NS0 910

Exam : NS0-910
Title : Network Appliance NetCache Internet Access

and Security

Ver : 08-27-08
NS0-910

Actualtests.com - The Power of Knowing

QUESTION 1
Given the following entry from the Web Access log, with the default access log format, what does
the entry "bob" signify?
1098830250.899 0.001 10.41.72.45 TCP_HIT_ACCESS_DENIED/407 496 GET
http://www.cnn.com/bob - ""

A. the user making the request
B. the hostname of the appliance
C. the page on the CNN site
D. the client hostname making the request

Answer: A

QUESTION 2
What is the command to view the names and locations ot the log tiles from the command line?

A. log -I
B. nclog -I
C. nclog-va
D. show config.admin.log

Answer: B

QUESTION 3
Given the following log entry from the Web Access log, with the default access log format, what
does DIRECT mean?
1093891725.752 0.080 10.32.10.92 TCP_MISS/200 10177 GET http:/twww.sbgs.org/sbgs.htm -
DIRECT/209.68.147.66 'text/html"

A. The object must be retrieved from a parent cache.
B. The requested URL resides outside the firewall, and the URL maps to no parents or
neighbors.
C. The URL was fetched from the source.
D. This NetCache has no valid parents or neighbors.

Answer: C

QUESTION 4
What is the difference between TCP_MISS/200 and TCP_HIT/200?

A. The "miss" means that the requested object could not be found and an error is returned to the
client. The "hit" means that TOP is used.
B. The "miss" means...that the NetCache will use UDP instead. A "hit" means that TCP is used.
C. He "miss" means...retrieved by the NetCache appliance. The "hit" means that the NetCache
appliance already.
NS0-910


D. The "miss" means that the object was in the cache but not available because either its TTL
expired or the entry was flagged by a third party content filter such as a virus scanner. The
"hit" means that the TTL was still current.

Answer: C

QUESTION 5
Given the following entry from the Web Access log, what is the first column?
1098830250.899 0.001 1041.72.45 TCP_HIT_ACCESS_DENIED/407 496 GET
http:/tnw.cnn.com/bob - ""

A. the size in bits
B. the time stamp in Greenwich standard time
C. the ID of the request
D. the time stamp in UNIX epoch time

Answer: D

QUESTION 6
Which protocol entries are recorded in the Web access log file?
A- HTTP, FTP, RTSP
B. HTTP, FTP, Gopher
C. RTSP, NNTP
D. Telnet, SNMP, SSH

Answer: B

QUESTION 7
Of the following choices, which TWO are paths to configure logging? (Choose 2)

A. Setup > System > Logging
B. Setup > Maintenance > Logging
C. Setup > HTTP> Logging
D. Setup > Utilities> Logging

Answer: A, C

QUESTION 8
The NetCache appliance supports up to _____ SNMP communities.

A. 4
B. 8
C. 16
D. 32

Answer: B
NS0-910


QUESTION 9
Which FOUR cache control headers below are valid? (Choose 4)

A. Cache-Control: no-cache
B. Pragma: do-not-cache
C. Cache-Control: no-store
D. Cache-Control: private
E. Pragma: no-cache

Answer: A, C, D, E

QUESTION 10
A router performs which one of the following functions for NetCache proxies?

A. It fragments large packets into smaller chunks that the NetCache appliance can handle.
B. It tags Ether channel packets for pre-processing.
C. It delivers inbound packets from other networks and sends outbound packets destined for
other networks.
D. It strips virus packets out before they can infect the NetCache appliance.

Answer: C

QUESTION 11
Which ICAP vectoring method does the anti-virus scanning use?

A. RESPMOD_PRECACHE
B. REQMOD_PRECACHE
C. RESPMOD_POSTCACHE
D. REQMOD_POSTCACHE

Answer: A

QUESTION 12
Which TWO of the following can be performed by using a proxy.pac file? (Choose 2)

A. provide for failover protection
B. check web pages for worms or viruses
C. distribute requests to different NetCache proxy servers
D. shut down the computer if the user doesn't authenticate promptly

Answer: A, C

QUESTION 13
Given the following service farm configuration, which request will be directed to the ICAP
application?
NS0-910


config.icapv1 .farm3.attr = \\marketing_req_precache REQMOD_PRECACHE on rr on weak

A. Requests about to be initiated by NetCache to the server
B. Requests from the client before NetCache has initiated a request to the server
C. Requests from the client after NetCache has initiated a request to the server
D. Responses to requests initiated by NetCache after being cached on disk
E. Responses to requests initiated by NetCache before being cached on disk

Answer: B

QUESTION 14
Where is authentication server information logged?

