Q&A

QUESTION NO: 1
An administrator created a PIN for the ProxySG front panel, disabled the built-in administrative account and introduced policy-based admin auttiohration, and secured die serial port. After this was done, all the PINs, passwords and policy settings were lost. What options are available to regain access to the appliance? (choose all that apply)

(a) Return ProxySG appliance to Blue Coat to restore a default SGCS image
(b) Restore the factory settings by pressing and holding a reset button for 5 seconds, configure the appliance anew or restore its configuraoon from a backup
(c) Try out all 10000 combinations of PIN for the front panel until you find the right one
(d) Remove the hard disk from the ProxySG, connect it as an external SAT A disk to any Windows or Linux computer; clear the admin entry in the /etc/ pssswd file on that disk. Put the hard disk back in ProxySG, start it up and reset the admin's password.

A. a only
B. a & b only
C. a & c only
D. a & d only
E. All of the above
Answer: B

QUESTION NO: 2
The Connect HTTP method is reserved for use with a proxy that can dynamically switch to being a tunnel e.g. SSL tunneling)

A. True
B. False
Answer: A

QUESTION NO: 3 (duplicated as no.97)
Forward proxy of SSL allows applying policies to encrypted SSL data.

A. True
B. False
Answer: B

QUESTION NO: 4
The ProxySG gives you the ability to write policies through.

A. the graphical visual Policy Manager and/or the command-line interface
B. Visual Policy Manager only
C. the graphical visual Policy Manager, the command-line interface and/or imported text file
Answer: C

QUESTION NO: 5
Which is NOT a support- related site for Blue Coat products?

A. http://forums.bluecoot.com
B. http://services.bluecoat.com
C. http://download.bluecoat.com
D. http://webpulse.bluecoat.com
Answer: D

QUESTION NO: 6
Which ProxySG technology uses the Gaca processing pipeline similar to the one shown in the picture?


A. Blue Coat Reporter
B. MACH5
C. BCWF
D. ProxySG Services
Answer: B

QUESTION NO: 7
Which of the following Authentication Realms are supported by Blue Coat in SGOS 5.3? (Choose all that apply)

(a) IWA
(b) RADIUS
(c) LDAP
(d) TACACS+

A. a, b & d only
B. b, c & d only
C. a, b & c only
D. All of the above
Answer: C

QUESTION NO: 8
What are the possible configurable options when configuring destination address in proxy services? (Choose all that apply)

(a) All
(b) Any
(c) Explicit
(d) Transparent

A. a, c & d only
B. a, b & c only
C. b, c &d only
D. All of the above
Answer: A

QUESTION NO: 9
What are the types of challenges that can be authenticated by ProxySG? (choose all that apply)

(a) Administrator attempts to access Management console
(b) user attempts to access the internet
(c) Administrator attempts to access SG via SSH
(d) User attempts to access a CIFS file server

A. All of the above
B. b, c &d only
C. a, c & d only
D. a, b & c only
Answer: A

QUESTION NO: 10
A ProxySG is designed to do which of rhe following? (choose all that apply)

(a) Enhance security through authentication, virus scanning, and logging.
(b) Increase performance through TCP optimization, HTTP caching and pipelining.
(c) Control content with URL filtering, content stripping, and HTTP header analysis.

A. a & b only
B. b & c only
C. a & c only
D. All of the above
Answer: D

QUESTION NO: 11
Which streaming services are supported by ProxySG?

A. QuickTime, Windows Media, and Real Media
B. Windows Media, Real Media, and Flash
C. QuickTime, Flash, and MP4
Answer: B

QUESTION NO: 12 (duplicated as no 60)
A single ProxySG appliance can act as a Gateway Proxy and WAN Acceleration Proxy at the same time.
A. True
B. False
Answer: A
QUESTION NO: 13 (duplicated as no 57, but different answer)
Which option is NOT available to upload logfiles from ProxySG?

A. HTTP server
B. FTP server
C. Blue Coat Reporter server
D. CIFS/SAMBA file server
Answer: C

QUESTION NO: 14
What acceleration techniques are NOT part of MACHS?

A. Bandwidth management (traffic shaping)
B. Protocol optimization and compression
C. IP layer route optimization
D. Object caching
E. Byte caching
Answer: C

QUESTION NO: 15
Which of the following types of traffic are not scanned with ICAP REQMOD?

A. HTTP PUT data
B. FTP uploads
C. FTP responses
D. HTTP POST data
Answer: C

QUESTION NO: 16
The goal of creating and using Notify User objects is (Choose all that apply)

(a) to deny access to a URL
(b) to deliver a splash page to the clients
(c) to warn a user before allowing access to a URL

A. a & b only
B. b & c only
C. All of the above
Answer: B

QUESTION NO: 17
What can be concluded about this request processing order?


