CCNP Security FAQ : Content Filtering on the Cisco Security Appliance
Q1. How does the Security Appliance filter Java applets and ActiveX objects?
A. By commenting out the <OBJECT> </OBJECT> tags or the <APPLET> </APPLET> tags in the HTML page.
B. By deleting the <OBJECT CLASSID> </OBJECT> tags or the <APPLET> </APPLET> tags in the HTML page.
C. It notifies the content-filtering server, which in turn disables the ActiveX objects and Java applets.
D. The Security Appliance does not filter ActiveX objects or Java applets.
Q2. What is the command to designate or identify the URL-filtering server?
A. filter url-server
C. filtering server
D. server url
Q3. What is the longest URL length supported by a Cisco Security Appliance with Websense Enterprise URL-filtering software?
A. 12 KB
B. 15 KB
C. 4 KB
D. 6 KB
Q4. What is the command to filter URLs?
A. filter url
D. filter web page
Q5. What happens when the only URL-filtering server is unavailable?
A. If the allow option is set, the Security Appliance forwards HTTP traffic without filtering.
B. SMTP traffic is dropped because the URL-filtering server is unavailable.
C. HTTP requests are queued until the URL-filtering server is available.
D. The Security Appliance reverts to the onboard URL-filtering engine to filter HTTP traffic.
Q6. What is the default port used by the N2H2 server to communicate with the Cisco Security Appliance?
A. TCP/UDP 1272
B. TCP 5004 only
C. TCP/UDP 4005
D. UDP 5004 only
Q7. What command identifies N2H2 servers on a Cisco Security Appliance?
A. websense url filter server-ip
B. filter url server-ip vendor n2h2
C. url-server (if-name) vendor n2h2 host local-ip
D. All of these answers are correct
Q8. How many URL servers can be configured on a single Cisco Security Appliance?
Q9. What command disables URL caching on the Cisco Security Appliance?
A. no url-cache
C. disable url-cache
D. None of these answers are correct
Q10. Which of the following URL-filtering servers supports FTP and HTTPS filtering?
B. Cisco Works
Q11. With what two URL-filtering servers does the Security Appliance work?
Q12. What command filters out Java applets from HTML pages?
Q13. Why are Java applets and ActiveX objects considered a threat?
Q14. How does the Cisco Security Appliance filter Java applets and ActiveX objects?
Q15. What is the command to designate or identify the URL-filtering server?
Q16. Which Security Appliance version supports the Websense URL-filtering server?
Q17. What is the longest URL filter that is supported by Cisco Security Appliance?
Q18. What is the command to filter URLs?
Q19. How would you configure the Security Appliance to buffer the response from a web server if its response is faster than that from the N2H2 or Websense URL-filtering server on the Security Appliance?