A. Web Access log
B. Messages log
C. FTP log
D. client browser
E. SMB Instant Messaging

Answer: B

QUESTION 15
What is the advantage of using multiple authentication servers with a NetCache appliance?

A. NetCache will deny requests if authentication isn't provided within 200ms.
B. They ensure authenticated access if authentication server fails.
C. They ensure authenticated access across multiple domains.
D. Authentication uses encryption and is CPU-intensive.

Answer: B

QUESTION 16
Which FOUR are licensed protocols? (Choose 4)

A. DNS caching
B. ICAP
C. HTTPS Proxy
D. HTTP Proxy
E. GRM Server

Answer: B, C, D, E

QUESTION 17
Which FOUR are key steps in the authentication process? (Choose 4)

A. verify protocol authentication settings (authenticates the user)
NS0-910


B. verity ACL permission settings for the applicable group in the NetCache user database
C. verify whether SmartFilter or WebWasher DynaBLocator denies the request
D. verify connectivity to logging server
E. allow or deny the request, based on the results of the authentication process

Answer: A, B, C, E

QUESTION 18
Which FOUR will best prevent client disruption caused by hardware failure when using multiple
proxies? (Choose 4)

A. load balancer
B. round-robin DNS
C. direct browser configuration
D. transparency utilizing WCCP
E. autoconfiguration using a proxy.pac file

Answer: A, B, D, E

QUESTION 19
Which TWO of the following server types can function as a logging target for NetCache? (Choose
2)

A. FTP
B. CIFS
C. HTTP
D. NFS

Answer: A, C

QUESTION 20
Which FOUR steps are necessary to test that authentication is working properly with NTLM?
(Choose 4)

A. configure NTLM authentication
B. add the appropriate ACLs to use authentication
C. visit a Web site through the NetCache proxy
D. inspect the Web Access log files for authentication activity
E. enable packet tracing with pktt and analwe the results

Answer: A, B, C, D

QUESTION 21
________ consistency should be used for service farms that run more than one version of a
service, and differences in results are expected to be minor and not noticeable.

NS0-910


A. Strong
B. Weak
C. IBW
D. Mixed

Answer: B

QUESTION 22
Which TWO are most probable side-effects of authentication in a transparent deployment?
(Choose 2)

A. In a Network Address Translation environment, users may obtain shared privileges, never be
challenged, or both.
B. Its conformance with HTTP 1.1 specification is lost.
C. It reduces the number of authentication prompts to the end user.
D. It simplifies setup of the NetCache and authentication server.

Answer: A, B

QUESTION 23
Given the following service farm configuration, which requests will be scanned by the ICAP
server? config.icapv1 .farm0.attr = \\marketing_resp RESPMOD_PRECACHE on rr on weak

A. responses before being sent to NetCache
B. responses from NetCache
C. responses before being sent to the ICAP server
D. responses from the Internet

Answer: C

QUESTION 24
Which ACL action is used to send a REQMOD_PRECACHE request to an ICAP service without
processing additional ACLs?

A. icap
B. icap_now
C. attribute
D. ad idap

Answer: B

QUESTION 25
In what TWO places do you enter License keys? (Choose2)

NS0-910


A. command line with the license command
B. the Appliance Manager
C. SNMP agents.
D. the admin host or domain controller

Answer: A, B

QUESTION 26
Which vector point is used to route an object to the ICAP server from NetCache, but before the
data is requested from the Web server?

A. REQMOD_PRECACHE
B. REQMOD_PDSTCACHE
C. RESPMOD_PRECACHE
D. RESPMOD_POSTCACHE

Answer: B

QUESTION 27
Which THREE are advantages of using NetCache as an accelerator? (Choose 3)

A. It can offload traffic from a Web server.
B. It shields a Web server from the Internet.
C. It reduces firewall workload.
D. It places content closer to the user.

