Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

HP HP0-Y15 Exam - Cheat-Test.com

Free HP0-Y15 Sample Questions:

Q: 1 You are configuring a ProCurve NAC 800 to operate using the DHCP quarantine method. Which parameters are specified when adding a quarantine area? (Select three.)
A. IP address of the DHCP server
B. IP address of a RADIUS server
C. IP address of a default gateway
D. range of quarantine IP addresses
E. lease duration time for IP addresses
F. non-quarantine subnet using CIDR notation
G. IP address of a DNS server for quarantine subnet
H. static route for endpoints to use when quarantined
Answer: C, D, F

Q: 2 What is an important factor to consider when deploying the ProCurve NAC 800 using the DHCP quarantine method?
A. The IP address lease duration must be set to five minutes or less on the DHCP server.
B. The DHCP server requires one additional, non-overlapping scope for every existing DHCP scope.
C. A switch must support traffic mirroring for each DHCP server protected by the NAC 800.
D. Endpoint Integrity cannot be enforced for devices using static IP addresses.
E. The DNS server scope option on the DHCP server must be set to the IP address of the NAC 800.
Answer: D

Q: 3 A ProCurve 3500yl switch is connected to port 1 of a ProCurve NAC 800 and a DHCP server is connected to port 2. The DHCP server IP address is 10.1.10.10/24. The NAC 800 IP address is 10.1.10.20/24. The IP address 10.1.24.1/24 is assigned to VLAN 24 on the switch.
Which additional configuration settings would be appropriate for supporting a 10.1.24.0/24 non-quarantine subnet and a 10.1.25.0/24 quarantine subnet? (Select two.)
A. on the switch, a multinetted IP address of 10.1.25.1/24 assigned to VLAN 24
B. on the NAC 800, the IP address of the DHCP server specified as 10.1.10.10/24
C. on the NAC 800, IP addresses 10.1.24.51 through 10.1.24.100 defined as exceptions
D. on the switch, the IP helper addresses 10.1.10.10 and 10.1.10.20 defined for VLAN 24
E. on the DHCP server, one scope for 10.1.24.0/24 and a second scope for 10.1.25.0/24
Answer: A, D

Q: 4 A ProCurve 5406zl switch is connected to port 1 of a ProCurve NAC 800 and a DHCP server is connected to port 2 of the NAC 800. You are planning to deploy the ProCurve NAC 800 with the DHCP quarantine method using a shared subnet approach. Which configuration requirement must be satisfied?
A. The quarantine and non-quarantine subnets defined on the NAC 800 must be the same.
B. The switch requires that separate VLANs be defined for the quarantine and non-quarantine subnets.
C. Each switch VLAN supporting the endpoints must use a single IP helper set to the IP address of the NAC 800.
D. The scope on the DHCP server and the quarantine subnet on the NAC 800 must use non-overlapping IP addresses.
Answer: D

Q: 5 A network is configured to support a ProCurve NAC 800 operating with the DHCP quarantine method. The NAC 800 is located between a ProCurve 3500yl switch and a DHCP server. How is DHCP traffic processed when an endpoint, that is currently unknown to the NAC 800, sends a DHCP request for an IP address?
A. The switch requests the endpoint's integrity state from the NAC 800 before forwarding to the DHCP server.
B. If the NAC 800 receives a DHCP request addressed to the DHCP server, the request is blocked by the NAC 800.
C. The DHCP server checks the endpoint's integrity state passed to it by the NAC 800 before responding with an IP address.
D. The DHCP server responds with a quarantine IP address initially and waits for the NAC 800 to indicate the endpoint has passed integrity testing.
Answer: B

Q: 6 A network is configured to support a ProCurve NAC 800 operating with the DHCP quarantine method. How does an endpoint transition from a quarantine IP address to a non-quarantine IP address after passing integrity testing?
A. The NAC 800 triggers the switch to re-authenticate the endpoint causing a new DHCP request to be issued.
B. The NAC 800 sends a DHCP release to the endpoint followed by a DHCP assignment message with the IP address.
C. The switch stops forwarding DHCP requests from the endpoint to the NAC 800 and instead sends them to the DHCP server.
D. Any subsequent DHCP request from the endpoint is allowed by the NAC 800 to pass to the DHCP server.
Answer: D

Q: 7 Which statements are true about the DHCP quarantine method? (Select two.)
A. The DNS server for a quarantine subnet is assigned by the enterprise DHCP server.
B. A quarantine subnet consists of a set of IP addresses dynamically assigned to endpoints.
C. Endpoint Integrity can be managed for endpoints with static IP addresses by defining exceptions.
D. A non-quarantine IP address is assigned by the NAC 800 after an endpoint passes integrity testing.
E. Port 2 of the NAC 800 can be connected to a switch that provides a path to multiple DHCP servers.
Answer: B, E

