BCCPA Examcollection Premium Exam 242q

BCCPA.examcollection.premium.exam.
242q
Number: BCCPA
Passing Score: 800
Time Limit: 120 min
File Version: 6.0
BCCPA
Blue Coat Certified Proxy Administrator
Version 6.0
Sections
1. Volume A
2. Volume B
Exam A
QUESTION 1
An administrator created a PIN for the ProxySG front panel, disabled the built-in administrative account and
introduced policy-based admin authoritarian, and secured die serial port. After this was done, all the PINs,
passwords and policy settings were lost. What options are available to regain access to the appliance?
(Choose all that apply)
(a) Return ProxySG appliance to Blue Coat to restore a default SGCS image
(b) Restore the factory settings by pressing and holding a reset button for 5 seconds, configure the
appliance anew or restore its configuration from a backup
(c) Try out all 10000 combinations of PIN for the front panel until you find the right one
(d) Remove the hard disk from the ProxySG, connect it as an external SAT A disk to any
Windows or Linux computer; clear the admin entry in the /etc/ pssswd file on that disk. Put the hard disk
back in ProxySG, start it up and reset the admin's password.
A. a only
B. a & b only
C. a & c only
D. a & d only
E. All of the above
Correct Answer: B
Section: Volume A
Explanation
Explanation/Reference:
QUESTION 2
The Connect HTTP method is reserved for use with a proxy that can dynamically switch to being a tunnel
(e.g. SSL tunneling)
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 3
Forward proxy of SSL allows applying policies to encrypted SSL data.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www.advancedinstaller.com/user-guide/iis-http-methods.html#section216 (last paragraph)
QUESTION 4
The ProxySG gives you the ability to write policies through.
A. the graphical visual Policy Manager and/or the command-line interface

B. Visual Policy Manager only
C. the graphical visual Policy Manager, the command-line interface and/or imported text file
Correct Answer: C
Section: Volume A
Explanation
QUESTION 5
Which is NOT a support- related site for Blue Coat products?
A. http://forums.bluecoot.com
B. http://services.bluecoat.com
C. http://download.bluecoat.com
D. http://webpulse.bluecoat.com
Correct Answer: D
Section: Volume A
Explanation
QUESTION 6
Which ProxySG technology uses the data processing pipeline similar to the one shown in the picture?
A. Blue Coat Reporter

B. MACH5
C. BCWF
D. ProxySG Services
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www.google.com.pk/url?sa=t&rct=j&q=mach5%20object%20caching%20byte%20caching
%20compression&source=web&cd=4&ved=0CC0QFjAD&url=http%3A%2F%2Ffr.security.westcon.com%
2Fdocuments%3FdocumentId%3D11302%26filename%
3Dfpe_mach5_uk_0207.pdf&ei=EbHZTruyD8fktQaBra3OCw&usg=AFQjCNF6voBuoRTw3eL6-
THIOM7Tj6yOew
QUESTION 7
Which of the following Authentication Realms are supported by Blue Coat in SGOS 5.3? (Choose all that
apply)
(a) IWA
(b) RADIUS
(C) LDAP
(d) TACACS+
A. a, b & d only
B. b, c & d only
C. a, b &c only
D. All of the above
Correct Answer: C
Section: Volume A
Explanation
QUESTION 8
What are the possible configurable options when configuring destination address in proxy services?
(a) All
(b) Any
(c) Explicit
(d) Transparent
A. a, c & d only
B. a, b & c only
C. b, c &d only
D. All of the above
Correct Answer: A
Section: Volume A
Explanation
QUESTION 9
What are the types of challenges that can be authenticated by ProxySG? (Choose all that apply)
(a) Administrator attempts to access Management console

(b) user attempts to access the internet
(c) Administrator attempts to access SG via SSH
(d) User attempts to access a CIFS file server
A. All of the above

B. b, c &d only
C. a, c & d only
D. a, b & c only
Correct Answer: D
Section: Volume A
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=KB2877
Explanation: Administrator doesnt need to use authentication by ProxySG to access its own management
console. The authentication used is a username password to access Management console.
QUESTION 10
A ProxySG is designed to do which of the following? (Choose all that apply)
(a) Enhance security through authentication, virus scanning, and logging.

(b) Increase performance through TCP optimization, HTTP caching and pipelining.
(c) Control content with URL filtering, content stripping, and HTTP header analysis.
A. a & b only
B. b & c only
C. a & c only
D. All of the above
Correct Answer: D
Section: Volume A
Explanation
Reference: http://www.bluecoat.com/sites/default/files/product_tech_primers/Protocol_Optimization.0.pdf
(first page entirely.)
QUESTION 11
Which streaming services are supported by ProxySG?
A. QuickTime, Windows Media, and Real Media

B. Windows Media, Real Media, and Flash
C. QuickTime, Flash, and MP4
Correct Answer: B
Section: Volume A
Explanation
Reference: https://bto.bluecoat.com/sgos/ProxySG//Mobile/Advanced/Content/01Concepts/
streaming_proxy_co.htm
QUESTION 12
A single ProxySG appliance can act as a Gateway Proxy and WAN Acceleration Proxy at the same time.
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
Explanation: http://documents.sysob.com/blue_coat/Proxy_Sizing_Guide_SGxx.pdf (forward proxy, second
paragraph; example 3, third page)
QUESTION 13
Which option is NOT available to upload logfiles from ProxySG?
A. HTTP server
B. FTP server
C. Blue Coat Reporter server
D. CIFS/SAMBA file server
Correct Answer: D
Section: Volume A
Explanation
Explanation: https://kb.bluecoat.com/index?page=content&id=KB2983
QUESTION 14
What acceleration techniques are NOT part of MACHS?
A. Bandwidth management (traffic shaping)

B. Protocol optimization and compression
C. IP layer route optimization
D. Object caching
E. Byte caching
Correct Answer: C
Section: Volume A
Explanation
Reference: http://www.edgeblue.com/Mach5.asp
QUESTION 15
Which of the following types of traffic are not scanned with ICAP REQMOD?
A. HTTP PUT data

B. FTP uploads
C. FTP responses
D. HTTP POST data
Correct Answer: C
Section: Volume A
Explanation
QUESTION 16
The goal of creating and using Notify User objects is (Choose all that apply)
(a) to deny access to a URL

(b) to deliver a splash page to the clients
(c) to warn a user before allowing access to a URL
A. a & b only
B. b & c only
C. All of the above
Correct Answer: B
Section: Volume A
Explanation
QUESTION 17
What can be concluded about this request processing order?
A. ProxyAV Is accessed in ICAP REQMOD mode

B. ProxyAV is accessed ICAP RESPMOO mode
C. ProxySG with ProxyAV is deployed as a forward proxy
Correct Answer: A
Section: Volume A
Explanation
QUESTION 18
Which of the following methods is NOT appropriate for the initial setup for a ProxySG 2010 series?
A. Serial console Cable
B. LCD Panel
C. Web Wizard accessing HTTPS port 8083
D. Blue Coat Director applying a profile
Correct Answer: B
Section: Volume A
Explanation
QUESTION 19
The default policy for ProxySG is DENY. Network administrator creates a VPM policy allowing access to
some Web host only for certain users (see picture).
When installing this policy, ProxySG issues a warning that this rule will be ignored. What change can be
applied in order to fix this?
A. Add another rule to the Web Access layer creating an exception for users NOT allowed to access the
host.
B. Add another Web Access layer and set its default action to Allow.
C. Add Web Authentication layer with a rule having Force Authenticate action.
D. Add Web content layer with a rule preventing serving content from ProxySG cache to unauthorized
users.
Correct Answer: C
Section: Volume A
Explanation
QUESTION 20
Which Instant Messaging proxies are available on the ProxySG? (Choose all that apply)
(a) AIM
(b) Jabber
(c) MSN
(d) Yahoo
A. a, b & c only
B. a, b & d only
C. A. c & d only
D. b. c & d only
E. All of the above
Correct Answer: C
Section: Volume A
Explanation
QUESTION 21
In SGOS 5.3, what are the two versions that you can opt for? (Choose all that apply)
(a) Proxy Edition

(b) Full Edition
(c)WAN Opt Edition
(d) MACH5 Edition
A. b & c only
B. a, c & d only
C. c & d only
D. a & d only
Correct Answer: D
Section: Volume A
Explanation
QUESTION 22
What ProxySG appliance has these default settings?
(a) Default policy is ALLOW

(b) Trust client destination IP is ON
(c) Tolerate HTTP errors is ON;
A. Proxy Edition
B. Reverse Proxy Edition
C. MACH5 Edition
D. Trial Edition
Correct Answer: C
Section: Volume A
Explanation
QUESTION 23
Which software product provides Web content filtering for windows and Mac OS computers, is locally
configurable, and can produce a barking sound, when user violates a filtering policy.
A. ProxyAV
B. Blue coat WebFilter
C. Blue Coat k9
D. Blue Coat Director
Correct Answer: C
Section: Volume A
Explanation
Reference: http://www1.k9webprotection.com/
QUESTION 24
What are "unmanaged endpoints' which make the Blue Coat RA (Remote Access) appliance useful?
A. TCP connection sources or destinations, which are outside our LAN

B. Workstations, which need to be in a virtual private network, but VPN clients cannot be installed on them
C. Mobile user laptops, which are used in places not protected by ProxySG
D. Hosts without installed ProxyClient or with disabled ProxyClient
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www.onixnet.com/bluecoat/BlueCoat_ProxyRA_510.htm (2nd paragraph)
QUESTION 25
HTTP/1.1 supports pipelining - multiple related requests are written to a single TCP socket without waiting
for the responses to come back i.e. the requests are done asynchronously in-parallel, instead of doing
them sequentially as usual (see picture). Some Web clients such as Opera and Firefox with FasterFox
plugin use HTTP pipelining. Assume that ProxySG Is deployed as a forward proxy listening on port 8080.
A. If an HTTP client tries to use pipelining, the use of proxy will break the HTTP protocol.
B. For those HTTP clients that use pipelining, the use of forward proxy would ensure faster response time
compared to the clients that do not use pipelining.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 26
If an error occurs during Proxy AV request or response processing, which of the following will occur?
A. The connection will be allowed

