Title : Network Appliance NetCache Internet Access
and Security
Ver : 08-27-08 NS0-910
Actualtests.com - The Power of Knowing
QUESTION 1 Given the following entry from the Web Access log, with the default access log format, what does the entry "bob" signify? 1098830250.899 0.001 10.41.72.45 TCP_HIT_ACCESS_DENIED/407 496 GET http://www.cnn.com/bob - ""
A. the user making the request B. the hostname of the appliance C. the page on the CNN site D. the client hostname making the request
Answer: A
QUESTION 2 What is the command to view the names and locations ot the log tiles from the command line?
A. log -I B. nclog -I C. nclog-va D. show config.admin.log
Answer: B
QUESTION 3 Given the following log entry from the Web Access log, with the default access log format, what does DIRECT mean? 1093891725.752 0.080 10.32.10.92 TCP_MISS/200 10177 GET http:/twww.sbgs.org/sbgs.htm - DIRECT/209.68.147.66 'text/html"
A. The object must be retrieved from a parent cache. B. The requested URL resides outside the firewall, and the URL maps to no parents or neighbors. C. The URL was fetched from the source. D. This NetCache has no valid parents or neighbors.
Answer: C
QUESTION 4 What is the difference between TCP_MISS/200 and TCP_HIT/200?
A. The "miss" means that the requested object could not be found and an error is returned to the client. The "hit" means that TOP is used. B. The "miss" means...that the NetCache will use UDP instead. A "hit" means that TCP is used. C. He "miss" means...retrieved by the NetCache appliance. The "hit" means that the NetCache appliance already. NS0-910
Actualtests.com - The Power of Knowing
D. The "miss" means that the object was in the cache but not available because either its TTL expired or the entry was flagged by a third party content filter such as a virus scanner. The "hit" means that the TTL was still current.
Answer: C
QUESTION 5 Given the following entry from the Web Access log, what is the first column? 1098830250.899 0.001 1041.72.45 TCP_HIT_ACCESS_DENIED/407 496 GET http:/tnw.cnn.com/bob - ""
A. the size in bits B. the time stamp in Greenwich standard time C. the ID of the request D. the time stamp in UNIX epoch time
Answer: D
QUESTION 6 Which protocol entries are recorded in the Web access log file? A- HTTP, FTP, RTSP B. HTTP, FTP, Gopher C. RTSP, NNTP D. Telnet, SNMP, SSH
Answer: B
QUESTION 7 Of the following choices, which TWO are paths to configure logging? (Choose 2)
A. Setup > System > Logging B. Setup > Maintenance > Logging C. Setup > HTTP> Logging D. Setup > Utilities> Logging
Answer: A, C
QUESTION 8 The NetCache appliance supports up to _____ SNMP communities.
A. 4 B. 8 C. 16 D. 32
Answer: B NS0-910
Actualtests.com - The Power of Knowing
QUESTION 9 Which FOUR cache control headers below are valid? (Choose 4)
A. Cache-Control: no-cache B. Pragma: do-not-cache C. Cache-Control: no-store D. Cache-Control: private E. Pragma: no-cache
Answer: A, C, D, E
QUESTION 10 A router performs which one of the following functions for NetCache proxies?
A. It fragments large packets into smaller chunks that the NetCache appliance can handle. B. It tags Ether channel packets for pre-processing. C. It delivers inbound packets from other networks and sends outbound packets destined for other networks. D. It strips virus packets out before they can infect the NetCache appliance.
Answer: C
QUESTION 11 Which ICAP vectoring method does the anti-virus scanning use?
A. RESPMOD_PRECACHE B. REQMOD_PRECACHE C. RESPMOD_POSTCACHE D. REQMOD_POSTCACHE
Answer: A
QUESTION 12 Which TWO of the following can be performed by using a proxy.pac file? (Choose 2)
A. provide for failover protection B. check web pages for worms or viruses C. distribute requests to different NetCache proxy servers D. shut down the computer if the user doesn't authenticate promptly
Answer: A, C
QUESTION 13 Given the following service farm configuration, which request will be directed to the ICAP application? NS0-910
Actualtests.com - The Power of Knowing
config.icapv1 .farm3.attr = \\marketing_req_precache REQMOD_PRECACHE on rr on weak
A. Requests about to be initiated by NetCache to the server B. Requests from the client before NetCache has initiated a request to the server C. Requests from the client after NetCache has initiated a request to the server D. Responses to requests initiated by NetCache after being cached on disk E. Responses to requests initiated by NetCache before being cached on disk
Answer: B
QUESTION 14 Where is authentication server information logged?
