files. Which four actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.) Select and Place:
QUESTION 11 DRAG DROP You have a consolidated SQL Server instance that contains databases for several applications. You need to limit the maximum degree of parallelism for an application named App1. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. NOTE: More than one order of answer choices is correct. You will receive credit for any of the correct orders you select. Select and Place:
Step 1: Enable Resource Governor The Resource Governor is turned off by default. You can enable the Resource Governor by using either SQL Server Management Studio or Transact-SQL. Step 2: Create a resource pool. In the SQL Server Resource Governor, a resource pool represents a subset of the physical resources of an instance of the Database Engine. Step 3: Create a workload group In the SQL Server Resource Governor, a workload group serves as a container for session requests that have similar classification criteria. A workload allows for aggregate monitoring of the sessions, and defines policies for the sessions. Each workload group is in a resource pool, which represents a subset of the physical resources of an instance of the Database Engine. When a session is started, the Resource Governor classifier assigns the session to a specific workload group, and the session must run using the policies assigned to the workload group and the resources defined for the resource pool. Step 4: Write a classifier function. The SQL Server resource governor classification process assigns incoming sessions to a workload group based on the characteristics of the session. You can tailor the classification logic by writing a user-defined function, called a classifier function. Incorrect Answers: Not: Restart SQL Server The setting takes effect immediately without restarting the server. References: https://docs.microsoft.com/en-us/sql/relational-databases/resource-governor/resource-governor
QUESTION 12 This question is part of a series of questions that use the same set of answers choices. An answer choice may be correct for more than one question in the series. You administer a Microsoft SQL Server database server that hosts a transactional database and a reporting database. The transactional database is updated through a web application and is operational throughout the day. The reporting database is only updated from the transactional database. The recovery model and backup schedule are configured as shown in the following table:
One of the hard disk drives that stores the transactional database fails at 23:32 hours. Attempts to create a tail log backup are unsuccessful. You need to ensure that the transactional database is restored. You also need to ensure that data loss is minimal. What should you do? A. Perform a page restore. B. Perform a partial restore. C. Perform a point-in-time restore. D. Restore the latest full backup. E. Restore the latest full backup. Then, restore the latest differential backup. F. Restore the latest full backup, and restore the latest differential backup. Then, restore the latest log backup. G. Restore the latest full backup, and restore the latest differential backup. Then, restore each log backup taken before the time of failure from the most recent differential backup. H. Restore the latest full backup. Then, restore each differential backup taken before the time of failure from the most recent full backup. Correct Answer: C References: https://docs.microsoft.com/en-us/sql/relational-databases/backup-restore/restore-a-sql-server-database-to-a-point-in-time-full-recovery-model?view=sql-server-2017
QUESTION 13 DRAG DROP You administer two Microsoft SQL Server database servers named ProdSrv1 and ProdSrv2. Each server has a database named Orders. You need to configure transactional replication from the OrderSummary table in the Orders database on ProdSrv1 to the OrderSummary table in the Orders database on ProdSrv2. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. Select and Place:
We have a number of Microsoft, Microsoft, IBM, Microsoft, and other exam experts. We update exam data throughout the year. Top exam pass rate! We have a large user base. We are an industry leader! Choose Lead4Pass to pass the exam with ease!
Free Microsoft Business Intelligence 70-462 exam exercise questions and answers, 70-462 pdf and 70-462 video practice questions. These will help you improve your exam experience. I know you want to easily get 70-462 certification! It’s not hard! Experts recommend https://www.lead4pass.com/70-462.html help you easily get certified.
Easily get the latest Cisco CCNA Collaboration 210-060 dumps, “Implementing Cisco Collaboration Devices (CICD)” 210-060 Exam. You can upgrade your skills by downloading the 210-060 pdf or the online 210-060 exam exercise test! 99.5% pass rate:lead4pass.com
Latest Cisco CCNA Collaboration 210-060 Practice Questions and Answers
QUESTION 1 An engineer must generate a report of Cisco Unified Communications Manager usage for capacity planning. Where can this information be obtained within System Reports? A. precedence call B. voice usage C. user usage D. traffic Correct Answer: D
QUESTION 2 Which transport layer protocol is used when a Cisco Unified Presence client is searching for a contact in the directory? A. TCP B. UDP C. IMAP D. HTTP Correct Answer: A
QUESTION 3 A network engineer must perform a manual backup of the Cisco Unified Communications Manager system. Where can this backup be done? A. Administration Resources B. Serviceability C. OS Administration D. Disaster Recovery System Correct Answer: D
QUESTION 4 CUC 10.X supports LDAP integration with several widely used LDAP directories systems, including the following: A. Microsoft Active Directory 2000, 2003 and 2008 (support for AD 2012 only in CUCM 10.x and later B. Microsoft Active Directory Application Mode 2003 C. Microsoft Lightweight Directory Services 2008 D. iPlanet Directory Server 5.1 E. Sun ONE Directory Server (5.2, 6.x) F. Open LDAP (2.3.39, 2.4) Correct Answer: A
QUESTION 5 Which three rules are valid transfer rules in Cisco Unity Connection? (Choose three.) A. Standard B. Alternate C. Closed D. Holiday E. Nonstandard Correct Answer: ABC Standard Transfer Rule This transfer rule applies during the work hours that your Cisco Unity administrator specified for your organization, or in other situations when no other transfer rule is enabled. By design, the standard transfer rule cannot be disabled. Alternate Transfer Rule Enable this transfer rule to apply during a specific time period when you want to override the other transfer rules. For example, you may want to route all your calls directly to voice mail while you are out of the office or you may want to transfer your calls to a different extension if you are temporarily working from another location. As long as it is enabled, the alternate transfer rule overrides all other transfer rules. Closed Transfer Rule Enable this transfer rule if you want Cisco Unity to perform different transfer actions during the nonwork hours that your Cisco Unity administrator specified for your organization. (For example, you may want to route all your calls directly to voice mail during nonwork hours.) As long as it is enabled, the closed transfer rule overrides the standard transfer rule during nonbusiness hours.
QUESTION 6 Which protocol is used between two Cisco IP phones once Cisco Unified Communications Manager Express connects a call? A. H.323 B. RTP C. SCCP D. SIP Correct Answer: B
QUESTION 7 Which option can an administrator use to add users to Cisco Unity Connection in different time zones? A. User Templates B. Call Handler Template C. Contact Template D. Directory Handler E. Interview Handler Correct Answer: A
QUESTION 8 What is the act of combing two active conferences via the MCU? A. cascading B. neighboring C. multisite D. clustering Correct Answer: A
QUESTION 9 Which address is required to create a video endpoint in Cisco Unified Communications Manager? A. MAC B. IP C. E.164 D. SIP URI Correct Answer: D
QUESTION 10 Which component allows Cisco Jabber to communicate with Cisco Jabber clients who are outside the corporate network? A. Cisco Extension Mobility B. Cisco TMS C. Cisco Mobility Remote Destination D. Cisco Unified RTMT E. Cisco Mobile and Remote Access Correct Answer: A
QUESTION 11 When creating a hunt group/ring group, where can you change the DN for all the devices at once? A. Hunt pilot B. Route pilot C. Group file D. Hunt list Correct Answer: A
QUESTION 12 To control telephony costs, management wants to restrict who can place long distance calls. Which two options allow for this restriction? (Choose two.) A. calling search space B. partitions C. route groups D. SIP trunk E. gateway Correct Answer: AB
QUESTION 13 Which type of data file is used for bulk import of users into Cisco Unity Connection? A. .xls B. .doc C. .csv D. .pdf Correct Answer: C
All of our exam dumps are updated throughout the year, follow us! Get the latest recommendations! Pass the Cisco CCNA Collaboration 210-060 exam We recommend: https://www.lead4pass.com/210-060.html (382 Q&A).
Lead4Pass helps you pass the exam easily! We compare data from all websites in the network, other sites are expensive, and the data is not up to date, Lead4pass updates data throughout the year. The pass rate of the exam is above 99.5%.
We share the latest exam dumps throughout the year to help you improve your skills and experience! The latest Cisco CCNA Security 210-260 exam dumps, online exam Practice test to test your strength, Cisco 210-260 “Implementing Cisco Network Security (IINS) v3.0” in https://www.lead4pass.com/210-260.html Update the exam content throughout the year to ensure that all exam content is authentic and valid. 210-260 PDF Online download for easy learning.
Free test Cisco CCNA Security 210-260 Exam questions and Answers
QUESTION 1 Which two statement about stateless firewalls is true? (Choose two) A. the Cisco ASA is implicitly stateless because it blocks all traffic by default. B. They compare the 5-tuple of each incoming packets against configurable rules. C. They cannot track connections.. D. They are designed to work most efficiently with stateless protocols such as HTTP or HTTPS.. E. Cisco IOS cannot implement them because the platform is Stateful by nature Correct Answer: BC 5-tuple is: source/destination IP, ports, and protocols. Stateless firewalls cannot track connections.
