SonicOS NSv Firewall Configuration, Exams of Computer Science

An overview of the key features and settings related to the sonicos nsv firewall. It covers topics such as interface addressing, nat, vpn configuration, routing, and network management. The document delves into the advanced network interface settings, dhcp server persistence, asymmetric route support, and various routing protocols supported by the sonicos nsv. It also discusses best practices for firewall registration, management, and high availability configuration. The information presented in this document can be useful for network administrators, security professionals, and it personnel responsible for configuring and managing sonicwall firewalls in their organizations.

Typology: Exams

2023/2024

Available from 08/08/2024

Nursingexamhelp
Nursingexamhelp 🇺🇸

3

(7)

1.2K documents

1 / 35

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
SNSP SonicOS 7
Exam
Latest TestBank
(6 Exam Sets)
Actual Exam
Included
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23

Partial preview of the text

Download SonicOS NSv Firewall Configuration and more Exams Computer Science in PDF only on Docsity!

SNSP SonicOS 7

Exam

Latest TestBank

(6 Exam Sets)

Actual Exam

Included

SNSP SonicOS 7

T or F - TOTP can retrieve the one-time password from the authenticator app when their is no internet connection? True Select all the methods of accessing SonicOS CLI: SSH connection via SonicOS GUI SSH connection through SSH client Console Port Brainpower Read More 0: / 0: Which feature allows for the automatic upload of suspicious files on Windows devices for advanced analysis? Capture ATP Maximum supported number of VPN Tunnel Interfaces? 64

T or F - OSPF Adjacency helps share networks with sites downstream and eliminates the need to create individual routes True Select the answer with the six major steps of the Capture ATP process in the correct order:

  1. The SonicWall firewall sends the file to SonicWall Capture ATP cloud services.
  2. The SonicWALL Capture ATP cloud services saves the file in its repository.
  3. SonicWALL Capture ATP cloud services reads and analyzes the file.
  4. SonicWALL Capture ATP cloud services stores the results in the SonicWALL Capture ATP cloud services database.
  5. SonicWALL Capture ATP cloud services access the SonicWALL Capture ATP cloud services database.
  6. SonicWALL Capture ATP cloud services sends results to the SonicWALL firewall. Which feature of SonicWall Capture Client helps create a complete profile of the application, processes, and network activity? Continuous behavioral monitoring

What are the two ways of installing the SonicWall Capture Client utility on a target workstation?

  • Downloading the client from mysonicwall.com
  • Implementing Client Enforcement What is the best method of authentication so that organizations can counteract ever increasing password breaches? Two-Factor Authentication T or F - The random password generated by SonicWall 2FA is multi-use and is not deleted when the user is successfully granted access to the resource? False In SonicOS CLI, what command is used to quickly recover the firewall from the uncertain configuration state? Safemode command What are the benefits of using SonicWall Command Line Interface? (Select all that apply)
  • It provides a faster and efficient way to configure and manage SonicWall Firewall
  • You can create a CLI script for automating configuration tasks
  • It helps complete configuration tasks when the SonicOS web-based management UI is not accessible

Which option enables the establishment of the initial Security Association, without a shared key configured on the client side? Default Provisioning Key (page 204 of text book) T or F - SonicWall DPI-SSL service provides administrators with the ability to block the file until the verdict is returned? FALSE What does RTDMI stand for? Real-Time Deep Memory Inspection What is a DNS Flood Attack? An attack in which the attacker targets one or more DNS Servers that belong to a given zone, attempting to hamper the resolution of resource records of that zone and its sub-zones. (Page 948 in textbook) Which authentication method is selected by default when configuring the VPN AP server policy? Preshared Secret (Page 202 of textbook) When configuring DPI-SSL Server, what benefits are provided by enabling cleartext?

