Brocade Certified Layer 4-7 Professional Practice Questions w/answers For Exam
|
|
- Marilynn Harrington
- 6 years ago
- Views:
Transcription
1 Brocade Certified Layer 4-7 Professional Practice Questions w/answers For Exam
2 Section 1 1) A user is able to perform all configuration functions through the Web GUI even though RADIUS command authorization is enabled and restricted for this user. Which statement describes what is happening? A) The Web server option is not configured in the aaa authentication command. B) No command authorization is performed for the Web GUI. C) The Web server option is not configured in the aaa authorization command. D) The Web GUI does not support RADIUS. RADIUS authentication is not supported for Web management (GUI) access on the ServerIron ADX. 2) user=bob { default service = permit member admin # Global password global = cleartext "cat" service = exec { privlvl = 15 brocade-privlvl = 4 }} Referring to the output, which statement is true regarding the TACACS+ server configuration? A) The user bob will be granted super-user access to the Brocade ADX. B) The user bob will be granted port-config level access to the Brocade ADX. C) The user bob will be granted read-only access to the Brocade ADX. D) The user bob will be denied access. The value in the brocade-privlvl A-V pair is an integer that indicates the privilege level of the user. Possible values are 0 for super-user level, 4 for port-config level, or 5 for read-only level. If a value other than 0, 4, or 5 is specified, the default privilege level of 5 (read-only) is used. 3) Which statistical data can be viewed graphically on the Brocade ADX GUI? (Choose three.) A) Traffic statistics for real server B) virtual server port C) SSL acceleration D) global traffic statistics E) certificate requests The ServerIron ADX GUI can display graphical information for global traffic statistics, or real server and virtual server port information.
3 4) The Brocade ADX GUI in the exhibit is used to accomplish which objective? A) Generate a request for a SSL key that will be sent to a CA to be digitally signed. B) Generate a self-signed SSL key. C) Generate a request for a certificate that will be sent to a CA to be digitally signed. D) Generate a request for a self-signed certificate that will be sent to a CA to be digitally signed. To generate a request for a certificate that will be sent to a CA to be digitally signed, perform the following tasks: 1. Click Security in the context bar and select SSL Traffic Management. 2. Click the Certificates tab. 3. Click the down arrow next to Certificate Signing Request (CSR) Generation. Section 2 5) A customer has a mixture of old and new Web servers associated with a single VIP. After performance testing in the lab it is determined that the new servers can handle twice as much traffic as the old servers. Currently the older servers are failing Layer 7 HTTP Health Checks and the users are seeing intermittent Web application speed issues. Which two methods can the customer use to keep the old servers from being overloaded with requests? (Choose two.) A) Set the interval and retries under the port 80 attributes to reflect suitable response latency. B) Limit the maximum number of connections allowed on each real server associated with the old servers. C) Limit the maximum number of connections allowed on the virtual server associated with the older servers. D) Increase the ping interval and retries under the port 80 attributes to keep the servers from failing Layer 7 Health Checks. Increasing the number of seconds between health checks (interval), and the number of times the ServerIron ADX re-attempts a Health Check (retries), will give the old servers more time to respond to Health Checks. By limiting the maximum number of connections allowed on the old servers you can avoid a condition where the capacity threshold of the real server is exceeded and it is not responding to Layer 7 Health Checks.
4 6) server real WEB port http port http keepalive port http url "GET /" port http content-match m1 http match-list m1 down simple "Unable to connect to the database" Referring to the configuration shown in the exhibit, the real server is failing its Health Check. What are two reasons for the failure? (Choose two.) A) The root page is a redirect. B) The information in the match list is not present in the returned page. C) Lower level Health Checks are failing before it gets to Layer 7. D) You have not enabled Layer 7 health checking. The match list m1 would cause the ServerIron ADX to mark the port failed if the text "Unable to connect to the database" is found at the beginning of the reply from the server. If the text is not found, the ServerIron ADX would mark the port UP, as the default is UP. 7) The Brocade ADX is using the default settings. You bind a real server to a virtual server and the application port is unknown. Which statement is true regarding the Layer 4 Health Check behavior? A) The Brocade ADX will periodic perform Health Checks. B) The Brocade ADX will perform an initial Health Check. C) The Brocade ADX will perform alternate Health Checks. D) The Brocade ADX will not perform any Health Checks. When you bind a real server to a virtual server, the ServerIron ADX performs either a Layer 4 TCP Health Check, a Layer 4 UDP Health Check, or a Layer 7 health check to bring up the application port. If the application port is not one of the applications that is known to the ServerIron ADX, it uses a Layer 4 Health Check. Otherwise, the ServerIron ADX uses a Layer 7 Health Check for the known application port. By default, the ServerIron ADX does not repeat the initial Layer 4 Health Check after bringing up the port when you bind the real server to the virtual server. 8) Which Health Check begins when you bind a real server to a virtual server and the application port is not known? A) Layer 2 B) Layer 3 C) Layer 4 D) Layer 7 When you bind a real server to a virtual server, the ServerIron ADX performs either a Layer 4 TCP Health Check, a Layer 4 UDP health check, or a Layer 7 Health Check to bring up the application port. If the application port is not one of the applications that is known to the ServerIron ADX, it uses a Layer 4 Health Check. Otherwise, the ServerIron ADX uses a Layer 7 Health Check for the known application port.