QUESTION 2 What feature defines a campus area network? A. It has a single geographic location. B. It has limited or restricted Internet access. C. It has a limited number of segments. D. it lacks external connectivity. Correct Answer: A
QUESTION 3 Which two characteristics of symmetric encryption are true? (Choose two) A. It uses digital certificates. B. It uses a public key and a private key to encrypt and decrypt traffic. C. it requires more resources than asymmetric encryption D. it is faster than asymmetric encryption E. It uses the same key to encrypt and decrypt the traffic. Correct Answer: DE http://searchsecurity.techtarget.com/definition/secret-key-algorithm
QUESTION 4 When is “Deny all” policy an exception in Zone Based Firewall A. traffic traverses 2 interfaces in same zone B. traffic sources from router via self zone C. traffic terminates on router via self zone D. traffic traverses 2 interfaces in different zones E. traffic terminates on router via self zone Correct Answer: A + There is a default zone, called the self zone, which is a logical zone. For any packets directed to the router directly (the destination IP represents the packet is for the router), the router automatically considers that traffic to be entering the self zone. In addition, any traffic initiated by the router is considered as leaving the self zone. By default, any traffic to or from the self zone is allowed, but you can change this policy. + For the rest of the administrator-created zones, no traffic is allowed between interfaces in different zones. + For interfaces that are members of the same zone, all traffic is permitted by default.
QUESTION 5 What are two well-known security terms? (Choose Two) A. Phishing. B. BPDU guard C. LACP D. ransomeware E. hair-pinning Correct Answer: AD
QUESTION 6 Which SOURCEFIRE logging action should you choose to record the most detail about a connection. A. Enable logging at the beginning of the session B. Enable logging at the end of the session C. Enable alerts via SNMP to log events off-box D. Enable eStreamer to log events off-box Correct Answer: B
QUESTION 7 Which type of address translation should be used when a Cisco ASA is in transparent mode? A. Static NAT B. Dynamic NAT C. Overload D. Dynamic PAT Correct Answer: A
QUESTION 8 Refer to the exhibit. What is the effect of the given configuration?
A. The two routers receive normal updates from one another B. It enables authentication C. It prevents keycham authentication D. The two devices are able to pass the message digest to one another. Correct Answer: D
QUESTION 9 What is the most common implementation of PAT in a standard networked environment? A. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address B. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address C. configuring multiple external hosts to join the self-zone and to communicate with one another D. configuring an any any rule to enable external hosts to communicate inside the network Correct Answer: A
QUESTION 10 Which feature filters CoPP packets? A. Policy maps B. route maps C. access control lists D. class maps Correct Answer: C
QUESTION 11 Which tool can an attacker use to attempt a DDos attack? A. botnet B. Trojan horse C. virus D. adware Correct Answer: A
QUESTION 13 Which two features do CoPP and CPPr use to protect the control plane? (Choose two.) A. QoS B. traffic classification C. access lists D. policy maps E. class maps F. Cisco Express Forwarding Correct Answer: AB
We share 13 of the latest Cisco CCNA Security 210-260 exam dumps and 210-260 pdf online download for free.Now you know what you’re capable of! If you’re just interested in this, please keep an eye on “Newxpass.com” blog updates! If you want to get the Cisco CCNA Security 210-260 Exam Certificate: https://www.lead4pass.com/210-260.html (Total questions: 487 Q&A).
Lead4Pass helps you pass the exam easily! We compare data from all websites in the network, other sites are expensive,and the data is not up to date, Lead4pass updates data throughout the year. The pass rate of the exam is above 98.9%.
We share the latest exam dumps throughout the year to help you improve your skills and experience! The latest Cisco CCNA Data Center 200-150 exam dumps, online exam Practice test to test your strength, Cisco 200-150 “Introducing Cisco Data Center Networking (DCICN) v6.2” in https://www.lead4pass.com/200-150.html Update the exam content throughout the year to ensure that all exam content is authentic and valid. 200-150 PDF Online download for easy learning.
Free test Cisco CCNA Data Center 200-150 Exam questions and Answers
QUESTION 1 What are two attributes of a VLAN? (Choose two.) A. A VLAN defines a collision domain. B. A VLAN defines a broadcast domain. C. Broadcasts are flooded to all VLANs. D. Collisions are flooded to all VLANs. E. A Layer 3 device is required to route packets between VLANs. F. A Layer 2 device is required to route packets between VLANs. Correct Answer: BE “In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN.” “A router (Layer 3 device) serves as the backbone for network traffic going across different VLANs.” http://en.wikipedia.org/wiki/Virtual_LAN
QUESTION 2 What is the principle function of the data center core layer? A. high-speed packet switching B. access control C. firewalling and intrusion prevention D. QoS marking Correct Answer: A
QUESTION 3 Refer to the exhibit.
Cisco USC Manager generates a Call Home fault report. Which action do you take to resolve the issue? A. Adjust the Chassis temperature threshold to a higher setting. B. Verify that air flow through the Chassis correctly. C. Ensure that power cables are connected to the fan assemblies of the UCS. D. Remove the equipment that generates excessive hat near the top of the rack Correct Answer: A
QUESTION 4 What are two physical subcomponents of the Cisco UCS C-Series server? (Choose two.) A. memory extension node B. hard drive C. fabric interconnect D. power supply E. compute node Correct Answer: AD
QUESTION 5 A customer wants to connect to their SAN via Fibre Channel. Which two devices can be used to provide connectivity? (Choose two.) A. Cisco Nexus 5548UP Switch B. Cisco MDS 9148 Multilayer Fabric Switch C. Cisco Nexus 2248TP GE Fabric Extender D. Cisco Catalyst 6509 Switch E. Cisco Nexus 7010 Switch Correct Answer: AB
QUESTION 6 Which communication type uses a one-to-many model to replicate packets that are delivered to many interested recipients? A. unknown unicast B. broadcast C. unicast D. multicast Correct Answer: D
QUESTION 7 Which Fibre Channel interface port mode is used to connect multiple switches together? A. N port B. E port C. F port D. NL port Correct Answer: B
QUESTION 8 Drag and drop the feature on the left to the correct description on the right. Select and Place:
QUESTION 9 What is a function of a conferencing solution? A. To join 3 or more participants in a meeting. B. To provide an audio and video interface for the user. C. To schedule calls. D. To act as a traffic cop for network communication Correct Answer: A
QUESTION 10 A network engineer wants to apply for new license key file. Which command should be used to obtain the switch serial number? A. MDS-A# show license serial-number B. MDS- A# show running-config | include serial-number C. MDS- A# show host-id D. MDS- A# show license host-id Correct Answer: D
QUESTION 11 Which room system can also function as a white board? A. Spark Board B. Mx800 C. SX20 D. SX10 Correct Answer: A
QUESTION 12 What is known as the User Policy? A. Call Policy B. Authentication C. Me D. Admin Policy Correct Answer: C
QUESTION 13 Which premise-based conferencing solution supports Skype for Business and WebRTC? A. Telepresence Server B. Cisco Meeting Server C. Spark D. Cisco WebEx Correct Answer: B
We share 13 of the latest Cisco CCNA Data Center 200-150 exam dumps and 200-150 pdf online download for free.Now you know what you’re capable of! If you’re just interested in this, please keep an eye on “Newxpass.com” blog updates! If you want to get the Cisco CCNA Data Center 200-150 Exam Certificate: https://www.lead4pass.com/200-150.html (Total questions: 274 Q&A).
Lead4Pass helps you pass the exam easily! We compare data from all websites in the network, other sites are expensive, and the data is not up to date, Lead4pass updates data throughout the year. The pass rate of the exam is above 98.9%.
Share real and effective Microsoft IT Infrastructure 98-365 exam dumps for free. 13 Online 98-365 Exam Practice test questions and answers, online 98-365 pdf download and YouTube video learning, easy to learn! Get the full 98-365 Dumps: https://www.lead4pass.com/98-365.html (Total Questions: 368 Q&A) to make it easy to pass the exam!