A. ProxyAV Is accessed in ICAP REOMOD mode
B. ProxyAV is accessed ICAP RESPMOO mode
C. ProxySG with ProxyAV is deployed as a forward proxy
Answer: A

QUESTION NO: 18
Which of the following methods is NOT appropriate for the initial setup for a ProxySG 2010 series?

A. Serial console Cable
B. LCD Panel
C. Web Wizard accessing HTTPS port 8083
D. Blue Coat Director applying a profile
Answer: D

QUESTION NO: 19
The default policy for ProxySG is DENY. Network administrator creates a VPM policy allowing access to some Web host only for certain users (see picture). When installing this policy, ProxySG issues a warning that this rule will be ignored. What change can be applied in order to fix this?


A. Add another rule to the Web Access layer creating an exception for users NOT allowed to access the host.
B. Add another Web Access layer and set its default action to Allow.
C. Add Web Authentication layer with a rule having Force Authenticate action.
D. Add Web content layer with a rule preventing serving content from ProxySG cache to unauthorized users.
Answer: B

QUESTION NO: 20
Which Instant Messaging proxies are available on the ProxySG? (Choose all that apply)

(a) AIM
(b) Jabber
(c) MSN
(d) Yahoo

A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b. c & d only
E. All of the above
Answer: C

QUESTION NO: 21
In SGOS 5.3, what are the two versions that you can opt for? (choose all that apply)

(a) Proxy Edition
(b) Full Edition
(c) WAN Opt Edition
(d) MACH5 Edition

A. b &c only
B. a, c & d only
C. c & d only
D. a & d only
Answer: D

QUESTION NO: 22
What ProxySG appliance has these default settings;

(a) Default policy is ALLOW
(b) Trust client destination IP is ON
(c) Tolerate HTTP errors is ON;

A. Proxy Edition
B. Reverse Proxy Edition
C. MACH5 Edition
D. Trial Edition
Answer: C

QUESTION NO: 23
Which software product provides Web content filtering for windows and Mac OS computers, is locally configurable, and can produce a barking sound, when user violates a filtering policy.

A. ProxyAV
B. Blue coat WebFilter
C. Blue Coat k9
D. Blue Coat Director
Answer: C

QUESTION NO: 24
What are "unmanaged endpoints” which make the Blue Coat RA (Remote Access) appliance useful?

A. TCP connection sources or destinations, which are outside our LAN
B. Workstations, which need to be in a virtual private network, but VPN clients cannot be installed on them
C. Mobile user laptops, which are used in places not protected by ProxySG
D. Hosts without installed ProxyClient or with disabled ProxyClient
Answer: B

QUESTION NO: 25
HTTP/1.1 supports pipelining - multiple related requests are written to a single TCP socket without waiting for the responses to come back — i.e. the requests are done asynchronously in-parallel, instead of doing them sequentially as usual (see picture). Some Web clients such as Opera and Firefox with FasterFox plugin use HTTP pipelining. Assume that ProxySG Is deployed as a forward proxy listening on port 8080.


A. If an HTTP client tries to use pipelining, the use of proxy will break the HTTP protocol.
B. For those HTTP clients that use pipelining, the use of forward proxy would ensure faster response time compared to the clients that do not use pipelining.
Answer: B

QUESTION NO: 26
If an error occurs during Proxy AV request or response processing, which of the following will occur?

A. The connection will be allowed
B. The connection will hp denied
C. The response is determined by the ICAP object properties in policy
D. The response is determined by die ICAP configuration properties in the management console
Answer: D

QUESTION NO: 27
When the ProxySG 200's power LED indicator alternates between green and amber, it means that the system is booting.

A. True
B. False
Answer: A

QUESTION NO: 28
The ProxySG acts as both an ICAP client and ICAP server.

A. True
B. False
Answer: A

QUESTION NO: 29
A parent exception can provide the default, values for a child exception.

A. True
B. False
Answer: A

QUESTION NO: 30
What is returned to the HTTP request" GET / HTTP/ 1.1 "?

A. The listing of the webroot directory of the Web server
B. The file index.html
C. A file that is configured as a defaulty /welcome file for that Web server
Answer: C

QUESTION NO: 31
What is true immediately after the initial setup of ProxySG

A. None of the content filtering databases is sot up
B. Only the default Dlue Coat WebFilter database is sec up and available
C. Blue Coat WebFilter database and 3rd party databases are set up and available
Answer: B

QUESTION NO: 32 (duplicated as o.54, different answer)
Which of the following policies can be applied to Instant Messaging traffic? (Choose all that apply)

(a) A policy to deny the transfer of specific file types or file sizes
(b) A policy to deny a specific IM request method
(c) A policy to deny a key word or words using a regular expression
(d) A policy to deny a specific IM buddy or IM chat room

A. a, b & c only
B. b, c & d only
C. a, c & d only
D. All of the above
Answer: D

QUESTION NO: 33 (duplicated as no.80)
Which best describes the role of a proxy server?