A. Web Access log B. Messages log C. FTP log D. client browser E. SMB Instant Messaging
Answer: B
QUESTION 15 What is the advantage of using multiple authentication servers with a NetCache appliance?
A. NetCache will deny requests if authentication isn't provided within 200ms. B. They ensure authenticated access if authentication server fails. C. They ensure authenticated access across multiple domains. D. Authentication uses encryption and is CPU-intensive.
Answer: B
QUESTION 16 Which FOUR are licensed protocols? (Choose 4)
A. DNS caching B. ICAP C. HTTPS Proxy D. HTTP Proxy E. GRM Server
Answer: B, C, D, E
QUESTION 17 Which FOUR are key steps in the authentication process? (Choose 4)
A. verify protocol authentication settings (authenticates the user) NS0-910
Actualtests.com - The Power of Knowing
B. verity ACL permission settings for the applicable group in the NetCache user database C. verify whether SmartFilter or WebWasher DynaBLocator denies the request D. verify connectivity to logging server E. allow or deny the request, based on the results of the authentication process
Answer: A, B, C, E
QUESTION 18 Which FOUR will best prevent client disruption caused by hardware failure when using multiple proxies? (Choose 4)
A. load balancer B. round-robin DNS C. direct browser configuration D. transparency utilizing WCCP E. autoconfiguration using a proxy.pac file
Answer: A, B, D, E
QUESTION 19 Which TWO of the following server types can function as a logging target for NetCache? (Choose 2)
A. FTP B. CIFS C. HTTP D. NFS
Answer: A, C
QUESTION 20 Which FOUR steps are necessary to test that authentication is working properly with NTLM? (Choose 4)
A. configure NTLM authentication B. add the appropriate ACLs to use authentication C. visit a Web site through the NetCache proxy D. inspect the Web Access log files for authentication activity E. enable packet tracing with pktt and analwe the results
Answer: A, B, C, D
QUESTION 21 ________ consistency should be used for service farms that run more than one version of a service, and differences in results are expected to be minor and not noticeable.
NS0-910
Actualtests.com - The Power of Knowing
A. Strong B. Weak C. IBW D. Mixed
Answer: B
QUESTION 22 Which TWO are most probable side-effects of authentication in a transparent deployment? (Choose 2)
A. In a Network Address Translation environment, users may obtain shared privileges, never be challenged, or both. B. Its conformance with HTTP 1.1 specification is lost. C. It reduces the number of authentication prompts to the end user. D. It simplifies setup of the NetCache and authentication server.
Answer: A, B
QUESTION 23 Given the following service farm configuration, which requests will be scanned by the ICAP server? config.icapv1 .farm0.attr = \\marketing_resp RESPMOD_PRECACHE on rr on weak
A. responses before being sent to NetCache B. responses from NetCache C. responses before being sent to the ICAP server D. responses from the Internet
Answer: C
QUESTION 24 Which ACL action is used to send a REQMOD_PRECACHE request to an ICAP service without processing additional ACLs?
A. icap B. icap_now C. attribute D. ad idap
Answer: B
QUESTION 25 In what TWO places do you enter License keys? (Choose2)
NS0-910
Actualtests.com - The Power of Knowing
A. command line with the license command B. the Appliance Manager C. SNMP agents. D. the admin host or domain controller
Answer: A, B
QUESTION 26 Which vector point is used to route an object to the ICAP server from NetCache, but before the data is requested from the Web server?
A. REQMOD_PRECACHE B. REQMOD_PDSTCACHE C. RESPMOD_PRECACHE D. RESPMOD_POSTCACHE
Answer: B
QUESTION 27 Which THREE are advantages of using NetCache as an accelerator? (Choose 3)
A. It can offload traffic from a Web server. B. It shields a Web server from the Internet. C. It reduces firewall workload. D. It places content closer to the user.
