prepking 920-235 exam questions

8/6/2019 Prepking 920-235 Exam Questions

1/11

www.prepking.com

Exam : Nortel 920-235

Title : Nortel VPN Gateway Rls.7.0

Configuration & Management

Version : R6.1


2/11

www.prepking.com

Prepking - King of Computer Certification

Important Information, Please Read Carefully

Other Prepking products

A) Offline Testing engine

Use the offline Testing engine product to practice the questions in an exam environment.

B) Study Guide (not available for all exams)

Build a foundation of knowledge which will be useful also after passing the exam.

Latest Version

We are constantly reviewing our products. New material is added and old material is

updated. Free updates are available for 90 days after the purchase. You should check yourmember zone at Prepking and update 3-4 days before the scheduled exam date.

Here is the procedure to get the latest version:

1.Go towww.Prepking.com

2.Click on Member zone/Log in (right side)

3. Then click My Account

4.The latest versions of all purchased products are downloadable from here. Just click the

links.

For most updates,it is enough just to print the new questions at the end of the new version, not the whole

document.

Feedback

If you spot a possible improvement then please let us know. We always interested in

improving product quality.

Feedback should be send to [email protected]. You should include the following:

Exam number, version, page number, question number, and your login ID.

Our experts will answer your mail promptly.

Copyright

Each PDF file contains a unique serial number associated with your particular name and

contact information for security purposes. So if we find out that a particular PDF file is

being distributed by you, Prepking reserves the right to take legal action against youaccording to the International Copyright Laws.

Explanations

This product does not include explanations at the moment. If you are interested in

providing explanations for this exam, please contact [email protected]..


3/11

www.prepking.com

1. How does TunnelGuard protect the network after a user has authenticated to the Portal?

A. The TunnelGuard agent checks the client machine for keyboard loggers and other malicious

applications.

B. The TunnelGuard agent checks the client machine for policy compliance at boot up and restricts network

access on failure.

C. The TunnelGuard agent periodically checks the client machine for policy compliance and restricts

network access on failure.

D. The TunnelGuard agent continually checks the client machine for suspicious activity, restricts network

access, and reports problems to the network administrator.

Answer: C

2. Which types of certificates must be installed on the Nortel VPN Gateway (NVG) to enable end-to-end

encryption?

A. client certificate installed on NVG, client certificate installed on backend server(s)

B. client certificate installed on NVG and server certificate installed on backend server(s)

C. client certificate installed on NVG and server certificate installed on backend server(s)

D. server certificate installed on NVG and server certificate installed on backend server(s)

Answer: D

3. Which attribute(s) can be specified in an access rules definition?

A. IP address only

B. IP address and TCP/UDP portC. IP address, TCP/UDP port, and application path

D. IP address, TCP/UDP port, application path, and cookie value

Answer: C

4. Which feature allows you to configure a policy that requires a client to have a trusted certificate in order

to authenticate?

A. client filter


4/11

www.prepking.com

B. server filter

C. TunnelGuard

D. authentication filter

Answer: A

5. Which CLI area enables you to configure authentication methods?

A. /cfg/sys/aaa

B. /cfg/vpn #/aaa

C. /cfg/ssl/aaa/auth

D. /cfg/sys/aaa/remote

Answer: B

6. Which statement is correct with respect to PortalGuard?

A. VPN authorization is disabled.

B. VPN authentication is disabled.

C. No additional license is required.

D. Users must log into the Portal before accessing the backend Portal.

Answer: B

7. Which statement is correct with respect to WTS links?

A. Only Internet Explorer is supported.

B. The WTS link cannot be pre-configured with client settings.

C. An embedded ICA client applet runs in any Web browser version.

D. An embedded RDP client applet eliminates the need for a locally installed version.

Answer: D

8. How would a service provider differentiate backend customer networks in a hosted VPN solution?

A. It would assign a unique VLAN ID to each customer.

B. It would assign a unique Portal IP address to each customer.

C. It would assign unique user account names to each customer.

D. It would assign a dedicated authentication server to each customer.

Answer: A

9. Which protocol does the Nortel VPN Gateway use to secure branch office tunnels?A. IKE

B. IPSec

C. HTTPS

D. SOCKS-over-SSL

Answer: B

10. How is the SSL VPN client deployed to a client machine?


5/11

www.prepking.com

A. It is installed along with the NetDirect client.

B. It is automatically installed when the user connects to the Web Portal.

C. It must be installed prior to the client connecting to the Nortel VPN Gateway.

D. It is manually downloaded and installed after the user authenticates to the Web Portal.

Answer: C

11. Which Nortel VPN Gateway feature allows service providers to offer hosted VPN services?

A. NetDirect

B. PortalGuard

C. TunnelGuard

D. Secure Services Partitioning

Answer: D

12. Which feature must be enabled in Internet Explorer to support the IE Cache Wiper?

A. Java VM

B. WebDAV

C. Active X

D. Direct X

Answer: C

13. Which authentication method should be used to query an Active Directory user database?

A. Local

B. LDAP

C. NTLM

D. RADIUS

Answer: B

14. Which attribute of a certificate does a Certificate Revocation List (CRL) reference?

A. issue date

B. serial number

C. period of validity

D. subject public key

Answer: B15. Which Nortel SSL device supports only SSL acceleration (i.e., no VPN support)?

A. VPN Gateway 3050

B. SSL VPN Module 1000

C. Application Switch 2424-SSL

D. Ethernet Routing Switch 8661 SAM

Answer: D


6/11

www.prepking.com

16. When connecting to a Nortel VPN Gateway cluster via SSH, to which IP address should you connect?

A. portal IP

B. virtual IP

C. interface IP

D. management IP

Answer: D

17. Which CLI area displays the operational state of all devices in a Nortel VPN Gateway cluster?

A. /info/isdlist

B. /info/isdstate

C. /info/isdcur

D. /info/MIP/state

Answer: A

18. If the Nortel VPN Gateway is correctly configured for SSL acceleration but you cannot get a Web page

response, which three reasons could be the cause? (Choose three.)

A. The SSL server is not listening on the correct port.

B. The front-end switch does not recognize the SSL headers.

C. The VIP is not set to load balance the decrypted HTTP service.

D. The VPN Gateway is not in the same subnet as the Web server.

E. Filtering has not been enabled on the correct Nortel Application Switch ports.

Answer: ACE

19. What differentiates the Clientless and Enhanced Clientless browser access modes?

A. user groups

B. Java applets

C. authentication

D. full network access

Answer: B

20. If the admin account password has been lost and there are no other accounts that belong to the admin

group, how do you regain access to the admin account?

A. Login as the oot user and use the passwd command to reset the admin password.B. Login as the per user and use the configuration menu to reset the admin password.

C. Login as the oot user and use the configuration menu to reset the admin password.

D. Login as the oot user and perform a factory installation to set a new admin password.

Answer: D

21. The Nortel VPN Gateway has been configured with a valid certificate and SSL acceleration has been

correctly configured. However, the backend Web servers are not listening on the correct port. What will you


7/11

www.prepking.com

see in the Web browser when you attempt to connect to the SSL Virtual IP address?

A. the Browser-based Interface of the Nortel VPN Gateway

B. HTTP 302 redirect to the site specified in the SSL server configuration

C. a "Cannot contact web server" message because the backend server request timed out

D. a security warning resulting from an untrusted certificate from the SSL server

Answer: C

22. Which three features require license installation? (Choose three.)

A. PortalGuard

B. WholeSecurity

C. Virtual Desktop

D. SSL Acceleration

E. Secure Service Partitioning

Answer: ACE

23. How does the Nortel VPN Gateway provide end-to-end SSL security?

A. It routes SSL traffic from clients directly to backend servers.

B. The backend servers initiate a secure connection to clients through the VPN Gateway.

C. It establishes an SSL session with backend servers and proxied re-encrypted traffic from SSL clients.

D. It terminates client HTTPS sessions and initiates HTTP sessions to back end servers.

Answer: C

24. Which protocol does the NetDirect VPN client use to secure communications between the client and the

VPN Gateway?

A. IKE

B. SSL

C. IPsec

D. HTTPS

Answer: B

25. Which attribute(s) can be specified in a network definition?

A. single IP address only

B. destination subnet or host nameC. source and destination IP address

D. source and destination IP address range (lower and upper IP)

Answer: B

26. Which action can the oot user perform?

A. FTP software image installation

B. serial software image download


8/11

www.prepking.com

C. recovery of a lost admin password

D. CD image software image installation

Answer: A

27. Which protocol does the Web Portal use to facilitate the Port Forwarder applet?

A. ICMP

B. IPsec

C. SNMP

D. SOCKS

Answer: D

28. Which CLI area will display the versions of code stored on the Nortel VPN Gateway?

A. /cfg/sys/software/cur

B. /boot/software/cur

C. /boot/code/current_version

D. /boot/load/software

Answer: B

29. Which benefit does SSL acceleration provide with respect to client session persistency?

A. It enables persistency to be based on session count.

B. It enables persistency to be based on the cookie name and value.

C. It enables persistency to be based source IP address and TCP port.

D. It enables persistency to be based destination IP address and TCP port.

Answer: B

30. Which CLI area will display the configured Syslog servers?

A. /cfg/sys/syslog/list

B. /cfg/sys/syslog/show_ip

C. /cfg/system/syslog/cur

D. /cfg/sys/server/cur

Answer: A

31. When a client machine fails the TunnelGuard SRS policy compliance check, how can the client session

be handled?A. The Nortel VPN Gateway can either tear down the session or allow restricted access.

B. The Nortel VPN Gateway will teardown the session and disable client login for a specified interval.

C. The Nortel VPN Gateway will allow restricted access, but it will not check the client machine again.

D. The Nortel VPN Gateway will allow restricted access and log the user's network activity to a remediation

server.

Answer: A


9/11

www.prepking.com

32. Which protocol manages the exchange of key information?

A. AH

B. IKE

C. ESP

D. IPsec

Answer: B

33. Which CLI menu is used for system diagnostics and troubleshooting?

A. info

B. boot

C. maint

D. stats

Answer: C

34. How does the Virtual Desktop feature provide client endpoint security after it is launched?

A. It encrypts all user files with a user-defined password.

B. It allows new files to be encrypted and stored locally on the client machine.

C. The client session activity is encrypted and erased when the session ends.

D. The client disk activity is logged and checked against known malicious software signatures.

Answer: C

35. Which Nortel VPN Gateway feature allows service providers to offer managed SSL and IPsec VPN

solutions?

A. PortalGuard

B. Split Networks

C. Secure Service Partitioning

D. Single System Image clustering

Answer: C

36. On the Portal login page, which option in the Login Service drop-down list uses a pre-ordered list of

authentication methods?

A. portal

B. defaultC. authorder

D. pre-defined

Answer: B

37. What does the VPN Quick Setup Wizard help an administrator configure?

A. basic Web portal

B. DNS server access


10/11

www.prepking.com

C. remote access tunnel

D. basic VPN Gateway cluster

Answer: A

38. Which client filters are created by the TunnelGuard Quick Setup Wizard?

A. tg_pass, tg, fail

B. tg_passed, tg_failed

C. tg_passed, tg_notpassed

D. tg_accepted, tg_failed

Answer: B

39. How does Split Administration facilitate system management?

A. The service provider manages the entire VPN Gateway configuration.

B. The customer is granted management access to their own VPN domain via CLI and BBI.

C. The service provider manages the global configuration and the customer manages their own Portal

configuration.

D. The customer is granted the ability to create new VPN domains.

Answer: C

40. Which tabs are available on the Portal page when the user type is set to advanced?

A. Home, Files, and Advanced

B. Home, Access, Tools, Advanced

C. Home, Files, Tools and Advanced

D. Home, Documents, Tools, Advanced

Answer: C

41. Which statement best describes the Web Portal?

A. It is a browser-based single point of access for web-based email solutions.

B. It is a web-based interface allowing remote access to Intranet resources via an SSL connection.

C. It is a secure end-to-end solution providing IP routing, WAN connectivity and IPsec security for the

enterprise.

D. It is a web-based VPN solution that provides secure network access via IPsec tunnels.

Answer: B42. Which process uses a complex mathematical computation to verify the integrity of the transmitted data?

A. encryption

B. cryptography

C. one-way hash

D. key generation

Answer: C


11/11

100% Pass Guaranteed or Full RefundWord to Word Real Exam Questions from Real Test

Buy full version of exam from this link belowhttp://www.prepking.com/920-235.htm