Question 6 of 60
A System Administrator wants to create an IPS Policy using X-Force recommended signatures, but does not want any signatures to be used in a blocking mode.
Which configuration option within the IPS Policy will provide this capability?
Which configuration option within the IPS Policy will provide this capability?
Correct Answer: B
Question 7 of 60
A System Administrator of a banking organization has become aware of some malicious traffic to its IBM Security Network Protection (XGS) appliance. The logs show patters of Denial of Service (DoS) attack and a lot of encrypted packets targeted to the M.1 port of the XGS appliance coming from an internal laptop IP address.
What should the System Administrator do next?
What should the System Administrator do next?
Correct Answer: B
Question 8 of 60
One XGS appliance in a financial company was running firmware version 5.2 for 2 years. The System Administrator upgraded the firmware to 5.3.2.3 because version 5.2 is no longer supported and enabled Any-Any-Any-Inspect rule in Outbound SSL Inspection Policy according to new company audit policy. After that, several users complain that their workstations cannot get Windows Update any more.
What should the System Administrator do to resolve this issue?
What should the System Administrator do to resolve this issue?
Correct Answer: A
Question 9 of 60
The System Administrator has configured Outbound SSL Inspection Policy for five SSL-enabled web sites.
How can the SSL decryption errors for each web site be detected?
How can the SSL decryption errors for each web site be detected?
Correct Answer: B
Question 10 of 60
The System Administrator of an oil and gas company has an XGS appliance deployed in the network below:
The appliance was working in Inline simulation mode and suddenly there was a power failure on the switch which causes link 1.2 on XGS to go down, However, port 1.1 on XGS remains up and hence the firewall keeps on sending the traffic to XGS appliance without realizing failure in the path.
Which setting should be corrected in the Protection Interface policy to avoid this behavior?
The appliance was working in Inline simulation mode and suddenly there was a power failure on the switch which causes link 1.2 on XGS to go down, However, port 1.1 on XGS remains up and hence the firewall keeps on sending the traffic to XGS appliance without realizing failure in the path.
Which setting should be corrected in the Protection Interface policy to avoid this behavior?
Correct Answer: D
Hardware Bypass Modes -
✑ *Fail ClosedCloses the links for the interface pair and prevents any network traffic from passing through the appliance.
*Fail OpenAllows all network traffic to pass through the appliance.
✑ * AutoIn non-HA modes, all traffic is allowed to pass through the appliance (fail open). In HA mode, interface links are closed and traffic is prevented from passing through the appliance (fail closed).
Note: On the XGS, there are two different bypass methods that are used:
The hardware bypass is controlled by the physical network interfaces.
The software bypass is controlled by the packet driver.
References:
http://www-01.ibm.com/support/docview.wss?uid=swg21882622 D
✑ *Fail ClosedCloses the links for the interface pair and prevents any network traffic from passing through the appliance.
*Fail OpenAllows all network traffic to pass through the appliance.
✑ * AutoIn non-HA modes, all traffic is allowed to pass through the appliance (fail open). In HA mode, interface links are closed and traffic is prevented from passing through the appliance (fail closed).
Note: On the XGS, there are two different bypass methods that are used:
The hardware bypass is controlled by the physical network interfaces.
The software bypass is controlled by the packet driver.
References:
http://www-01.ibm.com/support/docview.wss?uid=swg21882622 D