B. The connection will be denied
C. The response is determined by the ICAP object properties in policy
D. The response is determined by the ICAP configuration properties in the management console
Correct Answer: D
Section: Volume A
Explanation
Reference: http://www.scribd.com/doc/47672698/SGOS-5-4-Integrating-the-ProxySG-and-ProxyAV-
Appliances (page 4-13, step 5)
QUESTION 27
When the ProxySG 200's power LED indicator alternates between green and amber, it means that the
system is booting.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS4/SG200_Install_4x.pdf (page 10 and 33)
QUESTION 28
The ProxySG acts as both an ICAP client and ICAP server.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
QUESTION 29
A parent exception can provide the default values for a child exception.
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS3/ProxySG_CMG_Guide_3.1.4.pdf (page 391,
About the Exceptions hierarchy)
QUESTION 30
What is returned to the HTTP request" GET / HTTP/ 1.1 "?
A. The listing of the webroot directory of the Web server

B. The file index.html
C. A file that is configured as a default/welcome file for that Web server
Correct Answer: C
Section: Volume A
Explanation
QUESTION 31
What is true immediately after the initial setup of ProxySG?
A. None of the content filtering databases is set up

B. Only the default Blue Coat WebFilter database is set up and available
C. Blue Coat WebFilter database and 3rd party databases are set up and available
Correct Answer: A
Section: Volume A
Explanation
QUESTION 32
Which of the following policies can be applied to Instant Messaging traffic? (Choose all that apply)
(a) A policy to deny the transfer of specific file types or file sizes
(b) A policy to deny a specific IM request method
(c) A policy to deny a key word or words using a regular expression
(d) A policy to deny a specific IM buddy or IM chat room
A. a, b & c only
B. b, c & d only
C. a, c & d only
D. All of the above
Correct Answer: A
Section: Volume A
Explanation
439, 440, 441)
QUESTION 33
Which best describes the role of a proxy server?
A. A device that inspects Layer 2 - Layer 4 traffic running through it and denies or permits based on a set
of policies.
B. An intermediary program, which acts as both a server and a client for the purpose of making requests
on behalf of other clients.
C. An intermediary program that protects the resources of a private network from users on other networks.
D. A device that extracts the destination address of a packet, selects ten best path for the packet and
forwards the packet the next device in the path.
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www.w3.org/Protocols/rfc2616/rfc2616-sec1.html (search proxt)
QUESTION 34
After the initial boot-up. Blue Coat SGOS will automatically boot into a trial license. What is the duration of
that period?
A. 30 days - trial can be prolonged by CLI command reset-trial

B. 60 days-trial can be prolonged by CU command reset-trial
C. 90 days
D. 120 days
Correct Answer: B
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/release/SGOS3/3.1.5.2/relnotes.htm (search 60 days)
QUESTION 35
What happens to ProxySG logging, when uploading them to a remote FTP server becomes impossible?
A. When there is no more space for logging, ProxySG switches on dynamic bypass for TCP connections
stops intercepting traffic
B. When there is no more space for logging, ProxySG will process policy, but will ignore any logging-
related policies or configuration settings
C. ProxySG erases old logs but continues writing the more recent ones
D. Either logging stops or older log files are erased depending on the ProxySG configuration
Correct Answer: C
Section: Volume A
Explanation
QUESTION 36
Which protocol and port is used by Blue Coat Reporter service to display results?
A. HTTP port 8987

B. HTTP port 8443
C. FTP port 8021
D. SNMP port 161
Correct Answer: A
Section: Volume A
Explanation
Reference: http://forums.bluecoat.com/viewtopic.php?t=3031 (post by pmorion)
QUESTION 37
What is the default time to cache authentication credentials in ProxySG for an authentication realm?
A. 15 minutes
B. 30 minutes
C. 60 minutes
D. 90 minutes
Correct Answer: A
Section: Volume A
Explanation
logging out)
QUESTION 38
What is in NTLM Type 2 Message?
A. Domain + Workstation Name

B. Challenge for the Client
C. Usemame and Password
D. Client Response for the challenge
Correct Answer: B
Section: Volume A
Explanation
Reference: http://davenport.sourceforge.net/ntlm.html#theType2Message (search type 2 message)
QUESTION 39
Which of the following console services are enabled by default? (Choose all that apply)
(a) HTTP port 8081

(b) HTTPS port 8082
(c) HTTPS port 8083
(d) SSH port 22
A. a & c only
B. b & d only
C. c & d only
D. a & b only
Correct Answer: B
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS3/ProxySG_CMG_Guide_3.1.4.pdf (page 105)
QUESTION 40
Which HTTP error code corresponds to the ProxySG default exception identifier icap_error?
A. 403
B. 404
C. 503
D. 401
Correct Answer: C
Section: Volume A
Explanation
QUESTION 41
To implement ProxySG as a default gateway, which of the following options has to be enabled?
A. Early intercept
B. Reflect Client IP
C. IP Forwarding
D. Detect Protocol
Correct Answer: C
Section: Volume A
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=FAQ1674&actp=RSS
QUESTION 42
When the DRTR successfully categorizes a site, the site is_________ (Choose all that apply)
(a) Added to the static BCWF database on the ProxySG

(b) Added to the local database on the ProxySG
(c) Added to the DRTR database on the ProxySG
(d) Added to a DRTR cache that resides on the ProxySG
A. a & b only
B. b & c only
C. d only
D. None of the above
Correct Answer: A
Section: Volume A
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=KB3002&actp=RSS
QUESTION 43
Which of the following is a free software based Blue Coat product for home users?
A. Web Filter
B. k9
C. SiteAdvisot
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www1.k9webprotection.com/
QUESTION 44
When virus scanning functionality is enabled, ProxySG acts as an ICAP server, and ProxyAV as an ICAP
client.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
QUESTION 45
What are the best practices using anti-virus software on a windows machine running Blue Coat Reporter?
A. Do not use anti-virus software as the log files cannot contain viruses
B. Perform scans as you would for any windows server
C. Perform scans only during low activity of ProxySG
D. Perform scans, but bypass certain directories containing frequently changing files
Correct Answer: D
Section: Volume A
Explanation
QUESTION 46
Is Management Console accessible over HTTP?
A. Yes, it is enabled by default, except in FIPS mode

B. It can be explicitly enabled, the default port is 8081
C. It can be explicitly enabled, the default port is 8082
D. A new service has to be created with port selected by the administrator
Correct Answer: B
Section: Volume A
Explanation
QUESTION 47
HTTP Access log format bcreportermain_vl includes the time of the request, URL requested, and MIME
type of content, but does not include whether it is cache hit or miss.
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 48
Which virus-scanning engine is NOT supported by ProxyAV?
A. MCAfee
B. Sophos
C. Norton
D. Kaspersky E.Panda
Correct Answer: C
Section: Volume A
Explanation
Reference: http://www.google.com.pk/url?sa=t&rct=j&q=proxyav+supports
+mcafee&source=web&cd=2&ved=0CCgQFjAB&url=http%3A%2F%2Fwww.bluecoat.com%2Fdoc%
2F791&ei=D_7bTpbnH9SWhQeftvH-BA&usg=AFQjCNGAWHxi2NwZ3snr8iq7tpQ4R5wnTA (first
paragraph)
QUESTION 49
Which of the following tracks client-server requests and server responses?
A. Event logs
B. Sys logs
C. Report logs
D. Access logs
Correct Answer: D
Section: Volume A
Explanation
QUESTION 50
If a proxy server is seen in the external Internet as Web server, it is a forward proxy.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
QUESTION 51
Which HTTP error code corresponds to the ProxySG default exception identifier icap_error?
A. 403
B. 404
C. 503
D. 401
Correct Answer: C
Section: Volume A
Explanation
QUESTION 52
What is the name of the Technical SupportWeb site where service requests can be reported?
A. WebPulse
B. BlueTouch Online
C. Blue Coat Professional Services
D. Services@BC
Correct Answer: B
Section: Volume A
Explanation
Reference: https://bto.bluecoat.com/
QUESTION 53
What changes, when FIPS mode for Management Console is enabled?
A. FIPS mode improves browser support

B. Management Console can be accessed via TLS-based HTTPS only; some device certification options
are changed
C. FIPS mode makes Management Console application faster as the rich client download size decreases
Correct Answer: B
Section: Volume A
Explanation
QUESTION 54
When Proxy server settings in a browser are configured using WPAD (web Proxy Auto Discovery) protocol,
what has to be specifically guaranteed to ensure security?
A. JavaScript on client's browser must be enabled, otherwise it will not allow to execute proxy configuration
script.
B. Hosts (e.g. wpad.mydepartment.mycompany.com, wpad.mycompany.com) should be trusted not to
serve malicious wpad.dat files
C. Internet Explorer browser should receive security updates more often than twice a year
D. DHCP must be accessible at the time, when user starts a browser
Correct Answer: B
Section: Volume A
Explanation
QUESTION 55
Reporter creates reports that can be saved in the following formats (choose all that apply)
(a) CSV (comma-separated-values) to be opened by Excel

(b) Adobe PDF
(c) HTML
(d) XML
A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Correct Answer: A
Section: Volume A
Explanation
QUESTION 56
Which option is NOT available to upload logfiles from ProxySG?
A. HTTP server
B. FTP server
C. Blue Coat Reporter server
D. CIFS/SAMBA file server
Correct Answer: D
Section: Volume A
Explanation
QUESTION 57
What are 'unmanaged endpoints" which make the ProxyRA appliance useful?
A. TCP connection sources of destinations, which are outside our LAN

B. Workstations, which need to be in a virtual private network, but VPN clients cannot be installed on them
C. TCP and UDP ports that are unprotected by the enterprise firewall.
D. Hosts without ProxyClient installed on them.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 58
Which statements are true about the Blue Coat WebFilter? (Choose all that apply)
(a) A single web site can belong to multiple categories

(b) Embedded images and objects may be denied, even though the container page is allowed.
(c) WebFilter on-box database can be used in conjunction with a third party content database
(d) WebFilter on-box database updates are Web downloads
A. a, b & c only
B. A. b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Correct Answer: E
Section: Volume A
Explanation
QUESTION 59
A single ProxySG appliance can act as a Gateway Proxy and WAN Acceleration Proxy at the same time.
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 60
If a proxy server is seen in the external Internet as Web server, it is a forward proxy.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
QUESTION 61
Which function is NOT a characteristic feature of proxy servers?
A. Making requests in the Internet, using HTTP, FTP, SOCKS on behalf of other clients
B. IP Masquerading - replacing original requestor's address with it's own
C. Encapsulating one protocol into another protocol
D. Caching previously requested resources
Correct Answer: B
Section: Volume A
Explanation
QUESTION 62
Blue coat Director functions include the following (Choose all that apply)
(a) Provide centralized initial setup and policy management