5 Section 3 9) Your customer would like to disable Layer 7 Health Checks on their real servers for the HTTP port. They have implemented the port profile shown below but still see Layer 7 Health Checks when they bind the real servers to the virtual servers. server port http tcp l4-check only Which command will resolve their issue? A) l7-check-only for the HTTP port profile. B) port http l4-check-only for each virtual server. C) tcp keepalive disable for each real server. D) port http l4-check-only for each real server. port http l4-check-only configures the ServerIron ADX to use Layer 4 keepalive Health Checks for the HTTP port, instead of Layer 7 Health Checks. 10) server real r port http port http url "test1.html" port 8080 port 8080 url "test2.html" server virtual VIP port http bind http r1 http server virtual VIP port http bind http r no port http translate Referring to the exhibit, which command will ensure that VIP2 goes down when r1 fails Layer 7 Health Check? A) port http-use-alias-port-state under virtual server VIP1 B) tcp keepalive use-master-state under the port 8080 profile C) no port http translate under real server r1 D) port http-use-alias-port-state under server port 8080 To configure an alias port s health to be based on its master port s health, edit the alias port s profile by entering commands such as thse: ServerIronADX(config)#server port 8080 ServerIronADX(config-port-8080)#tcp keepalive use-master-state
6 11) You are configuring IPv4 VRRP-E on a Brocade ADX running Layer 3 firmware. Which three are available for tracking? (Choose three.) A) individual ports B) multiport trunks C) barrel processors D) upstream router reachability E) real server reachability When configuring VRRP-E on a ServerIron ADX running Layer 3 software, you can track individual ports, trunk ports and barrel processors (BPs): Syntax: track-port ethernet <portnum> ve <num> Syntax: [no] track-trunk-port ethernet <portnum> Syntax: [no] track-bp bp-priority <priority-value> 12) Which statement is true about Route Health Injection (RHI) configuration for real servers? A) The Brocade ADX and the server must be in the same subnet. B) You must use the same switch port for OSPF and for the globally-distributed SLB. C) The management station must be on the same subnet. D) The host with the highest metric appears in the client's routing table. For RHI the ServerIron ADX must be in the same subnet as the router. 13) Which two commands will provide an IPv6 route? (Choose two.) A) ipv6 route 700::/64 400::212:f2ff:fea8:1400 B) ipv6 route 2000:7838::/32 400::212:f2ff:fea8:1400 C) ipv6 route 700::/64 400:::f2ff:fea8:1400 D) ipv6 route 2000:7838::/32 400::f2ff:fea8:1400/34 Syntax: ipv6 route <dest-ipv6-prefix>/<prefix-length> <next-hop-ipv6-address> [<metric>] [distance <number>] To make the address less cumbersome, you can do the following: Omit the leading zeros; for example, 2001:db8:0:0:200:2d:d0ff:fe48:4672. Compress the successive groups of zeros at the beginning, middle, or end of an IPv6 address with two colons (::). This can only be once per address; for example, 2001:db8::200:2d:d0ff:fe48: ) Which two features are supported for IPv6 for Brocade ADX SLB? (Choose two.) A) real server hardware DSR B) stateless SLB C) syn-proxy D) Transparent Cache Switching A ServerIron ADX supports IPv6 stateless SLB and Transparent Cache Switching (TCS) for IPv6 cache servers.
7 15) What are three ways that you can create an SLB policy-list? (Choose three.) A) Use the CLI. B) Use the Brocade ADX GUI. C) Use IronView Network Manager. D) Download the file from TFTP. E) Use a USB flash. A policy list can be created in three ways depending on the number of policies being defined: If the number of policies is small, you can create the policy list file using the CLI. If the number of policies is large, you can download the policy list file from a TFTP server or a USB flash. 16) ServerIronADX(config)# server real rsa ServerIronADX(config-rs-rsA)# weight 1 ServerIronADX(config-rs-rsA)# exit ServerIronADX(config)# server real rsb ServerIronADX(config-rs-rsB)# weight 2 ServerIronADX(config-rs-rsB)# exit ServerIronADX(config)# server real rsc ServerIronADX(config-rs-rsC)# weight 3 ServerIronADX(config-rs-rsC)# exit The weights for rsa, rsb, and rsc are configured as shown in the exhibit. The configured server predictor is weighted. Where are the first three server requests sent? A) The first request is sent to server rsa, the second request is sent to server rsb and the third request is sent to server rsc. B) The first request is sent to server rsc, the second request is sent to server rsb and the third request is sent to server rsa. C) All three requests will be sent to server rsa. D) All three requests will be sent to server rsc. Weighted and Enhanced Weighted load balancing predictors assign a performance weight to each server. Weighted and Enhanced load balancing are similar to least connections, except that servers with a higher weight value receive a larger percentage of connections at a time. Assign a weight to each real server, and that weight determines the percentage of the current connections that are given to each server. The <weight-value> parameter specifies the real server s weight relative to other real servers in terms of the number of connections on the server. More precisely, this weight is based on the number of session table entries the ServerIron ADX has for TCP or UDP sessions with the real server. You can specify a value from 0 through The default is 1.
