Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Nortel 920-440 Exam -

Free 920-440 Sample Questions:

1. A customer has an OSPF network with clean and dirty OSPF routers. An ASF is between the two areas. Which routing protocol should be used for this network?
Answer: C

2. In relation to generating Private Keys and Certificates on the ASA, which statement is NOT true?
A. The ASA can be used to produce a Certificate Signing Request (CSR)
B. Only certificates signed by a Certificate Authority can be used on the ASA
C. The ASA can import existing private keys and certificates created on other devices
D. The ASA can be used to create both a private key and corresponding SSL certificate
Answer: A

3. A customer has a HA-ASF5610 with port one used for public and port two for private LAN. Ports three through five are used for three DMZ networks. Ports six through nine connects an Director and a second Accelerator. Which method provides an effective increase to five DMZ zones?
A. Trunk port 3-5
B. Use a separate VLAN for each DMZ
C. Five tagged VLANs and MLT for ports 3-5
D. Two VLAN on port 3, two VLAN on port 4 and one VLAN for port 5
Answer: C

4. An Alteon Switched Firewall has to be integrated into an OSPF network. Which router types are supported in this scenario? (Choose three)
Answer: ACD

5. A customer has a single ASF5105 with a single DMZ FTP server. The customer intends to add two additional FTP servers and now expects a maximum of 350 Mbps throughput and connection rate of 4000 connections per second. What is the minimum configuration required to support this requirement?
A. Keep the ASF5105
B. Upgrade to ASF5109
C. Upgrade to ASF5308
D. Upgrade to ASF5112 plus Layer 2 switch
Answer: B

6. A switched firewall customer needs to support 500,000 concurrent and accelerated sessions plus 30,000 new connections per second. What is the minimum configuration required?
A. One SFA5600 + five SFD5010
B. Two SFA5600 + six SFD5010
C. Two SFA5700 + six SFD5010
D. One SFA5700 + five SFD5010
Answer: C

7. A portal providing HTTP/FTP services is using an ASF-5710 in redundant configuration with Software The ASF is located between an incoming router and a Switch in different networks. The router should not see this device. The customer wants to hide this Firewall. Which solution will accomplish this objective?
A. Keep Software and use AntiSpoofing feature
B. Upgrade system to SW-Rel. 3.0 und use routing feature
C. Upgrade system to SW-Rel. 3.1 und use bridging feature
D. Keep Software and use SSH feature Add a stealth rule to the firewall
Answer: C

8. A small location needs an ASF connected directly to one web-server using 1000GB TX with a RJ45 connector. Connection rate is below 2000/sec. Which two ASFs meet this requirement? (Choose two.)
A. ASF5308
B. ASF5105
C. ASF5112
D. ASF5109
E. ASF5114
Answer: CE

9. A customer has purchased a 5700 series ASF Cluster running version 2.0. They have about 60 IP networks and about 6000 nodes behind the ASF. Because of their legacy IP deployment strategy it is not possible to summarize these networks. What will be the best design solution for this customer?
A. No design considerations are necessary
B. Upgrade to 3.0 because it's the latest code
C. Upgrade to 3.0 because is supports 16k routes
D. Upgrade to 3.0 because it supports 2.0 does not support Checkpoint NG
Answer: C

10. A customer currently has a single ASF and would like to go to an ASF Cluster for High availability. They have about 200 servers that use the ASF as their default gateway. What design constraints need to be considered to make sure that the servers still have the ability to communicate with devices on different IP networks?
A. VRRP is not required
B. The ASF will automatically assign new addresses for the Cluster
C. The default gateway on all the servers has to be changed to the new VRRP address.
D. No design constraints are necessary because the interface on the ASF becomes the VRRP address
Answer: D

11. Which ASF technology is used to upgrade all components in an ASF Cluster?
D. SecureXL
E. Checkpoint Clustering
Answer: A

12. A customer wants to deploy 40 ASF Clusters and would like to have granular management of their Firewall rules/policies. What would be the best way to support this requirement?
A. Use Alteon WebUI
B. Use Checkpoint Provider-1
C. Use Checkpoint policy server
D. Use the Alteon Security manager
E. This feature automatically comes with the ASF Cluster
Answer: E

13. A computer on a customer's private IP network needs to be accessed from the Internet and also needs to access resources on the Internet. What type of NAT implementation would work best in this scenario?
A. Hide NAT
B. Static NAT
C. Pooled NAT
D. Private NAT
E. No Natting is required
Answer: B

14. A customer is building a new e-commerce website and would like to ensure that only traffic with the source IP address of a given network be allowed to enter that firewall interface. What would be the best way to accomplish this?
A. Turn on OSPF
B. Disable IP routing
C. Add a static route to the ASF
D. Add a rule to the global properties
E. Turn on anti-spoofing on that interface
Answer: E

15. Why are routing protocols not recommended on a firewall?
A. They are inefficient
B. They do not work on firewalls
C. They slow down the CPU of the firewall
D. They are susceptible to bad route injection by hackers
Answer: D

© 2014, All Rights Reserved