(b) Configure secure gateway and WAN acceleration
(c) Monitor hardware and software metrics and events on ProxySG appliances
(d) Enable proxying and filtering of multicast UDP traffic
A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c & d only
Correct Answer: A
Section: Volume A
Explanation
Reference: http://www.computerlinks.com/FMS/13338.director.pdf
QUESTION 63
What preconditions should be satisfied in order to do initial configuration from a client computer via the URL
https://proxysg.bluecodt.com:8083? (choose all that apply)
(a) Client computer should be directly connected to ProxySG with a cross-over cable
(b) ProxySG should have a pass-through card
(c) ProxySG should be deployed in the bridging mode
A. a & b only
B. a & c only
C. b & c only
D. All of the above
Correct Answer: B
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS4/SG200_Install_4x.pdf
QUESTION 64
What kind of object should be selected from button New in the New Action dialogue in the VPM that returns
a coaching or splash page?
A. Return Exception
B. Return Redirect
C. Notify User
D. Acceptable Usage Policy
Correct Answer: C
Section: Volume A
Explanation
QUESTION 65
What are requirements for client's browser for notification and coaching pages to work properly?
A. Pop-up windows should not be blocked

B. JavaScript has to be enabled
C. Cookies have to be enabled
D. Both JavaScript and cookies have to be enabled
Correct Answer: C
Section: Volume A
Explanation
QUESTION 66
What does the Blue Coat WebFilter do to classify sites not found in the WebFilter on-box database?
A. Sends classification requests to WebPulse

B. Runs Bayes classification algorithm on ProxySG
C. Forwards categorization requests to other ProsySG
D. Matches against a list of forbidden keywords
Correct Answer: A
Section: Volume A
Explanation
QUESTION 67
Which of the following statements are true? (Choose all that apply)
(a) Exceptions and notifications can be configured to use specific HTTP response codes.
(b) Exceptions and notify user objects can be created through the VPM.
(c) Exceptions and notify user objects can be utilized as action objects in the VPM.
(d) Exceptions and notify user objects can include substitutions such as the IP address, username or
category.
A. a & b only
B. a, c & d only
C. b & c only
D. a, b & c only
Correct Answer: B
Section: Volume A
Explanation
QUESTION 68
What happens, if there are multiple listeners to the same TCP port, and destination IP address belongs to
multiple IP address ranges?
A. Such configuration is Inherently ambiguous and wrong

B. Such cases cause built-in exceptions to be thrown during policy processing
C. The most specific IP address range is always used
Correct Answer: A
Section: Volume A
Explanation
QUESTION 69
Management Console of ProxySG (SGOS v. 5.4- or earlier) is based on the following client-side technology:
A. FIPS mode improves browser support

B. Java servlet application
C. JVM applet embedded in the Web page
D. Adobe Flex
E. AJAX and JavaScript
Correct Answer: C
Section: Volume A
Explanation
QUESTION 70
Which of the following tracks client-server transactions going through the ProxySG?
A. Event logs
B. Sys logs
C. Report logs
D. Access logs
Correct Answer: D
Section: Volume A
Explanation
QUESTION 71
To implement ProxySG as a default gateway, which of the following options has to be enabled?
A. Early Intercept
B. Reflect Client IP
C. IP Forwarding
D. Detect Protocol
Correct Answer: C
Section: Volume A
Explanation
Explanation: http://bradal.com/nl/pages/candn/bluecoat/transproxy.htm (search ip forwarding)
QUESTION 72
If you set a service attribute on the ProxySG to "Reflect Client IP", what must you make sure is not going to
happen in the network?
A. The service destination IP is set to "transparent" and Action is set to "Intercept".

B. Force Authentication through policy.
C. Asymmetric routing directly from client to OCS.
Correct Answer: A
Section: Volume A
Explanation
Reference: http://www.bluecoat.com/sites/default/files/product_tech_primers/
Transparent_Application_Delivery_Networks.pdf (page 1, last paragraph)
QUESTION 73
Which layer can be used to block a particular URL?
A. Authentication
B. Web Access
C. Forwarding
D. Web Content
Correct Answer: B
Section: Volume A
Explanation
QUESTION 74
All of the following are software based Blue Coat solutions:
Blue Coat Reporter, Blue Coat WebFilter, Blue Coat K9, ProxyClient
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 75
The following authentication realms will be used in a sequence realm. Which realm should go first?
A. Local
B. IWA
C. Radius
D. LDAP
Correct Answer: A
Section: Volume A
Explanation
Reference: http://www.bluecoat.com/doc/610
QUESTION 76
The ProxySG ICAP implementation is fully compatible with which of the following applications? (Choose all
that apply)
(a) Finjan SurfinGate

(b) Webwasher
(c) Antivirus Scan Engine (SAVSE)
(d) Trend Micro InterScan
A. a & b only
B. b & c only
C. c & d only
D. All of the above
Correct Answer: D
Section: Volume A
Explanation
Reference: http://www.google.com.pk/url?sa=t&rct=j&q=the%20proxysg%20icap%20implementation%20is
%20fully%20compatible%20with&source=web&cd=1&ved=0CBoQFjAA&url=http%3A%2F%
2Ffr.bluecoat.com%2Fdoc%2F472&ei=dvLcTo_tGo7Bswb-
i6XaCw&usg=AFQjCNF6l2iVhRnUsnok6RYXOeyq2PdGmw (page 1, second paragraph)
QUESTION 77
The ProxySG acts as both an ICAP client and ICAP server.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
Reference: https://docs.google.com/viewer?a=v&q=cache:2ShxIsXpZRYJ:fr.bluecoat.com/doc/472+The
+ProxySG+acts+as+icap
+client&hl=en&gl=pk&pid=bl&srcid=ADGEESiaHBmUbYdeiEjps_lGWA_vUAYP1ctDWl0X-
BFDCEIJtzrO4RRIFGUkaGoP3azr_pnR3GtKn0jAsyhgYvt4ZSWYi5BLMwYdXo-0hee8-ZqvW_rbULf-
bwpNJv9NU7tQx0PWOlet&sig=AHIEtbSvvzaRIKw2Y6ZnmILigR9R-pEAhA (page 2, note)
QUESTION 78
When accessing Management Console from the Web, the built in admin account uses the regular
password of CLI access (NOT the enable password of admin account)
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 79
Which console services are NOT available on the ProxySG?
A. SSH
B. HTTP
C. HTTPS
D. Serial
E. All the above are available
Correct Answer: E
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS3/ProxySG_Upgrade_Guide_3.2.7.pdf (page 18,
19)
QUESTION 80
The ProxySG operating system is based on________.
A. a customized, object oriented version of FreeBSD

B. a custom built operating system with integrated caching and compression
C. a Linux Kernel 2.6.x with byte caching and compression
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www.1st-computer-networks.co.uk/bluecoat_proxysg_8000.php (first paragraph)
QUESTION 81
Which appliance does not need any licensing and is fully operable after deployment?
A. ProxyAV
B. ProxySG
C. ProxyRA
D. Blue Coat Director
Correct Answer: D
Section: Volume A
Explanation
Reference: http://forums.bluecoat.com/viewtopic.php?f=3&t=1996
QUESTION 82
ProxySG can provide all these services to IM clients client authentication at a proxy, message reflection,
policy enforcement and logging.
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 83
Can server initiate an HTTP transaction?
A. It cannot
B. It can for e.g. Web-based instant messaging, AJAX and similar server-push applications
C. It can only for some HTTP request methods
Correct Answer: B
Section: Volume A
Explanation
QUESTION 84
The ProxySG can create configurable access logs for FTP, HTTP, and Telnet but not for Peer-to-Peer or
Real Media
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
Reference: http://www.bluecoat.co.jp/downloads/manuals/SGOS_Vol8_AccLog_5.3.1.pdf (page 37)
QUESTION 85
Which of the following policies CANNOT be implemented on the ProxyAV? (Choose all that apply)
(a) Blocking viruses, worms, spyware and trojans

(b) Blocking file types using apparent data type (file signature)
(c) Blocking files that exceed a size limit set by the administrator
(d) Blocking password protected archive files
A. a only
B. b only
C. c only
D. d only
E. All of the above can be implemented with the Proxy AV
Correct Answer: E
Section: Volume A
Explanation
QUESTION 86
The SSL certificate returned by the Management Console upon HTTPS access____.
A. is birth certificate, which depends on the device serial number only; it can be cached for the whole
lifetime of the ProxySG
B. is generated anew automatically every time ProxySG performs initial setup
C. has to be generated explicitly from the CLI
Correct Answer: B
Section: Volume A
Explanation
QUESTION 87
ProxySG has to be deployed inline (in bridging mode) or virtually inline (using WCCP or an L4 switch) in
order to block IM traffic.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
Reference: http://download.cacheflow.com/release/SGOS4/4.2.1.1/SGOS_RelNotes_Limits_4.2.1.htm
(topic: bridging)
QUESTION 88
Which HTTP error code corresponds to the ProxySG default exception identifier policy_denied?
A. 403
B. 404
C. 503
D. 401
Correct Answer: A
Section: Volume A
Explanation
Reference: http://www.bluecoat.co.jp/downloads/manuals/SGOS_CPL_4.1.2.pdf (page 210, topic:
discussion)
QUESTION 89
Which of the following are true about the rules processing in the VPM? (Choose all that apply)
(a) Rules are processed in a top down sequence.