Latest effective Microsoft IT Infrastructure 98-365 Exam Practice Tests
QUESTION 1 Which should you use to manage the working environments of users and computers in an Active Directory infrastructure? A. Active Directory Domains and Trusts B. Group Policy Objects C. Builtin containers D. Global security groups Correct Answer: B
QUESTION 2 Which technology is used to create and manage relational databases? A. Microsoft Exchange Server B. Microsoft Commerce Server C. Microsoft Groove Server D. Microsoft SQL Server Correct Answer: D
QUESTION 3 A system error window keeps displaying. Where do you find detailed information about that error? A. Event Viewer B. Resource Monitor C. Task Manager D. Device Manager Correct Answer: A
QUESTION 4 Enabling additional users to handle administrative tasks for a particular object is referred to as: A. Redirection B. Assignment C. Targeting D. Delegation Correct Answer: D
QUESTION 5 You need to create a group that includes users from different domains in a single forest. You also need to enable the group to access resources in any domain in the forest. Which type of group should you create? A. Workgroup B. Local group C. Universal group D. Global group E. Domain Local group Correct Answer: C
QUESTION 6 What is the name for a stand-alone digital storage system connected directly to a server or workstation HBA? A. Small Computer System Interface (SCSO B. Direct Attached Storage (DAS) C. Network Attached Storage (NAS) D. Storage Area Network (SAN) Correct Answer: A
QUESTION 7 You notice frequent writes to the page file. Which should you monitor to determine the cause? A. CPU B. RAM C. Network D. Hard disk Correct Answer: B
QUESTION 8 What is required for a computer to print to either a local or a network printer? A. 500 GB of free hard disk space B. Printer Device Drivers C. 1 GB of RAM D. Administration tools Correct Answer: A
QUESTION 9 Which type of license is required to connect remotely to an application? A. Windows Server External Connector License B. Remote Desktop Services Client Access License C. System Center Operations Manager Client Management License D. Remote Server Application License Correct Answer: C
QUESTION 10 You are an IT intern for Tailspin Toys. Your manager attends a conference out of town and wants you to perform routine maintenance directly on a Windows 2008 R2 server console. Because you have restricted access, you need your manager to enter credentials at a UAC prompt in your session. What should you do? A. Have your manager use Server Manager to connect to the server. B. Have your manager use Remote Administration to connect to the server. C. Send a Remote Assistance request to your manager. D. Have your manager use Remote Desktop to connect to the server. Correct Answer: A
QUESTION 11 You need to apply a Windows Server 2008 group policy. You also need to prevent policies that are applied at lower levels from affecting this new policy. What should you do? A. Set the policy to Loopback B. Set the permission to Full Control C. Select the Enforced policy link setting D. Select the Enabled policy link setting Correct Answer: C
QUESTION 12 Which two are Windows Server Cluster types? (Choose two) A. Shared storage B. Failover C. Network Load Balancing (NLB) D. Shared services Correct Answer: BC
QUESTION 13 You need to centralize administration of print servers and network printers. What should you use? A. Print Management B. Printers and Faxes C. Device Manager D. Print queue Correct Answer: A
Latest Microsoft IT Infrastructure 98-365 YouTube videos:
Share 13 of the latest Microsoft IT Infrastructure 98-365 exam questions and answers for free to help you improve your skills and experience! Easily select the complete 98-365 Dumps: https://www.lead4pass.com/98-365.html (Total Questions: 368 Q&A) through the exam! Guaranteed to be true and effective! Easily pass the exam!
Who should take this exam?
Candidates for this exam are familiar with the concepts and the technologies of Windows Server administration. Candidates should have some hands-on experience with Windows Server, Windows-based networking, Active Directory, account management,and system recovery tools and concepts.
Lead4pass is the best provider of IT learning materials and the right choice for you to prepare for Microsoft IT Infrastructure 98-365 exam. Other brands started earlier, but the price is relatively expensive and the questions are not the newest. Lead4pass provide the latest real questions and answers with lowest prices, help you pass Microsoft 98-365 exam easily at first try.
Share real and effective CompTIA Security+ SY0-401 exam dumps for free. 40 Online SY0-401 Exam Practice test questions and answers, online SY0-401 pdf download and YouTube video learning, easy to learn! Get the full SY0-401 Dumps: https://www.lead4pass.com/sy0-401.html (1789 Q&A) to make it easy to pass the exam!
The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations.The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.
Latest effective CompTIA Security+ SY0-401 Exam Practice Tests
QUESTION 1 After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data. Which of the following controls support this goal? A. Contingency planning B. Encryption and stronger access control C. Hashing and non-repudiation D. Redundancy and fault tolerance Correct Answer: B Encryption is used to protect data/contents/documents. Access control refers to controlling who accesses any data/contents/documents and to exercise authorized control to the accessing of that data.
QUESTION 2 An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal? A. Unified Threat Management B. Virtual Private Network C. Single sign on D. Role-based management Correct Answer: A Unified Threat Management (UTM) is, basically, the combination of a firewall with other abilities. These abilities include intrusion prevention, antivirus, content filtering, etc. Advantages of combining everything into one: You only have one product to learn. You only have to deal with a single vendor. IT provides reduced complexity.
QUESTION 3 Which of the following is a security risk regarding the use of public P2P as a method of collaboration? A. Data integrity is susceptible to being compromised. B. Monitoring data changes induces a higher cost. C. Users are not responsible for data usage tracking. D. Limiting the amount of necessary space for data storage. Correct Answer: A Peer-to-peer (P2P) networking is commonly used to share files such as movies and music, but you must not allow users to bring in devices and create their own little networks. All networking must be done through administrators and not on a P2P basis. Data integrity can easily be compromised when using public P2P networking.
QUESTION 4 Which of the following technologies when applied to android and iOS environments, can an organization use to add security restrictions and encryption to existing mobile applications? (Select Two) A. Mobile device management B. Containerization C. Application whitelisting D. Application wrapping E. Mobile application store Correct Answer: AC
QUESTION 5 RC4 is a strong encryption protocol that is generally used with which of the following? A. WPA2 CCMP B. PEAP C. WEP D. EAP-TLS Correct Answer: C Rivest Cipher 4 (RC4) is a 128-bit stream cipher used WEP and WPA encryption.
QUESTION 6 The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords. The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems? A. Smart cards B. TOTP C. Key stretching D. Asymmetric keys Correct Answer: A Smart cards usually come in two forms. The most common takes the form of a rectangular piece of plastic with an embedded microchip. The second is as a USB token. It contains a built in processor and has the ability to securely store and process information. A “contact” smart card communicates with a PC using a smart card reader whereas a “contactless” card sends encrypted information via radio waves to the PC. Typical scenarios in which smart cards are used include interactive logon, e-mail signing, e-mail decryption and remote access authentication. However, smart cards are programmable and can contain programs and data for many different applications. For example smart cards may be used to store medical histories for use in emergencies, to make electronic cash payments or to verify the identity of a customer to an e-retailer. Microsoft provides two device independent APIs to insulate application developers from differences between current and future implementations: CryptoAPI and Microsoft Win32?SCard APIs. The Cryptography API contains functions that allow applications to encrypt or digitally sign data in a flexible manner, while providing protection for the user\\’s sensitive private key data. All cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). There are many different cryptographic algorithms and even when implementing the same algorithm there are many choices to make about key sizes and padding for example. For this reason, CSPs are grouped into types, in which each supported CryptoAPI function, by default, performs in a way particular to that type. For example, CSPs in the PROV_DSS provider type support DSS Signatures and MD5 and SHA hashing.
QUESTION 7 A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO). A. TCP 21 B. TCP 23 C. TCP 53 D. UDP 23 E. UDP 53 Correct Answer: CE DNS uses TCP and UDP port 53. TCP port 53 is used for zone transfers, whereas UDP port 53 is used for queries.
QUESTION 8 In order to gain an understanding of the latest attack tools being used in the wild, an administrator puts a Unix server on the network with the root users password to set root. Which of the following best describes this technique? A. Pharming B. Honeypot C. Gray box testing D. phishing Correct Answer: B
QUESTION 9 Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief Information Officer (CIO) is concerned about disclosure of confidential information. Which of the following is the MOST secure method to dispose of these hard drives? A. Degaussing B. Physical Destruction C. Lock up hard drives in a secure safe D. Wipe Correct Answer: B The physical description of hard drives is the only secure means of disposing hard drives. This can include incineration, an acid bath, and crushing.
QUESTION 10 A malicious user has collected the following list of information: 192.168.1.5 OpenSSH-Server_5.8 192.168.1.7 OpenSSH-Server_5.7 192.168.1.9 OpenSSH-Server_5.7 Which of the following techniques is MOST likely to gather this type of data? A. Banner grabbing B. Port scan C. Host scan D. Ping scan Correct Answer: B
QUESTION 11 It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control? A. Integrity B. Safety C. Availability D. Confidentiality Correct Answer: A Integrity means that the messages/ data is not altered. PII is personally identifiable information that can be used to uniquely identify an individual. PII can be used to ensure the integrity of data/messages.
QUESTION 12 A small business needs to incorporate fault tolerance into their infrastructure to increase data availability. Which of the following options would be the BEST solution at a minimal cost? A. Clustering B. Mirrored server C. RAID D. Tape backup Correct Answer: C RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID can achieve fault tolerance using software which can be done using the existing hardware and software.
QUESTION 13 While rarely enforced, mandatory vacation policies are effective at uncovering: A. Help desk technicians with oversight by multiple supervisors and detailed quality control systems. B. Collusion between two employees who perform the same business function. C. Acts of incompetence by a systems engineer designing complex architectures as a member of a team. D. Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight. Correct Answer: D Least privilege (privilege reviews) and job rotation is done when mandatory vacations are implemented. Then it will uncover areas where the system administrators neglected to check all users\\’ privileges since the other users must fill in their positions when they are on their mandatory vacation.
