IBM C2150-620 問題集

質問 1：
The System Administrator has configured the XGS devices shown in the following topology diagram. Outbound SSL inspection is configured on XGS1. All XGS devices are licensed for SSL inspection, Identity and Application Control, and IP Reputation.

Which of the XGS devices will block PC1 from accessing a known malware web site via SSL?
A. XGS1 in protection mode
B. XGS3 in protection mode
C. XGS2 connected to s read-only tap port
D. XGS4 connected to a read-only tap port
正解：A

質問 2：
A System Administrator has a requirement to be able to pause and resume an XGS for VMware machine to allow the ESXi server to move the servers to another machine.
Which statements regarding VMware Tools functionality is relevant to this requirement?
A. VMware Tools can be used to suspend inspection on the XGS for VMware and traffic will not be forced into an automatic bypass mode.
B. VMware Tools functionality is already included and will be used when called by the hypervisor to manage the XGS for VMware virtual machine.
C. VMware Tools functionality can be added to the appliance to provide a more streamlined used experience when migrating to another ESXi host.
D. VMware Tools can be used to suspend inspection on the XGS for VMware and traffic will be forced into an automatic bypass mode.
正解：C

質問 3：
A System Administrator wants to configure an XGS so that when the SSH_Brute_Force security event is triggered against machine Server1, any further traffic from the source IP address contained in the security event alert is dropped for a timed period.
How should the System Administrator configure the XGS to perform this?
A. Create a Network Access policy object to drop all traffic from the source IP contained in the security event alert to Server1.
B. Create a Network Access policy object with a quarantine rule to block the source IP when the security event is triggered against Server1.
C. Create an IPS Filter policy object for the SSH_Brute_Force security event with a Victim address of Server1 and a quarantine response to block the source IP
D. Edit the properties of the SSH_Brute_Force security event and create a quarantine response to block the source IP.
正解：B
解説: (Topexam メンバーにのみ表示されます)

質問 4：
A System Administrator has deployed an XGS. The NAP policy is configured to generate a local log event for every accepted network connection, for example, the Event Log object is enabled for the default Accept NAP rule. Due to the number of network connections, the administrator is concerned that this could take up too much disk space on the XGS.
Which configuration should the Administrator change to ensure that this does not happen?
A. the Event Log object should be cloned and the new object should only have NAP event logging enabled and the percentage of the total event storage limit used for events should be set.
B. The Event Log object should be deleted and recreated with a new storage limit.
C. The Event Log object should be edited and the percentage of the total event storage limit used for NAP events should be set.
D. The Event Log object should be cloned and the new object should have the percentage of the total event storage limit for all logs set.
正解：C
解説: (Topexam メンバーにのみ表示されます)

質問 5：
A System Administrator wants to integrate the XGS product with an existing SIEM deployment.
Which configuration changes should be made to ensure that the SIEM product receives information about security attack incidents?
A. Add a quarantine response object with the IP Address of the SIEM console to the Advance Threat Protection Agent list.
B. Enable QRadar format/LEEF format for the Event Log object.
C. Add a remote syslog object with the IP address of the SIEM console to all IPS objects in use.
D. Enable Remote IPFix Flow Data Export for an IPS object.
正解：C
解説: (Topexam メンバーにのみ表示されます)

質問 6：
When registering an XGS appliance to the Site Protector, a System Administrator decided to use a strict cryptography level.
Which protocol is allowed in this configuration?
A. SP 800-131A
B. TLS v2.1
C. SSLv3
D. TKS v1.1
正解：B
解説: (Topexam メンバーにのみ表示されます)