￥ 250.00 920-449 Exam

免费下载 920-449 认证资料Demo

下载 920-449 PDF 认证考试资料
考试引擎下载

选择 pass4side 920-449 资料

920-449 考试是 Nortel 公司的 nncse contivity security 认证考试官方代号，pass4side 的 920-449 权威考试学习资料经过多名专业Nortel 认证工程师整理测试，pass4side 绝对保证第一次参加 920-449 考试的考生即可顺利通过，否则承诺免费更新！

1、Pass4Side考题大师920-449学习材料是您获取认证的完美组合，覆盖率极高，只要您使用本站的考试学习材料参加920-449 考试，您将一次轻松通过考试；

2、售后服务第一！我们相信要想在当今时代取得成功，必须为广大用户提供全套的周到细致的全程优质售后服务，只有客户满意了，我们才能发展。客户至上是我们Pass4Side考题大师的一贯宗旨；

3、Pass4Side实行“一次不过免费更新”承诺。如果您购买我们920-449的考题，只要不是首次通过，凭盖有PROMETRIC或VUE考试中心钢印的考试成绩单，我们将免费更新920-449最新学习材料，绝对保证您能继续获得有价值的学习材料；

4、本站920-449学习资料根据920-449知识点的的变化动态更新，在厂家知识点每次发生变化后，我们将尽快更新920-449材料知识点。在您购买我们的产品之后，我们将提供30天的免费更新。确保920-449学习材料的覆盖率

5、软件版本920-449 考试资料
优点：具有学习模式，测试模式，线上自动升级
缺点：仅限固定电脑使用，不可打印为文本，只能PC阅读

6、PDF 格式920-449 考试资料(部分最新更新科目已不提供PDF)
优点：不需下载安装软件，方便用户打印和携带，但也带来了可随意制的弊端，因此我们提醒用户不得随意公开或出售本站的920-449资料，一经发现立即取消其升级资格，且永久删除会员。
缺点：不具备测试模式，通过查看 pass4side.cn网站及查收我们的更新E-MAIL获取更新信息。
　
　
Exam : Nortel 920-449
Title : NNCSE Contivity Security


1. A Contivity has two private interfaces (LAN and DMZ) and one public interfaces (INT). Workstation1 with an IP address of 10.10.10.1/24 is in the network that is directly attached to the private interface LAN. Workstation2 with an IP address of 20.20.20.1/24 is in the network that is directly attached to private interface DMZ. The requirement is to block only traffic from workstation1 to workstation2 using interface filters to be applied to the private interface DMZ. Select the most appropriate filter action, direction, and address for the access control filter.
A. Filter action = Deny ; Direction = Inbound ; Address = 20.20.20.1
B. Filter action = Deny ; Direction = Inbound ; Address = 10.10.10.1
C. Filter action = Deny ; Direction = Outbound ; Address = 10.10.10.1
D. Filter action = Deny ; Direction = Outbound ; Address = 20.20.20.1
Answer: C

2. Contivity Stateful Firewall has been enabled on a customer's Contivity system. The customer wants to extend user authentication on traffic between branch office connections in their VPN environment and a technician has set up Firewall User Authentication (FWUA). How will this affect system users?
A. Users will now have transparent access to the Contivity Stateful Firewall.
B. Users will be automatically authenticated for internal authorization services such as LDAP.
C. Users will be automatically authenticated for external authorization services such as RADIUS.
D. Users will be required to log into the Contivity Stateful Firewall before they are granted network access.
Answer: D

3. A technician is setting up a rule base for a Contivity Stateful Firewall configuration. The technician plans to enable a Lockdown rule. What will be the impact of this rule?
A. non-tunneled traffic will be blocked
B. access to the firewall will be blocked
C. outgoing traffic through the firewall will be blocked
D. incoming traffic through the firewall will be blocked
Answer: B

4. A Contivity configuration has two private interfaces (LAN 0 and LAN 1) and one public interface (LAN 3) with Application servers residing on LAN 0. An administrator needs to create a default rule in order to allow users from LAN 1 and tunneled users from LAN 3 to access the application servers in LAN 0. What would be the most secure interface classification for the source interface?
A. Any
B. Trusted
C. Tunnel: Any
D. LAN 1 and LAN 3
Answer: B

5. A company has a main office and three branch offices. Each branch office has a branch office tunnel (BOT) connection to the main office. The following conditions exist: - Contivity firewall is disabled but each BOT has a default setting of ermit all?tunnel filter configured under the group profile. - Contivity firewall is disabled but each BOT has a default setting of ?ermit all?tunnel filter configured under the group profile. - The company has their own internal/private DNS server which resides in the main office. - Contivity from each branch offices is acting as DNS proxy. - Workstations from the branch offices are pointing to their local Contivity as the default gateway and DNS server. All workstations from the branch offices can reach all devices in the main office via IP address but cannot reach them through DNS names. What is the most likely cause of the problem?
A. The access control of ermit all?given to the BOT group is enough to allow DNS to pass through the tunnel so the DNS server could be The access control of ?ermit all?given to the BOT group is enough to allow DNS to pass through the tunnel so the DNS server could be down.
B. DNS server is up but main office's Contivity has DNS setting unchecked under the allow management traffic for remote servers portion of the permit all rule.
C. DNS server is up but branch offices' Contivity has DNS setting unchecked under the allow management traffic for remote servers portion of the permit all rule.
D. Main office's Contivity has DNS setting checked under the allow management traffic for remote servers portion of the permit all rule but DNS server could be down.
Answer: C