(b) Layers are processed from left to right regardless of type.
(c) Layers are processed according to layer type.
(d) Layers of the same type are processed from left to right.
A. None of the above

B. b. c & d only
C. a, b & c only
D. a, c & d only
Correct Answer: D
Section: Volume A
Explanation
QUESTION 90
Which capabilities are limited in Blue coat Reporter standard edition compared to Enterprise edition?
(a)Data profile number is limited to five

(b)Reports can be displayed, but cannot be saved as PDF or CSV
(c)Only single processor is supported
(d)Report customization is limited
A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Correct Answer: C
Section: Volume A
Explanation
QUESTION 91
Find the configuration or management activity that is NOT among the functions of the Blue Coat Director
CANNOT be used?
A. Configuration of a large number of ProxySG appliances

B. Policy updates on ProxySG appliances
C. Virus definition updates for AV scanning
D. Setup and licensing
E. All the above actions can be done by a Director
Correct Answer: D
Section: Volume A
Explanation
QUESTION 92
In the VPM, source triggers can be used in conjunction with the ICAP RESPMOD action.
A. True
B. False
Correct Answer: A
Section: Volume A
Explanation
QUESTION 93
What can be concluded about this request processing order?
A. ProxyAV is accessed in ICAP REQMOD mode

B. ProxyAV is accessed ICAP RESPMOD mode
C. ProxySG with ProxyAV is deployed as a forward proxy
D. Proxy SG with ProxyAV is deployed as a reverse proxy
Correct Answer: A
Section: Volume A
Explanation
QUESTION 94
What are the best practices using anti-virus software on aWindows machine running Blue Coat Reporter?
A. Do not use anti-virus software as the log files cannot contain viruses
B. Perform scans as you would for any Windows server
C. Perform scans only during low activity of ProxySG
D. Perform scans, but bypass certain directories containing frequently changing files
Correct Answer: D
Section: Volume A
Explanation
QUESTION 95
Coaching or splash pages have to be configured through CPL rather than VPM.
A. True
B. False
Correct Answer: B
Section: Volume A
Explanation
QUESTION 96
Which HTTP error code corresponds to the ProxySG default exception identifier authentication_failed?
A. 403
B. 404
C. 503
D. 401
Correct Answer: D
Section: Volume A
Explanation
QUESTION 97
How many different anti-virus scanning engines can you run simultaneously on a ProxyAV?
A. 1
B. 2
C. 3
D. 4
Correct Answer: A
Section: Volume A
Explanation
QUESTION 98
Which WAN Optimization feature can accelerate the transfer of several similar, uncompressed files
between two locations? (Two files are called similar, if their editing distance is small, compared to the size
of the files. For example, if one file can be obtained from another one by inserting or deleting a small
fragment.)
A. Protocol Optimization
B. Object Caching
C. Byte Caching
D. Bandwidth Management
Correct Answer: C
Section: Volume A
Explanation
Reference: http://www.bluecoat.com/sites/default/files/product_tech_primers/Compression.1.pdf (last
paragraph with cream background)
QUESTION 99
Which HTTP error code corresponds to the ProxySG default exception identifier
dns_unresolved_hostname?
A. 403
B. 404
C. 503
D. 401
Correct Answer: B
Section: Volume A
Explanation
QUESTION 100
Which statement is true about a ProxySG with factory settings:
A. To get network access, initial setup is necessary ProxySG does not have an IP address until then
B. Unconfigured ProxySG responds to some of the pre-built IP addresses, which are contained in the
private IP address ranges 10.0.0.0/255.0.0.0 and 172.16.0.0/255.240.0.0 and 192.168.0.0/255.255.0.0 .
C. Unconfigured ProxySG tries to obtain IP address from a DHCP server
D. Unconfigured ProxySG sends RARP request to look up its IP address from the MAC address of its
network interface card. If it cannot get a valid IP address, initial setup is required.
Correct Answer: A
Section: Volume A
Explanation
QUESTION 101
If Proxy SG acts as a Web proxy, does the Origin Content Server (OCS) see the client's IP address or the
proxy server's IP address?
A. Content Server always sees client's IP address

B. Content Server always sees Proxy Server's IP address
C. Content Server sees client's IP address, if the proxy is configured as transparent proxy
D. The IP address seen by the Content Server depends on the Proxy SG configuration parameter reflect-
client-ip
Correct Answer: C
Section: Volume B
Explanation
QUESTION 102
HTTP response typically contains headers and the body (data). Does HTTP request contain body (data)?
A. HTTP requests contain headers (including cookie data) only

B. HTTP requests contain body only if the request is file upload
C. HTTP requests contain body only if it is a POST (rather than GET) request
D. HTTP requests contain body, if they are HTML form submissions
Correct Answer: A
Section: Volume B
Explanation
QUESTION 103
Since which version the HTTP protocol has persistent TCP connections and Keep-alive headers?
A. HTTP/0.9
B. HTTP/1.0
C. HTTP/1.1
Correct Answer: C
Section: Volume B
Explanation
QUESTION 104
Which WAN Optimization features require at least two ProxySG appliances to work? (Check all that apply)
(a) Protocol Optimization

(b) Object Caching
(c) Byte Caching
(d) Application Delivery Network (ADN)
A. a & b only
B. b & c only
C. c & d only
D. All of the above
Correct Answer: C
Section: Volume B
Explanation
QUESTION 105
When the Blue Coat Web Filter is enabled, the DRTR
A. is disabled by default
B. is enabled only through VPM policy
C. is enabled to work in the background by default
D. is enabled to work in real-time by default
Correct Answer: D
Section: Volume B
Explanation
Reference: http://www.bluecoat.co.jp/downloads/manuals/SGOS_Vol7_ManagingContent_5.3.1.pdf (page
23, see the screenshot)
QUESTION 106
Assume explicit proxy deployment where LDAP authentication realm is used. Authentication mode value is
auto. What is the first response code that a client receives as it attempts to connect to the Internet for the
first time?
A. 200
B. 302
C. 401
D. 407
Correct Answer: C
Section: Volume B
Explanation
QUESTION 107
Client makes a Web request to a Web Server, and ProxySG is using ProxyAV in RESPMOD mode. Which
devices are involved before the request reaches the original destination Web server?
A. Client, (2) ProxySG, (3) ProxyAV, (4) ProxySG, (S) Web server
B. Client, (2) ProxySG, (3) ProxyAV, (4) Web server
C. client, (2) ProxySG, (3) Web server
D. (l) Client, (2) ProxyAV, (3) ProxySG, (4) Web server
Correct Answer: B
Section: Volume B
Explanation
QUESTION 108
Which of the following tasks could be performed from the Blue Coat Management Console? (Choose all
that apply)
(a) SG Initial Setup

(b) Authentication Realm Configuration
(c) Bandwidth Class Configuration
(d) Resetting Trial Period
A. a & b only
B. b & c only
C. c & d only
D. All of the above
Correct Answer: B
Section: Volume B
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=KB3350 (topic: main steps)
http://www.google.com.pk/url?sa=t&rct=j&q=bluecoat%20management%20console%20bandwidth%20class
%20configuration&source=web&cd=1&ved=0CBkQFjAA&url=http%3A%2F%2Fwww.bluecoat.com%2Fdoc
%2F679&ei=qDndTtnYMo6usga2me3hAw&usg=AFQjCNEvEbQzdfU4WzWvnSHuQv5GQuHw1A
QUESTION 109
The HTTP request from a client to a proxy uses addresses as shown in the picture. It follows that the
ProxySG serves as transparent proxy.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 110
What ICAP refers to?
A. It is a protocol for Web-based AV appliances to communicate with scanning engines of various

providers
B. It is a standard developed by Blue Coat to communicate between ProxySG and other Blue Coat
appliances
C. It is a TCP-based protocol for HTTP request and response modification
D. It is an approach used by media servers for Digital Rights Management
Correct Answer: A
Section: Volume B
Explanation
Reference: www.bluecoat.com/doc/919 (second paragraph)
QUESTION 111
If the DRTR is enabled in real time, but does not have categorization value for the requested URL?
A. the URL will be assigned to the category none

B. the URL will be assigned to the category pending
C. the URL will be assigned to the category unavailable
D. the URL will assigned to the category uncategorized
Correct Answer: A
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/doc/16698 (Page 341)
QUESTION 112
You need to have an open service request (SR) with Technical Support to upload your ProxySG
configuration information to Blue Coat directly from the Management Console.
A. True
B. False
Correct Answer: A
Section: Volume B
Explanation
Reference: www.bluecoat.com/doc/687
QUESTION 113
A policy configured in VPM contains several Web Access layers, each contains several rules. Where a
policy rule should be placed to ensure that it is always invoked and its action (e.g. ALLOW or DENY) is not
overridden by any other rule?
A. First in the first layer

B. First in the last layer
C. Last in the first layer
D. Last in the last layer
Correct Answer: A
Section: Volume B
Explanation
QUESTION 114
ICAP responses may be cached on a ProxySG, i.e. for some Web requests ICAP processing may be
completed without involving ProxyAV?
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 115
You can obtain support information without contacting anyone from Blue Coat support via Blue Coat's online
tool, Instant Support.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 116
Which of the following is true about enabling access logging? (Choose all that apply)
(a) Access logging is disabled by default on newly configured systems.

(b) You can enable access logging through the Management Console only.
(c) You must configure the ProxySG to intercept protocols you wish to log.
A. a & b only
B. a & c only
C. b & c only
D. All of the above
Correct Answer: B
Section: Volume B
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS4/SGOS_UD_4.2.3.pdf (page 16, 4th paragraph)
QUESTION 117
What is sent over HTTP, if user enters non-ASCII characters into the address window of a Web browser
(e.g. the URL address shown in the image)?
A. The UTF-16 representation of these characters is being sent, since HTTP supports Unicode
B. The special characters are Base64 encoded before sending
C. URL address contains sequence of the form %HH%HH%HH, where "HH" is a hex-encoding of bytes
representing the non-ASCII characters
D. Special characters are sent as bytes, using the current encoding of the Web page
Correct Answer: C
Section: Volume B
Explanation
QUESTION 118
Which of the following are trigger objects in the Visual Policy Management? (Choose all that apply)
(a) Source Address

(b) Destination Address
(c) Time
(d) Tracking
A. All of the above

B. b, c & d only
C. a, b & c only
D. a, c a d only
Correct Answer: C
Section: Volume B
Explanation
Reference: https://docs.google.com/viewer?a=v&q=cache:RrYU0qF9eEEJ:www.bluecoat.com/doc/8577
+bluecoat+Visual+Policy+Management+source+address,+destination
+address&hl=en&gl=pk&pid=bl&srcid=ADGEESiEvsUljs7lW0jWaARHe8Fjph_d1_Sh3Gnqm_yZHWMAtdkT
RmbZuIPByjNbPv4hDTNs0S3ayM02AcinE1xT7LxFLEM-bhIu9AvOEKB_-iKklNcEw3Sl7Pb7jmX-
EbMAEpV0z9iU&sig=AHIEtbSa5B6s2cvnPfo66RvFIytCm_pf_g (topic: how it works)
QUESTION 119
Notify user objects utilize cookies and http redirection to deliver error messages to clients.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 120
How can a user restore ProxySG back to its default, factory settings, so that its IP address etc. needs to be
configured anew? (Choose all that apply)
(a) Press a button on ProxySG back panel (left arrow on front panel for some models) and hold it for about
5 seconds
(b) Enter a CLI command (restore-defaults factory-defaults) and confirm it with y(yes).
(c) Press a button in Management Console that drops the network configuration, and confirm the warning
dialog.
A. a & b only
B. a & c only
C. b & c only
D. All of the above
Correct Answer: C
Section: Volume B
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=KB1915&actp=LIST
QUESTION 121
What categories are included in Blue Coat WebFilter on-box database and recognized by the WebPulse
dynamic categorization?
A. There is a simple list of 23 categories

B. There is a hierarchy of 36 first level categories, and several hundred second level categories
C. There is a simple list of 69 categories
Correct Answer: C
Section: Volume B
Explanation
Reference: www.bluecoat.com/doc/8528
QUESTION 122
What is the behavior of content filtering policies, when the Blue Coat WebFilter license expires?
A. All content is blocked

B. All content is allowed
C. Content is allowed or blocked depending on policy for System/unlicensed
D. Content is allowed or blocked depending on fail open or fail closed setting in Management Console.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 123
Which of the following types of traffic are scanned with ICAP RESPMOD?
A. HTTP responses
B. FTP uploads
C. HTTP PUT data
D. HTTP POST data
E. All of the above
Correct Answer: A
Section: Volume B
Explanation
QUESTION 124
ProxySG uses a licensed Blue Coat Web Filter (BCWF), and has configured policies for URL categories.
ProxySG uses a DNS server, which for some reason cannot resolve the domain name sp.cwfservice.net
anymore. What happens to the content filtering policy evaluation in this case?
A. Any time when policy evaluation needs to categorize an URL, access to that page is denied.
B. ProxySG always uses whatever action is configured for the System/unavailable category
C. Policy evaluation is not affected, because ProxySG uses the default IP address of a WebPulse Service
Point
D. Policy evaluation is not affected for URLs categorized in the BCWF database, and is evaluated as
System/unavailable for any other URLS.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 125
In a TCP connection, what will a listener service attempt to match before deciding to intercept or to bypass
the connection? (Choose all that apply)
(a) Source IP
(b) Destination IP
(c) Destination Port
(d) Source Port
A. a & b only
B. b & c only
C. c & d only
D. All of the above
Correct Answer: D
Section: Volume B
Explanation
QUESTION 126
Name two different ways to create a transparent proxy environment.
A. Using the PAC File or configuring WCCP

B. Configuring a Layer 4 switch or configuring the appliance in bridging mode
C. Configuring WCCP or using an automatic configuration script
Correct Answer: BC
Section: Volume B
Explanation
Reference: http://bradal.com/nl/pages/candn/bluecoat/transproxy.htm (search for layer-4 switch)
QUESTION 127
How many content filtering databases can be used in a policy for SGOS 5.3 at the same time (apart from
the local database and IWF restricted categories)?
A. Only one content filtering database

B. Any two content filtering databases
C. Two content filtering databases BCWF and one other
D. Any number of content filtering databases from the list supported by ProxySG
Correct Answer: D
Section: Volume B
Explanation
QUESTION 128
Which is NOT a good reason to configure user authentication when deploying ProxySG as an Internet
gateway proxy?
A. To allow creation of granular polices by user or group

B. To allow more detailed logging and reports
C. To enable more convincing coaching pages for AUP violations
D. To ensure that cache content is not expired
E. To protect against unauthorized access of Web objects found in cache
Correct Answer: D
Section: Volume B
Explanation
QUESTION 129
Which of the following categorization method incur additional costs (not covered by ProxySG and BCWF
licenses)?
A. Local Database Categorization

B. IWF Categorization
C. SurfControl Categorization
D. DRTR Categorization
Correct Answer: D
Section: Volume B
Explanation
QUESTION 130
What configuration of ProxySG can be created during web initial setup wizard? (Choose all that apply)
(a) IP address or addresses, mask, gateway, DNS address or addresses

(b) and settings and manager and backup manager
(c) password for web management Console and CLI enabled mode.
A. A, B only
B. A, C only
C. B, C only
D. All of the above
Correct Answer: B
Section: Volume B
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS4/SG200_Install_4x.pdf (page 14, 15)
QUESTION 131
By looking at the above HTTP GET request, what are the possible proxySG deployment methods that could
be in used? (Choose all that apply)
(a) Default Route

(b) WCCP
(c) PAC
(d) WPAD
A. a, d only
B. c, d only
C. b, c only
Correct Answer: B
Section: Volume B
Explanation
QUESTION 132
What do you need to enable NTLM authentication?
A. Active directory server and authentication license

B. BCAAA and authentication license
C. BCAAA
Correct Answer: C
Section: Volume B
Explanation
QUESTION 133
In exception hierarchy exception myexreption is child of Exception. User-defined.all. This means that the
value for all parameters (format, contact, summary, http code, etc.) are copied from Exception.User-
defined.al settings to myexception unless these values are explicity overriden.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 134
Licensing of the Proxy AV is done through the ProxySG interface.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 135
It is possible to upgrade the version of ProxyClient installation on a ProxySG without upgrading its SGOS
version.
A. True
B. False
Correct Answer: A
Section: Volume B
Explanation
QUESTION 136
What happens, if ProxyClient is deployed in a place that does not match any conditions in the Location
Awareness?
A. Content filtering is enabled, but acceleration is disabled

B. Acceleration is enabled, but content filtering is disabled
C. Default settings for filtering and acceleration are applied
D. ProxyClient is passive in such case, so neither filtering nor acceleration can work
Correct Answer: C
Section: Volume B
Explanation
QUESTION 137
For ProxyClient content filtering to work, the clients computer should be able to do a correct lookup of DNS
address sp.cwfservice.net.
A. True
B. False
Correct Answer: A
Section: Volume B
Explanation
QUESTION 138
What are the two hardware chassis options that are available in Blue Coat Director? (Choose all that apply)
(a) SG210
(b) SG510
(c) SG800
(d) SG8100
A. a & b only
B. b & c only
C. c & d only
D. a & d only
Correct Answer: B
Section: Volume B
Explanation
Reference: http://www.bluecoat.com/support/eol-sg#director
QUESTION 139
Which of the following statements are true about WCCP? (Choose all that apply)
(a) WCCP version 1 only redirects traffic based on TCP destination port 80 while WCCP version 2 can
redirect more than just port 80.
(b) WCCP version 1 supports only single proxy while WCCP version 2 can support up to 32 proxies in a
single service group.
(c) WCCP version 1 is the default version supported by ProxySG unless configured otherwise.
(d) WCCP version 2 is more suitable for multiple router deployment as it allows multicast discovery.
A. a & b only
B. b & d only
C. a & d only
D. a & c only
Correct Answer: C
Section: Volume B
Explanation
QUESTION 140
Which are the two packets that are used in WCCP discovery process? (Choose all that apply)
(a) HERE_I_AM
(b) HOME_ROUTER_IP:
(c) I_SEE_YOU
(d) WEB_CACHE_HERE
A. All of the above

B. a, b & c only
C. b & d only
D. a & c only
Correct Answer: D
Section: Volume B
Explanation
QUESTION 141
When using transparent authentication, which of the following statements is true?
A. The virtual URL used for origin-style redirects must resolve to the IP address of the ProxySG.
B. The virtual URL used for origin-style redirects must resolve to an IP address.
C. The virtual URL used for origin-style redirects must be configured as an IP address.
D. The virtual URL used for origin-style redirects must be configured as a host name.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 142
Why should ProxySG set HTTP proxy behavior profile to "portal" in a reverse proxy deployment? (Choose
all that apply)
(a) To ensure ProxySG will ignore reload attempt.

(b) To only allow authenticated users that are allowed to browse the page.
(c) To ensure that ProxySG will trust server expiration header.
(d) To restrict client access by User-Agent type.
A. a & b only
B. a & c only
C. b & d only
D. b & c only
E. c & d only
Correct Answer: B
Section: Volume B
Explanation
QUESTION 143
Which of the following types of traffic are scanned with ICAP RESPMOD?
A. HTTP responses
B. FTP uploads
C. HTTP PUT data
D. HTTP POST data
E. All of the above
Correct Answer: A
Section: Volume B
Explanation
QUESTION 144
User with administrative rights can stop ProxyClient as a Windows service.
A. True
B. False
Correct Answer: A
Section: Volume B
Explanation
QUESTION 145
Which statement is not true?
A. A VLAN trunk is a physical link that connects two switches together.