Answer: A, B, C
QUESTION 28 Which authentication methods, used to receive client credentials, are performed once per connection instead of performed once per request?
A. NTLM and Kerberos B. LDAP and Basic C. FTP and NTP D. RADIUS and challenge-response
Answer: A
QUESTION 29 Which THREE are access methods for the NetCache appliance? (Choose 3)
A. transparent (indirect) access B. non-transparent (direct) access C. request routing for content distribution networks D. protocol routing for content distribution networks NS0-910
Actualtests.com - The Power of Knowing
Answer: A, B, C
QUESTION 30 When NetCache is implemented as a reverse proxy (accelerator), which FOUR of the following protocols can be accelerated? (Choose 4)
A. HTTP B. NTP C. MMS D. RTSP E. HTTPS
Answer: A, C, D, E
QUESTION 31 Which THREE of these Internet protocols are supported for ICAP virus scanning? (Choose 3)
A. HTTP B. FTP C. HTTPS D. HTTP over FTP
Answer: A, B, D
QUESTION 32 Which THREE are necessary for capacity planning? (Choose 3)
A. number of users B. operating systems of users C. type of work or activity D. expected load at peak intervals
Answer: A, C, D
QUESTION 33 What is the difference between the following two ACLs? Deny url matches "."\.org" Deny server-domain contains "org'
A. The first ACL reads the entire URL, the second ACL reads only the server-domain field in the URL. B. The first ACL is more efficient because it uses regular expressions and will match more UPLs. NS0-910
Actualtests.com - The Power of Knowing
C. The first ACL is a syntax that is specific to the HTTP protocol only, while the second URL is a general purpose ACL. D. The first ACL uses incorrect syntax and will cause an error message. The second ACL is correct.
Answer: A
QUESTION 34 What is the result of the following ACL? allow serier-ip 216.240.23.27 and server-port 80 deny any
A. Objects from a server with the IP address of 216.240.23.27 andfrom port 80 are allowed. B. Objects requested by a client 216.240.23.27 on the client's port so are allowed. C. All requests are denied unless the request is coming from 216.240.23.27 and enters the cache on the cache port 80. D. Allow server-ip 215.240.23.27 to use the cache's port 80.
Answer: A
QUESTION 35 Assuming access control is based purely upon a successful validation of credentials received from a client, then, where NTLM Authentication is required, the correct sequence involving a HTTP request is: 1. NetCache retrieves object from server. 2. Client requests object credentials are included. 3. Client requests object; credentials are not included. 4. NetCache tells client to send credentials. 5. Domain Controller sends result of validation of credentials. 6. NetCache asks Domain Controller if credentials are valid. 7. NetCache serves object to client.
A. 3,4,2,1,6,5,7 B. 2, 1,6,5,7 C. 3,4,2,6,5,1,7 D. 2, 6,5,1,7
Answer: C
QUESTION 36 What benefit does SecureAdmin provide for administration?
A. It creates a more stable environment by providing the administrator with an easy-to-use interface for creating backup procedures and managing multiple caches from one central location. B. It forces administrators to authenticate any hosts requesting access to the NetCache appliance. NS0-910
Actualtests.com - The Power of Knowing
C. It deeply reduces performance because it causes all traffic to be encrypted. D. It provides a secure environment for administrating the NetCache appliance.
Answer: D
QUESTION 37 When used with SmartFilter, which of the following ACLs will prohibit job searches by the group finance during business hours?
A. Allow not smartfilter Job_Search and time 9am - 5pm day mon - fri B. deny smartfilter Job_Search and time 9am - 5pm day mon - fri C. deny job search group finance 9am - 5pm mon - fri D. deny group finance and smartfilter Job_Search and time 9am - 5pm and day mon - fri
Answer: D
QUESTION 38 When a NetCache joins a native Windows 2000 or 2003 domain, it uses _________ authentication for the join process.
A. NTLM B. LDAP C. Kerberos D. RADIUS
Answer: C
QUESTION 39 What is the difference between deny and allow not?