QUESTION 14 A cafe provides laptops for Internet access to their customers. The cafe is located in the center corridor of a busy shopping mall. The company has experienced several laptop thefts from the cafe during peak shopping hours of the day. Corporate has asked that the IT department provide a solution to eliminate laptop theft. Which of the following would provide the IT department with the BEST solution? A. Attach cable locks to each laptop B. Require each customer to sign an AUP C. Install a GPS tracking device onto each laptop D. Install security cameras within the perimeter of the caf? Correct Answer: A All laptop cases include a built-in security slot in which a cable lock can be inserted to prevent it from easily being removed from the premises.
QUESTION 15 Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices? A. Remote wiping enabled for all removable storage devices B. Full-disk encryption enabled for all removable storage devices C. A well defined acceptable use policy D. A policy which details controls on removable storage use Correct Answer: D Removable storage is both a benefit and a risk and since not all mobile devices support removable storage, the company has to has a comprehensive policy which details the controls of the use of removable s to mitigate the range of risks that are associated with the use of these devices.
QUESTION 16 A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident? A. Eye Witness B. Data Analysis of the hard drive C. Chain of custody D. Expert Witness Correct Answer: C Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been. The evidence must always be within your custody, or you\\’re open to dispute about possible evidence tampering.
QUESTION 17 Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met? A. Logic bomb B. Trojan C. Scareware D. Ransomware Correct Answer: A
QUESTION 18 A technician has been tasked with installing and configuring a wireless access point for the engineering department. After the AP has been installed, there have been reports the employees from other departments have been connecting to it without approval. Which of the following would BEST address these concerns? A. Change the SSID of the AP so that it reflects a different department, obscuring its ownership B. Implement WPA2 encryption in addition to WEP to protect the data-in-transit C. Configure the AP to allow only to devices with pre-approved hardware addresses D. Lower the antenna\\’s power so that it only covers the engineering department\\’s offices Correct Answer: D
QUESTION 19 A security administrator suspects that an employee in the IT department is utilizing a reverse proxy to bypass the company\\’s content filter and browse unapproved and non-work related sites while at work. Which of the following tools could BEST be used to determine how the employee is connecting to the reverse proxy? A. Port scanner B. Vulnerability scanner C. Honeypot D. Protocol analyzer Correct Answer: C
QUESTION 20 A company has decided to move large data sets to a cloud provider in order to limit the costs of new infrastructure. Some of the data is sensitive and the Chief Information Officer wants to make sure both parties have a clear understanding of the controls needed to protect the data. Which of the following types of interoperability agreement is this? A. ISA B. MOU C. SLA D. BPA Correct Answer: A ISA/ Interconnection Security Agreement is an agreement between two organizations that have connected systems. The agreement documents the technical requirements of the connected systems.
QUESTION 21 An administrator performs a risk calculation to determine if additional availability controls need to be in place. The administrator estimates that a server fails and needs to be replaced once every 2 years at a cost of $8,000. Which of the following represents the factors that the administrator would use to facilitate this calculation? A. ARO= 0.5; SLE= $4,000; ALE= $2,000 B. ARO=0.5; SLE=$8,000; ALE=$4,000 C. ARO=0.5; SLE= $4,000; ALE=$8,000 D. ARO=2; SLE= $4,000; ALE=$8,000 E. ARO=2; SLE= $8,000; ALE= $16,000 Correct Answer: B
QUESTION 22 Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described? A. Phishing B. Tailgating C. Pharming D. Vishing Correct Answer: D Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into revealing critical financial or personal information to unauthorized entities. Vishing works like phishing but does not always occur over the Internet and is carried out using voice technology. A vishing attack can be conducted by voice email, VoIP (voice over IP), or landline or cellular telephone. The potential victim receives a message, often generated by speech synthesis, indicating that suspicious activity has taken place in a credit card account, bank account, mortgage account or other financial service in their name. The victim is told to call a specific telephone number and provide information to “verify identity” or to “ensure that fraud does not occur.” If the attack is carried out by telephone, caller ID spoofing can cause the victim\\’s set to indicate a legitimate source, such as a bank or a government agency. Vishing is difficult for authorities to trace, particularly when conducted using VoIP. Furthermore, like many legitimate customer services, vishing scams are often outsourced to other countries, which may render sovereign law enforcement powerless. Consumers can protect themselves by suspecting any unsolicited message that suggests they are targets of illegal activity, no matter what the medium or apparent source. Rather than calling a number given in any unsolicited message, a consumer should directly call the institution named, using a number that is known to be valid, to verify all recent activity and to ensure that the account information has not been tampered with.
QUESTION 23 An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement? A. GMAC B. PCBC C. CBC D. GCM E. CFB Correct Answer: A
QUESTION 24 Layer 7 devices used to prevent specific types of html tags are called: A. Firewalls B. Content filters C. Routers D. NIDS Correct Answer: B A content filter is a is a type of software designed to restrict or control the content a reader is authorised to access, particularly when used to limit material delivered over the Internet via the Web, e-mail, or other means. Because the user and the OSI layer interact directly with the content filter, it operates at Layer 7 of the OSI model.
QUESTION 25 The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO\\’s direction but has mandated that key authentication systems be run within the organization\\’s network. Which of the following would BEST meet the CIO and CRO\\’s requirements? A. Software as a Service B. Infrastructure as a Service C. Platform as a Service D. Hosted virtualization service Correct Answer: A Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.
QUESTION 26 A security administrator implements a web server that utilizes an algorithm that requires other hashing standards to provide data integrity. Which of the following algorithms would meet the requirement? A. SHA B. MD5 C. RIPEMD D. HMAC Correct Answer: A
QUESTION 27 A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub- interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces? A. The network uses the subnet of 255.255.255.128. B. The switch has several VLANs configured on it. C. The sub-interfaces are configured for VoIP traffic. D. The sub-interfaces each implement quality of service. Correct Answer: B A subinterface is a division of one physical interface into multiple logical interfaces. Routers commonly employ subinterfaces for a variety of purposes, most common of these are for routing traffic between VLANs. Also, IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network.
QUESTION 28 A website administrator has received an alert from an application designed to check the integrity of the company\\’s website. The alert indicated that the hash value for a particular MPEG file has changed. Upon further investigation, the media appears to be the same as it was before the alert. Which of the following methods has MOST likely been used? A. Cryptography B. Time of check/time of use C. Man in the middle D. Covert timing E. Steganography Correct Answer: E
QUESTION 29 After an audit, it was discovered that the security group memberships were not properly adjusted for employees\\’ accounts when they moved from one role to another. Which of the following has the organization failed to properly implement? (Select TWO). A. Mandatory access control enforcement. B. User rights and permission reviews. C. Technical controls over account management. D. Account termination procedures. E. Management controls over account management. F. Incident management and response plan. Correct Answer: BE Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions since they were all moved to different roles. Control over account management would have taken into account the different roles that employees have and adjusted the rights and permissions of these roles accordingly.
QUESTION 30 Mobile tablets are used by employees on the sales floor to access customer data. Ann a customer recently reported that another customer was able to access her personal information on the tablet after the employee left the area. Which of the following would BEST prevent these issues from reoccurring? A. Screen Locks B. Full-device encryption C. Application control D. Asset tracking Correct Answer: A
QUESTION 31 Ann, a security administrator, is strengthening the security controls of the company\\’s campus. Her goal is to prevent people from accessing open locations that are not supervised, such as around the receiving dock. She is also concerned that employees are using these entry points as a way of bypassing the security guard at the main entrance. Which of the following should Ann recommend that would BEST address her concerns? A. Increase the lighting surrounding every building on campus B. Build fences around campus with gate entrances C. Install cameras to monitor the unsupervised areas D. Construct bollards to prevent vehicle entry in non-supervised areas Correct Answer: B
QUESTION 32 Which of the following authentication services should be replaced with a more secure alternative? A. RADIUS B. TACACS C. TACACS+ D. XTACACS Correct Answer: B Terminal Access Controller Access-Control System (TACACS) is less secure than XTACACS, which is a proprietary extension of TACACS, and less secure than TACACS+, which replaced TACACS and XTACACS.
QUESTION 33 Sara, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed? A. 3DES B. Blowfish C. Serpent D. AES256 Correct Answer: B Blowfish is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds. Blowfish is a fast, except when changing keys. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits).