B. A VLAN trunk is used for frame-tagging.
C. A trunk port connects to CIFS server.
D. A trunk port erases the tag in a frame.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 146
The placeholder variables that are available in ProxyClients exception templates (i.e. the screens that are
displayed, when there is a policy violation) are the same ones that are available for user-defined exceptions
within ProxySG.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 147
Assume that ProxySG has default policy set to Allow; it is configured so that the HTTP proxy service on port
8080 has Detect Protocol option disabled and there are no policy rules on either SSL Intercept Layer or SSL
Access Layer. A Web browser is accessing an HTTPS site, using explicit proxying on the ProxySG, port
8080.
What would happen to this traffic?
A. The HTTPS connection will never be established

B. The HTTPS connection will always be established
C. The HTTPS connection will be established only for the remote server port 443.
D. The HTTPS connection will be established only for the remote server port 443 unless there are rules on
Web Access Layer, explicitly allowing other port numbers.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 148
In which of the following ways can Access Logging be enabled? (Choose all that apply)
(a) By a CLI command

(b) In the Management Console under Access Logging
(c) By adding another layer to VPM policy
A. a & b only
B. a & c only
C. b & c only
D. All of the above
Correct Answer: A
Section: Volume B
Explanation
QUESTION 149
Which HTTP error code corresponds to the ProxySG default exception identifier authentication failed?
A. 403
B. 404
C. 503
D. 401
Correct Answer: D
Section: Volume B
Explanation
Reference: http://newcafe.org/401.shtml
QUESTION 150
Which group of services does not have a specialized proxy and is handled by TCP Tunnel instead?
A. HTTP, HTTPS, FTP

B. SOCKS
C. LDAP, IMAP, SSH
D. QuickTime, Real Audio
E. AOL, MSN IM, Yahoo IM
Correct Answer: E
Section: Volume B
Explanation
QUESTION 151
HTTP status codes requesting client authorization are 3-digit numbers of the following form:
A. 1xx
B. 2xx
C. 3xx
D. 4xx
E. 5xx
Correct Answer: D
Section: Volume B
Explanation
Reference: http://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error
QUESTION 152
The bcreportermain_vl access log format has a configurable ordering of fields, and this custom order is
reflected in a log file header.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 153
Which types of requests are likely to be served the fastest?
A. TCP_MISS
B. TCP_NC_MISS
C. TCP_HIT
D. TCP_MEM_HIT
E. TCP_RESCAN_HIT
Correct Answer: D
Section: Volume B
Explanation
Reference: http://www.alainfontaine.lu/blog/2009/01/stellar-wordpress-performance/
QUESTION 154
Which of the following access log formats are supported by the ProxySG? (Choose all that apply)
(a) ELFF
(b) SQUID
(c) Websense
(d) NCSA
A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Correct Answer: B
Section: Volume B
Explanation
Reference: http://download.cacheflow.com/manuals/SGOS3/ProxySG_Upgrade_Guide_3.2.7.pdf (page 35,
topic: access logging)
QUESTION 155
What happens, when administrator makes some changes in ProxySG Management Console and presses
Revert button two times?
A. The next-to-last configuration (i.e. immediately preceding the last press of Apply) is restored.
B. The next-to-last configuration (i.e. immediately preceding the last press of Apply) is restored only if the
history tracking is enabled in the Management Console.
C. The last saved configuration is restored and the second Revert has no effect.
D. Nothing is changed on ProxySG as the two presses of the same button cancel each other.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 156
By looking at the above HTTP GET request, what are the possible ProxySG deployment methods that could
be in used? (Choose all that apply)
(a) Default Route

(b) WCCP
(c) PAC
(d) WPAD
A. a & b only
B. b &c only
C. c & d only
D. All of the above
Correct Answer: C
Section: Volume B
Explanation
QUESTION 157
Can ProxySG services configure multiple listeners on the same TCP port?
A. Yes, the service listeners are scanned top down as displayed under Configuration > Services > Proxy
Services, and the first matching listener is always used
B. No, each TCP port can have up to one listener, which is set to either Bypass or Intercept.
C. Yes, the listener with the most specific (longest) network mask is chosen, if there are several listeners
configured on the same port
D. Yes, configuring multiple listeners is used to do internal load balancing; they help to distribute incoming
TCP connections between multiple listener threads
Correct Answer: A
Section: Volume B
Explanation
Reference: http://www.bluecoat.co.jp/downloads/manuals/SGOS_Vol2_ProxiesPortServices_5.3.1.pdf
(page 30)
QUESTION 158
How frequent are updates of WebFilter on-box database within the ProxySG?
A. Every 5-20 minutes during the time intervals set in the Management Console
B. When the previous database subscription period ends, approximately once every 60 days
C. Once every day, the specific time is configurable via Management Console
D. Only when the administrator presses button Download now, to downloads a new bcwf.db file to the
ProxySG
Correct Answer: B
Section: Volume B
Explanation
QUESTION 159
You CANNOT create custom log formats.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
Reference: http://www.bluecoat.com/sites/default/files/documents/files/
Authentication,_Authorization,_and_Accounting.4.pdf (last paragraph on the page)
QUESTION 160
Which attribute is used in authentication in a Microsoft Active Directory LDAP authentication realm?
A. sAMAccountName
B. firstname
C. last name
D. cn
Correct Answer: D
Section: Volume B
Explanation
QUESTION 161
Which compression algorithm is used by ProxySG during WAN acceleration?
A. Huffman code
B. gzip
C. tar
D. bzip2
Correct Answer: B
Section: Volume B
Explanation
Reference: http://www.bluecoat.com/sites/default/files/documents/files/Compression.1.pdf (How does
compression work)
QUESTION 162
Core vs. edge deployment refers to ProxySG appliance being located closer to the servers vs. closer to the
clients.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 163
What acceleration techniques are NOT used for ProxySG WAN Acceleration?
A. Bandwidth management (traffic shaping)

B. IP layer route optimization
C. Protocol optimization and compression
D. Object caching
E. Byte caching
Correct Answer: B
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/sgos/ProxySG//Mobile/Advanced/Content/01Concepts/
traffic_management_co.htm
QUESTION 164
Which of the following categorization method would incur additional costs (not covered by ProxySG and
BCWF licenses)?
A. SurfControl Categorization
B. Local Database Categorization
C. IWF Categorization
D. DRTR Categorization
Correct Answer: D
Section: Volume B
Explanation
QUESTION 165
Which statement is true about language support for Blue Coat WebFilter on-box database and Dynamic
Categorization technologies?
A. Both on-box database and dynamic categorization categorize Web sites in all human languages, but the
precision of categorization results vary.
B. On-box database and dynamic categorization support the same list of languages and do not categorize
Web sites written in other languages.
C. If dynamic categorization algorithm correctly identifies the language of a Web site, then the algorithm
can also categorize Web sites in that language based on Bayes analysis of words found.
D. On-box database may contain categorizations for Web sites in languages that are not recognized by
dynamic categorization.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 166
What is WebPulse technology?
A. A platform used to emulate ProxySG real-time operating system (SGOS) on other OS and platforms
B. Traffic shaping algorithm to optimize bandwidth consumption and throughput
C. Website categorization service, used by content filtering
D. Mechanism to reconcile contradictory policies defined in ProxySG Visual Policy Manager
Correct Answer: C
Section: Volume B
Explanation
QUESTION 167
ProxySG has its explicit HTTP service set to intercept with the default settings. An LDAP authentication
realm is used, authentication mode value is auto. What is the first response code that a client receives as it
connects to the Internet for the first time?
A. 302
B. 401
C. 200
D. 407
Correct Answer: B
Section: Volume B
Explanation
QUESTION 168
Various models of ProxySG (e.g. 810-5 and 810-10) have different user limits. What is a user limit?
A. The number of unique IP addresses is not different for the both models, but there is a strictly enforced
limit of simultaneous TCP connections that each model supports
B. User limit is the recommended number of unique IP addresses that can connect to the ProxySG for the
given hardware. ProxySG can be configured to exceed this limit.
C. It is the number of unique IP addresses that can connect to the ProxySG, and this limit is strictly
enforced by the license.
Correct Answer: B
Section: Volume B
Explanation
Reference: https://support.bluecoat.com/sgos/ProxySG//Mobile/Advanced/Content/02Tasks/
Traffic_Management/user_overflow_actions.htm
QUESTION 169
ProxyAV 1400 and 2400 are more powerful than other models by the following criteria. (Select 3)
A. There can be a longer queue of the objects to be scanned

B. They have more scanning processes
C. CIFS and SSL protocols are supported
D. Larger network bandwidth can be served by the appliance
E. More AV scanning vendors are supported
Correct Answer: BDE

Section: Volume B
Explanation
QUESTION 170
Access Denied (policy_denied)
Welcome. SUNNYVALE\student01i
Unfortunately, the "Adult/Mature Content" sites are not allowed.
To get the above custom message, how would you write the placeholder variables into an exception page?
A. Welcome, $(cs.user)!<br/> Unfortunately, the "${cs.uri.categories)" sites are not allowed.

B. Welcome, $(cs.user)!<br/> Unfortunately, the "${exception.categories)" sites are not allowed.
C. Welcome, %CS_USER%!<br/> Unfortunately, the "%URI_CATEGORY%" sites are not allowed.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 171
Consider an inline deployment see figure.
Assume that a browser on Client0l is configured to use SG01 as an explicit proxy on port 8080.
The only service on SG01 set to Intercept is the HTTP service on port 8080 for the <Transparent>
destination address. Default policy is ALLOW and there is no custom policy.
What will the user see in the browser window after requesting a Web page?
A. A message "Proxy Server Refused Connection" or similar (depending on the browser being used).
B. "Access denied" message due to policy DENY
C. Nothing, there will be a timeout error
D. The requested Web page will be served to the browser
Correct Answer: D
Section: Volume B
Explanation
QUESTION 172
When using WebPulse with Blue Coat WebFilter, how can you determine the list of operations that can be
associated with the application facebook?
A. In the CLI, enter enable mode, and perform the command show content-filter bluecoat operations
facebook
B. In the Management Console, go to Configuration > Content Filtering > General, click View categories,
and scroll through the list until you find facebook
C. In the Management Console, go to Configuration > Content Filtering > General, enter facebook.com into
the URL field, and click Test
Correct Answer: B
Section: Volume B
Explanation
QUESTION 173
Which of these is equivalent to the following IPv6 address?
fe80::2d0:83ff:fe04:9c9e
A. fe80:0000:2d00:83ff:fe04:9c9e
B. fe80:0000:02d0:83ff:fe04:9c9e
C. fe80:0000:0000:0000:02d0:83ff:fe04:9c9e
D. fe80:0000:0000:0000:2d00:83ff:fe04:9c9e
Correct Answer: C
Section: Volume B
Explanation
QUESTION 174
Which of the following authentication realms are supported in SGOS version 6.2?
(Select all that apply)
A. RADIUS
B. LDAP
C. TACACS+
D. IWA
Correct Answer: ABD

Section: Volume B
Explanation
http://forums.bluecoat.com/viewtopic.php?f=1&t=18167&sid=3760f809615d7993d88775fb82e82f4a
https://kb.bluecoat.com/index?page=content&id=FAQ2104
QUESTION 175
The ProxySG allows you to upload compressed access logs or plain-text access logs.
A. True
B. False
Correct Answer: A
Section: Volume B
Explanation
Reference: http://wikileaks.org/spyfiles/files/0/268_BLUECOAT-SGOS_Vol8_AccLog_5.3.1.pdf(page 26,
first paragraph)
QUESTION 176
Which one of the following categorization methods is not covered by ProxySG and Blue Coat WebFilter
licenses and would incur additional costs?
A. SurfControl categorization
B. Local database categorization
C. WebPulse categorization
D. IWF categorization
Correct Answer: C
Section: Volume B
Explanation
QUESTION 177
Which one of these statements is true about the factory default settings of a ProxySG?
A. An unconfigured ProxySG tries to get an IP address from a DHCP server.