A. The deny denies the request and stops the evaluation, while the allow not allows all requests except for those that match the criteria after the "not." B. The deny denies the request and continues evaluation, while the allow not only continues evaluations for requests that meet the criteria specified after the "not." C. The deny allows all requests that match its criteria and denies all other requests, while the allow not denies everything except for those requests that match its criteria. D. They both give the same result.
Answer: A
QUESTION 40 What is the difference between the icap command and the icap_now command?
A. The icap command directs requests to the ICAP application after all other ACLs are evaluated; the icap_now command is used to force requests to be directed to the ICAP application first. NS0-910
Actualtests.com - The Power of Knowing
B. The icap command is used to force requests to be directed to the ICAP application first; the icap_now command directs requests to the icap_now application after all other ACLs are evaluated. C. The icap_now command is used to modiN the requests before sending to the other ACLs for evaluation; The icap command specifies to send requests to the ICAP application for filtering before evaluating all other ACLs. D. The icap command directs requests to the ICAP application before requests are evaluated by the other ACLs; the icap_now command specifies to use the ICAP application only for evaluation.
Answer: A
QUESTION 41 Which THREE require authentication? (Choose 3)
A. HTTPS B. NNTP C. Gopher D. DNS
Answer: A, B, C
QUESTION 42 The vectoring point, REQMOD_PRECACHE, is used to adapt content_______________
A. coming into NetCache from the client B. going from NetCache to the ICAP server C. coming into NetCache from the ICAP server D. going from NetCache to the client
Answer: A
QUESTION 43 When using on-box filters with ACLs, what is the precedence of the ACL settings?
A. group authentication, ACLs, and then the filter B. the filter, ACLs, then authentication C. ACLs, group authentication, and then the filter D. the filter, authentication, then ACLs
Answer: C
QUESTION 44 Where in the GUI can you define the port used to accept http traffic? NS0-910
Actualtests.com - The Power of Knowing
A. Setup> Maintenance > System Control B. Setup>Ports>HTTP C. Setup> HTTP > General ?HTTP Proxy Ports D. Setup> HTTP > Web Server Acceleration
Answer: C
QUESTION 45 Given the following ACL, if Bob is in group 1, when is he allowed? > allow group grp1 and time 9:00am - 5:00pm > deny group grp2 > deny any
A. Bob has access between 9:00 AM through 5:00 PM. B. Bob has access after 5:00 PM and until 9:00 AM. C. Bob has access regardless of the time because he is in group 1. D. Bob has access either when he is a member of group 1 or between 9:00 AM and 5:00 PM.
Answer: A
QUESTION 46 Which TWO implementations are required for setting up transparency with WCCP? (Choose 2)
A. The WCCP router must be located where a firewall that uses Network Address Translation (NAT) is not located between the WCCP and the NetCache appliance. B. The WCCP router must be located so that it can view all network traffic for the clients that it is expected to serve. C. The WCCP router has to be directly connected to the proxy'. D. The WCCP router must be located where a firewall that uses Network Address Translation (NAT) is located between the WCCP and the NetCache appliance.
Answer: A, B
QUESTION 47 What is the default administration port?
A. 3128 B. 8080 C. 3132 D. 9090
Answer: C
QUESTION 48 The SecureAdmin feature uses _____________ to securely replace _____________ NS0-910
Actualtests.com - The Power of Knowing
and________
A. Kerberos, SSH, and HTTPS B. SSH, Telnet, and RSH C. RSH, Telnet, and SSH D. SSH, HTTPS, and LDAP
Answer: B
QUESTION 49 What protocols does the SecureAdmin support?
A. HTTPS and FTP. B. SSH and SSL C. RTSP and MMS D. NTLM, Kerberos, and LDAP
Answer: B
QUESTION 50 Which of the following ACL5 will limit the ability to administer the NetCache to a specific computer?
A. auth client-ip [IP address]: 3132 B. allow client-ip [IP address]: 3132 C. reauth client-ip [IP address]: 3128 D. allow client-ip [IP address]: 3128
Answer: B
QUESTION 51 Given the following service farm configuration, which requests will be scanned by the ICAP server? config.icapv1 .farm0.attr = \\marketing_resp RESPMOD_PRECACHE on rr on weak
A. responses before being sent to NetCache B. responses from NetCache C. responses before being sent to the CAP server D. responses from the Internet
Answer: C
QUESTION 52 Which authentication methods, used to receive client credentials, are performed once per connection instead of performed once per request?