QUESTION 34 A web startup wants to implement single sign-on where its customers can log on to the site by suing their personal and existing corporate email credentials regardless of which company they work for. Is this directly supported by SAML? A. Mo not without extensive partnering and API integration with all required email providers B. Yes SAML is a web based single sign-on implementation exactly fir this purpose C. No a better approach would be to use required email providers LDAP or RADIUS repositories D. Yes SAML can use oauth2 to provide this functionality out of the box Correct Answer: A
QUESTION 35 The chief security officer (CSO) has issued a new policy to restrict generic or shared accounts on company systems. Which of the following sections of the policy requirements will have the most impact on generic and shared accounts? A. Account lockout B. Password length C. Concurrent logins D. Password expiration Correct Answer: C
QUESTION 36 A company is concerned that a compromised certificate may result in a man-in-the-middle attack against backend financial servers. In order to minimize the amount of time a compromised certificate would be accepted by other servers, the company decides to add another validation step to SSL/TLS connections. Which of the following technologies provides the FASTEST revocation capability? A. Online Certificate Status Protocol (OCSP) B. Public Key Cryptography (PKI) C. Certificate Revocation Lists (CRL) D. Intermediate Certificate Authority (CA) Correct Answer: A CRL (Certificate Revocation List) was first released to allow the CA to revoke certificates, however due to limitations with this method it was succeeded by OSCP. The main advantage to OCSP is that because the client is allowed query the status of a single certificate, instead of having to download and parse an entire list there is much less overhead on the client and network.
QUESTION 37 A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? A. 20 B. 21 C. 22 D. 23 Correct Answer: B When establishing an FTP session, clients start a connection to an FTP server that listens on TCP port 21 by default.
QUESTION 38 Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model? A. Packet Filter Firewall B. Stateful Firewall C. Proxy Firewall D. Application Firewall Correct Answer: B Stateful inspections occur at all levels of the network.
QUESTION 39 An intrusion has occurred in an internet facing system. The security administrator would like to gather forensic evidence while the system is still in operation. Which of the following procedures should the administrator perform FIRST on the system? A. Make a drive image B. Take hashes of system data C. Collect information in RAM D. Capture network traffic Correct Answer: D
QUESTION 40 A company hosts its public websites internally. The administrator would like to make some changes to the architecture. The three goals are: reduce the number of public IP addresses in use by the web servers drive all the web traffic through a central point of control mitigate automated attacks that are based on IP address scanning Which of the following would meet all three goals? A. Firewall B. Load balancer C. URL filter D. Reverse proxy Correct Answer: D The purpose of a proxy server is to serve as a proxy or middle man between clients and servers. Using a reverse proxy you will be able to meet the three stated goals.
Share 40 of the latest CompTIA Security+ SY0-401 exam questions and answers for free to help you improve your skills and experience ! Easily select the complete SY0-401 Dumps: https://www.lead4pass.com/sy0-401.html (1789 Q&A) through the exam! Guaranteed to be true and effective! Easily pass the exam!
Share real and effective CompTIA Server+ SK0-003 exam dumps for free. 40 Online SK0-003 Exam Practice test questions and answers, online SK0-003 pdf download and YouTube video learning, easy to learn! Get the full SK0-003 Dumps: https://www.lead4pass.com/sk0-003.html (529 Q&A) to make it easy to pass the exam!
Server+ covers server architecture, administration, storage, security, networking, troubleshooting as well as disaster recovery.
Latest effective CompTIA Server+ SK0-003 Exam Practice Tests
QUESTION 1 An administrator has been instructed to add four additional drives to a server configured with RAID 5. The server is using 146GB drives for the data. Without changing the configuration, how much additional data space would be available if the administrator purchased 300GB drives and added them to the existing array? A. 438GB B. 584GB C. 900GB D. 1200GB Correct Answer: B
QUESTION 2 An administrator has figured out a possible cause to a problem. Which of the following is the NEXT step the administrator should take? A. Implement the solution. B. Verify full system functionality. C. Establish a plan of action to identify the problem. D. Test the theory. Correct Answer: D
QUESTION 3 A server failed Thursday evening before the nightly backup. The backup scheme in place was full backups every Sunday, incremental backups on Monday, Wednesday, and Friday, and differential backups on Tuesday, Thursday, and Saturday. To fully restore the server, which of the following is the LEAST amount of backup sets required? A. One B. Two C. Three D. Four Correct Answer: C
QUESTION 4 Which of the following RAID levels would be appropriate given two drives and a need for fault tolerance? A. RAID 0 B. RAID 1 C. RAID 5 D. RAID 10 Correct Answer: B
QUESTION 5 When adding another server to an existing rack mount system, which of the following should the administrator consider FIRST? A. Load on UPS B. Rack temperature C. Room temperature D. Ease of access Correct Answer: A
QUESTION 6 Which of the following uses a switching fabric to connect storage LUNs to hosts? A. Fiber Channel B. SCSI C. SATA D. Ethernet Correct Answer: A
QUESTION 7 A technician works for a company that has recently been affected by a virus. The virus entered the network by using port 6000. Port 6000 is used by an application located on a server. The technician has been asked to block this port on all servers and computers except for the one server which uses this port. Which of the following should the technician do? A. Update the antivirus application B. Install critical update security patches C. Adjust the software firewall settings D. Replace the current antivirus program Correct Answer: C
QUESTION 8 The staff is not able to access a database server. The server has an \\’Operating System not found\\’ error and is set to boot from a fiber channel SAN. All other database servers are set to boot from the SAN and access the same switch and data as this database server. Which of the following is the MOST likely cause of the problem? A. The SAN is offline B. Fiber channel switch C. Multiple failed drives in the SAN D. HBA Correct Answer: D
QUESTION 9 Which of the following protocols is used to monitor both hardware and software? A. TCP/IP B. SMTP C. RDP D. SNMP Correct Answer: D
QUESTION 10 A technician notices the storage space available on a data server is rapidly decreasing. A few users seem to be storing considerably more data than the other users. Which of the following should the technician implement to give all users the same amount of available storage space? A. Disk quotas B. Group memberships C. Logon scripts D. Shadow volumes Correct Answer: A
QUESTION 11 An administrator is in charge of a server that houses various applications. Which of the following BEST explains this server type? A. Dedicated Application Server B. File Server C. Shared Application Server D. Peer-to-Peer Application Server Correct Answer: C
QUESTION 12 A technician needs to replace the processor on a server\\’s motherboard. The motherboard supports Socket 478 processors. Which of the following processors would be compatible with this motherboard? A. AMD Athlon B. Pentium III C. Atom D. Pentium 4 Correct Answer: D
QUESTION 13 An administrator is testing setting the IP address on a Linux server from command line. Which of the following commands is used to set the default gateway for the server? A. route B. traceroute C. ipconfig D. nmap Correct Answer: A
QUESTION 14 Which of the following connects the L2 cache to the processor? A. PCI B. Frontside bus C. Backside bus D. System I/O bus Correct Answer: C
QUESTION 15 An administrator logs into a server and notices slow performance. While troubleshooting the problem the administrator notices that an unfamiliar process in the Task Manager is running at 100% CPU usage. The administrator tries to end the task and receives `Access is denied\\’. Which of the following steps would allow the administrator to terminate that process? A. Adding the `Run as a service\\’ permission to their account. B. Running the kill utility. C. Adding their account to the remote users group. D. Ending the services.exe process then ending the runaway process. Correct Answer: B
QUESTION 16 A company backs up their data using daily, weekly, and monthly tape backups. The weekly backups are also known as which of the following? A. Son B. Father C. Grandfather D. Great-grandfather Correct Answer: B
QUESTION 17 Given four drives, which of the following RAID levels will allow for the GREATEST performance? A. RAID 0 B. RAID 5 C. RAID 6 D. RAID 10 Correct Answer: A
QUESTION 18 Several remote sales employees, who have come into the office this week, report that they are unable to get on the Internet, but no other users have reported similar issues. The helpdesk has escalated the issue and the case notes state that the users have IP addresses that begin with 169. Which of the following should the system administrator check FIRST? A. DHCP server B. Network switches C. DNS server D. Core router Correct Answer: A
QUESTION 19 Which of the following backup methodologies is MOST time efficient for backing up data? A. Incremental B. Snapshot C. Differential D. GFS Correct Answer: A
QUESTION 20 Which of the following on-board components is used exclusively for exchanging data with remote machines? A. PCI B. USB C. AGP D. NIC Correct Answer: D
QUESTION 21 A dedicated management port would use which of the following protocols? A. POP3 B. IPMI C. TFTP D. SFTP Correct Answer: B