Answer: A, B, C

QUESTION 28
Which authentication methods, used to receive client credentials, are performed once per
connection instead of performed once per request?

A. NTLM and Kerberos
B. LDAP and Basic
C. FTP and NTP
D. RADIUS and challenge-response

Answer: A

QUESTION 29
Which THREE are access methods for the NetCache appliance? (Choose 3)

A. transparent (indirect) access
B. non-transparent (direct) access
C. request routing for content distribution networks
D. protocol routing for content distribution networks
NS0-910


Answer: A, B, C

QUESTION 30
When NetCache is implemented as a reverse proxy (accelerator), which FOUR of the following
protocols can be accelerated? (Choose 4)

A. HTTP
B. NTP
C. MMS
D. RTSP
E. HTTPS

Answer: A, C, D, E

QUESTION 31
Which THREE of these Internet protocols are supported for ICAP virus scanning? (Choose 3)

A. HTTP
B. FTP
C. HTTPS
D. HTTP over FTP

Answer: A, B, D

QUESTION 32
Which THREE are necessary for capacity planning? (Choose 3)

A. number of users
B. operating systems of users
C. type of work or activity
D. expected load at peak intervals

Answer: A, C, D

QUESTION 33
What is the difference between the following two ACLs?
Deny url matches "."\.org"
Deny server-domain contains "org'

A. The first ACL reads the entire URL, the second ACL reads only the server-domain field in the
URL.
B. The first ACL is more efficient because it uses regular expressions and will match more UPLs.
NS0-910


C. The first ACL is a syntax that is specific to the HTTP protocol only, while the second URL is a
general purpose ACL.
D. The first ACL uses incorrect syntax and will cause an error message. The second ACL is
correct.

Answer: A

QUESTION 34
What is the result of the following ACL?
allow serier-ip 216.240.23.27 and server-port 80 deny any

A. Objects from a server with the IP address of 216.240.23.27 andfrom port 80 are allowed.
B. Objects requested by a client 216.240.23.27 on the client's port so are allowed.
C. All requests are denied unless the request is coming from 216.240.23.27 and enters the
cache on the cache port 80.
D. Allow server-ip 215.240.23.27 to use the cache's port 80.

Answer: A

QUESTION 35
Assuming access control is based purely upon a successful validation of credentials received
from a client, then, where NTLM Authentication is required, the correct sequence involving a
HTTP request is:
1. NetCache retrieves object from server.
2. Client requests object credentials are included.
3. Client requests object; credentials are not included.
4. NetCache tells client to send credentials.
5. Domain Controller sends result of validation of credentials.
6. NetCache asks Domain Controller if credentials are valid.
7. NetCache serves object to client.

A. 3,4,2,1,6,5,7
B. 2, 1,6,5,7
C. 3,4,2,6,5,1,7
D. 2, 6,5,1,7

Answer: C

QUESTION 36
What benefit does SecureAdmin provide for administration?

A. It creates a more stable environment by providing the administrator with an easy-to-use
interface for creating backup procedures and managing multiple caches from one central
location.
B. It forces administrators to authenticate any hosts requesting access to the NetCache
appliance.
NS0-910


C. It deeply reduces performance because it causes all traffic to be encrypted.
D. It provides a secure environment for administrating the NetCache appliance.

Answer: D

QUESTION 37
When used with SmartFilter, which of the following ACLs will prohibit job searches by the group
finance during business hours?

A. Allow not smartfilter Job_Search and time 9am - 5pm day mon - fri
B. deny smartfilter Job_Search and time 9am - 5pm day mon - fri
C. deny job search group finance 9am - 5pm mon - fri
D. deny group finance and smartfilter Job_Search and time 9am - 5pm and day mon - fri

Answer: D

QUESTION 38
When a NetCache joins a native Windows 2000 or 2003 domain, it uses _________
authentication for the join process.

A. NTLM
B. LDAP
C. Kerberos
D. RADIUS

Answer: C

QUESTION 39
What is the difference between deny and allow not?