8 17) Which two statements are true about symmetric server load balancing active-standby? (Choose two.) A) Dual Brocade ADXs cannot share active loads. B) They support more connections, more throughput. C) The same application cannot be mapped to 2 or more VIPs. D) Both are active and continue to be a backup for each other in case the other fails. Symmetric-active is also called as active-standby VIP. Both ServerIron ADXs can receive SLB traffic, but only the active VIP handles the L4-7 SLB, while the standby VIP functions as a standby. The VIP with the highest configured sym-priority handles the flow. Symmetric SLB is supported in both Switch (S) code and Router (R) code. An active-standby topology can handle more connections and throughput than a hotstandby configuration where only one ADX is active at a time. Section 4 18) Your customer wants all references to in response data replaced with " Which type of HTTP rewrite policy will accomplish this request? A) HTTP response-header rewrite B) HTTP response-body rewrite C) HTTP type response-rewrite D) HTTP default rewrite A response-body rewrite configuration replaces all references to with in all response data. In other words, the data "href=' becomes "href= 19) A customer plans to introduce content switching to their network. The HTTP version being used in the network is 1.0. The customer creates the rule shown below, and finds that it does not work: (config)# csw-rule r4 header host exists What could be the reason? A) The syntax of the rule is not correct. B) No header should ever be used in a rule in HTTP 1.0. C) The host header is not defined for HTTP 1.0. D) CSW does not work for HTTP 1.0. The csw-rule command creates a rule that matches if an incoming packet contains an HTTP host header field. HTTP 1.0 does not officially require a Host header but the ServerIron ADX is expecting to see a Host header.
9 Section 5 20) Given the commands shown below: gslb policy dns cache-proxy round-trip-time active-rtt use-active-rtts-only Which statement is true? A) Round trip time is measured between a client PC and a GSLB site Brocade ADX. B) Round trip time is measured between a local DNS server and a GSLB site Brocade ADX. C) Round trip time is measured between a client PC and the GSLB controller Brocade ADX. D) Round trip time is measured between a local DNS server and the GSLB controller Brocade ADX. dns cache-proxy enables the ServerIron ADX to act as a proxy for a DNS server, by responding directly to the client queries without forwarding them to the DNS server. round-trip-time active-rtt useactive-rtts-only RTT algorithm selection based only on active RTT values (Mode 2) Only RTT values that were gathered actively by Site ServerIron ADXs will be used in determining the optimal IP address. 21) You want to perform GSLB for the domain brocade.com and already have an authoritative DNS server. The DNS server IP should remain the same and you do not want to register a new DNS server IP to a domain name registrar. Which GSLB feature can satisfy the requirement? A) proxy B) cache-proxy C) override D) transparent-intercept To configure transparent DNS query intercept to directly respond to queries using IP addresses configured on the ServerIron ADX, do the following: Configure a virtual server with the IP address of the authoritative DNS server that you want to intercept Specify the domain name and host application for which you want to intercept queries Enable the DNS transparent intercept feature Configure an IP policy to examine incoming DNS packets Enable dns transparent-intercept in the GSLB policy
10 Section 6 22) A browser exchanges several ciphers using SSL v2.0 with a server. There is a hacker initiating a man-inthe-middle attack. Which two statements are true? (Choose two.) A) The server code will reject the SSL offer. B) The attacker could use a brute force attack. C) The attacker could mount a cipher downgrade attack. D) The attacker could use a truncation attack. The symmetric key algorithms used in SSL v2.0 are without the benefit of asymmetric key protection, they come before the _WITH_ and SSL v2.0 uses them to encrypt the data; unlike SSL v3.0 data, SSL v2.0 data is open to brute force attacks, without Public/Private key protection. SSL v2.0 has no handshake protection and attackers can force parties to negotiate a weaker cipher even if they both support stronger ciphers (a downgrade attack). 23) Which type of key is used for bulk encryption? A) asymmetric key B) secure key C) symmetric key D) primary key Symmetric key is changed every session. If someone is able to get the symmetric key by a brute force attack, they cannot use it for the next session because the key is changed every session. Symmetric, Secret key is the best and is used for bulk encryption. 24) You perform SLB across real servers and want to encrypt data all the way to real servers from clients. Clients use SSL to access a VIP on a Brocade ADX. You do not need any manipulation over data. Which feature will minimize the configuration on the ADX while meeting the requirement? A) SSL termination B) SSL proxy C) Layer 4 SLB for port SSL D) Layer 7 SLB for port SSL When used in conjunction with SSL termination, SSL proxy provides an end-to-end SSL solution by encrypting traffic from the ADX to a Server. In the end-to-end solution, the traffic can be divided into two segments: Client to ADX, and ADX to server.
11 25) You are required to configure an HTTP TRL policy with a client rate limit on a Brocade ADX. Referring to the graphic which three procedures should you perform? (Choose three.) A) Define an HTTP TRL policy. B) Configure an HTTP TRL default maximum connection. C) Configure an HTTP TRL client rate limit. D) Configure the action to take if a client exceeds the configured rate limit. E) Configure an HTTP TRL default rate limit. The transaction rate limit parameters are grouped into a set and each set is associated with a name. To create a set of transaction rate limit rules, follow these steps: 1. Configure name of the set and enter client transaction rate limit configuration mode. ServerIronADX(config)#client-trans-rate-limit tcp TRL1 Syntax: [no] client-trans-rate-limit tcp udp icmp <name> 2. Specify the trl keyword for client subnet and set connection rate. ServerIronADX(config-client-trl-trl1)#trl monitor-interval 3 conn-rate 10 holddown-time 1 Syntax: [no] trl { <client-ipv4> <client-mask> <client-ipv6> <prefix> } monitorinterval <mon-value> conn-rate <con-value> hold-down-time <hold-down-value>
12 Section 7 26) After configuring rule-based ACLs, the network administrator wants to implement tighter control on all packet fragments on port e1/1 by executing the commands shown below: ServerIron(config)# interface ethernet 1/1 ServerIron(config-if-1/1)# ip access-group frag inspect Which three statements are true? (Choose three.) A) CPU filtering of packet fragments on port e1/1 is enabled. B) e1/1 will send all the fragments of all packets to the CPU. C) e1/1 will send all the fragments of a fragmented packet to the CPU. D) e1/1 will send all fragments of a fragmented packet in hardware. E) The CPU acts on each fragment according to the rule-based ACL applied to e1/1. For tighter control, you can enable CPU filtering of all packet fragments on a port. When you enable CPU filtering, the port sends all the fragments of a fragmented packet to the CPU. The CPU then permits or denies each fragment according to the ACL applied to the port. You can enable CPU filtering of fragments on individual ports. 27) DNS resolutions are taking too much time. After inspecting the DNS server, it shows 100% CPU usage. You are suspicious about a hacker attacking it. Which feature can be configured in the Brocade ADX to protect the DNS server? A) Enable SYN-Defense under the physical interface. B) Enable SYN-Proxy under the physical interface. C) Enable Transaction Rate Limiting (TRL) under the real server mode. D) Enable Connection Rate Limiting (CRL) under the real server mode. CRL is designed to provide DoS attack protection from clients that completely establish TCP connections but have the same goal of crippling the servers. Using CRL, the number of connections a client can establish per second is limited to a user-configured threshold.