QUESTION 22 An administrator creates a new directory then shares it on the Windows server. The administrator sets the permissions for everyone to “Modify” but users report they are unable to create or delete documents. Which of the following is the cause? A. The administrator forgot to change the share permissions B. The users were not part of the “Everyone” built in group C. The administrator shared the files but not the folder D. “Modify” only allows users to change existing documents Correct Answer: A
QUESTION 23 An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot. Which of the following is the FIRST thing the administrator should check? A. Default gateway B. The ports on the switch C. Port security on the server\\’s switch port D. Ethernet cable Correct Answer: A
QUESTION 24 As a best practice, when should the server be rebooted to apply the reboot required patches? A. During scheduled downtime B. Once a year C. As soon as the patches are finished installing D. At the same time every day Correct Answer: A
QUESTION 25 A server technician needs a way to map a network drive to all the users in the company. Which of the following could the technician use to accomplish this task? A. Logon script B. Disk management C. Group membership D. SNMP Correct Answer: A
QUESTION 26 Which of the following would an administrator follow when disposing of equipment for a financial institution? A. Local laws and regulations B. Escalation procedure regulations C. Manufacturer\\’s regulations D. Server OEM regulations Correct Answer: A
QUESTION 27 Which of the following Windows Server 2003 technologies can help with making backups of open files? A. Differential backup B. Snapshot C. VSS D. Incremental backup Correct Answer: C
QUESTION 28 Which of the following RAID levels combines mirroring and striping? A. RAID 1 B. RAID 5 C. RAID 6 D. RAID 10 Correct Answer: D
QUESTION 29 A customer has purchased a triple channel memory kit containing three DDR3 RAM modules. The server the RAM is intended for only has a dual channel capable motherboard. Which of the following is the BEST action to perform? A. Install only two modules as the RAM has to be installed in pairs B. Purchase one additional RAM module to make it even. Three modules will function as triple channel and the additional module will be for parity C. Purchase dual channel memory. The triple channel memory may be incompatible with the server motherboard D. Install the RAM. Two modules will perform as dual channel and one as single channel Correct Answer: C
QUESTION 30 The failure of which of the following components can cause a server to display a POST error message? A. Parallel HASP key B. DVD driver C. Memory D. Chassis LED Correct Answer: C
QUESTION 31 Which of the following is the BEST way to ensure that a server is up-to-date with all updates as soon as they are released? A. Automatic updates set to install once per week B. Automatic updates set to install updates automatically C. Automatic updates set to download all updates automatically D. Manual updates done daily at noon Correct Answer: B
QUESTION 32 Recently traffic to the company web server has more than doubled, resulting in slower response times from the server. An administrator has decided to add a second, identical 10/100/1000 NIC to the server. The server is presently connected to a 10/100/1000 switch, with four open ports on the switch. Which of the following is the BEST solution to speed up web traffic? A. Free up more ports on the switch B. Enable server load balancing C. Move the second network adapter to a new subnet D. Enable network adapter teaming Correct Answer: D
QUESTION 33 A company has recently switched ISPs and is being assigned a new block of public addresses. The public web and FTP servers must be re-addressed to support this change. After changing IP addresses and updating the DNS records many customers have reported that they are not able to access the web or FTP servers. Which of the following could have been done prior to making these changes to make it more transparent to users? A. Reduce the TTL on the DHCP records. B. Configure a primary DNS server for the PTR records. C. Reduce the TTL on the DNS records. D. Configure a caching only DNS server. Correct Answer: C
QUESTION 34 When building a computer with a 32 bit processor, which of the following is the MAXIMUM amount of memory supported? A. 1GB B. 2GB C. 4GB D. 8GB Correct Answer: C
QUESTION 35 Which of the following is a best practice that can be used to ensure consistency when building systems? A. Server build checklist B. Server baselining tools C. Architecture diagrams D. Hardware compatibility list Correct Answer: A
QUESTION 36 A company wants to expand their storage capacity in a flexible manner over their existing network. Which of the following storage solutions would they consider? A. External RAID array on an existing server B. Network Attached Storage C. Storage Area Network D. Tape library Correct Answer: B
QUESTION 37 Refer to the Exhibit.
Which of the following will identify the symbol used on Single-Ended SCSI devices? A. A B. B C. C D. D Correct Answer: A
QUESTION 38 Which of the following is an advantage of using a KVM with multiple servers? A. Eliminates the need for backup tapes B. Increases redundancy C. Saves physical space in the racks D. Offers additional runtime for the UPS Correct Answer: C
QUESTION 39 Which of the following would restrict traffic from a specific host to a network? A. MIBs B. NAS C. ACL D. SMTP Correct Answer: C
QUESTION 40 Which of the following types of backup modifies the archive bit? (Select TWO). A. Copy backup B. Selective backup C. Differential backup D. Incremental backup E. Full backup Correct Answer: DE
Share 40 of the latest CompTIA Server+ SK0-003 exam questions and answers for free to help you improve your skills and experience ! Easily select the complete SK0-003 Dumps: https://www.lead4pass.com/sk0-003.html (529 Q&A) through the exam! Guaranteed to be true and effective! Easily pass the exam!
Online Practice test Citrix CCA 1Y0-A28 exam questions, 100% real and effective exam questions answers, easy access to 1Y0-A28 dumps enhance your skills and experience, 1Y0-A28 PDF online Download, Passontheinfo updates valid exam dumps throughout the year for full 1Y0-A28 exam dumps: https://www.lead4pass.com/1y0-a28.html (Total Questions: 123 Q&A)
Latest effective Citrix CCA 1Y0-A28 Exam Practice Tests
QUESTION 1 Scenario: A network engineer has created and bound an UDP-ECV monitor to identify the status of a UDP service. However, no matter what the response is, the service is always marked as UP. A possible cause of this behavior is that the network engineer __________. (Choose the correct option to complete the sentence.) A. forgot to add a receive string B. added the string ns_true as receive string C. added a string that is invalid and thus skipped D. added a string that is always part of the UDP handshake Correct Answer: A
QUESTION 2 Scenario: A network engineer has modified the configuration of a content-switching virtual server, Website_main, because a second content-switching server that is capable of handling more connections has been added to the NetScaler implementation. Both servers will remain in operation. The engineer made the following configuration changes: >set cs vserver Website_main -lbvserver New_Server -backupVserver Old_Server -redirectURL http:// www.mydomain.com/maintenance -soMethod Connection -soThreshold 1000 Why did the engineer enable the spillover option? A. To handle incoming connections in case the new server is unavailable B. To handle the extra connections using the old server without dropping them C. To redirect the extra connections to the Maintenance website when it is needed D. To handle incoming connections while the server reaches its limit of connections Correct Answer: B
QUESTION 3 A NetScaler engineer would like to present different web pages to a user based on the device and browser type from which they are connecting. Which responder policy could assist with this requirement? A. HTTP.RES.URL.PATH B. HTTP.REQ.Host(“Host”) C. HTTP.RES.BODY(1024) D. HTTP.REQ.HEADER(“User-Agent”) Correct Answer: D
QUESTION 4 Scenario: A network engineer plans to configure an Active Directory Server as the default authentication for a NetScaler deployment and provide users with the option to change their password if it is expired. Which two actions should the engineer take to configure this authentication requirement on the NetScaler system? (Choose two.) A. Configure a pre-authentication policy. B. Select security type as SSL on Authentication policy. C. Configure Authentication server with SSO name attribute. D. Configure Authentication server with allow Password change option. Correct Answer: BD
QUESTION 5 Scenario: The NetScaler is connected to two subnets. The NSIP is 10.2.9.12. The external SNIP is 10.2.7.3. The MIP for internal access is 10.2.9.3. Web servers, authentication servers and time servers are on the 10.2.10.0/24 network which is available through the 10.2.9.1 router. The external firewall has the 10.2.7.1 address. Traffic bound for Internet clients should flow through the external firewall. Which command should be used to set the default route? A. add route 0.0.0.0 0.0.0.0 10.2.7.1 B. add route 0.0.0.0 0.0.0.0 10.2.9.1 C. add route 10.0.0.0 255.0.0.0 10.2.9.1 D. add route 10.0.0.0 255.0.0.0 10.2.7.1 Correct Answer: A
QUESTION 6 Scenario: A network engineer gets an error message when using the configuration utility to import a PKCS#12 certificate that contains a dollar sign ($), a backquote (`), or an escape (\) character password. In order to address this error, the network engineer could prefix it with __________. (Choose the correct option to complete the sentence.) A. an escape character (\) B. a backquote character (`) C. a dollar sign character ($) D. a double quotation character (“) Correct Answer: A
QUESTION 7 A network engineer might choose to use SSL_Bridge instead of a SSL virtual server in order to __________. (Choose the correct option to complete the sentence.) A. be able to decrypt the SSL traffic B. enable use of OCSP for revoked certificates C. pass user certificates to the back-end servers D. enable SSL server certificates on the service group Correct Answer: C