A. The deny denies the request and stops the evaluation, while the allow not allows all requests
except for those that match the criteria after the "not."
B. The deny denies the request and continues evaluation, while the allow not only continues
evaluations for requests that meet the criteria specified after the "not."
C. The deny allows all requests that match its criteria and denies all other requests, while the
allow not denies everything except for those requests that match its criteria.
D. They both give the same result.

Answer: A

QUESTION 40
What is the difference between the icap command and the icap_now command?

A. The icap command directs requests to the ICAP application after all other ACLs are
evaluated; the icap_now command is used to force requests to be directed to the ICAP
application first.
NS0-910


B. The icap command is used to force requests to be directed to the ICAP application first; the
icap_now command directs requests to the icap_now application after all other ACLs are
evaluated.
C. The icap_now command is used to modiN the requests before sending to the other ACLs for
evaluation; The icap command specifies to send requests to the ICAP application for filtering
before evaluating all other ACLs.
D. The icap command directs requests to the ICAP application before requests are evaluated by
the other ACLs; the icap_now command specifies to use the ICAP application only for
evaluation.

Answer: A

QUESTION 41
Which THREE require authentication? (Choose 3)

A. HTTPS
B. NNTP
C. Gopher
D. DNS

Answer: A, B, C

QUESTION 42
The vectoring point, REQMOD_PRECACHE, is used to adapt content_______________

A. coming into NetCache from the client
B. going from NetCache to the ICAP server
C. coming into NetCache from the ICAP server
D. going from NetCache to the client

Answer: A

QUESTION 43
When using on-box filters with ACLs, what is the precedence of the ACL settings?

A. group authentication, ACLs, and then the filter
B. the filter, ACLs, then authentication
C. ACLs, group authentication, and then the filter
D. the filter, authentication, then ACLs

Answer: C

QUESTION 44
Where in the GUI can you define the port used to accept http traffic?
NS0-910


A. Setup> Maintenance > System Control
B. Setup>Ports>HTTP
C. Setup> HTTP > General ?HTTP Proxy Ports
D. Setup> HTTP > Web Server Acceleration

Answer: C

QUESTION 45
Given the following ACL, if Bob is in group 1, when is he allowed?
> allow group grp1 and time 9:00am - 5:00pm > deny group grp2 > deny any

A. Bob has access between 9:00 AM through 5:00 PM.
B. Bob has access after 5:00 PM and until 9:00 AM.
C. Bob has access regardless of the time because he is in group 1.
D. Bob has access either when he is a member of group 1 or between 9:00 AM and 5:00 PM.

Answer: A

QUESTION 46
Which TWO implementations are required for setting up transparency with WCCP? (Choose 2)

A. The WCCP router must be located where a firewall that uses Network Address Translation
(NAT) is not located between the WCCP and the NetCache appliance.
B. The WCCP router must be located so that it can view all network traffic for the clients that it is
expected to serve.
C. The WCCP router has to be directly connected to the proxy'.
D. The WCCP router must be located where a firewall that uses Network Address Translation
(NAT) is located between the WCCP and the NetCache appliance.

Answer: A, B

QUESTION 47
What is the default administration port?

A. 3128
B. 8080
C. 3132
D. 9090

Answer: C

QUESTION 48
The SecureAdmin feature uses _____________ to securely replace _____________
NS0-910


and________

A. Kerberos, SSH, and HTTPS
B. SSH, Telnet, and RSH
C. RSH, Telnet, and SSH
D. SSH, HTTPS, and LDAP

Answer: B

QUESTION 49
What protocols does the SecureAdmin support?

A. HTTPS and FTP.
B. SSH and SSL
C. RTSP and MMS
D. NTLM, Kerberos, and LDAP

Answer: B

QUESTION 50
Which of the following ACL5 will limit the ability to administer the NetCache to a specific
computer?

A. auth client-ip [IP address]: 3132
B. allow client-ip [IP address]: 3132
C. reauth client-ip [IP address]: 3128
D. allow client-ip [IP address]: 3128

Answer: B

QUESTION 51
Given the following service farm configuration, which requests will be scanned by the ICAP
server?
config.icapv1 .farm0.attr = \\marketing_resp RESPMOD_PRECACHE on rr on weak

A. responses before being sent to NetCache
B. responses from NetCache
C. responses before being sent to the CAP server
D. responses from the Internet

Answer: C

QUESTION 52
Which authentication methods, used to receive client credentials, are performed once per
connection instead of performed once per request?