  • Allows the firewall to use fewer resources
  • Provides a method of sending unencrypted data to a server
  • Utilizes Port 80 instead of port 443 (page 573 of textbook) When configuring an App Rule, which directional setting allows you to choose between zones, such as LAN to WAN? Advanced (page 677 of textbook) To create a local backup via CLI what command do you use? Local-backup

What is the maximum numbers of SD-WAN Interface Group Members? - ANSWER- 10 The SonicOS NSv scheme of interface addressing works in conjunction with address objects, service objects, and network zones. - ANSWER- True What feature provides an alternative for NAT to route traffic between separate public IP address ranges

  • ANSWER- Routed Mode Which advanced network interface setting on the SonicWall NSv firewall allows initial packets or responde packets to pass through other interfaces? - ANSWER- Enable Asymmetric Route Support What is the default IP version setting for sending or receiving the DNS proxy packets between the firewall and the DNS servers? - ANSWER- IPv4 to IPv Which of the following DDNS Providers are supported in SonicOS? - ANSWER- Dyn.com no-IP.com changeIP.com What type of mapping does ARP enable? - ANSWER- IP Addresses to MAC Addresses Which feature prevents ARP Poisoning of connected machines? - ANSWER- ARP Watch SonicWall DHCP server options support standards as defined primarily in RFC 2131 and RFC 2132 - ANSWER- True Which firewall network settings allows the current state of the DHCP leases in the network to be periodically written to flash? - ANSWER- Enable DHCP Server Persistance How many web proxy servers can be configured in the SonicWall firewall? - ANSWER- 32 Which user authentication method provides centralized Authentication, Authorization, and Accounting?
  • ANSWER- RADIUS Which authentication method is recommended for a relatively smaller number of users? - ANSWER- Local Users

SNSP Exam - Best Practices and other Basics

Which interfaces cannot be configured as WAN interfaces - ANSWER- X0 and MGMT What is the default configuration of X1 - ANSWER- Static mode with IP of 0.0.0. To avoid routing issues of X1 what should you ensure - ANSWER- It's assigned with a valid non-zero IP address or configuring for DHCP or PPPoE True or False: It is recommended to disassociate the from the WAN zone if not in use - ANSWER- True - Unassigned True or False: You should open HTTPS Mgmt up on the WAN interface - ANSWER- False True or False: Check the "Add rule to enable redirect from HTTP to HTTPS" option when configuring HTTPM management - ANSWER- False What can result from incorrect duplex settings on the WAN - ANSWER- Inconsistent Internet connection, slow throughput, dropped packets, and inability to negotiate to an ISP connection What settings are default on the advanced tab of a WAN interface - ANSWER- Link Speed to Auto Negotiate User Default MAC address Enable Flow Reporting Fragment non-VPN outbound packets larger than this Interfaces MTU MTU stands for what - ANSWER- Maximum Transmission Unit On DSL and cable connections is the MTU size generally lower or higher - ANSWER- Lower How do you change the value of MTU - ANSWER- In increments of 8 bytes True or False: Confirm that Ignore Don't Fragment DF bit is unchecked - ANSWER- True True or False: Even if you only have 1 WAN connection you should still enable "Enable Load Balancing" - ANSWER- True Why must you enable load balancing with only 1 WAN connection - ANSWER- To access the LB Groups and LB Statistics sections of Failover and Load Balancing configuration Which Probe menu should you select when configuring WAN probes - ANSWER- Probe Succeeds when either main or alternate target responds

When creating NAT policies, what should you not use - ANSWER- Default Group Objects or Quad-Zero- Value for Original, Translated Sources, and Destinations True or False: It's ok to use All Interface IP or All WAN IP address groups in NAT policies - ANSWER- False When working with NAT policies, what action should you take on configuring the inbound and outbound interfaces - ANSWER- Change the default ANY/ANY and use the specific interfaces for the policies True or False: The firewall responds to incoming connection requests as either blocked or open - ANSWER- True What happens when you enable Stealth Mode - ANSWER- The firewall does not respond to blocked inbound connection requests; firewall becomes invisible What is the purpose of enabling Randomized IP - ANSWER- To prevent hackers using various detection tools from detecting the presence of the firewall as IP packets are given random IP IDs What is the TTL value - ANSWER- The value in an IP packet that informs a network router whether or not the packet has been in the network for a long time and should be discarded If you enable Decrement IP TTL for Forwarded traffic, what happens - ANSWER- It decreases the TTL value for packets that have been forwarded but in the network for a significant time If you would like to create a custom control port for FTP traffic, how would you do that - ANSWER- Under Firewall Settings->Advanced Settings->Dynamic Port->Enable FTP Transformations for TCP Port in Service Object What is RTSP - ANSWER- It's an application-level protocol for control over delivery of data with real-time properties When would you want to use Enable RTSP Transformations - ANSWER- To support on-demand delivery of real-time data, such as audio and video What is dependent on whether AppFlow is enabled, if an external collector is configured, and the model of the SW appliance - ANSWER- The maximum number of connections What does the Connections section provide - ANSWER- The ability to fine-tune the firewall to prioritize for either optimal throughput or an increased number of simultaneous connections that are inspected by DPI Services True or False: There is a change in the level of security protection provided by either of the DPI Connections settings - ANSWER- False What does AGSS include - ANSWER- GAV, IPS, AS, CFS, Botnet Filter, GEOIP Filter, Application Firewall, DPI-SSL, DPI-SSH, and CaptureATP

