BCCPP : Blue Coat Certified ProxySG Professional : Part 04
-
Which of these aspects of ProxySG behavior cannot be controlled by CPL? (Select all that apply)
- Initiate a packet capture.
- Initiate a health check.
- Cache content.
- Perform user authentication.
- Perform access logging.
- Control client access to web resources.
-
What information is stored in a policy trace for a transaction processed by a proxy service that is set to Bypass? (Select all that apply)
- Client IP address.
- Destination IP address.
- Proxy service name.
- All policy statements that are evaluated and match.
- All policy statements that are evaluated and miss.
- None of the above; no entry is recorded in the policy trace.
-
How must you configure the RTMP proxy service to process Flash traffic originating at youtube.com?
- Enable HTTP handoff on the Flash proxy on the ProxySG.
- Enable Detect Protocol on the External HTTP proxy service.
- Write policy in the VPM or CPL to direct traffic from youtube.com to the RTMP proxy service.
- You cannot do this.
Explanation:
Reference: https://kb.bluecoat.com/index?page=content&id=FAQ2004
-
Which one of these statements is NOT true about the ProxySG object cache?
- It is stored as a hash table, not a traditional filesystem.
- The first chunk of any object can be retrieved in a single disk-read operation.
- Objects with similar URLs are usually located next to each other so that accessing related objects in a sequence is faster.
- Performance does not deteriorate when the cache is 100% full.
-
What happens when a disk is removed from a ProxySG while it is running?
- Subsequent requests to objects that were cached on the removed disk will fail.
- The objects on the removed disk are automatically remapped to the remaining disks and are immediately refetched from the appropriate content servers.
- The objects on the removed disk are automatically remapped to the remaining disks and are refetched from the appropriate content servers the next time they are requested.
- All subsequent transactions to that ProxySG either fail open or fail closed, depending on configuration, until the disk is replaced.
-
A Web Authentication layer in the VPM can be best implemented in which type of policy layer in CPL?
- <cache>
- <authenticate>
- <proxy>
-
http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.host=bluecoat.com match or miss?
- Match
- Miss
-
In a cookie in the user’s web browser, in a ProxySG authentication cache, or on the authentication server: Where are surrogate authentication credentials stored?
- On the authentication server.
- In a cookie in the user’s web browser.
- In a ProxySG authentication cache.
Explanation:Reference: https://bto.bluecoat.com/sgos/ProxySG/63/Authentication_WebGuide/Content/Topics/Authentication/Concepts/surrogate_credentials_co.htm -
Which one of these regular expressions will match a URL that uses either HTTP or HTTPS?
- ^https?
- 2https?
- [http][https]
- http[s]
-
Which type of SGOS worker performs most transactions with an authentication server?
- Policy worker
- HTTP worker
- AAA worker
-
http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.path=products/proxysg match or miss?
- Match
- Miss
-
Can you simultaneously use policy created in the VPM and written in CPL?
- Yes
- No
-
Organize these CPL components into descending order based on how they are organized in policy.
- Triggers, conditions, rules, layers.
- Layers, conditions, rules, triggers.
- Layers, rules, conditions, triggers.
- Layers, rules, triggers, conditions.
-
If you wish to use an SSL trust package other than the one that is supplied by Blue Coat, how do you configure the ProxySG to use the alternate package?
- Specify a download URL at Configuration > SSL > External Certificates.
- In the CLI with the configuration-mode command ssl edit trust.
- Specify a download URL at Configuration > SSL > Device Profiles.
- You cannot do this.
-
When a user has credentials in an IWA realm and already has been authenticated into that realm, what happens when CPL code directs that user to be authenticated as a guest?
- Nothing; they continue to be logged in with their credentials.
- They are logged in as a guest and will show in the Management Console as being logged in twice.
- They are logged out from their previous credentials and are logged in as a guest.
-
When will a policy trace report a rule processing result of “N/A”?
- When the layer containing the rule is disabled.
- When the rule makes no sense for the specific transaction being processed.
- When the rule is not reached during evaluation.
-
The ProxySG compiles CPL code at installation time and performs optimizations that might not have been written into the code.
- True
- False
-
Is it must the ProxySG use BCAAA to perform user authentication to an IWA realm?
- Yes.
- No.
- It depends on whether that realm has been configured on the ProxySG to be an IWA Direct realm or a BCAAA realm.
Explanation:Reference: https://kb.bluecoat.com/index?page=content&id=KB3117 -
Which one of these statements best describes how the ProxySG locates an object in its cache?
- The ProxySG performs a hash against the URL of the object and uses the hash as the basis for a lookup into the table of cached objects.
- The ProxySG uses the hostname in the object’s URL to determine in which cache directory the object is located.
- The ProxySG uses the first 32 bytes of the object’s URL to determine in which cache directory the object is located.
-
By default, what method does the ProxySG use to balance traffic load among members of a forwarding group?
- Least connections
- Round robin
- None of the above
Explanation:Reference: https://wikileaks.org/spyfiles/files/0/222_BLUECOAT-SGOS_CLI_4.1.3.pdf (page 140, option 8)
Subscribe
0 Comments
Newest