Q: 8 Which configuration task is applicable to the ProCurve NAC 800 inline quarantine method?
A. Enable the internal firewall.
B. Specify one or more quarantine subnets.
C. Add IP address entries to the Accessible Services List.
D. Select the port to be used for connection to the external network.
E. Identify the static and DHCP IP address ranges of endpoints to monitor.
Answer: C

Q: 9 Which statement is true about the ProCurve NAC 800 inline quarantine method? (Select two.)
A. Port 2 is usually connected to a gateway device such as a ProCurve Secure Router 7000dl.
B. The NAC 800 provides optional user authentication for endpoints that have passed integrity testing.
C. This method uses a quarantine subnet to limit network access by quarantined or unknown endpoints.
D. The Accessible Services List is not supported by this method when quarantined devices are located in an external network.
E. The NAC 800 functions like a Layer 2 bridge except that it also has a firewall that controls traffic flowing between its two ports.
Answer: A, E

Q: 10 Which deployment factor needs to be considered when using the ProCurve NAC 800 inline quarantine method?
A. The NAC 800's internal DHCP server may not provide optimal performance for a very large population of endpoints.
B. It requires administrator expertise to tailor the internal firewall rules to manage each distinct network environment.
C. Any entry added to the Accessible Services List must be specified using an IP address instead of a DNS name.
D. Only 802.1X authentication using an external RADIUS server is supported for endpoints that have passed integrity testing.
Answer: C

Q: 11 Network security can be described in terms of multiple layers of security.
Which action is an example of a perimeter security measure?
A. ACLs applied at the core
B. limiting switch access to RADIUS users
C. using a secure OS for network application servers
D. installing a firewall
Answer: D

Q: 12 Which statement is true about the ProCurve ProActive Defense strategy?
A. It achieves better-performing, more scalable networks by using high capacity core resources.
B. It operates at a safe distance from the points of attack and the network resources being attacked.
C. It makes access and policy enforcement decisions where users and applications connect to the network.
D. It creates a cost-effective management framework by using core infrastructure protection measures.
Answer: C

Q: 13 Which infrastructure defense capabilities are provided by the ProCurve ProActive Defense network security solution? (Select two.)
A. phishing protection
B. connection rate filtering
C. managed security services
D. vulnerability assessment database
E. spoofing protection of DHCP traffic
Answer: B, E

Q: 14 In a network that includes an Endpoint Integrity solution, which component does a ProCurve Switch 5400zl series correspond to in the Trusted Network Connect architecture?
A. Network Access Requester
B. Network Access Authority
C. Policy Enforcement Point
D. Policy Decision Point
Answer: C

Q: 15 Network security can be described in terms of multiple layers of security.
Which security layer does an unauthorized VLAN correspond to?
A. infrastructure defense
B. network access control
C. control protocol detection
D. network immunity protection
E. device-to-device authentication
Answer: B

Q: 16 You have just downloaded a system upgrade for the ProCurve NAC 800 using a Web browser on a management station. The system upgrade has been stored on a USB drive and the USB drive has been connected to the ProCurve NAC 800 USB port. What must be done to install the system upgrade from the local USB drive? (Select three.)
A. The install script must be executed.
B. The ProCurve Services Partition must be activated.
C. The access mode must be temporarily set to allow all.
D. The USB drive must be accessed using the cd command.
E. The compressed file must be unpacked using the tar command.
F. A console or SSH session must be established using the root user account.
Answer: D, E, F

Q: 17 Which statements are true about licensing operation on the ProCurve NAC 800? (Select three.)
A. Endpoints defined as exceptions use a license entry.
B. License usage is tracked based on unique endpoint MAC addresses.
C. A Management Server without a license key can support only one Enforcement Server.
D. A Combination Server without a license key can support only one endpoint for integrity testing and management.
E. After a device disconnects from the network, the license entry is locked until the lease time for the IP address expires.
Answer: B, C, D

Q: 18 Which statement is true about the Accessible Services List?
A. It identifies Internet destinations that endpoints can access after passing Endpoint Integrity testing.
B. You can configure an IP address and port number of a service that can be accessed by a quarantined endpoint.
C. The default entries identify services in the enterprise network that can be accessed regardless of Endpoint Integrity state.
D. It identifies external RADIUS servers the NAC 800 can provide proxy access to when the local RADIUS option is enabled.
Answer: B