NS0-910


A. NTLM and Kerberos
B. LDAP and Basic
C. FTP and NTP
D. RADIUS and challenge-response

Answer: A

QUESTION 53
Which THREE of these Internet protocols are supported for ICAP virus scanning? (Choose 3)

A. HTTP
B. FTP
C. HTTPS
D. HTTPoverFTP

Answer: A, B, D

QUESTION 54
Which THREE are necessary for capacity planning? (Choose 3)

A. number of users
B. operating systems of users
C. type of work or activity
D. expected load at peak intervals

Answer: A, C, D

QUESTION 55
In what TWO places do you enter License keys? (Choose2)

A. command line with the license command
B. the Appliance Manager
C. SNMP agents.
D. the admin host or domain controller

Answer: A, B

QUESTION 56
Which THREE are access methods for the NetCache appliance? (Choose 3)

A. transparent (indirect) access
B. non-transparent (direct) access
C. request routing for content distribution networks
D. protocol routing for content distribution networks
NS0-910


Answer: A, B, C

QUESTION 57
Which FOUR will best prevent client disruption caused by hardware failure when using multiple
proxies? (Choose 4)

A. load balancer
B. round-robin DNS
C. direct browser configuration
D. transparency utilizing WCCP
F. auto configuration using a proxy.pac file

Answer: A, B, D, E

QUESTION 58
Where is authentication server information logged?

A. Web Access log
B. Messages log
C. FTP log
D. client browser
E. SMB Instant Messaging

Answer: B

QUESTION 59
Given the following service farm configuration, which request will be directed to the ICAP
application? config.icapv1 .farm3.attr = \\marketing_req_precache REOMOD_PRECACHE on rr
on weak

A. Requests about to be initiated by NetCache to the server
B. Requests from the client before NetCache has initiated a request to the server
C. Requests from the client after NetCache has initiated a request to the server
D. Responses to requests initiated by NetCache after being cached on disk
E. Responses to requests initiated by NetCache before being cached on disk

Answer: B

QUESTION 60
Which TWO of the following can be performed by using a proxy.pac file? (Choose 2)

A. provide for failover protection
B. check web pages for worms or viruses
C. distribute requests to different NetCache pros servers
D. shut down the computer if the user doesn't authenticate promptly
NS0-910


Answer: A, C

QUESTION 61
A router performs which one of the following functions for NetCache proxies?

A. It fragments large packets into smaller chunks that the NetCache appliance can handle.
B. It tags Etherchannel packets for pre-processing.
C. It delivers inbound packets from other networks and sends outbound packets destined for
other networks.
D. It strips virus packets out before they can infect the NetCache appliance.

Answer: C

QUESTION 62
Which FOUR cache control headers below are valid? (Choose 4)

A. Cache-Control: no-cache
B. Pragma: do-not-cache
C. Cache-Control: no-store
D. Cache-Control: private
E. Pragma: no-cache

Answer: A, C, D, E

QUESTION 63
When NetCache is implemented as a reverse proxy (accelerator), which FOUR of the following
protocols can be accelerated? (Choose 4)

A. HTTP
B. NTP
C. MMS
D. RTSP
E. HTTPS

Answer: A, C, D, E

QUESTION 64
Which FOUR are key steps in the authentication process? (Choose 4)

A. verify protocol authentication settings (authenticates the user)
B. verity ACL permission settings for the applicable group in the NetCache user database
C. verify whether SmartFilter or WebWasher DynaBLocator denies the request
D. verify connectivity to logging server
NS0-910


E. allow or deny the request, based on the results of the authentication process

Answer: A, B, C, E

QUESTION 65
Which vector point is used to route an object to the ICAP server from NetCache, but before the
data is requested from the Web server?

A. REQMOD_PRECACHE
B. REQMOD_POSTCACHE
C. RESPMOD_PRECACHE
D. RESPMOD_POSTCACHE

Answer: B

QUESTION 66
Which TWO of the following server types can function as a logging target for NetCache? (Choose
2)

A. FTP
B. CIPS
C. HTTP
D. NFS

Answer: A, C

QUESTION 67
Which TWO are most probable side-effects of authentication in a transparent deployment?
(Choose 2)

A. In a Network Address Translation environment, users may obtain shared privileges, never be
challenged, or both.
B. Its conformance with HTTP 1.1 specification is lost.
C. It reduces the number of authentication prompts to the end user.
D. It simplifies setup of the NetCache and authentication server.