A. A device that inspects Layer 2 - Layer 4 traffic running through it and denies or permits based on a set of policies.
B. An intermediary program which acts as both a server and a client for the purpose of making requests on
C. behalf of other clients.
D. An intermediary program that protects the resources of a private network from users on other networks.
E. A device that extracts the destination address of a packet, selects ten best path for the packet and forwards the packet the next device in the path.
Answer: B

QUESTION NO: 34
After the initial boot-up. Blue Coat SGOS will automatically boot into a trial license. What is the duration of the thai period?

A. 30 days, trial can be prolonged by CLI command reset-trial
B. 60 days, trial can be prolonged by CU command reset-trial
C. 9o days
D. 120 days
Answer: B

QUESTION NO: 35
What happens to ProxySG logging, it uploading them to a remote FTP server becomes impossible?

A. When there is no more space for logging, ProxySG switches on dynamic bypass for TCP connections — stops intercepting traffic
B. When there is no more space for logging, ProxySG will process policy, but will ignore any logging-related policies or configuration settings
C. ProxySG erases old logs but continues writing the more recent ones
D. Either logging stops or older log files are erased — depending on the ProxySG configuration
Answer: C

QUESTION NO: 36
Which protocol and port is used by Blue Coat Reporter service to display results?

A. HTTP port 8987
B. HTTP port 8443
C. FTP port 8021
D. SNMP port 161
Answer: A

QUESTION NO: 37
What is the default time to cache authentication credentials in ProxySG for an authentication realm?

A. 15 minutes
B. 30 minutes
C. 60 minutes
D. 90 minutes
Answer: A

QUESTION NO: 38
What is in NTLW Type 2 Message?

A. Domain + Workstation Name
B. Challenge for the Client
C. Usemame and Password
D. Client Response for the challenge
Answer: B

QUESTION NO: 39
Which of the following console services are enabled by default? (choose all that apply)

(a) HTTP port 8081
(b) HTTPS port 8082
(c) HTTPS port 8083
(d) SSH port 22

A. a & c only
B. b & d only
C. c & d only
D. a & b only
Answer: B

QUESTION NO: 40 (duplicated as no.51)
Which HTTP error code corresponds to the ProxySG default exception identifier icap_error?
A. 403
B. 404
C. 503
D. 401
E. Answer: C

QUESTION NO: 41 (duplicated as no.73)
To implement ProxySG as a default gateway, which of the following options has to be enabled?

A. Early intercept
B. Reflect Client IP
C. IP Forwarding
D. Detect Protocol
Answer: C

QUESTION NO: 42
When the DRTR successfully categorizes a site, the site is

(a) added to the static BCWF database on the ProxySG
(b) added to the local database on the ProxySG
(c) added to the DRTR database on the ProxySG
(d) added to a DRTR cache that resides on the ProxySG

A. a & b only
B. b & c only
C. d only
D. None of the above
Answer: A

QUESTION NO: 43
Which of the following is a free software based Blue Coat product for home users?

A. Web Filter
B. k9
C. SiteAdvisot
Answer: B

QUESTION NO: 44
When virus scanning functionality is enabled, ProxySG acts as an ICAP server, and ProxyAV — as an ICAP
client.

A. True
B. False
Answer: B

QUESTION NO: 45 (duplicated as no. 96)
What are the best practices using anti-virus software on a windows machine running Blue Coat Reporter?

A. Do not use anti-virus software as the log files cannot contain viruses
B. Perform scans as you would for any windows server
C. Perform scans only during low activity of ProxySG
D. Perform scans, but bypass certain directories containing frequently changing files
Answer: D

QUESTION NO: 46
Is Management Console accessible over HTTP?

A. Yes, it is enabled by default, except in FIPS mode
B. It can be explicitly enabled, the default port is 8081
C. It can be explicitly enabled, the default port is 8082
D. A new service has to be created with port selected by the administrator,
Answer: B

QUESTION NO: 47
HTTP Access log format bcreportermain_vl includes the time of the request, URL requested, and MIME type of content, but does not include whether it is cache hit or miss.

A. True
B. False
Answer: A

QUESTION NO: 48
Which virus-scanning engine is NOT supported by ProxyAV?

A. MCAfee
B. Sophos
C. Norton
D. Kaspersky E.Panda
Answer: C

QUESTION NO: 49
Which of the following tracks client-server requests and server responses?

A. Event logs
B. Sys logs
C. Report logs
D. Access logs
Answer: D

QUESTION NO: 50 (duplicated as no.61)
If a proxy server is seen in the external Internet as Web server, it is a forward proxy.