13 Section 8 28) You notice performance issues when accessing your real servers. You verify the status of your Brocade ServerIron ADX and see that the server is marked as "Active". Shortly after, the server is marked as "Failed" and then "Active" again. You execute the command server no-fast-bringup and the condition stops. There was a successful Layer 4 Health Check followed by an unsuccessful Layer 7 Health Check. Why did this happen? A) The Brocade ADX does not continue to run Layer 4 and 7 Health Checks. server no-fast-bringup command will delay the marking of the port as active until both initial Layer 4 and 7 Health Checks are completed. B) The Brocade ADX does not continue to run Layer 4 and 7 Health Checks. server no-fast-bringup command will mark the port as active until both initial Layer 4 and 7 Health Checks are completed. C) The Brocade ADX continues to run Layer 4 and 7 Health Checks. server no-fast-bringup command will mark the port as active until all the Health Checks are completed. D) The Brocade ADX continues to run Layer 4 and 7 Health Checks. server no-fast-bringup command will delay the marking of the port as active until all the Health Checks are completed. The no-fast-bringup command prevents the ServerIron ADX from marking a port ACTIVE until it passes both Layer 4 and Layer 7 Health Checks. 29) You have been told that traffic from a particular IP address is not reaching any of the servers. Which three need to be executed to view packets traversing the Brocade ServerIron ADX? (Choose three.) A) filter packet B) debug filter C) buffer-size 128 D) start E) monitor You have to do the following to use the ServerIron ADX packet capture utility (debug filter): 1. enter utility (debug filter) 2. configure capture buffer (buffer-size <number in Kilobytes>) 3. specify packet size to capture (packet-size <number in decimal or whole >) 4. specify filters (specify <filter-id>) 5. apply filters (apply <filter-id>) 6. start capturing process (start) 7. stop capturing process (stop) 8. view captured packets (view <mp/bp/lc/sf>)
14 30) ServerIron ADX# rconsole 1 1 ServerIron ADX1/1# show ssl authentication-stats SSL certificate verification counters: Success : Failure : 387 Unknown user : 0 Signature failed : 0 Certificate expired : 387 Certificate revoked : 0 Cert not yet valid : 0 Cert signature failed : 0 Issuer pubkey decode fail : 0 Self signed cert : Issuer cert not found : 0 Subject Issuer mismatch : 0 Certificate untrusted : 0 Cert chain too long : 0 Cert not sent by peer : 0 CRL counters: CRL load failed : 0 CRL signature failed : 0 CRL not found : 0 CRL not yet valid : 0 CRL expired : You have been performing SSL-Proxy on your Brocade ADX for nine months with no problems. Suddenly, it no longer works. Referring to the output, what is the cause of the outage? A) The certificate on the client browser has expired. B) The certificate on the Brocade ADX has expired. C) The certificates on the real servers have expired. D) The CA certificate on the client browser has expired. The output shows 387 failed connections and 387 Certificate expired errors. 31) The error shown below has been reported on your Brocade ADX syslog: 00d00h08m34s:W:Port 80 on server r20: : Avg response time 27 exceeded lower threshold What does the error mean? A) The response-time shutdown threshold has been met and the server will continue receiving traffic. B) The response-time warning threshold has been exceeded and the server will continue receiving traffic. C) The response-time shutdown threshold has been exceeded and the server will be excluded from SLB. D) The response-time shutdown threshold has been exceeded and the server will continue receiving traffic. The ServerIron ADX compares the calculated response time and compares that with the configured response threshold. If the calculated response time is greater than the configured response threshold, the port is marked down.
ServerIron ADX. Security Guide. Supporting ServerIron ADX TrafficWorks version
53-1001444-01 ServerIron ADX Security Guide Supporting ServerIron ADX TrafficWorks version 12.0.00 Copyright 2006-2009 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Fabric OS, File
More informationBrocade Brocade Certified Layer 4-7 Professional Download Full version :
Brocade 150-420 Brocade Certified Layer 4-7 Professional 2010 Download Full version : https://killexams.com/pass4sure/exam-detail/150-420 QUESTION: 94 You are configuring your Brocade ADX for SSL Termination.