Answer: A, B

QUESTION 68
________ consistency should be used for service farms that run more than one version of a
service, and differences in results are expected to be minor and not noticeable.

A. Strong
NS0-910


B. Weak
C. lBW
D. Mixed

Answer: B

QUESTION 69
Which ICAP vectoring method does the anti-virus scanning use?

A. RESPMOD_PRECACHE
B. REQMOD_PRECACHE
C. RESPMOD_POSTCACHE
D. REQMOD_POSTCACHE

Answer: A

QUESTION 70
Which FOUR are licensed protocols? (Choose 4)

A. DNS caching
B. ICAP
C. HTTPS Proxy
D. HTTP Proxy
E. GRM Server

Answer: B, C, D, E

QUESTION 71
Which THREE are advantages of using NetCache as an accelerator? (Choose 3)

A. It can offload traffic from a Web server.
B. It shields a Web server from the Internet.
C. It reduces firewall workload.
D. It places content closer to the user.

Answer: A, B, C

QUESTION 72
Which FOUR steps are necessary to test that authentication is working properly with NTLM?
(Choose 4)

A. configure NTLM authentication
B. add the appropriate ACLs to use authentication
C. visit a Web site through the NetCache proxy
D. inspect the Web Access log files for authentication activity
E. enable packet tracing with pktt and analyzee the results
NS0-910


Answer: A, B, C, D

QUESTION 73
What is the advantage of using multiple authentication servers with a NetCache appliance?

A. NetCache will deny requests if authentication isn't provided within 200ms.
B. They ensure authenticated access if authentication server fails.
C. They ensure authenticated access across multiple domains.
D. Authentication uses encryption and is CPU-intensive.

Answer: B

QUESTION 74
Which ACL action is used to send a REQMOD_PRECACHE request to an ICAP service without
processing additional ACL5?

A. icap
B. icap_now
C. attribute
D. acl icap

Answer: B

QUESTION 75
The NetCache appliance supports up to _____ SNMP communities.

A. 4
B. 8
C. 16
D. 32

Answer: B

QUESTION 76
Which protocol entries are recorded in the Web access log rile?

A. HTTP, FTP, RTSP
B. HTTP, FTP, Gopher
C. RTSP,NNTP
D. Telnet, SNMP, SSH

Answer: B

NS0-910


QUESTION 77
Given the following entry from the Web Access log, what is the first column?
1098830250.899 0.001 10.41.72.45 TCP_HIT_ACCESS_DENIED/407 496 GET
http://www.cnn.com/bob - ""

A. the size in bits
B. the time stamp in Greenwich standard time
C. the ID of the request
D. the time stamp in UNIX epoch time

Answer: D

QUESTION 78
What is the difference between TOP_MISS/200 and TOP_HIT/200?

A. The "miss" means that the requested object could not be found and an error is returned to the
client. The "hit" means that TCP is used.
B. The "miss" means...that the NetCache will use UDP instead. A "hit" means that TOP is used.
C. he "miss" means...retrieved by the NetCache appliance. The "hit' means that the NetCache
appliance already.
D. The "miss" means that the object was in the cache but not available because either its TTL
expired or the entry was flagged by a third party content filter such as a virus scanner. The
"hit" means that the TTL was still current.

Answer: C

QUESTION 79
Of the following choices, which TWO are paths to configure logging? (Choose 2)

A. Setup> System> Logging
B. Setup> Maintenance > Logging
C. Setup> HTTP > Logging
D. Setup> Utilities > Logging

Answer: A, C

QUESTION 80
Given the following log entry from the Web Access log, with the default access log format, what
does DIRECT mean? 1093891725.752 0.080 10.32.10.92 TCP_MISS/200 10177 GET
http://www.sbgs.org/sbgs.htm - DIRECT/209 .68.147.66 "text/html"

A. The object must be retrieved from a parent cache.
B. The requested URL resides outside the firewall, and the URL maps to no parents or
neighbors.
NS0-910


C. The URL was fetched from the source.
D. This NetCache has no valid parents or neighbors.

Answer: C

QUESTION 81
What does the following ACL accomplish?
drop 300 server-domain worm .com

A. It asks any server from the domain 'worm.com" to return a 300 error message if it drops the
request.
B. It causes the appliance to drop any packets from any clients to servers in the domain "worm
.com" for 300 seconds.
C. It drops any errors in the 300 responses from any server in the domain "worm.com".
D. It requests that the appliance only cache packets coming from "worm.com" if the packet is
under 300 bytes in size.

