Exam Title

: Enterasys Networks 2B0-019 : ES Policy Enabled Networking

Version : R6.1

www.Prepking.com

Prepking - King of Computer Certification Important Information, Please Read Carefully

Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com.

www.Prepking.com

 1. Authentication is used in Secure Application Provisioning to: A. Quarantine malicious traffic B. Persistently apply policy C. Allow configuration of a switch's host data port D. provide additional network access Answer: D 2. Saving a NetSight Atlas Policy Manager configuration to a .pmd file: A. Writes the configuration to NVRAM on the switches B. Allows for multiple configurations to be stored on the NMS C. Notifies the RADIUS server that new policies have been created D. Temporarily disables communication between all RADIUS clients until the save is complete Answer: B 3. Certificate services must be installed when using: A. EAP-TLS B. EAP-MD5 C. PWA D. MAC authentication Answer: A 4. Persistent policy assignment: A. Can be effective in an incremental deployment of acceptable use policy B. Is dependent upon a RADIUS back-end configuration C. Is deployed based on user authentication D. Cannot be used on uplink ports Answer: A 5. A distinguishing characteristic of PEAP is: A. It adds security by running over a VPN tunnel B. It uses salt encryption C. It requires that only the supplicant present a certificate D. It creates keying material using the Pseudo-Random Function Answer: D 6. In the Enterasys policy-enabled network model, on-demand policy assignment: A. Is the result of a manual configuration B. Makes use of the Filter-ID parameter C. Is overridden by a ports default role D. Requires the use of 802.1X authentication mechanisms
www.Prepking.com

 Answer: B 7. All of the following are services which make up the pre-configured Acceptable Use Policy service group EXCEPT: A. Deny Spoofing B. Permit Legacy Protocols C. Limit Exposure to DoS attacks D. Protocol Priority Access Control Answer: B 8. After configuration changes have been made in NetSight Atlas Policy Manager, what must be done before the changes take effect on the devices? A. The NMS must be rebooted B. The changes must be enforced C. The changes must be verified D. Nothing the changes take effect immediately Answer: B 9. In the three-level policy model, Enterasys maps: A. The business/network level to classification rules B. The service-provisioning level to roles C. The device level to classification rules D. All of the above Answer: C 10. The Active Edge consists of: A. Policy-enabled switches B. Core routers C. SAP servers D. User resources Answer: A 11. EAP-TLS: A. Utilizes uni-directional authentication B. Generates keying material for use in WEP encryption C. Does not require a Public Key Infrastructure D. Is regarded as a weak authentication method Answer: B 12. The Enforce function in NetSight Atlas Policy Manager: A. Provides system-level administration
www.Prepking.com

 B. Writes information to a switchs flash memory C. Takes place automatically when the application is closed D. Is used to save .pmd file information Answer: A 13. Populating NetSight Atlas Policy Managers device list: A. Is accomplished using the applications discovery function B. Can be accomplished by reading information from a .csv file C. Allows the user to input a manually-created list of addresses D. Can be automated by first running the MAC Locator utility Answer: C 14. Acceptable Use Policy: A. Is based on VLAN membership B. Should reflect the formal network security policy C. Requires the use of an authentication method D. Prevents users from sharing information Answer: B 15. Enterasys Secure Guest Access solution: A. Provides guest access without compromising security B. Prevents guests from seeing each others traffic C. Allows only specifically-defined protocols D. All of the above Answer: D 16. When potentially damaging traffic is introduced at the network edge: A. Classification rules which discard the unwanted traffic can be pushed to the edge switches quickly B. A new .pmd file must be opened and enforced to each device in the active edge C. Policy Manager must contact an IDS in order to determine the source IP address of the malicious traffic D. (a) and (c) Answer: A 17. Key elements of a common policy architecture include: A. A policy decision point B. A policy enforcement point C. A policy termination point D. Both (a) and (b) Answer: D 18. Classification rules may be written based on all of the following EXCEPT:
www.Prepking.com

 A. TCP/UDP port number B. Logical address C. PHY and PMD sub-layers D. Hardware address Answer: C 19. The RoamAbout R2 WAP supports policy-enabled networking: A. By mapping MAC addresses to virtual ports B. By forwarding unauthorized traffic to a Discard VLAN C. Regardless of firmware version D. By assigning the same policy to all authenticated users Answer: A 20. The traditional approach to Secure Guest Access has been: A. Protocol-based containment B. Based on Application Level Gateways C. VLAN containment D. To control access using Layer 4 classification rules Answer: C 21. Classification precedence rules: A. Apply only to Layer 3 classification rules B. May be configured by the administrator C. Gives highest precedence to IP protocol-based rules D. Are applied when multiple rules are deployed on a port Answer: D 22. When services are added to an existing .pmd file: A. The new service can be written only to devices individually selected by the administrator B. The service is not effective until enforced C. They may only contain permit/deny rules D. They must immediately be applied to a role Answer: B 23. Enterasys products support all the following authentication methods EXCEPT: A. MAC B. PEAP C. Kerberos D. Hybrid Answer: C
www.Prepking.com