Q: 19 You have just completed the initial setup process of the ProCurve NAC 800 using the Web management interface. Which statements are true about the current configuration settings? (Select three.)
A. The access mode is normal.
B. All testing methods are disabled.
C. The root user account is disabled.
D. One policy group named Default is defined.
E. An hourly schedule for test updates is active.
F. All Ethernet ports are blocked except for Web management access.
Answer: A, D, E

Q: 20 Which statements are true about ProCurve NAC 800 hardware features? (Select two.)
A. Only Ethernet port 1 responds to ping requests.
B. Ethernet port 2 is used to access the Web management interface.
C. The LCD menu and control buttons can be used to initiate a factory image recovery.
D. Up to two Ethernet 10/100/1000 Mbps ports are supported depending on the quarantine method.
E. The console port cable supported for out-of-band management access has an RJ-45 connector.
Answer: D, E

Q: 21 Which system-wide configuration settings can be overridden per cluster? (Select three.)
A. end-user screens
B. quarantine method
C. test update schedule
D. endpoint testing methods
E. enforcement time periods
F. system administrator account
Answer: A, B, D

Q: 22 Which statements are true about NAC policies? (Select two.)
A. A policy can be used in multiple policy groups.
B. The default policy group consists of three policies.
C. One or more policy groups can be assigned to a cluster.
D. A test can be enabled in only one of the policies assigned to a policy group.
E. Domains and endpoints are not considered by the policy with the lowest priority.
Answer: B, E

Q: 23 Which statement is true about licensing of the ProCurve NAC 800?
A. Test updates and system software updates are provided free for the life of the product.
B. The ProCurve NAC Endpoint Integrity Agent license includes one start-up implementation service.
C. A 30 day free trial for 100 endpoints is enabled after initial setup has been completed and the product is registered.
D. A hardware ID, NAC agent registration ID, and service registration ID are required to acquire a license for the NAC 800.
Answer: D

Q: 24 Which quarantine method requires the configuration of a quarantine subnet?
A. inline
B. DHCP
C. 802.1X
D. RADIUS
E. agentless
Answer: B

Q: 25 Which statements are true about the agentless testing method? (Select two.)
A. Testing must be initiated from the NAC 800.
B. It requires a one-time installation on the endpoint.
C. The client may require an occasional maintenance upgrade to be applied.
D. A Web browser must remain open to be retested at a later time by the NAC 800.
E. It requires definition of credentials of a Windows administrator with access to the endpoint.
F. File and Print Sharing must be enabled or the equivalent UDP and TCP ports must be allowed.
Answer: E, F

Q: 26 Which parameters are configured during the initial setup process for the ProCurve NAC 800? (Select four.)
A. SNMP version
B. local time zone
C. enable or disable RIPv2
D. IP address of a DNS server
E. password of root user account
F. IP address of a default gateway
G. shared secret used by RADIUS server
Answer: B, D, E, F

Q: 27 Which statement is true about the initial setup process for the ProCurve NAC 800?
A. An SSL browser session is used to complete the initial setup.
B. A license must be installed to complete the initial setup process.
C. At the factory default settings, the server type is Enforcement Server.
D. The initial setup process can be initiated using the LCD menu or a Telnet session.
E. To complete the initial setup process, an IP address can be assigned to any one of the appliance's Ethernet ports.
Answer: A

Q: 28 Which statements are true about ProCurve NAC 800 software features? (Select three.)
A. The operating system is a hardened HP-UX-based server.
B. The IDM Agent supports the configuration of local RADIUS user accounts.
C. A separate licensed part number is required to activate the local RADIUS server.
D. A RADIUS server can operate as a standalone server without using Endpoint Integrity.
E. The ProCurve NAC Endpoint Integrity Agent License is packaged as a subscription for a specified number of endpoints.
Answer: B, D, E

Q: 29 Which statements are true about the ActiveX plug-in testing method? (Select two.)
A. It requires a one-time installation on the endpoint.
B. It uses client-side JavaScript to perform its testing.
C. It may require an occasional maintenance upgrade to be applied.
D. A Web browser must remain open to be retested by the NAC 800.
E. It can be manually downloaded using the URL https://<nac-ip-address>:89/setup.exe.
F. It requires credentials of a Windows administrator with access to the endpoint be defined.
Answer: B, D

Q: 30 Which task can be initiated when you boot the ProCurve NAC 800 using the ProCurve Service Partition (PSP)?
A. A system upgrade can be performed.
B. The hardware BIOS can be upgraded.
C. The factory default image can be recovered.
D. A restore of a configuration file can be forced.
E. The primary image can be copied to the secondary image.
Answer: C


© 2014 Cheat-Test.com, All Rights Reserved