NS0-910
Actualtests.com - The Power of Knowing
A. NTLM and Kerberos B. LDAP and Basic C. FTP and NTP D. RADIUS and challenge-response
Answer: A
QUESTION 53 Which THREE of these Internet protocols are supported for ICAP virus scanning? (Choose 3)
A. HTTP B. FTP C. HTTPS D. HTTPoverFTP
Answer: A, B, D
QUESTION 54 Which THREE are necessary for capacity planning? (Choose 3)
A. number of users B. operating systems of users C. type of work or activity D. expected load at peak intervals
Answer: A, C, D
QUESTION 55 In what TWO places do you enter License keys? (Choose2)
A. command line with the license command B. the Appliance Manager C. SNMP agents. D. the admin host or domain controller
Answer: A, B
QUESTION 56 Which THREE are access methods for the NetCache appliance? (Choose 3)
A. transparent (indirect) access B. non-transparent (direct) access C. request routing for content distribution networks D. protocol routing for content distribution networks NS0-910
Actualtests.com - The Power of Knowing
Answer: A, B, C
QUESTION 57 Which FOUR will best prevent client disruption caused by hardware failure when using multiple proxies? (Choose 4)
A. load balancer B. round-robin DNS C. direct browser configuration D. transparency utilizing WCCP F. auto configuration using a proxy.pac file
Answer: A, B, D, E
QUESTION 58 Where is authentication server information logged?
A. Web Access log B. Messages log C. FTP log D. client browser E. SMB Instant Messaging
Answer: B
QUESTION 59 Given the following service farm configuration, which request will be directed to the ICAP application? config.icapv1 .farm3.attr = \\marketing_req_precache REOMOD_PRECACHE on rr on weak
A. Requests about to be initiated by NetCache to the server B. Requests from the client before NetCache has initiated a request to the server C. Requests from the client after NetCache has initiated a request to the server D. Responses to requests initiated by NetCache after being cached on disk E. Responses to requests initiated by NetCache before being cached on disk
Answer: B
QUESTION 60 Which TWO of the following can be performed by using a proxy.pac file? (Choose 2)
A. provide for failover protection B. check web pages for worms or viruses C. distribute requests to different NetCache pros servers D. shut down the computer if the user doesn't authenticate promptly NS0-910
Actualtests.com - The Power of Knowing
Answer: A, C
QUESTION 61 A router performs which one of the following functions for NetCache proxies?
A. It fragments large packets into smaller chunks that the NetCache appliance can handle. B. It tags Etherchannel packets for pre-processing. C. It delivers inbound packets from other networks and sends outbound packets destined for other networks. D. It strips virus packets out before they can infect the NetCache appliance.
Answer: C
QUESTION 62 Which FOUR cache control headers below are valid? (Choose 4)
A. Cache-Control: no-cache B. Pragma: do-not-cache C. Cache-Control: no-store D. Cache-Control: private E. Pragma: no-cache
Answer: A, C, D, E
QUESTION 63 When NetCache is implemented as a reverse proxy (accelerator), which FOUR of the following protocols can be accelerated? (Choose 4)
A. HTTP B. NTP C. MMS D. RTSP E. HTTPS
Answer: A, C, D, E
QUESTION 64 Which FOUR are key steps in the authentication process? (Choose 4)
A. verify protocol authentication settings (authenticates the user) B. verity ACL permission settings for the applicable group in the NetCache user database C. verify whether SmartFilter or WebWasher DynaBLocator denies the request D. verify connectivity to logging server NS0-910
Actualtests.com - The Power of Knowing
E. allow or deny the request, based on the results of the authentication process
Answer: A, B, C, E
QUESTION 65 Which vector point is used to route an object to the ICAP server from NetCache, but before the data is requested from the Web server?
