BCCPP : Blue Coat Certified ProxySG Professional : Part 04

  1. Which of these aspects of ProxySG behavior cannot be controlled by CPL? (Select all that apply)

    • Initiate a packet capture.
    • Initiate a health check.
    • Cache content.
    • Perform user authentication.
    • Perform access logging.
    • Control client access to web resources.
  2. What information is stored in a policy trace for a transaction processed by a proxy service that is set to Bypass? (Select all that apply)

    • Client IP address.
    • Destination IP address.
    • Proxy service name.
    • All policy statements that are evaluated and match.
    • All policy statements that are evaluated and miss.
    • None of the above; no entry is recorded in the policy trace.
  3. How must you configure the RTMP proxy service to process Flash traffic originating at youtube.com?

    • Enable HTTP handoff on the Flash proxy on the ProxySG.
    • Enable Detect Protocol on the External HTTP proxy service.
    • Write policy in the VPM or CPL to direct traffic from youtube.com to the RTMP proxy service.
    • You cannot do this.

    Explanation:

    Reference: https://kb.bluecoat.com/index?page=content&id=FAQ2004

  4. Which one of these statements is NOT true about the ProxySG object cache?

    • It is stored as a hash table, not a traditional filesystem.
    • The first chunk of any object can be retrieved in a single disk-read operation.
    • Objects with similar URLs are usually located next to each other so that accessing related objects in a sequence is faster.
    • Performance does not deteriorate when the cache is 100% full.
  5. What happens when a disk is removed from a ProxySG while it is running?

    • Subsequent requests to objects that were cached on the removed disk will fail.
    • The objects on the removed disk are automatically remapped to the remaining disks and are immediately refetched from the appropriate content servers.
    • The objects on the removed disk are automatically remapped to the remaining disks and are refetched from the appropriate content servers the next time they are requested.
    • All subsequent transactions to that ProxySG either fail open or fail closed, depending on configuration, until the disk is replaced.
  6. A Web Authentication layer in the VPM can be best implemented in which type of policy layer in CPL?

    • <cache>
    • <authenticate>
    • <proxy>
  7. http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123

    For the above URL, will the trigger url.host=bluecoat.com match or miss?

    • Match
    • Miss
  8. In a cookie in the user’s web browser, in a ProxySG authentication cache, or on the authentication server: Where are surrogate authentication credentials stored?

    • On the authentication server.
    • In a cookie in the user’s web browser.
    • In a ProxySG authentication cache.
    Explanation:
    Reference: https://bto.bluecoat.com/sgos/ProxySG/63/Authentication_WebGuide/Content/Topics/Authentication/Concepts/surrogate_credentials_co.htm
  9. Which one of these regular expressions will match a URL that uses either HTTP or HTTPS?

    • ^https?
    • 2https?
    • [http][https]
    • http[s]
  10. Which type of SGOS worker performs most transactions with an authentication server?

    • Policy worker
    • HTTP worker
    • AAA worker
  11. http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123

    For the above URL, will the trigger url.path=products/proxysg match or miss?

    • Match
    • Miss
  12. Can you simultaneously use policy created in the VPM and written in CPL?

    • Yes
    • No
  13. Organize these CPL components into descending order based on how they are organized in policy.

    • Triggers, conditions, rules, layers.
    • Layers, conditions, rules, triggers.
    • Layers, rules, conditions, triggers.
    • Layers, rules, triggers, conditions.
  14. If you wish to use an SSL trust package other than the one that is supplied by Blue Coat, how do you configure the ProxySG to use the alternate package?

    • Specify a download URL at Configuration > SSL > External Certificates.
    • In the CLI with the configuration-mode command ssl edit trust.
    • Specify a download URL at Configuration > SSL > Device Profiles.
    • You cannot do this.
  15. When a user has credentials in an IWA realm and already has been authenticated into that realm, what happens when CPL code directs that user to be authenticated as a guest?

    • Nothing; they continue to be logged in with their credentials.
    • They are logged in as a guest and will show in the Management Console as being logged in twice.
    • They are logged out from their previous credentials and are logged in as a guest.
  16. When will a policy trace report a rule processing result of “N/A”?

    • When the layer containing the rule is disabled.
    • When the rule makes no sense for the specific transaction being processed.
    • When the rule is not reached during evaluation.
  17. The ProxySG compiles CPL code at installation time and performs optimizations that might not have been written into the code.

    • True
    • False
  18. Is it must the ProxySG use BCAAA to perform user authentication to an IWA realm?

    • Yes.
    • No.
    • It depends on whether that realm has been configured on the ProxySG to be an IWA Direct realm or a BCAAA realm.
    Explanation:
    Reference: https://kb.bluecoat.com/index?page=content&id=KB3117
  19. Which one of these statements best describes how the ProxySG locates an object in its cache?

    • The ProxySG performs a hash against the URL of the object and uses the hash as the basis for a lookup into the table of cached objects.
    • The ProxySG uses the hostname in the object’s URL to determine in which cache directory the object is located.
    • The ProxySG uses the first 32 bytes of the object’s URL to determine in which cache directory the object is located.
  20. By default, what method does the ProxySG use to balance traffic load among members of a forwarding group?

    • Least connections
    • Round robin
    • None of the above
    Explanation:
    Reference: https://wikileaks.org/spyfiles/files/0/222_BLUECOAT-SGOS_CLI_4.1.3.pdf (page 140, option 8)
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments