Which of the following are true when attempting to deny access to file types?
C
Which of the following steps have to be performed to support Kerberos Authentication?
(Choose all that apply)
(a) A virtual URL that resolves to the IP of the ProxySG.
(b) Registering the BCAAA as a Service Principal Name.
(c) Configuring IWA Realm.
(d) Configuring Explicit Proxy.
D
Which of the following statements are true? (Choose all that apply)
(a) The SGOS object store utilizes a directory structure so that objects in cache can be accessed
rapidly
(b) Information about a single object in cache be retrieved from the Management console or the CLI
(c) There are two object caches, the object cache which resides on disk and the object cache which
resides in RAM
(d) The SGOS object store is separated by protocol (HTTP cache, FTP cache, etc.)
A
The ProxySG acts as both an ICAP client and ICAP server.
A
Which of the following statements are true about Reverse Proxy deployment?(Choose all that apply)
(a) Forwarding hosts in the forwarding file must be defined as "server" style
(b) Default-scheme in forwarding file is supported
(c) Protocol conversion between HTTPS <- ->HTTP are automatic
(d) ProxySG should be set with default DENY policy
B
Which of the following statements are true about ProxySG Protocol Detection feature?
(Choose all that apply)
(a) Protocol detection is performed on the server's response.
(b) Protocol detection is performed on the client's request.
(c) Enabling Detect Protocol option will automatically enable early intercept attribute in proxy
services.
(d) Protocol detection is performed by looking at the TCP port number.
D
url.regex=!\.html$ d\ DENY
What is the effect of the above CPL code?
B
Which of the following statements are true about dynamic bypass list? (Choose all that apply)
(a) Configured polices will not be enforced on client request if the request matches an entry in the
bypass list.
(b) Dynamic bypass entries are lost when ProxySG is restarted
(c) If request made to a site in a forwarding policy is in the bypass list, the site is inaccessible
(d) Dynamic bypass parameters can be configured on Management Console and CLI.
B
You can NOT use a self-signed certificate when intercepting SSL traffic.
B
What criterion is NOT used to determine location awareness of a ProxyClient
C
Which method of controlling downloads of certain file types works fastest on ProxySG?
C
A cookie without an expire value will___
B
Which of the following hostnames are NOT matched by the regular expression “www (0 9) (0-9)? \
.foo\ .com”)
A
The Content-encoding header is used to declare the MIME type and compression method used in a
HTTP response.
A
Which of the following are obvious advantages of having a ProxySG deployed in a Reverse Proxy
environment? (Choose all that apply)
(a)The ProxySG has built in DOS protection to guard the actual web server from denial-ofservice
attacks
(b) Increased performance with caching provides an improved Web Experience
(c) Consistent default behavior of cache expiration and validation directives
(d) SSL termination on ProxySG allow SSL offloading, therefore eliminating bottleneck on the web
server side.
C