True or False: All GAV protocol options should be checked for both inbound and outbound inspection - ANSWER- True How can you block files containing multiple levels of zip and/or gzip compression - ANSWER- In GAV Settings, enable Block files with multiple levels of zip/gzip compression What should you restrict over HTTP - ANSWER- Password protected ZIP, MS Office type files with macros, and packed executables What needs to be enabled to log intrustion data - ANSWER- Intrustion Detection True or False: Low Priority prevention should be managed on a need basis - ANSWER- True What file types should be checked for analysis under CaptureATP - ANSWER- Executables PDF Office 97- 2003 Office Archives Where can you choose to block until verdict is returned - ANSWER- CaptureATP->Custom Blocking Behavior True or False: GEO-IP filter is a core component of CGSS/AGSS - ANSWER- True What does the "All Connections" option exclude in GeoIP Filter settings - ANSWER- Firewalled Subnets If you enable Firewall Rule Based connections under GEOIP Filter settings what should you also enable - ANSWER- Any rules for WAN-WAN, WAN-LAN and LAN-WAN should have GEOIP filter enabled specifically What does the BotNet filter do - ANSWER- Prevent traffic to and from known malicious hosts that act as botnet networks True or False BotNet Filter can be enabled at the Access Rule level - ANSWER- True What does DPI-SSL do - ANSWER- Enables the firewall to act as a proxy to inspect encrypted communications such as webmail, social media, and other web contacts by leveraging HTTPS connections What should you enable under DPI-SSL/TLS Client - ANSWER- Always authenticate server for decrypted connections If you enable Always authenticate server for decrypted connections in DPI-SSL/TLS Client setting, what else should you enable? - ANSWER- Skip CFS Category‐based Exclusion option under DPI-SSL/TLS Server

What is Core0's responsibility - ANSWER- Handling specific traffic flows which cannot be handed off to other Cores True or False: All Sonicwalls have multiple CPU cores - ANSWER- True True or False: Core0 is the control plane while the other cores are the Data Planes - ANSWER- High usage on the control plane (Core0) can cause what issues - ANSWER- Sluggishness on the GUI, inability to manage the SW, Reboots and other things Where would one monitor the Control Plane (Core0) - ANSWER- Dashboard->Multi-Core Monitor or System->Diagnostics->Mult-Core Monitor What are some other active configs that could cause high usage on Core0 - ANSWER- Inactive IPSec VPN Policies, the amount of data been logged, reduce Global Log Redunancy to 60 secs for AppControl True or False: The more FQDN objects in use the more traffic is generated and stored by the Sonicwall - ANSWER- True - requires DNS entries are constantly refreshed and stored True or False: Unused WAN interfaces should be unassigned - ANSWER- True What info is displayed on the main Dashboard - ANSWER- Multi-Core Usage Connections Bandwidth (bps) Firewall Snapshot Threat Prevention Summary Applications Traffic Consumption Link to Live Monitors