More informationTrafficWorks Software Release c for Brocade ServerIron ADX Series Application Delivery Switches Release Notes v1.3
TrafficWorks Software Release 12.0.00c for Brocade ServerIron ADX Series Application Delivery Switches Release Notes v1.3 November 2, 2009 Document History Document Title Summary of Changes Publication
More informationConfiguring Virtual Servers
3 CHAPTER This section provides an overview of server load balancing and procedures for configuring virtual servers for load balancing on an ACE appliance. Note When you use the ACE CLI to configure named
More informationConfiguring Network Proximity
CHAPTER 9 This chapter describes how to configure a Global Site Selector to perform network proximity to determine the best (most proximate) resource for handling global load-balancing requests. This chapter
More informationDisplaying SSL Configuration Information and Statistics
CHAPTER 7 Displaying SSL Configuration Information and Statistics This chapter describes the show commands available for displaying CSS SSL configuration information and statistics and an explanation of
More informationADX Software Updates and the Application Resource Broker (ARB) Introduction
ADX Software Updates and the Application Resource Broker (ARB) Introduction Objectives Upon completion of this module, you will be able to: Discuss ADX licensing Describe the Application Resource Broker
More informationChapter 3 Command List
Chapter 3 Command List This chapter lists all the commands in the CLI. The commands are listed in two ways: All commands are listed together in a single alphabetic list. See Complete Command List on page
More informationConfiguring Routes on the ACE
CHAPTER2 This chapter describes how the ACE is considered a router hop in the network when it is in routed mode. In the Admin or user contexts, the ACE supports static routes only. The ACE supports up
More informationJune ServerIron ADX. Security Guide. Supporting Brocade ServerIron ADX version a
June 2012 ServerIron ADX Security Guide Supporting Brocade ServerIron ADX version 12.4.00a 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol,
More informationWhat is New in Cisco ACE 4710 Application Control Engine Software Release 3.1
What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1 PB478675 Product Overview The Cisco ACE Application Control Engine 4710 represents the next generation of application switches
More informationConfiguring DNS Sticky
CHAPTER 8 This chapter describes how to configure a GSS to support Domain Name System (DNS) stickiness to answer requests received from client D-proxies. The GSS supports DNS sticky both locally and globally
More informationIP Application Services Commands default (tracking) default {delay object object-number threshold percentage}
default (tracking) default (tracking) To set the default values for a tracked list, use the default command in tracking configuration mode. To disable the defaults, use the no form of this command. default
More informationInterchassis Asymmetric Routing Support for Zone-Based Firewall and NAT
Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT The Interchassis Asymmetric Routing Support for Zone-Based Firewall and NAT feature supports the forwarding of packets from a standby
More informationCCNA Semester 2 labs. Labs for chapters 2 10
CCNA Semester 2 labs Labs for chapters 2 10 2.2.2.5 Lab - Configuring IPv4 Static and Default Routes 2.3.2.4 Lab - Troubleshooting Static Routes 3.2.1.9 Lab - Configuring Basic RIPv2 5.2.2.9 Lab - Configuring
More informationstandby arp gratuitous through track vrrp
standby arp gratuitous, page 2 standby authentication, page 4 standby bfd, page 7 standby bfd all-interfaces, page 9 standby delay minimum reload, page 11 standby follow, page 13 standby ip, page 15 standby
More informationConfiguring SSL. SSL Overview CHAPTER
CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.
More informationVendor: Citrix. Exam Code: 1Y Exam Name: Citrix NetScaler 10.5 Essentials and Networking. Question Question 160
Vendor: Citrix Exam Code: 1Y0-351 Exam Name: Citrix NetScaler 10.5 Essentials and Networking Question 121 -- Question 160 Visit PassLeader and Download Full Version 1Y0-351 Exam Dumps QUESTION 121 Scenario:
More informationConfiguring SSL. SSL Overview CHAPTER
7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:
More informationConfiguring Management Access
37 CHAPTER This chapter describes how to access the ASA for system management through Telnet, SSH, and HTTPS (using ASDM), how to authenticate and authorize users, how to create login banners, and how
More informationConfiguring Web-Based Authentication
CHAPTER 42 This chapter describes how to configure web-based authentication. It consists of these sections: About Web-Based Authentication, page 42-1, page 42-5 Displaying Web-Based Authentication Status,
More informationCitrix CNS-220 1Y0-240 Exam Hints
Citrix CNS-220 1Y0-240 Exam Hints This is not a brain dump! Questions and Answers are not given here. Rather it is a guide for further study. It assumes you have attended the CNS-220 offical Citrix instructor
More informationConfiguring Web-Based Authentication
This chapter describes how to configure web-based authentication on the switch. It contains these sections: Finding Feature Information, page 1 Web-Based Authentication Overview, page 1 How to Configure
More informationConfiguring Real Servers and Server Farms
CHAPTER2 Configuring Real Servers and Server Farms This chapter describes the functions of real servers and server farms in load balancing and how to configure them on the ACE module. It contains the following
More informationvserver vserver virtserver-name no vserver virtserver-name Syntax Description
Chapter 2 vserver vserver To identify a virtual server, and then enter the virtual server configuration submode, use the vserver command. To remove a virtual server from the configuration, use the no form
More informationConfiguring SSL CHAPTER
7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-618 Title : Deploying Cisco ASA Firewall Solutions (FIREWALL v2.0) Vendors : Cisco
More informationConfiguring Web Cache Services By Using WCCP
CHAPTER 44 Configuring Web Cache Services By Using WCCP This chapter describes how to configure your Catalyst 3560 switch to redirect traffic to wide-area application engines (such as the Cisco Cache Engine
More informationHP Load Balancing Module
HP Load Balancing Module Security Configuration Guide Part number: 5998-2686 Document version: 6PW101-20120217 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part
More informationCisco IOS HTTP Services Command Reference
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More informationConfiguring Cache Services Using the Web Cache Communication Protocol
Configuring Cache Services Using the Web Cache Communication Protocol Finding Feature Information, page 1 Prerequisites for WCCP, page 1 Restrictions for WCCP, page 2 Information About WCCP, page 3 How
More informationChapter 13 Configuring BGP4
Chapter 13 Configuring BGP4 This chapter provides details on how to configure Border Gateway Protocol version 4 (BGP4) on HP products using the CLI and the Web management interface. BGP4 is supported on
More informationCisco IOS First Hop Redundancy Protocols Command Reference
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More informationChapter 14 Route Health Injection
Chapter 14 Route Health Injection You can configure an HP 9304M, HP 9308M, and HP 6208M-SX routing switch to check the health of the HTTP application and inject a host route into the network to force a
More informationCisco IOS HTTP Services Command Reference
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More informationmatch protocol http cookie (cookie map submode)
Chapter 2 22 match protocol http cookie (cookie map submode) match protocol http cookie (cookie map submode) To add cookies to a cookie map, use the match protocol http cookie command in SLB cookie map
More informationCCNA Security 1.0 Student Packet Tracer Manual
1.0 Student Packet Tracer Manual This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors
More informationAction List Modify Configuration Mode Commands
Action List Modify Configuration Mode Commands Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Action list modify configuration mode commands allow you to configure ACE action lists.
More informationConfiguring Real Servers and Server Farms
CHAPTER2 Configuring Real Servers and Server Farms Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. All features described in this chapter
More informationUsing ANM With Virtual Data Centers
APPENDIXB Date: 3/8/10 This appendix describes how to integrate ANM with VMware vcenter Server, which is a third-party product for creating and managing virtual data centers. Using VMware vsphere Client,
More informationConfiguring Web-Based Authentication
This chapter describes how to configure web-based authentication on the switch. It contains these sections: Finding Feature Information, page 1 Web-Based Authentication Overview, page 1 How to Configure
More informationCisco CCIE Security Written.
Cisco 400-251 CCIE Security Written http://killexams.com/pass4sure/exam-detail/400-251 QUESTION: 193 Which two of the following ICMP types and code should be allowed in a firewall to enable traceroute?
More informationConfiguring Real Servers and Server Farms
6 CHAPTER This section provides an overview of server load balancing and procedures for configuring real servers and server farms for load balancing on an ACE appliance. When you use the ACE CLI to configure
More informationImplementing Traffic Filters for IPv6 Security
Implementing Traffic Filters for IPv6 Security Last Updated: November 14, 2011 This module describes how to configure Cisco IOS XE IPv6 traffic filter and firewall features for your Cisco networking devices.
More informationGrandstream Networks, Inc. UCM6100 Security Manual
Grandstream Networks, Inc. UCM6100 Security Manual Index Table of Contents OVERVIEW... 3 WEB UI ACCESS... 4 UCM6100 HTTP SERVER ACCESS... 4 PROTOCOL TYPE... 4 USER LOGIN... 4 LOGIN TIMEOUT... 5 TWO-LEVEL
More informationip director server availability through ttl ip ip director server availability through ttl ip
1 ip director server availability ip director server availability Note Effective with Cisco IOS 12.4(24)T, the ipdirectorserveravailabilitycommand is not available in Cisco IOS software. To configure a
More informationConfiguring the CSM-S SSL Services
CHAPTER 7 This chapter describes the Line Interface (CLI) commands to configure, monitor, and debug the CSM-S software for SSL. These configuration commands are the same commands that are valid in the
More informationCISCO EXAM QUESTIONS & ANSWERS
CISCO 642-618 EXAM QUESTIONS & ANSWERS Number: 642-618 Passing Score: 800 Time Limit: 120 min File Version: 39.6 http://www.gratisexam.com/ CISCO 642-618 EXAM QUESTIONS & ANSWERS Exam Name: Deploying Cisco
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationDGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide. Figure 9-1 Port Security Global Settings window
9. Security DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Port Security 802.1X AAA RADIUS TACACS IMPB DHCP Server Screening ARP Spoofing Prevention MAC Authentication Web-based
More informationConfiguring Health Monitoring
CHAPTER1 This chapter describes how to configure health monitoring on the ACE to track the state of a server by sending out probes. Also referred to as out-of-band health monitoring, the ACE verifies the
More informationHP Load Balancing Module
HP Load Balancing Module Load Balancing Configuration Guide Part number: 5998-4218 Software version: Feature 3221 Document version: 6PW100-20130326 Legal and notice information Copyright 2013 Hewlett-Packard
More informationEnabling Remote Access to the ACE
CHAPTER 3 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. All features described in this chapter are supported with IPv6 unless otherwise
More informationCisco IOS Optimized Edge Routing Command Reference
First Published: 2007-01-29 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE
More informationDeployment Guide. Blackboard Learn +
Deployment Guide Blackboard Learn + TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Guide Overview... 4 2.1 Blackboard Server Roles... 5 3 Prerequisites and Assumptions... 5 4 Basic Configuration...