A. REQMOD_PRECACHE B. REQMOD_POSTCACHE C. RESPMOD_PRECACHE D. RESPMOD_POSTCACHE
Answer: B
QUESTION 66 Which TWO of the following server types can function as a logging target for NetCache? (Choose 2)
A. FTP B. CIPS C. HTTP D. NFS
Answer: A, C
QUESTION 67 Which TWO are most probable side-effects of authentication in a transparent deployment? (Choose 2)
A. In a Network Address Translation environment, users may obtain shared privileges, never be challenged, or both. B. Its conformance with HTTP 1.1 specification is lost. C. It reduces the number of authentication prompts to the end user. D. It simplifies setup of the NetCache and authentication server.
Answer: A, B
QUESTION 68 ________ consistency should be used for service farms that run more than one version of a service, and differences in results are expected to be minor and not noticeable.
A. Strong NS0-910
Actualtests.com - The Power of Knowing
B. Weak C. lBW D. Mixed
Answer: B
QUESTION 69 Which ICAP vectoring method does the anti-virus scanning use?
A. RESPMOD_PRECACHE B. REQMOD_PRECACHE C. RESPMOD_POSTCACHE D. REQMOD_POSTCACHE
Answer: A
QUESTION 70 Which FOUR are licensed protocols? (Choose 4)
A. DNS caching B. ICAP C. HTTPS Proxy D. HTTP Proxy E. GRM Server
Answer: B, C, D, E
QUESTION 71 Which THREE are advantages of using NetCache as an accelerator? (Choose 3)
A. It can offload traffic from a Web server. B. It shields a Web server from the Internet. C. It reduces firewall workload. D. It places content closer to the user.
Answer: A, B, C
QUESTION 72 Which FOUR steps are necessary to test that authentication is working properly with NTLM? (Choose 4)
A. configure NTLM authentication B. add the appropriate ACLs to use authentication C. visit a Web site through the NetCache proxy D. inspect the Web Access log files for authentication activity E. enable packet tracing with pktt and analyzee the results NS0-910
Actualtests.com - The Power of Knowing
Answer: A, B, C, D
QUESTION 73 What is the advantage of using multiple authentication servers with a NetCache appliance?
A. NetCache will deny requests if authentication isn't provided within 200ms. B. They ensure authenticated access if authentication server fails. C. They ensure authenticated access across multiple domains. D. Authentication uses encryption and is CPU-intensive.
Answer: B
QUESTION 74 Which ACL action is used to send a REQMOD_PRECACHE request to an ICAP service without processing additional ACL5?
A. icap B. icap_now C. attribute D. acl icap
Answer: B
QUESTION 75 The NetCache appliance supports up to _____ SNMP communities.
A. 4 B. 8 C. 16 D. 32
Answer: B
QUESTION 76 Which protocol entries are recorded in the Web access log rile?
A. HTTP, FTP, RTSP B. HTTP, FTP, Gopher C. RTSP,NNTP D. Telnet, SNMP, SSH
Answer: B
NS0-910
Actualtests.com - The Power of Knowing
QUESTION 77 Given the following entry from the Web Access log, what is the first column? 1098830250.899 0.001 10.41.72.45 TCP_HIT_ACCESS_DENIED/407 496 GET http://www.cnn.com/bob - ""
A. the size in bits B. the time stamp in Greenwich standard time C. the ID of the request D. the time stamp in UNIX epoch time
Answer: D
QUESTION 78 What is the difference between TOP_MISS/200 and TOP_HIT/200?
A. The "miss" means that the requested object could not be found and an error is returned to the client. The "hit" means that TCP is used. B. The "miss" means...that the NetCache will use UDP instead. A "hit" means that TOP is used. C. he "miss" means...retrieved by the NetCache appliance. The "hit' means that the NetCache appliance already. D. The "miss" means that the object was in the cache but not available because either its TTL expired or the entry was flagged by a third party content filter such as a virus scanner. The "hit" means that the TTL was still current.