SNSA SONICOS 7 EXAM LATEST UPDATE (REAL EXAM QUESTIONS AND ANSWERS) \A GRADE What are some of the key features of SonicOS 7 architecture? - ANSWERAdvanced Protection against encrypted threats, TLS 1.3, Simplified Integrations, Multi-istance Support, Easy zero-touch deployment, Unified Policy Management, Classic Mode, Policy Mode What are some of the key features of SonicWall Next-Gen firewalls? - ANSWERFlexible deployment, Wan load balancing, Failover Flexibility, High availability and clustering, IPv6, Dynamc Link Aggregation, Network segmentation, Wireless Controller, Application intelligence and control, Real-Time Visualization SonicOS7's modern and intuitive user interface features intelligent device dashboards with actionable alerts, redesigned topologies, and simplified policy creation and management - ANSWER--True Which feature is used to ensure the firewall licenses are the same as in the respective MySonicWall.com account? - ANSWER--Synchronize An administrator can be logged off when pre-empted by another administrator or he can be dropped into a non-config mode - ANSWER--True What options are used to preempt an administrator logged into the firewall? - ANSWER--Log out, Drop to Non-config mode Soniv Wall firewalls can interoperate with any x509v3 certificates issued by third party CA authorities - ANSWER--True

Which of the following DDNS Providers are supported in SonicOS? - ANSWERDyn.com no-IP.com changeIP.com What type of mapping does ARP enable? - ANSWER--IP Addresses to MAC Addresses Which feature prevents ARP Poisoning of connected machines? - ANSWER--ARP Watch SonicWall DHCP server options support standards as defined primarily in RFC 2131 and RFC 2132 - ANSWER--True Which firewall network settings allows the current state of the DHCP leases in the network to be periodically written to flash? - ANSWER--Enable DHCP Server Persistance How many web proxy servers can be configured in the SonicWall firewall? - ANSWER--one Which user authentication method provides centralized Authentication, Authorization, and Accounting?

  • ANSWER--RADIUS Which authentication method is recommended for a relatively smaller number of users? - ANSWER-- Local Users How many characters are allowed in the comment field of an Access Rule? - ANSWER-- 32 What is the default mode the firewall boots up in? - ANSWER--Policy Mode What probe types can be enabled for SD-WAN probing? - ANSWER--TCP and Ping Gateway Antivirus is enabled by default? - ANSWER--False Which packet status types are indicated by the Packet Monitor?(Select all tha apply) - ANSWER-- Dropped, Forwarded, Consumed T or F NSM on prem offers large scale centralized management of SonicWall Gen 7 devices only? - ANSWER--False Export formats for snapshot of Packet Monitor - ANSWER--HTML, PCAP, Plain Text

T or F Keep Alive should be enabled on the firewall with the most processing overhead - ANSWER--False (should be on the firewall with the least overhead) The default session time an administrator can be logged into the firewall is? - ANSWER--5 Minutes What user authentication should be used for groups with more than 1000 users and provides an extra layer of security? - ANSWER--RADIUS The SonicWALL Administrator has modified the default LAN>WAN access rule from "allow" to "deny", blocking all outbound WAN traffic. Which of the following statements is true: - ANSWER--LAN users cannot surf the internet, but the appliance can still register with mysonicwall.com and update the UTM signatures When creating a site to site VPN, the policy type should be set to? - ANSWER-Site to Site When creating a Route Based VPN the policy type should be set to? - ANSWERTunnel Interface TACACS+ - ANSWER--Provides separate authentication, authorization and accounting (AAA) services. The NSM Closed Network Support feature is ideal for customers who run: - ANSWER--One or more private networks that are completely shut off from the outside environment. T or F NSM On-Prem requires a separate license for the reporting and analytics features - ANSWER--True T or F Setting the Event Priority level lower than the Logging Level will cause those events to be filtered out from Event Logs. - ANSWER--True If the Logging Level Filter is defined as Error, which of the following alert messages will also be displayed in the results? (Select all that apply) - ANSWEREmergency, Alert, Critical T or F Advanced routing is enabled by default? - ANSWER--True Which of the following variables are used to configure static routes to forward traffic? (Select all that apply) - ANSWER--Interfaces, Services Which protocols are supported by the Advanced Routing mode of SonicWall NSv? (Select all that apply) - ANSWER--RIP, OSPFv