More informationConfiguring Secure Socket Layer HTTP
Finding Feature Information, page 1 Information about Secure Sockets Layer (SSL) HTTP, page 1 How to Configure Secure HTTP Servers and Clients, page 5 Monitoring Secure HTTP Server and Client Status, page
More informationConfiguring SSL Termination
CHAPTER 3 This chapter describes the steps required to configure a context on the Cisco 4700 Series Application Control Engine (ACE) appliance as a virtual SSL server for SSL termination. It contains the
More informationConfiguring WCCPv2. Information About WCCPv2. Send document comments to CHAPTER
CHAPTER 5 This chapter describes how to configure the Web Cache Communication Protocol version 2 (WCCPv2) on Cisco NX-OS devices. This chapter includes the following sections: Information About WCCPv2,
More informationHigh Availability Options
, on page 1 Load Balancing, on page 2 Distributed VPN Clustering, Load balancing and Failover are high-availability features that function differently and have different requirements. In some circumstances
More informationConfiguring Stickiness
CHAPTER 5 This chapter describes how to configure stickiness (sometimes referred to as session persistence) on an Cisco 4700 Series Application Control Engine (ACE) appliance. It contains the following
More informationConfiguring VIP and Virtual Interface Redundancy
CHAPTER 6 Configuring VIP and Virtual Interface Redundancy This chapter describes how to plan for and configure virtual IP (VIP) redundancy and virtual interface redundancy on the CSS. Information in this
More informationChapter 6 Global CONFIG Commands
Chapter 6 Global CONFIG Commands aaa accounting Configures RADIUS or TACACS+ accounting for recording information about user activity and system events. When you configure accounting on an HP device, information
More informationFundamentals of Network Security v1.1 Scope and Sequence
Fundamentals of Network Security v1.1 Scope and Sequence Last Updated: September 9, 2003 This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document
More informationset active-probe (PfR)
set active-probe (PfR) set active-probe (PfR) To configure a Performance Routing (PfR) active probe with a forced target assignment within a PfR map, use the set active-probe command in PfR map configuration
More informationConfiguring a CSS as a Content Routing Agent
CHAPTER 3 Configuring a CSS as a Content Routing Agent This chapter provides an overview of the CSS Content Routing Agent (CRA) feature and describes how to configure it for operation. Information in this
More informationBIG-IP Analytics: Implementations. Version 12.1
BIG-IP Analytics: Implementations Version 12.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles...5 Overview: Collecting
More informationTeacher s Reference Manual
UNIVERSITY OF MUMBAI Teacher s Reference Manual Subject: Security in Computing Practical with effect from the academic year 2018 2019 Practical 1: Packet Tracer - Configure Cisco Routers for Syslog, NTP,
More informationModular Policy Framework. Class Maps SECTION 4. Advanced Configuration
[ 59 ] Section 4: We have now covered the basic configuration and delved into AAA services on the ASA. In this section, we cover some of the more advanced features of the ASA that break it away from a
More informationConfiguring Web-Based Authentication
CHAPTER 61 This chapter describes how to configure web-based authentication. Cisco IOS Release 12.2(33)SXH and later releases support web-based authentication. Note For complete syntax and usage information
More informationBIG-IP DNS Services: Implementations. Version 12.0
BIG-IP DNS Services: Implementations Version 12.0 Table of Contents Table of Contents Configuring DNS Express...11 What is DNS Express?...11 About configuring DNS Express...11 Configuring DNS Express
More informationCisco IOS Distributed Director Command Reference
Cisco IOS Distributed Director Command Reference Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax:
More informationChapter 10 - Configure ASA Basic Settings and Firewall using ASDM
Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM This lab has been updated for use on NETLAB+ Topology Note: ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet interfaces.
More informationRouting Overview. Information About Routing CHAPTER
21 CHAPTER This chapter describes underlying concepts of how routing behaves within the ASA, and the routing protocols that are supported. This chapter includes the following sections: Information About
More informationDeployment Guide AX Series with Oracle E-Business Suite 12
Deployment Guide AX Series with Oracle E-Business Suite 12 DG_OEBS_032013.1 TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Prerequisites... 4 3 Oracle E-Business Topology... 5 4 Accessing the AX Series
More informationFirepower Threat Defense Site-to-site VPNs
About, on page 1 Managing, on page 3 Configuring, on page 3 Monitoring Firepower Threat Defense VPNs, on page 11 About Firepower Threat Defense site-to-site VPN supports the following features: Both IPsec
More informationupgrade-mp through xlate-bypass Commands
CHAPTER 33 upgrade-mp To upgrade the maintenance partition software, use the upgrade-mp command. upgrade-mp {http[s]://[user:password@]server[:port]/pathname tftp[://server/pathname]} tftp http[s] server
More informationexam. Number: Passing Score: 800 Time Limit: 120 min CISCO Interconnecting Cisco Networking Devices Part 1 (ICND)
100-105.exam Number: 100-105 Passing Score: 800 Time Limit: 120 min CISCO 100-105 Interconnecting Cisco Networking Devices Part 1 (ICND) Exam A QUESTION 1 Which route source code represents the routing
More informationMonitoring GSS Global Server Load-Balancing Operation