QUESTION 8 Scenario: A network engineer has configured a load balancing virtual server for an HTTP application. Due to the application architecture, it is imperative that a user\\’s session remains on a single server during the session. The session has an idle timeout of 60 minutes. Some devices are getting inconsistent application access while most are working fine. The problematic devices all have tighter security controls in place. Which step should the engineer take to resolve this issue? A. Set the cookie timeout to 60 minutes. B. Configure a backup persistence of SourceIP. C. Change the HTTP parameters to Cookie Version 1. D. Utilize SSL offload to enable the application to use SSL. Correct Answer: B
QUESTION 9 Scenario: A network engineer has installed a NetScaler system into their corporate DMZ and would like to provide access to a web server on the internal LAN. The web server will be accessed by external users through the Netscaler. The firewall administrator has opened the relevant ports required on the external and the internal firewall. The engineer notices that the virtual server and services representing the web server are down and the internal web server does NOT appear accessible from the NetScaler. What could be the cause of this? A. USIP is not enabled. B. Client IP Insertion is not enabled. C. A URL rewrite policy is not created. D. A SNIP address has not been added. Correct Answer: D
QUESTION 10 An engineer has bound three monitors to a service group and configured each of the monitors with a weight of 10. How should the engineer ensure that the members of the service group are marked as DOWN when at least two monitors fail? A. Re-configure the weight of each monitor to 0. B. Configure the service group with a threshold of 21. C. Configure the service group with a threshold of 20. D. Re-configure the weight of each monitor to 5, and configure the service group threshold to 15. Correct Answer: C
QUESTION 11 Scenario: The NetScaler has connections to a large number of VPNs. The network engineer wants to minimize the number of ARP requests. Which feature should the network engineer enable to minimize ARP requests? A. TCP Buffering B. Use Source IP C. Edge Configuration D. MAC based forwarding Correct Answer: D
QUESTION 12 Scenario: A network engineer would like to prevent blacklisted remote clients from accessing NetScaler hosted application services. An IP address blacklist database is maintained by an external company and available to query over the Internet. The engineer would like to reject any connections from IP addresses that are contained in the blacklist. What could the engineer configure to achieve this goal? A. SSL offload B. HTTP callout C. URL transformation D. SSL certification revocation list check Correct Answer: B
QUESTION 13 A network engineer needs to investigate why a few users have issues logging on to the NetScaler system. How can the engineer troubleshoot authentication issues on the NetScaler system? A. Use ECV monitoring. B. Run a violations report in Reporting. C. Use the CAT aaad.debug command. D. Check the system-authentication setting in the GUI. Correct Answer: C
QUESTION 14 Scenario: A network engineer has configured an HTTP application to be load balanced using a virtual server named Svr1. Users have reported intermittent errors and the engineer has been given the client IP address of an affected user and asked to determine which back end service they are connected to. Using the command-line interface, how could the engineer find this information? A. Show lb vServer Svr1 B. Show system session C. Show lb vServer Svr1 -Summary D. Show lb persistentSessions Svr1 Correct Answer: D
QUESTION 15 Some SSL certificate files may be missing from a NetScaler appliance. Which directory should an engineer check to determine which files are missing? A. /nsconfig/ssl B. /nsconfig/ssh C. flash/nsconfig/ D. /var/netscaler/ssl/ Correct Answer: A
QUESTION 16 When configuring an advanced HTTP callout based on attributes, what are two valid parameters? (Choose two.) A. SSL cipher type B. Down state flush C. Gateway address D. IP address and port E. URL stem expression Correct Answer: DE
QUESTION 17 How could an engineer configure a monitor to ensure that a server is marked as DOWN if the monitor test is successful? A. Enable the LRTM option for the monitor B. Enable the Reverse option for the monitor C. Disable Down state flush for the service group D. Disable the Health monitoring option for the service group Correct Answer: B
QUESTION 18 Scenario: A user browses to a page and is presented with a warning that he is trying to enter a web site with an untrusted certificate. The network engineer had added the correct certificate to the SSL virtual server. What could be the cause of this issue? A. TLS is disabled on the virtual server. B. The certificate is not linked to the intermediate CA. C. The certificate has expired and needs to be renewed. D. The CA certificate has not been added to the SSL virtual server. Correct Answer: B
QUESTION 19 Scenario: A network engineer has bound four policies to a virtual server as follows: PolicyA has a priority of 10 PolicyB has a priority of 20 PolicyC has a priority of 30 PolicyD has a priority of 0 Which policy will be evaluated first? A. PolicyA B. PolicyB C. PolicyC D. PolicyD Correct Answer: D
QUESTION 20 Users have reported that they are receiving a confusing error message related to SSL sessions when connecting from older browsers. How could the network engineer present this error to users in a customized format? A. Enable the SSL v2 protocol. B. Set a URL on the backup virtual server. C. Add a redirect URL to the virtual server. D. Configure SSL v2 Redirection for the virtual server. Correct Answer: D
Passontheinfo updates the latest effective exam dumps throughout the year (cisco,microsoft,oracle,citrix,comptia,VMware …) ! Share 20 valid Citrix CCA 1Y0-A28 exam dumps for free to get the full 1Y0-A28 Dumps: https://www.lead4pass.com/1y0-a28.html (Total Questions:123 Q&As)
Online Practice test Citrix CCA-N 1Y0-253 exam questions, 100% real and effective exam questions answers, easy access to 1Y0-253 dumps enhance your skills and experience, 1Y0-253 PDF online Download, Passontheinfo updates valid exam dumps throughout the year for full 1Y0-253 exam dumps: https://www.lead4pass.com/1y0-253.html (Total Questions: 186 Q&A)
Latest effective Citrix CCA-N 1Y0-253 Exam Practice Tests
QUESTION 1 Scenario: A Citrix Administrator has customized some NetScaler configuration files. The administrator now plans on upgrading the NetScaler Gateway from NetScaler 10.1 to NetScaler 10.5. What should the administrator do prior to the upgrade to avoid losing the customizations? A. Backup the ns.conf file. B. Backup the files in the jvarjnetscaler directory. C. Move the customized files to a backup directory. D. Move the customized files to the jnsconfig directory. Correct Answer: C
QUESTION 2 Which protocol could an administrator apply with rate-based monitor? A. FTP B. ARP C. DNS D. HTTPS Correct Answer: A
QUESTION 3 A penetration test has been performed against the NetScaler Gateway virtual IPs (vIPs) resulting in the SSL RC4-based ciphers being flagged. What should the administrator do to address the vulnerability? A. Remove all the SSL ciphers from the virtual server. B. Assign Cipher Group \\’ALL\\’ to the NetScaler virtual server. C. Assign Cipher Group \\’HIGH\\’ to the NetScaler virtual server. D. Assign Cipher Group \\’DEFAULT\\’ to the NetScaler virtual server. Correct Answer: C
QUESTION 4 Which two things occur after adding a Subnet IP (SNIP) to a NetScaler which already has a Mapped IP (MIP)? (Choose two.) A. The NetScaler IP (NSIP) is no longer required. B. A SNIP will be used in preference to a MIP. C. Adding a SNIP adds an entry to the routing table. D. Client machines can use the MIP instead of the virtual IP (vIP). Correct Answer: BC
QUESTION 5 Scenario: An administrator implemented RADIUS with NetScaler Gateway as a two-factor authentication solution for a XenDesktop implementation. A planned outage is scheduled in wake of a software upgrade on the RADIUS infrastructure. During the outage, the administrator needs to disable the two-factor authentication on NetScaler Gateway to enable users\\’ continued access to published applications. Which action could the administrator take to meet the needs of the scenario without affecting the connected users? A. Delete the RADIUS authentication policy. B. Set the RADIUS policy to be secondary authentication. C. Disable authentication on the NetScaler Gateway virtual server. D. Unbind the RADIUS authentication policy from the NetScaler Gateway virtual server. Correct Answer: D
QUESTION 6 Scenario: A Citrix Administrator created a content switching virtual server. The administrator is unable to bind the load balancing virtual server to the content switching virtual server. Which protocol is being used on the load balancing virtual server that is causing this issue? A. SSL B. TCP C. UDP D. SSL Bridge Correct Answer: D
QUESTION 7 Scenario: A NetScaler Gateway is configured to use RADIUS for authentication. A Citrix Administrator needs to know whichNetScalerIP(NSIP)addressisusedforoutgoingRADIUStraffic. How can the administrator verify which NSIP is used? A. Check the ns.log file. B. Use the ping command. C. Check the messages log file. D. Use the nstcpdump.sh command. Correct Answer: D
QUESTION 8 While logged on to the NetScaler Configuration Utility, a Citrix Administrator notices that CPU utilization is higher than expected. What should the administrator configure to receive notification of this event in the future, when the administrator is NOT logged on? A. Auditing B. SNMP Trap C. SNMP view D. AppFlow Logging Correct Answer: B
QUESTION 9 Scenario: NetScaler Gateway is implemented to provide Web Resources, including Outlook Web Access and an SAP portal, to users. Marketing and Sales department employees normally work from outside the office location and should be able to access Web Resources from different types of devices that are NOT maintained by the company. Which user access connection method should an administrator configure to meet the needs of this scenario? A. Citrix Receiver B. PN Agent plug-in C. Clientless access D. Access Gateway plug-in Correct Answer: C
