Question 36 of 72.
What is required to configure multiple Phase 2 IPSec VPN tunnels to the same Phase 1 gateway?
答案:B
Multiple P2 tunnels with different Proxy ID's on different tunnel interfaces
Multiple P2 tunnels with different Proxy ID's on the same tunnel interface
Multiple tunnel interfaces
Multiple P2 tunnels with different Peer ID's on the same tunnel Interfaces
Mark for follow up
Question 37 of 72.
With SSH decryption enabled, the SCP application will be identified as:
答案:A
ssh
sftp
scp
ssh-tunnel
Mark for follow up
Question 38 of 72.
Which of the following licenses is necessary in order to provide more accurate Botnet reporting?
答案:D
GlobalProtect Gateway License
Threat Prevention License
Virtual System License
URL-Filtering License
All of the above
Mark for follow up
Question 39 of 72.
When a user logs in via Captive Portal, their user information is checked against:
答案:B
Active Directory
Radius
Local database
All of the above
Mark for follow up
Question 40 of 72.
What option should be configured when using User Identification?
答案: C
Enable User Identification per interface
Enable User Identification per Security Rule
Enable User Identification per Zone
None of the above
Mark for follow up
Question 41 of 72.
Which of the following are necessary components of a GlobalProtect solution?
答案:D
GlobalProtect NetConnect, GlobalProtect Agent, GlobalProtect Portal, GlobalProtect Server GlobalProtect Gateway, GlobalProtect NetConnect, GlobalProtect Agent, GlobalProtect Portal, GlobalProtect Server
GlobalProtect Gateway, GlobalProtect Agent, GlobalProtect Server
GlobalProtect Gateway, GlobalProtect Agent, GlobalProtect Portal
None of the above
Mark for follow up
Question 42 of 72.
How many bytes of the URL are captured in the URL Log?
答案: C
2047
255
511
1023
Mark for follow up
Question 43 of 72.
The following can be configured as a next hop in a Static Route:
答案: D
A Policy-Based Forwarding Rule
Virtual System
A Dynamic Routing Protocol
Virtual Router
None of the above
Mark for follow up
Question 44 of 72.
Which best describes the firewall rules to be applied to a session?
答案:B
last match applied
first match applied
most specific match applied
all matches applied
Mark for follow up
Question 45 of 72.
For a security policy to allow inbound NATed traffic to a web server with a private IP address in the trust zone, the entry in the Destination Address column of the security rule should be based on the private IP address of the web server.
答案:B
True
False
Mark for follow up
Question 46 of 72.
Which local interface cannot be assigned to IKE gateway?
答案:D
VLAN
Loopback
L3
Tunnel
Mark for follow up
Question 47 of 72.
A traffic log entry with an Application of \
答案: A
The TCP SYN-ACK response packet was not seen before the session timed out
Captive Portal has not been configured properly
An invalid SSL certificate is in use
The App-ID engine could not find a matching application
None of the above
Mark for follow up