 24. Components of the Enterasys policy-enabled network do NOT include: A. Authentication B. Core-Based Dynamic VLAN Registration C. Active Edge D. Role-Based Administration Answer: B 25. All of the following are true regarding a RADIUS server EXCEPT: A. Uses a shared secret to enhance security B. Supports PAP or CHAP C. Consists of Authentication, Authorization and Accounting components D. Communicates Accept or Reject responses directly to the user Answer: D 26. Selecting Active/Default Role in the Port Configuration Wizard: A. Causes the user to inherit the ports default role if authentication fails B. Assigns the ports default role to the user upon authentication success C. Discards traffic from an unauthenticated user D. Is an unsupported configuration option Answer: A 27. Spoofing is a technique in which an: A. Unauthorized user attempts to gain network access using an invalid username/password combination B. Authorized user attempts to disable a routers ACLs C. Intruder masquerades as a legitimate network user D. Intruder tries to determine which TCP/UDP ports are in use on a network by scanning a range of port numbers Answer: C 28. Within the Demo.pmd file, the Administrator role: A. Allows the use of SNMP B. Contains CoS restrictions to prevent congestion C. Is available to any user D. Denies the use of legacy protocols Answer: A 29. The pre-configured Demo.pmd database file in NetSight Atlas Policy Manager includes: A. A VLAN for each user group B. A Trusted Employee Role C. No bandwidth rate limiters
www.Prepking.com

 D. Services which deny administrative and legacy protocols Answer: D 30. Maximum scalability is achieved by deploying classification rules based on: A. Layer 3 information B. Layer 1 information C. Layer 4 information D. Layer 2 information Answer: C 31. In the policy-enabled network environment, decisions on what resources a user is allowed to access are: A. Totally MAC-layer dependent B. Based on the users function within the organization C. Determined by IP header information D. Made by a RADIUS client Answer: B 32. Classification rules can deter attacks by: A. Shooting down hack attempts which use known signatures B. Randomly changing community name passwords C. Only allowing authentication over a controlled port D. Not allowing ICMP echo responses to egress the switch Answer: D 33. In Secure Application Provisioning, the Enterprise Access role: A. Includes the Acceptable Use Policy service group B. Facilitates network troubleshooting C. Is assigned based on the users subnet address D. Provides only courtesy web access Answer: A 34. What is the difference between a Controlled port and an Uncontrolled port in 802.1X? A. A controlled port is a physical port while an uncontrolled port is virtual B. A controlled port passes all PDUs (protocol data units) while an uncontrolled port must be in an Active state C. The controlled port must always be in an active state while an uncontrolled port must not D. The controlled port only allows for the exchange of PDUs if its current state is authorized, while the uncontrolled port will pass PDUs regardless of its authorization state Answer: D
www.Prepking.com

 35. NetSight Atlas Policy Manager can assure consistent QoS across a routed network environment by: A. Giving high priority to all allowed network traffic B. Avoiding the use of bandwidth rate limiters C. Mapping VLANs to subnets D. Writing the priority bits of the 802.1Q tag to the IP ToS field Answer: D 36. The classification type having the highest precedence value is: A. Destination MAC address B. IP protocol type C. Source MAC address D. Source IP address exact match Answer: C 37. Selecting Active/Discard in the Port Configuration Wizard: A. Applies only to a devices Host Data port B. Sets backplane ports by default C. Drops traffic if authentication fails D. Assigns a role with limited network access Answer: C 38. The Enterasys approach to Policy-Enabled Networking: A. Allows only permit/deny rules B. Allows full or restricted access to resources C. Treats all traffic in the same way D. None of the above Answer: B 39. Directory-enabled Networks (DEN): A. Is the current standard for policy-based networking B. Was introduced originally by Novell C. Used directories as data repositories D. Had no effect on the development of policy-based networking Answer: C 40. Role-based administration: A. Allows IT to determine how resources are allocated B. Uses ACLs to determine user network access C. Makes no allowance for non-employee traffic D. Can model the business in software
www.Prepking.com

 Answer: D 41. Enterasys policy-enabled network solution: A. Requires client software on users PCs B. Assigns only VLAN membership upon authentication C. Is supported on all Enterasys Networks products D. Can dynamically assign policies based on user authentication Answer: D 42. The Application Shared Secret value in NetSight Atlas Policy Manager: A. Must be the same as the shared secret configured on the RADIUS server and client B. Is an alpha-numeric string of any length C. Is not necessary when using SNMPv3 D. Permits the application to communicate with the RADIUS server Answer: C 43. Secure Application Provisioning: A. Assigns guest users to a common VLAN B. Does not address the issue of QoS C. Provides levels of service based on business policy D. Limits scalability Answer: C 44. When configuring RADIUS parameters in NetSight Atlas Policy Manager, a 16-byte (hex) shared secret is used to enable: A. NetSight Atlas Policy Manager to communicate with a RADIUS server B. NetSight Atlas Policy Manager to communicate with a devices authentication functionality C. NetSight Atlas Policy Manager to communicate with end stations D. Communication between a RADIUS client and a RADIUS server Answer: B 45. A phased approach to policy implementation: A. Is not advisable because of the unnecessary delay introduced B. Allows for a low-risk deployment C. Requires the creation of a customized database D. Is based upon an implicit deny model Answer: B 46. Network security policy should: A. Contain policies that are enforceable B. Define users access rights and privileges
www.Prepking.com

100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/2B0-019.htm