QUESTION 10 Scenario: An administrator plans to troubleshoot connections to the SSL virtual server configured on the NetScaler by using the WireShark tool. The administrator created a network trace file. What will the administrator need to decrypt the network trace? A. NS-root key B. NS-serverkey C. Private key of the root certification authority D. Private key of the certificate that is bound to the virtual server Correct Answer: D
QUESTION 11 Scenario: An administrator has configured several load balancing virtual servers on a NetScaler to accelerate the Web content. After an update on the Web content platform, all the servers need the client IP address to perform tracking operations. Which two tasks should the administrator complete to pass the client IP address to all the load balancing virtual servers? (Choose two.) A. Activate the Source-IP feature on the service. B. Configurearewritepolicy, thenbinditglobally. C. Activate the Client-IP Header insertion on the services. D. Configurearesponderpolicy, thenbindittoallservers. Correct Answer: BC
QUESTION 12 Scenario: An administrator is creating a NetScaler Gateway virtual server for mobile devices only. The administrator must include two-factor authentication. Which two steps must the administrator take to configure two-factor authentication for this environment? (Choose two.) A. Bind the RSA policy first. B. Bind the LDAP policy first. C. Create an authentication policy. D. Create a pre-authentication policy. Correct Answer: AC
QUESTION 13 Scenario: An administrator configured link load balancing to balance outbound traffic between two Internet Service Providers. When testing the configuration, the administrator notices NetScaler is unable to connect to any external addresses. Which mode should the administrator verify is enabled? A. Layer 3 B. Layer 2 C. Use Subnet IP D. Use Source IP Correct Answer: C
QUESTION 14 A Citrix Administrator needs to shorten the URL for users to connect to a StoreFront website without knowing the store name. Which policy should the administrator use to accomplish this requirement? A. Rewrite B. AppQoE C. Spillover D. Responder Correct Answer: A
QUESTION 15 Scenario: An administrator is planning to implement NetScaler Gateway. The administrator must ensure that users are able to change their passwords when the passwords have expired. To meet the needs of the scenario, the administrator must ensure that is included in the plan. A. LDAP authentication B. RADIUS authentication C. nested groups (enabled) D. the nsroot username added to Active Directory Correct Answer: A
QUESTION 16 5AnadministratorcreatedaserviceforaWebInterfaceserverthatisencryptedbyanSSLcertificate. Which command should the administrator run at the command-line interface to create a monitor that will check the Web Interface by logging on to it with a test user\\’s credentials? A. add lb monitor mon-WebInterface CITRIX-WI-EXTENDED -sitePath IjCitrixjXenAppI -userName user – domain DomainName -password [email protected] -encrypted B. add lb monitor mon-WebInterface CITRIX-WI-EXTENDED -sitePath IjCitrixjXenAppI -userName user – domain DomainName -password [email protected] -secure YES C. add lb monitor mon-WebInterface CITRIX-WI-EXTENDED -sitePath IjCitrixjXenAppI -userName user – domain DomainName -password [email protected] -destPort 443 D. add lb monitor mon-WebInterface CITRIX-WI-EXTENDED -sitePath IjCitrixjXenAppI -userName user – domain DomainName -password [email protected] -encrypted -secure YES Correct Answer: B
QUESTION 17 Scenario: A NetScaler Gateway virtual server is configured for a XenApp infrastructure. The Citrix Administrator is asked to configure monitoring on the NetScaler Gateway virtual server to ensure the health and availability of XenApp published applications. Which monitoring type should the administrator configure? A. STOREFRONT B. CITRIX-XD-DDC C. CITRIX-XML-SERvICE D. CITRIX-WEB-INTERFACE Correct Answer: D
QUESTION 18 Scenario:AcompanywebsitecurrentlyhasthousandsofGIFimages.UsingtheNetScaler, aCitrixAdministratorneeds to convert the GIFs to PNG format to reduce bandwidth requirements. Which feature on the NetScaler can accomplish this task? A. Priority Queueing B. Content Switching C. Content Accelerator D. Front End Optimization Correct Answer: D
QUESTION 19 Scenario: An administrator configures load balancing in an environment to load balance a Web server. The administrator needs to enhance availability in the case that the virtual server goes down. Which two options could the administrator configure to meet the load balancing needs for this environment? (Choose two.) A. Redirect URL B. Reversemonitoring C. Backup virtual server D. Content Switching virtual server Correct Answer: AC
QUESTION 20 A Citrix Administrator is upgrading NetScaler 10.1 appliances in a high availability (HA) pair to NetScaler 10.5. What is the first step to launch the upgrade according to Citrix best practice? A. Use the NetScaler Configuration Utility on the primary appliance to force HA failover. B. Execute the installns command on the primary appliance. C. Use the NetScaler Configuration Utility on the secondary appliance to force HA failover. D. Execute the installns command on the secondary appliance. Correct Answer: D
QUESTION 21 A Citrix Administrator is configuring MicrovPN with MDX wrapped apps to support StoreFront. Which two settings must the administrator configure in the NetScaler Gateway Global settings under `Configure Domains for Clientless Access\\’? (Choose two.) A. StoreFront URL B. XenMobile Gateway URL C. App Controller Host name D. Secure Ticketing Authority Correct Answer: AC
QUESTION 22 A Citrix Administrator needs to set up two-factor authentication on NetScaler Gateway for mobile devices. Which two actions should the administrator take to allow users to log on using mobile devices? (Choose two.) A. Create a pre-authentication policy B. Create a RADIUS authentication policy C. Bind the LDAP policy for primary authentication D. Bind the RADIUS policy for primary authentication E. Bind the RADIUS policy for secondary authentication Correct Answer: BD
QUESTION 23 What should a Citrix Administrator configure to optimize an internal NetScaler Gateway virtual server when more bandwidth is available for use and other websites are NOT affected? A. Windows Scaling within TCP parameters. B. Max Connections within HTTP parameters. C. A Net Profile that is applied to the NetScaler Gateway virtual server. D. Windows Scaling within a TCP Profile that is applied to the NetScaler Gateway virtual server. Correct Answer: D
QUESTION 24 An administrator plans to use only Citrix Receiver for XenDesktop remote access through a NetScaler Gateway device. Which type of policy should the administrator configure to meet this requirement? A. Session B. Authentication C. Clientless access D. Pre-authentication Correct Answer: A
QUESTION 25 After restarting one node on a two-node NetScaler cluster, an administrator notices that the node that was restarted no longer accepts traffic. Which action could the administrator take to resolve this issue? A. Run the nsconmsg -g feature -d stats from the shell. B. Run the sync cluster files command from the command-line interface. C. Replace the cluster license file and restart the NetScaler software only. D. Restart the NetScaler software and operating system for the failing node. Correct Answer: C
QUESTION 26 Scenario: NetScaler is used to load balance Microsoft SharePoint for internal users. An administrator needs to configure the NetScaler device to allow for external access to the SharePoint site. Which action could the administrator take to meet the requirements of the scenario? A. Bind the SharePoint certificate to the virtual server. B. Add the Microsoft SharePoint server to a Web Interface site. C. Configure an Authentication, Auditing and Authorization server. D. Enable \\’ICA proxy only\\’ on the NetScaler Gateway virtual server. Correct Answer: C
QUESTION 27 Which two methods should be used for generating a configuration data and statistics report for evaluation by Citrix? (Choose two.) A. Run Ishow callhomeI using the command-line interface. B. Run Ishow techsupportI using the command-line interface. C. Click the Call Home link under the Technical Support Tools section in the NetScaler Configuration Utility. D. Click the Download trace files link under the Technical Support Tools section in the NetScaler Configuration Utility. E. Click the Generate support file link under the Technical Support Tools section in the NetScaler Configuration Utility. Correct Answer: BE
QUESTION 28 An administrator needs to allow remote users to access their locally-installed corporate applications over a secure connection. In order to meet this requirement, the administrator could configure on the NetScaler. (Choose the correct option to complete the sentence.) A. SSL vPN B. ICA Proxy C. SSL Offload D. Clientless Access Correct Answer: A
QUESTION 29 Which two commands, when run at the command-line interface by a Citrix Administrator, can display interfaces configured for high availability monitoring? (Choose two.) A. show node B. show status C. show monitor D. showinterface E. show hardware Correct Answer: AD
QUESTION 30 Scenario: An administrator plans to implement NetScaler to load balance Web Interface traffic. The Web Interface servers are using standard non-secure ports. Company policy states that all external traffic must be secure. The administrator has added the servers for the Web Interface under Load Balancing. In order to load balance the Web Interface traffic and comply with company policy, the administrator should add services for and create an . (Choose the correct set of options to complete the sentence.) A. SSL; SSL virtual server B. SSL; HTTP virtual server C. HTTP; SSL virtual server D. HTTP; HTTP virtual server Correct Answer: C
Passontheinfo updates the latest effective exam dumps throughout the year (cisco,microsoft,oracle,citrix,comptia,VMware …) ! Share 30 valid Citrix CCA-N 1Y0-253 exam dumps for free to get the full 1Y0-253 Dumps: https://www.lead4pass.com/1y0-253.html (Total Questions:186 Q&As)