Answer: C
QUESTION 79 Of the following choices, which TWO are paths to configure logging? (Choose 2)
A. Setup> System> Logging B. Setup> Maintenance > Logging C. Setup> HTTP > Logging D. Setup> Utilities > Logging
Answer: A, C
QUESTION 80 Given the following log entry from the Web Access log, with the default access log format, what does DIRECT mean? 1093891725.752 0.080 10.32.10.92 TCP_MISS/200 10177 GET http://www.sbgs.org/sbgs.htm - DIRECT/209 .68.147.66 "text/html"
A. The object must be retrieved from a parent cache. B. The requested URL resides outside the firewall, and the URL maps to no parents or neighbors. NS0-910
Actualtests.com - The Power of Knowing
C. The URL was fetched from the source. D. This NetCache has no valid parents or neighbors.
Answer: C
QUESTION 81 What does the following ACL accomplish? drop 300 server-domain worm .com
A. It asks any server from the domain 'worm.com" to return a 300 error message if it drops the request. B. It causes the appliance to drop any packets from any clients to servers in the domain "worm .com" for 300 seconds. C. It drops any errors in the 300 responses from any server in the domain "worm.com". D. It requests that the appliance only cache packets coming from "worm.com" if the packet is under 300 bytes in size.
Answer: B
QUESTION 82 What is the command to view the names and locations of the log files from the command line?
A. log -I B. nclog -l C. nclog -va D. show config.admin.log
Answer: B
QUESTION 83 Which TWO implementations are required for setting up transparency with WCCP? (Choose 2)
A. The WCCP router must be located where a firewall that uses Network Address Translation (NAT) is not located between the WCCP and the NetCache appliance. B. The WCCP router must be located so that it can view all network traffic for the clients that it is expected to serve. C. The WCCP router has to be directly connected to the proxy. D. The WCCP router must be located where a firewall that uses Network Address Translation (NAT) is located between the WCCP and the NetCache appliance.
Answer: A, B
QUESTION 84 What is the difference between deny and allow not?
A. The deny denies the request and stops the evaluation, while the allow not allows all requests NS0-910
Actualtests.com - The Power of Knowing
except for those that match the criteria after the "not." B. The deny denies the request and continues evaluation, while the allow not only continues evaluations for requests that meet the criteria specified after the "not." C. The deny allows all requests that match its criteria and denies all other requests, while the allow not denies everything except for those requests that match its criteria. D. They both give the same result.
Answer: A
QUESTION 85 The SecureAdmin feature uses _____________ to securely replace and ___________
A. Kerberos, SSH, and HTTPS B. SSH, Telnet, and RSH C. RSH, Telnet, and SSH D. SSH, HTTPS, and LDAP
Answer: B
QUESTION 86 Which THREE require authentication? (Choose 3)
A. HTTPS B. NNTP C. Gopher D. DNS
Answer: A, B, C
QUESTION 87 Given the following ACL, what will happen when a user with an lE browser attempts to go to the ESPN Web site?
redirect "http://www.netapp.com" url matches "espn" and req-headers matches "MSIE"
A. They reach the page and it is cached by the NetCache appliance for future requests. B. The users are redirected to http://www.netapp.com. C. They can reach ESPN, but anyone trying to access http://www.netapp.com is redirected to the ESPN Web site. D. The user receives a pop-up showing that a patch from http://www.netapp.com will be automatically downloaded before they can reach the ESPN Web site.
Answer: B
NS0-910
Actualtests.com - The Power of Knowing
QUESTION 88 Which of the following ACLs will limit the ability to administer the NetCache to a specific computer?
A. auth client-ip [IP address]: 3132 B. allow client-ip [IP address]: 3132 C. reauth client-ip [IP address]: 3128 D. allow client-ip [IP address]: 3128
Answer: B
QUESTION 89 What is the result of the following ACL? allow server-ip 216.240.23.27 and sewer-port 60 deny any
A. Objects from a server with the IP address of 216.240.23.27 and from port 60 are allowed. B. Objects requested by a client 216.240.23.27 on the client's port 60 are allowed. C. All requests are denied unless the request is coming from 216.240.23.27 and enters the cache on the cache port 60. D. Allow server-ip 215.240.23.27 to use the cache's port 60.
Answer: A
QUESTION 90 When a NetCache joins a native Windows 2000 or 2003 domain, it uses authentication for the join process.
A. NTLM B. LDAP C. Kerberos D. RADIUS
Answer: C
QUESTION 91 What is the difference between the icap command and the icap_now command?
A. The icap command directs requests to the ICAP application after all other ACLs are evaluated; the icap_now command is used to force requests to be directed to the ICAP application first. B. The icap command is used to force requests to be directed to the ICAP application first the icap_now command directs requests to the icap_now application after all other ACLs are evaluated.