B. Blue Coat Director can be used to assign an IP address to an unconfigured ProxySG.
C. An IP address can be assigned to an unconfigured ProxySG by using either the serial connection or, on
models that have one, the front panel.
D. An unconfigured ProxySG sends a RARP request to look up its IP address from the MAC address of its
network interface card. If it cannot get a valid IP address, initial setup is required.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 178
Persistent TCP connections are enabled by default starting with which version of HTTP?
A. 1.1
B. 0.9
C. 1.0
Correct Answer: A
Section: Volume B
Explanation
Reference: http://stackoverflow.com/questions/246859/http-1-0-vs-1-1(see the paragraph with grey
background)
QUESTION 179
Which of the following access logging features are supported by the ProxySG? (Select 4)
A. Signing, to certify that a particular ProxySG wrote and uploaded the log.
B. Encryption, to encrypt the data as it is transferred to the remote server.
C. Logging all user group memberships for the HTTP transactions performed by authenticated users (IWA
and LDAP realms).
D. Compression, to save on data transfer between the ProxySG and the remote server.
E. Bandwidth management, to facilitate availability of minimum bandwidth for the access log data transfer
from ProxySG to the log upload server.
Correct Answer: ABCD

Section: Volume B
Explanation
QUESTION 180
When accessing default administrative account with the ProxySG Management Console, which one of
these passwords is used?
A. Console password
B. Enable password
C. Setup Console password
D. Front panel PIN code
Correct Answer: B
Section: Volume B
Explanation
QUESTION 181
After a URL has been categorized by the WebPulse background rating service, when are the results
returned to the ProxySG that initiated the request? (Select all that apply)
A. At the next scheduled update of the Blue Coat WebFilter database.

B. Immediately, if the category is Adult or Pornography.
C. On demand by the ProxySG administrator.
D. None of the above.
Correct Answer: AC
Section: Volume B
Explanation
QUESTION 182
Which of the following parts of a URL are NOT case-sensitive? (Select all that apply)
A. Query parameters
B. Host name
C. Protocol name
Correct Answer: B
Section: Volume B
Explanation
Reference: http://stackoverflow.com/questions/2148603/is-the-protocol-name-in-urls-case-sensitive
QUESTION 183
Some models of the ProxySG have a user limit. The user limit is based on which one of these factors?
A. The number of unique client IP addresses with open inbound TCP connections to the ProxySG.
B. The specific license that has been purchased for and installed on that ProxySG.
C. The number of concurrent open TCP connections to the ProxySG.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 184
Proxy servers and firewalls are network security devices that________
A. can be used interchangeably.

B. complement each other.
C. are capable of controlling Layer 2 to Layer 7 traffic.
D. can spoof client IP addresses.
Correct Answer: ABC

Section: Volume B
Explanation
QUESTION 185
When WebFilter is enabled, how often does the ProxySG check for updates to the WebFilter database?
A. Once every five minutes.

B. Once every five minutes, during the hours of the day that are specified in the Management Console.
C. Once every day, during the hours of the day that are specified in the Management Console.
D. Once every hour.
Correct Answer: A
Section: Volume B
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=SA42&actp=RSS (Workarounds, 2nd bullet)
QUESTION 186
Which of the following policy tasks require using the VPM and cannot be performed in CPL? (Select all that
apply)
A. Creating a combined Destination object for use in policy processing.

B. Specifying form-based authentication.
C. Configuring SSL interception.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 187
Can you have more than one Web Access layer active in the VPM at any given time?
A. Yes
B. No
Correct Answer: B
Section: Volume B
Explanation
QUESTION 188
What are the four components of a ProxySG proxy service? (Select 4)
A. Attributes to control proxy processing.

B. Administrative password.
C. Listener parameters to match against.
D. Which proxy to use.
E. Service time to live (TTL).
F. Whether to intercept or bypass.
Correct Answer: ACEF

Section: Volume B
Explanation
QUESTION 189
A URL that is categorized by WebFilter can have how many applications associated with it?
A. Zero or one
B. Exactly one
C. Up to three
D. Unlimited
Correct Answer: D
Section: Volume B
Explanation
QUESTION 190
Can a ProxySG automatically get its own IPv4 address during initial configuration?
A. Yes
B. No
Correct Answer: A
Section: Volume B
Explanation
QUESTION 191
What are the four types of VPN trigger objects? (Select 4)
A. Action
B. Authentication
C. Service
D. Destination
E. Source
F. Time
Correct Answer: CDEF

Section: Volume B
Explanation
QUESTION 192
By default, HTTP traffic that is logged is recorded to which log facility?
A. http
B. main
C. bcreportermain_v1
D. elff
Correct Answer: B
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/doc/8672 (page 7, enabling or disabling access logging, second para)
QUESTION 193
In a transparent ProxySG deployment, the TCP packet sent from the client to the ProxySG contains what
value as the destination IP address?
A. The IP address of the origin content server

B. The IP address of the ProxySG
C. The IP address of the client
D. The answer depends on whether client IP address reflection is enabled on this ProxySG
Correct Answer: B
Section: Volume B
Explanation
QUESTION 194
In the VPM, what type of object is a Notify User object?
A. Destination
B. Source
C. Action
D. Track
Correct Answer: C
Section: Volume B
Explanation
QUESTION 195
Use of the Flash streaming proxy requires the installation of an optional license.
A. True
B. False
Correct Answer: A
Section: Volume B
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=FAQ1152 (6th para)
QUESTION 196
If the VPM displays two Web Access layers, which one is evaluated first?
A. The one that is visually to the left.

B. The one that is visually to the right.
C. The answer depends on the contents of each layer.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 197
Which of these proxy service components are responsible for detecting incoming traffic that matches
specific IP addresses or subnets?
A. Listeners
B. Services
C. Proxies
Correct Answer: A
Section: Volume B
Explanation
QUESTION 198
From the viewpoint of the ProxySG, a user login consists of which three components? (Select 3)
A. IP address
B. Password
C. Authentication realm
D. Username
E. User agent
Correct Answer: ACE

Section: Volume B
Explanation
QUESTION 199
On the ProxySG, can more than one authentication realm be active at any given time?
A. Yes
B. No
Correct Answer: A
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/doc/9102 (page 8, controlling user access, second para)
QUESTION 200
When a proxy service listener matches incoming client traffic and is set to Bypass, what happens to the
traffic?
A. The ProxySG determines whether any other proxy service listeners match the same traffic but are set to
Intercept.
B. The ProxySG returns an exception to the client.
C. The ProxySG passes the traffic through to the original destination without additional processing.
D. The ProxySG silently drops the connection.
E. The answer depends on whether the client is using an explicit or transparent proxy connection.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 201
What is the purpose of the VPM-XML file?
A. It stores the visual state of the VPM user interface.

B. It stores the policy statements that are generated from the VPM.
C. It allows the administrator to use the VPM from any XML-capable web browser without accessing the
Management Console.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 202
In which client connection type are user agents aware that a proxy has been deployed?
A. Explicit proxy
B. Transparent proxy
Correct Answer: A
Section: Volume B
Explanation
QUESTION 203
Which one of these statements best describes the role of a proxy server?
A. An intermediary that acts as both a server and a client for the purpose of making requests on behalf of
other clients.
B. An intermediary that extracts the destination IP address of a packet, selects the best path for the packet,
and forwards the packet to the next device in the path.
C. An intermediary that protects the resources of a private network from users on other networks.
D. An intermediary that inspects traffic in Layers 2-4 and denies or permits it based on a set of policies.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 204
When policy created in the VPM is installed, what two files does the VPM update on the ProxySG? (Select
2)
A. VPM-CPL file
B. Local policy file
C. VPM-XML file
D. Central policy file
Correct Answer: AC
Section: Volume B
Explanation
QUESTION 205
Can you use IPv6 addressing on a ProxySG that communicates via WCCP with its router?
A. Yes
B. No
Correct Answer: B
Section: Volume B
Explanation
QUESTION 206
In a user-defined exception created on the ProxySG, what is the default HTTP response code?
A. 302
B. 401
C. 403
D. 407
Correct Answer: C
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/doc/10493 (page 2, see the items in fine print, (code))
QUESTION 207
How can you prevent passwords from being sent in plaintext between the ProxySG and an LDAP server?
A. By enabling SSL communication between the ProxySG and the authentication server.
B. By disabling anonymous search in this LDAP realm.
C. By changing the TCP port number for the LDAP primary server host from 389 to 443.
D. You cannot do this.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 208
When configured as part of an IPv6 network, how does the ProxySG gets its IPv6 address?
A. The ProxySG obtains an IPv6 address for each interface automatically, but the administrator cannot
change these after completing initial configuration.
B. The administrator must supply an IPv6 address manually.
C. The ProxySG obtains an IPv6 address for each interface automatically, and the administrator can
change these after completing initial configuration.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 209
How does a local authentication realm know what credentials to authenticate against?
A. The administrator creates a user list on the ProxySG and associates it with one or more local realms.
B. By communicating with the domain controller.
C. A local authentication realm contains its own list of valid credentials.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 210
How are entries in the ProxySG event log classified?
A. By proxy
B. By severity level
C. By number of affected clients
D. By service
Correct Answer: B
Section: Volume B
Explanation
QUESTION 211
Why does the Internal HTTP proxy service use the TCP Tunnel proxy by default?
A. Some internal applications are not fully HTTP-compliant, which might cause the ProxySG to reject
connections.
B. The TCP Tunnel proxy delivers the best performance for intranet addresses.
C. The TCP Tunnel proxy delivers the best security for intranet addresses.
D. The Internal HTTP proxy service does not use the TCP Tunnel proxy by default.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 212
Can proxy servers modify traffic between a client and server?
A. Yes
B. No
Correct Answer: A
Section: Volume B
Explanation
QUESTION 213
Can you use the same ProxySG default gateway for both IPv4 and IPv6 addressing?
A. Yes
B. No
Correct Answer: B
Section: Volume B
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=FAQ1263&actp=RSS (see configuration of the
proxysg appliance, second bullet)
QUESTION 214
In WebPulse, does background analysis of URLs use human raters?
A. No.
B. Yes, but only if requested through the site review website.
C. Yes, but only if machine analysis is inconclusive.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 215
When a ProxySG is being used as an IPv4-to-IPv6 gateway, how does the ProxySG determine the IPv6
address of the content server to which a client request should be directed?
A. By querying the IPv6 DNS server(s) that have been specified in the ProxySG configuration.
B. By querying the Internet gateway router that has been specified in the ProxySG configuration.
C. By using the IPv4-to-IPv6 lookup table that the administrator has installed on the ProxySG.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 216
What are the two types of ProxySG exceptions?
A. Pre-defined and user-defined.