Answer: B

QUESTION 82
What is the command to view the names and locations of the log files from the command line?

A. log -I
B. nclog -l
C. nclog -va
D. show config.admin.log

Answer: B

QUESTION 83
Which TWO implementations are required for setting up transparency with WCCP? (Choose 2)

A. The WCCP router must be located where a firewall that uses Network Address Translation
(NAT) is not located between the WCCP and the NetCache appliance.
B. The WCCP router must be located so that it can view all network traffic for the clients that it is
expected to serve.
C. The WCCP router has to be directly connected to the proxy.
D. The WCCP router must be located where a firewall that uses Network Address Translation
(NAT) is located between the WCCP and the NetCache appliance.

Answer: A, B

QUESTION 84
What is the difference between deny and allow not?

A. The deny denies the request and stops the evaluation, while the allow not allows all requests
NS0-910


except for those that match the criteria after the "not."
B. The deny denies the request and continues evaluation, while the allow not only continues
evaluations for requests that meet the criteria specified after the "not."
C. The deny allows all requests that match its criteria and denies all other requests, while the
allow not denies everything except for those requests that match its criteria.
D. They both give the same result.

Answer: A

QUESTION 85
The SecureAdmin feature uses _____________ to securely replace and ___________

A. Kerberos, SSH, and HTTPS
B. SSH, Telnet, and RSH
C. RSH, Telnet, and SSH
D. SSH, HTTPS, and LDAP

Answer: B

QUESTION 86
Which THREE require authentication? (Choose 3)

A. HTTPS
B. NNTP
C. Gopher
D. DNS

Answer: A, B, C

QUESTION 87
Given the following ACL, what will happen when a user with an lE browser attempts to go to the
ESPN Web site?

redirect "http://www.netapp.com" url matches "espn" and req-headers matches "MSIE"

A. They reach the page and it is cached by the NetCache appliance for future requests.
B. The users are redirected to http://www.netapp.com.
C. They can reach ESPN, but anyone trying to access http://www.netapp.com is redirected to the
ESPN Web site.
D. The user receives a pop-up showing that a patch from http://www.netapp.com will be
automatically downloaded before they can reach the ESPN Web site.

Answer: B

NS0-910


QUESTION 88
Which of the following ACLs will limit the ability to administer the NetCache to a specific
computer?

A. auth client-ip [IP address]: 3132
B. allow client-ip [IP address]: 3132
C. reauth client-ip [IP address]: 3128
D. allow client-ip [IP address]: 3128

Answer: B

QUESTION 89
What is the result of the following ACL?
allow server-ip 216.240.23.27 and sewer-port 60 deny any

A. Objects from a server with the IP address of 216.240.23.27 and from port 60 are allowed.
B. Objects requested by a client 216.240.23.27 on the client's port 60 are allowed.
C. All requests are denied unless the request is coming from 216.240.23.27 and enters the
cache on the cache port 60.
D. Allow server-ip 215.240.23.27 to use the cache's port 60.

Answer: A

QUESTION 90
When a NetCache joins a native Windows 2000 or 2003 domain, it uses authentication for the
join process.

A. NTLM
B. LDAP
C. Kerberos
D. RADIUS

Answer: C

QUESTION 91
What is the difference between the icap command and the icap_now command?

A. The icap command directs requests to the ICAP application after all other ACLs are
evaluated; the icap_now command is used to force requests to be directed to the ICAP
application first.
B. The icap command is used to force requests to be directed to the ICAP application first the
icap_now command directs requests to the icap_now application after all other ACLs are
evaluated.