NS0-910
Actualtests.com - The Power of Knowing
C. The icap_now command is used to modify the requests before sending to the other ACLs for evaluation; The icap command specifies to send requests to the ICAP application for filtering before evaluating all other ACLs, D. The icap command directs requests to the ICAP application before requests are evaluated by the other ACLs; the icap_now command specifies to use the ICAP application only for evaluation.
Answer: A
QUESTION 92 What is the difference between the following two ACLs? Deny url matches ".*\.org" ?RUJ Deny server-domain contains "org'
A. The first ACL reads the entire URL, the second ACL reads only the server-domain field in the URL. B. The first ACL is more efficient because it uses regular expressions and will match more URLs. C. The first ACL is a syntax that is specific to the HTTP protocol only, while the second URL is a general purpose ACL. D. The first ACL uses incorrect syntax and will cause an error message. The second ACL is correct.
Answer: A
QUESTION 93 When used with SmartFilter, which of the following ACL5 will prohibit job searches by the group finance during business hours?
A. Allow not smartfilter Job_Search and time 9am - 5pm day mon - fri B. deny smartfilter Job_Search and time 9am - 5pm day mon - fri C. deny job search group finance 9am - 5 pm mon - fri D. deny group finance and smartfilter Job_Search and time 9am - 5pm and day mon - fri
Answer: D
QUESTION 94 Given the following ACL, if Bob is in group 1, when is he allowed? > allow group grp1 and time 9:00am - 5:00pm> deny group grp2 > deny any
A. Bob has access between 9:00 AM through 5:00 PM. B. Bob has access after 5:00 PM and until 9:00 AM. C. Bob has access regardless of the time because he is in group 1. D. Bob has access either when he is a member of group 1 or between 9:00 AM and 5:00 PM.
Answer: A
NS0-910
Actualtests.com - The Power of Knowing
QUESTION 95 What is the difference between rop?and eny?
A. The action "drop" specifies to deny packets from a specified source, while the action "deny" blocks the packets. B. The action "drop" specifies to drop requests and allow the client to go directly to the source, while the action "deny" blocks requests C. The action "drop" specifies to drop requests coming, while the action "deny" blocks responses from an origin server. D. The action "drop" specifies to drop packets from a specified source, while the action "deny" blocks requests.
Answer: D
QUESTION 96 Assuming access control is based purely upon a successful validation of credentials received from a client, then, where NTLM Authentication is required, the correct sequence involving a HTTP request is: 1. NetCache retrieves object from server. 2. Client requests object credentials are included. 3. Client requests object credentials are not included. 4. NetCache tells client to send credentials. 5. Domain Controller sends result of validation of credentials. 6. NetCache asks Domain Controller if credentials are valid. 7. NetCache serves object to client.
A. 3,4,2,1,6,5,7 B. 2,1,6,5,7 C. 3,4,2,6,5,1,7 D. 2,6,5,1,7
Answer: C
QUESTION 97 Where in the GUI can you define the port used to accept http traffic?
A. Setup > Maintenance > System Control B- Setup> Ports> HTTP C. Setup > HTTP> General ?HTTP Proxy Ports D. Setup > HTTP > Web Server Acceleration
Answer: C
QUESTION 98 What benefit does SecureAdmin provide for administration?
NS0-910
Actualtests.com - The Power of Knowing
A. It creates a more stable environment by providing the administrator with an easy-to-use interface for creating backup procedures and managing multiple caches from one central location. B. It forces administrators to authenticate any hosts requesting access to the NetCache appliance. C. It deeply reduces performance because it causes all traffic to be encrypted. D. It provides a secure environment for administrating the NetCache appliance.
Answer: D
QUESTION 99 When using on-box filters with ACLs, what is the precedence of the ACL settings?
A. group authentication, ACLs, and then the filter B. the filter, ACLs, then authentication C. ACLs, group authentication, and then the filter D. the filter, authentication, then ACLs
Answer: C
QUESTION 100 What protocols does the SecureAdmin support?
A. HTTPS and FTP. B. SSH and SSL C. RTSP and MMS D. NTLM, Kerberos, and LDAP