CHAPTER 10 Monitoring GSS Global Server Load-Balancing Operation This chapter describes the following tools for monitoring the status of global server load-balancing on your GSS network: CLI-based commands
More informationCisco Performance Routing
Cisco Performance Routing As enterprise organizations grow their businesses, the demand for real-time application performance and a better application experience for users increases. For example, voice
More informationKillTest ᦝ䬺 䬽䭶䭱䮱䮍䭪䎃䎃䎃ᦝ䬺 䬽䭼䯃䮚䮀 㗴 㓸 NZZV ]]] QORRZKYZ PV ٶ瀂䐘މ悹伥濴瀦濮瀃瀆ݕ 濴瀦
KillTest Exam : 1Y0-A21 Title : Basic Administration for Citrix NetScaler 9.2 Version : Demo 1 / 5 1.Scenario: An administrator is working with a Citrix consultant to architect and implement a NetScaler
More informationConfiguring DHCP Features and IP Source Guard
CHAPTER 21 This chapter describes how to configure DHCP snooping and option-82 data insertion, and the DHCP server port-based address allocation features on the switch. It also describes how to configure
More informationZone-Based Policy Firewall High Availability
The feature enables you to configure pairs of devices to act as backup for each other. High availability can be configured to determine the active device based on a number of failover conditions. When
More informationKillTest. 半年免费更新服务
KillTest 质量更高 服务更好 学习资料 http://www.killtest.cn 半年免费更新服务 Exam : 642-618 Title : Deploying Cisco ASA Firewall Solutions (FIREWALL v2.0) Version : DEMO 1 / 9 1.On the Cisco ASA, tcp-map can be applied to
More informationBIG-IP Analytics: Implementations. Version 13.1
BIG-IP Analytics: Implementations Version 13.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles... 5 Overview:
More informationA10 SSL INSIGHT & SONICWALL NEXT-GEN FIREWALLS
DEPLOYMENT GUIDE A10 SSL INSIGHT & SONICWALL NEXT-GEN FIREWALLS A10 NETWORKS SSL INSIGHT & FIREWALL LOAD BALANCING SOLUTION FOR SONICWALL SUPERMASSIVE NEXT GENERATION FIREWALLS OVERVIEW This document describes
More informationDEPLOYMENT GUIDE A10 THUNDER ADC FOR EPIC SYSTEMS
DEPLOYMENT GUIDE A10 THUNDER ADC FOR EPIC SYSTEMS OVERVIEW This document shows how an A10 Thunder Series device can be deployed with Epic Electronic Medical Record system. The tested solution is based
More informationTM Patch History Last Updated 2011/07/01 Version 28
TM 6.5.2 Patch History Last Updated 2011/07/01 Version 28 To contact Array Networks, Inc. Customer Support, please call 1-877-MY-ARRAY (1-877-992-7729) or email the team at support@arraynetworks.net Additional
More informationUser Role Firewall Policy
User Role Firewall Policy An SRX Series device can act as an Infranet Enforcer in a UAC network where it acts as a Layer 3 enforcement point, controlling access by using IP-based policies pushed down from
More informationAdvanced IPv6 Training Course. Lab Manual. v1.3 Page 1
Advanced IPv6 Training Course Lab Manual v1.3 Page 1 Network Diagram AS66 AS99 10.X.0.1/30 2001:ffXX:0:01::a/127 E0/0 R 1 E1/0 172.X.255.1 2001:ffXX::1/128 172.16.0.X/24 2001:ff69::X/64 E0/1 10.X.0.5/30
More informationtcp-map through type echo Commands
CHAPTER 31 31-1 tcp-map Chapter 31 tcp-map To define a set of TCP normalization actions, use the tcp-map command in global configuration mode. The TCP normalization feature lets you specify criteria that
More informationMonitoring WAAS Using WAAS Central Manager. Monitoring WAAS Network Health. Using the WAAS Dashboard CHAPTER
CHAPTER 1 This chapter describes how to use WAAS Central Manager to monitor network health, device health, and traffic interception of the WAAS environment. This chapter contains the following sections:
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationUser authentication configuration example 11 Command authorization configuration example 13 Command accounting configuration example 14
Contents Logging in to the CLI 1 Login methods 1 Logging in through the console or AUX port 2 Logging in through Telnet 5 Telnetting to the switch 5 Telnetting from the switch to another device 7 Logging
More informationConfiguring VRRP. Finding Feature Information. Contents
Configuring VRRP First Published: May 2, 2005 Last Updated: July 30, 2010 The Virtual Router Redundancy Protocol (VRRP) is an election protocol that dynamically assigns responsibility for one or more virtual
More informationGrandstream Networks, Inc. UCM series IP PBX Security Manual
Grandstream Networks, Inc. UCM series IP PBX Security Manual Table of Contents OVERVIEW... 4 WEB UI ACCESS... 5 UCM HTTP Server Access... 5 Protocol Type... 5 User Login... 6 Login Settings... 8 User Management
More informationthrough ftp-map Commands
CHAPTER 12 12-1 email Chapter 12 email To include the indicated email address in the Subject Alternative Name extension of the certificate during enrollment, use the email command in crypto ca trustpoint
More informationContent Switching Module with SSL Commands
CHAPTER 2 This chapter contains an alphabetical listing of the commands necessary to configure the CSM-S. These commands are unique to server load-balancing (SLB) and Layer 3 switching. 2-1 arp Chapter
More informationExtended ACL Configuration Mode Commands
Extended ACL Configuration Mode Commands To create and modify extended access lists on a WAAS device for controlling access to interfaces or applications, use the ip access-list extended global configuration
More informationViewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418
This chapter describes how to maintain the configuration and firmware, reboot or reset the security appliance, manage the security license and digital certificates, and configure other features to help
More informationConfiguring Authentication Proxy
The Cisco IOS Firewall Authentication Proxy feature provides dynamic, per-user authentication and authorization, authenticating users against industry standard TACACS+ and RADIUS authentication protocols.
More information