Ensurepass

Question 291

Which of the following methods is NOT used by Identity Awareness to catalog identities?

A. AD Query

B. GPO

C. Captive Portal

D. Identity Agent

 

Answer: B

 

 

Question 292

When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?

A. Leveraging identity in the application control blade

B. Identity-based enforcement for non-AD users (non-Windows and guest users)

C. Identity-based auditing and logging

D. Basic identity enforcement in the internal network

 

Answer: B

 

 

Question 293

The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

A. Leveraging identity for Data Center protection

B. Protecting highly sensitive servers

C. When accuracy in detecting identity is crucial

D. Identity based enforcement for non-AD users (non-Windows and guest users)

 

Answer: D

 

 

Question 294

Which of the following is NOT a valid option when configuring access for Captive Portal?

A. According to the Firewall Policy

B. From the Internet

C. Through internal interfaces

D. Through all interfaces

 

Answer: B

 

 

Question 295

How granular may an administrator filter an Access Role with identity awareness?

A. Windows Domain

B. AD User

C. Radius Group

D. Specific ICA Certificate

 

Answer: B

 

 

Question 296

Can you use Captive Portal with HTTPS?

A. No, it only works with FTP

B. Yes

C. No, it only works with FTP and HTTP

D. No, it only works with HTTP

 

Answer: B

 

 

Question 297

Which of the following is NOT defined by an Access Role object?

A. Source Network

B. Source User

C. Source Machine

D. Source Server

 

Answer: D

 

 

Question 298

In which Rule Base can you implement a configured Access Role?

A. DLP

B. Mobile Access

C. Firewall

D. IPS

 

Answer: C

 

 

Question 299

Access Role objects define users, machines, and network locations as:

A. One object

B. Credentialed objects

C. Separate objects

D. Linked objects

 

Answer: A

 

 

Question 300

Where do you verify that SmartDirectory is enabled?

A. Verify that Global Properties > SmartDirectory (LDAP) > Use SmartDirectory (LDAP) for Security Gateways is checked

B. Verify that Global Properties > Authentication > Use SmartDirectory (LDAP) for Security Gateways is checked

C. Verify that Security Gateway > General Properties > Authentication > Use SmartDirectory (LDAP) for Security Gateways is checked

D. Verify that Security Gateway > General Properties > SmartDirectory (LDAP) > Use SmartDirectory (LDAP) for Security Gateways is checked

 

Answer: A