B. Global and local.
C. Notify and trap.
D. Explicit and transparent.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 217
In which type of physical deployment is a ProxySG out of path but still has potential visibility to all traffic
through the use of a device such as a WCCP-capable router or a Layer 4 switch?
A. Explicit
B. Transparent
C. Inline
D. Virtually inline
Correct Answer: C
Section: Volume B
Explanation
QUESTION 218
What are the three principal physical deployment methods for the ProxySG? (Select 3)
A. Virtually inline
B. Out of path
C. Explicit
D. Transparent
E. Inline
Correct Answer: CDE

Section: Volume B
Explanation
QUESTION 219
What client-side technology does the Management Console use?
A. Java applets
B. HTML5
C. Ajax
D. Flash
Correct Answer: A
Section: Volume B
Explanation
QUESTION 220
For the ProxySG to decrypt SSL traffic, does the traffic need to be intercepted by a proxy service?
A. Yes
B. No
Correct Answer: A
Section: Volume B
Explanation
QUESTION 221
When performing a packet capture of traffic that is seen by a ProxySG between a client and server, what is
the main advantage of performing the capture on the ProxySG rather than on a client?
A. Packet order is not disrupted.

B. Only server-side traffic is visible.
C. Only client-side traffic is visible.
D. Both client-side and server-side traffic are visible.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 222
What optional features or licenses must you purchase to enable IPv6 support on the ProxySG?
A. SSL license
B. No special licenses are required
C. IPv6 license
Correct Answer: B
Section: Volume B
Explanation
QUESTION 223
In an explicit ProxySG deployment, the TCP packet sent from the client to the ProxySG contains what value
as the destination IP address?
A. The IP address of the ProxySG or a load balancer.

B. The IP address of the client.
C. The IP address of the origin content server.
D. The answer depends on whether client IP address reflection is enabled on this ProxySG.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 224
When specifying a search user for an LDAP authentication realm, what administrative permissions are
required on the search user account? (Select all that apply)
A. All read allow.

B. Inherit.
C. Owner all allow.
D. No special permissions are required.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 225
If you do not enable authentication on the ProxySG, can you still write policy to control client access to web
content?
A. Yes, but only on certain criteria

B. Yes
C. No
Correct Answer: C
Section: Volume B
Explanation
QUESTION 226
Which proxy service matches incoming traffic if it does not match any other service?
A. External HTTP
B. Default
C. TCP Tunnel
D. Internal HTTP
Correct Answer: B
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/sgos/ProxySG/63/Mobile/Advanced/Content/04Reference/
session_report_columns.htm (see service name)
QUESTION 227
If you create a configuration archive on a ProxySG, which of the following steps must you perform to restore
that archive onto a different ProxySG? (Select all that apply)
A. In the Management Console of the source ProxySG, disable enforcement of signed images.
B. Restore the destination ProxySG to factory defaults.
C. In the Management Console of the destination ProxySG, disable enforcement of signed images.
D. Save the SSL keyring configuration-passwords-key on the source, and restore it at the destination.
E. You cannot do this.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 228
By default, what log format is associated with the main log facility?
A. elff
B. http
C. bcreportermain_v1
D. main
Correct Answer: D
Section: Volume B
Explanation
QUESTION 229
True or false: Blue Coat Director cannot be used to configure a ProxySG until an IP address has been
assigned to the ProxySG by either the front panel or the serial console.
A. True
B. False
Correct Answer: B
Section: Volume B
Explanation
QUESTION 230
If the ProxySG is not receiving any power, how does the Management Console indicate this?
A. By displaying a health status of Critical.
B. The Management Console will not load.
C. By displaying a red power icon at Maintenance > System and Disks > Environment.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 231
How does the Management Console perform commands on the ProxySG?
A. By generating the appropriate CLI commands and executing them.

B. By using Content Policy Language to control the ProxySG.
C. By using proprietary APIs to perform function calls on the ProxySG.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 232
When using the ProxySG to send information related to a service request, which of these items can the
ProxySG transmit to Blue Coat? (Select all that apply)
A. Policy trace
B. Event log
C. Sysinfo file
D. Packet capture
E. Memory core dump
Correct Answer: BD
Section: Volume B
Explanation
QUESTION 233
In NTLM authentication, passwords are normally transmitted in which of these ways?
A. Plaintext
B. Base 64-encoded
C. Encrypted
Correct Answer: C
Section: Volume B
Explanation
Reference: http://msdn.microsoft.com/en-us/library/windows/desktop/aa378749(v=vs.85).aspx
QUESTION 234
From where does the exception exception.user-defined.all inherit its properties?
A. The exception.user-defined definition.

B. The default exception configuration in the Management Console.
C. The exception.all definition.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 235
WebPulse uses URL information from which of these Blue Coat products? (Select all that apply)
A. ProxySG
B. Blue Coat K9
C. ProxyAV
D. ProxyClient
Correct Answer: C
Section: Volume B
Explanation
QUESTION 236
Which versions of SSL and TLS does the ProxySG support? (Select all that apply)
A. SSL version 1.0

B. SSL version 2.0
C. SSL version 3.0
D. TLS version 1.x
Correct Answer: AD
Section: Volume B
Explanation
QUESTION 237
When the disk space on a ProxySG is 95% full, which of these features or functions become unavailable?
(Select all that apply)
A. Object caching
B. Access logging
C. Content filtering
Correct Answer: A
Section: Volume B
Explanation
QUESTION 238
If an access log file has no header, how does Blue Coat Reporter process the file?
A. By using the header of the most recently processed file.

B. By using default header settings configured by the administrator.
C. It cannot, unless the administrator manually re-creates the header and prepends it to the file.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 239
When does the ProxySG require the use of BCAAA with an IWA realm?
A. When using Kerberos credentials.

B. When your organization does not permit the ProxySG to join the Windows domain of the authentication
server.
C. When you are using two or more IWA realms on the same ProxySG.
D. When you are performing SSL interception.
Correct Answer: A
Section: Volume B
Explanation
Reference: https://bto.bluecoat.com/sgos/ProxySG/63/AuthMobileGuide/Content/Topics/Authentication/
Tasks/IWA/IWA_BCAAA_st.htm
QUESTION 240
Can you change from the Proxy Edition to the MACH5 Edition of SGOS?
A. Yes, and the relevant portions of the previous configuration are preserved.
B. No.
C. Yes, but the previous configuration is lost.
Correct Answer: C
Section: Volume B
Explanation
Reference: https://kb.bluecoat.com/index?page=content&id=KB1417&actp=RSS
QUESTION 241
When a ProxySG processes an SSL transaction between a client and a content server, does the ProxySG
function as an SSL client or as an SSL server?
A. SSL client
B. SSL server
C. Both
Correct Answer: A
Section: Volume B
Explanation
QUESTION 242
What service group does Blue Coat recommend for the Telnet service?
A. Bypass recommended
B. Default
C. Standard
D. Tunnel recommended
Correct Answer: D
Section: Volume B
Explanation

BCCPA Examcollection Premium Exam 242q

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

BCCPA Examcollection Premium Exam 242q

Transféré par

Droits d'auteur :

Formats disponibles

BCCPA.examcollection.premium.exam.

Blue Coat Certified Proxy Administrator

A. the graphical visual Policy Manager and/or the command-line interface

A. Blue Coat Reporter

(a) Administrator attempts to access Management console

A. All of the above

(a) Enhance security through authentication, virus scanning, and logging.

A. QuickTime, Windows Media, and Real Media

A. Bandwidth management (traffic shaping)

A. HTTP PUT data

(a) to deny access to a URL

A. ProxyAV Is accessed in ICAP REQMOD mode

(a) Proxy Edition

(a) Default policy is ALLOW

A. TCP connection sources or destinations, which are outside our LAN

A. The connection will be allowed

A. The listing of the webroot directory of the Web server

A. None of the content filtering databases is set up

A. 30 days - trial can be prolonged by CLI command reset-trial

A. HTTP port 8987

A. Domain + Workstation Name

(a) HTTP port 8081

(a) Added to the static BCWF database on the ProxySG

A. Yes, it is enabled by default, except in FIPS mode

A. FIPS mode improves browser support

(a) CSV (comma-separated-values) to be opened by Excel

A. TCP connection sources of destinations, which are outside our LAN

(a) A single web site can belong to multiple categories

(a) Provide centralized initial setup and policy management

A. Pop-up windows should not be blocked

A. Sends classification requests to WebPulse

A. Such configuration is Inherently ambiguous and wrong

A. FIPS mode improves browser support

A. The service destination IP is set to "transparent" and Action is set to "Intercept".

(a) Finjan SurfinGate

A. a customized, object oriented version of FreeBSD

(a) Blocking viruses, worms, spyware and trojans

(a) Rules are processed in a top down sequence.

A. None of the above

(a)Data profile number is limited to five

A. Configuration of a large number of ProxySG appliances

A. ProxyAV is accessed in ICAP REQMOD mode

A. Content Server always sees client's IP address

A. HTTP requests contain headers (including cookie data) only

(a) Protocol Optimization

(a) SG Initial Setup

A. It is a protocol for Web-based AV appliances to communicate with scanning engines of various

A. the URL will be assigned to the category none

A. First in the first layer

(a) Access logging is disabled by default on newly configured systems.

(a) Source Address

A. All of the above

A. There is a simple list of 23 categories

A. All content is blocked

A. Using the PAC File or configuring WCCP

A. Only one content filtering database

A. To allow creation of granular polices by user or group

A. Local Database Categorization

(a) IP address or addresses, mask, gateway, DNS address or addresses

(a) Default Route

A. Active directory server and authentication license

A. Content filtering is enabled, but acceleration is disabled

A. All of the above