NS0-910


C. The icap_now command is used to modify the requests before sending to the other ACLs for
evaluation; The icap command specifies to send requests to the ICAP application for filtering
before evaluating all other ACLs,
D. The icap command directs requests to the ICAP application before requests are evaluated by
the other ACLs; the icap_now command specifies to use the ICAP application only for
evaluation.

Answer: A

QUESTION 92
What is the difference between the following two ACLs?
Deny url matches ".*\.org"
?RUJ Deny server-domain contains "org'

A. The first ACL reads the entire URL, the second ACL reads only the server-domain field in the
URL.
B. The first ACL is more efficient because it uses regular expressions and will match more URLs.
C. The first ACL is a syntax that is specific to the HTTP protocol only, while the second URL is a
general purpose ACL.
D. The first ACL uses incorrect syntax and will cause an error message. The second ACL is
correct.

Answer: A

QUESTION 93
When used with SmartFilter, which of the following ACL5 will prohibit job searches by the group
finance during business hours?

A. Allow not smartfilter Job_Search and time 9am - 5pm day mon - fri
B. deny smartfilter Job_Search and time 9am - 5pm day mon - fri
C. deny job search group finance 9am - 5 pm mon - fri
D. deny group finance and smartfilter Job_Search and time 9am - 5pm and day mon - fri

Answer: D

QUESTION 94
Given the following ACL, if Bob is in group 1, when is he allowed? > allow group grp1 and time
9:00am - 5:00pm> deny group grp2 > deny any

A. Bob has access between 9:00 AM through 5:00 PM.
B. Bob has access after 5:00 PM and until 9:00 AM.
C. Bob has access regardless of the time because he is in group 1.
D. Bob has access either when he is a member of group 1 or between 9:00 AM and 5:00 PM.

Answer: A

NS0-910


QUESTION 95
What is the difference between rop?and eny?

A. The action "drop" specifies to deny packets from a specified source, while the action "deny"
blocks the packets.
B. The action "drop" specifies to drop requests and allow the client to go directly to the source,
while the action "deny" blocks requests
C. The action "drop" specifies to drop requests coming, while the action "deny" blocks responses
from an origin server.
D. The action "drop" specifies to drop packets from a specified source, while the action "deny"
blocks requests.

Answer: D

QUESTION 96
Assuming access control is based purely upon a successful validation of credentials received
from a client, then, where NTLM Authentication is required, the correct sequence involving a
HTTP request is:
1. NetCache retrieves object from server.
2. Client requests object credentials are included.
3. Client requests object credentials are not included.
4. NetCache tells client to send credentials.
5. Domain Controller sends result of validation of credentials.
6. NetCache asks Domain Controller if credentials are valid.
7. NetCache serves object to client.

A. 3,4,2,1,6,5,7
B. 2,1,6,5,7
C. 3,4,2,6,5,1,7
D. 2,6,5,1,7

Answer: C

QUESTION 97
Where in the GUI can you define the port used to accept http traffic?

A. Setup > Maintenance > System Control
B- Setup> Ports> HTTP
C. Setup > HTTP> General ?HTTP Proxy Ports
D. Setup > HTTP > Web Server Acceleration

Answer: C

QUESTION 98
What benefit does SecureAdmin provide for administration?

NS0-910


A. It creates a more stable environment by providing the administrator with an easy-to-use
interface for creating backup procedures and managing multiple caches from one central
location.
B. It forces administrators to authenticate any hosts requesting access to the NetCache
appliance.
C. It deeply reduces performance because it causes all traffic to be encrypted.
D. It provides a secure environment for administrating the NetCache appliance.

Answer: D

QUESTION 99
When using on-box filters with ACLs, what is the precedence of the ACL settings?

A. group authentication, ACLs, and then the filter
B. the filter, ACLs, then authentication
C. ACLs, group authentication, and then the filter
D. the filter, authentication, then ACLs

Answer: C

QUESTION 100
What protocols does the SecureAdmin support?

A. HTTPS and FTP.
B. SSH and SSL
C. RTSP and MMS
D. NTLM, Kerberos, and LDAP

Answer: B

NS0 910

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NS0 910

Uploaded by

Copyright:

Available Formats

Exam : NS0-910

Title : Network Appliance NetCache Internet Access

You might also like