A. True
B. False
Answer: B

QUESTION NO: 51 (duplicated as no.40)
Which HTTP error code corresponds to the ProxySG default exception identifier icap_error?

A. 403
B. 404
C. 503
D. 401
Answer: C

QUESTION NO: 52
What is the name of the Technical Support Web site where service requests can be reported?

A. WebPulse
B. BlueTouch Online
C. Blue Coat Professional Services
D. Services@BC
Answer: B

QUESTION NO: 53
What changes, when FIPS mode tor Management Console is enabled?

A. FIPS mode improves browser support
B. Management Console can be accessed via TLS-based HTTPS only; some device certification options are changed
C. FIPS mode makes Management Console application faster as the rich client download size decreases
Answer: B

QUESTION NO: 54 (duplicated as mo.32, different answer)
Which of the following policies can be applied to Instant Messaging traffic? (Choose all that apply)

(a) A policy to deny the transfer of specific file types or file sizes
(b) A policy to deny a specific IM request method
(c) A policy to deny a key word or words using a regular expression
(d) A policy to deny a specific IM buddy or IM chat room

A. a, b & c only
B. b, c & d only
C. A. c a d only
D. All of the above
Answer: A

QUESTION NO: 55
When Proxy server settings in a browser are configured using WPAD (web Proxy Auto Discovery) protocol, what has to be specifically guaranteed to ensure security?

A. JavaScript on client's browser must be enabled, otherwise it will not allow to execute proxy configuration script.
B. Hosts (e.g. wpad.mydepartment.mycompany.com, wpad.mycompany.com ) should be trusted not to serve malicious wpad.dat files
C. Internet Explorer browser should receive security updates more often than twice a year
D. DHCP must be accessible at the time, when user starts a browser
Answer: B

QUESTION NO: 56
Reporter creates reports that can be saved in the following formats (choose all that apply)

(a) CSV (comma-separated-values) to be opened by Excel
(b) Adobe PDF
(c) HTML
(d) XML

A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c a d only
E. All of the above
Answer: A

QUESTION NO: 57 (duplicated as no 13, but different answer)
Which option is NOT available to upload logfiles from ProxySG?

A. HTTP server
B. FTP server
C. Blue Coat Reporter server
D. CIFS/SAMBA file server
Answer: D

QUESTION NO: 58
What are 'unmanaged endpoints" which make the ProxyRA appliance useful?

A. TCP connection sources of destinations, which are outside our LAN
B. Workstations, which need to be in a virtual private network, but VPN clients cannot be installed on them
C. TCP and UDP ports that are unprotected by the enterprise firewall.
D. Hosts without ProxyClient installed on them.
Answer: B

QUESTION NO: 59
Which statements are true about the Blue Coat WebFilter? (Choose all that apply)

(a) A single web site can belong to multiple categories
(b) Embedded images and objects may be denied, even though the container page is allowed.
(c) WebFilter on-box database can be used in conjunction with a third party content database
(d) WebFilter on-box database updates are Web downloads

A. a, b & c only
B. A. b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Answer: E

QUESTION NO: 60 (duplicated as no 12)
A single ProxySG appliance can act as a Gateway Proxy and WAN Acceleration Proxy at the same time.

A. True
B. False
Answer: A

QUESTION NO: 61 (duplicated as no.50)
If a proxy server is seen in the external Internet as Web server, it is a forward proxy.
A. True
B. False
Answer: B

QUESTION NO: 62
Which function is NOT a characteristic feature of proxy servers?
A. Making requests in the Internet, using HTTP, FTP, SOCKS on behalf of other clients
B. IP Masquerading - replacing original requestor's address with it's own
C. Encapsulating one protocol into another protocol
D. Caching previously requested resources
Answer: B

QUESTION NO: 63
Blue coat Director functions include the following (choose all that apply)

(a) Provide centralized initial setup and policy management
(b) Configure secure gateway and WAN acceleration
(c) Monitor hardware and software metrics and events on ProxySG appliances
(d) Enable proxying and filtering of multicast UDP traffic

A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b,c & d only
Answer: A

QUESTION NO: 64
What preconditions should be satisfied in order to do initial configuration from a client computer via the URL https://proxysg.bluecodt.com:8083? (choose all that apply)

(a) Client computer should be directly connected to ProxySG with a cross-over cable
(b) ProxySG should have a pass-through card
(c) ProxySG should be deployed in the bridging mode

A. a & b only
B. a & c only
C. b & c only
D. All of the above
Answer: D

QUESTION NO: 65
What kind of object should be selected from button New in the New Action dialogue in the VPM that returns a coaching or splash page?


A. Return Exception
B. Return Redirect
C. Notify User
D. Acceptable Usage Policy
Answer: C

QUESTION NO: 66
What are requirements for client's browser for notification and coaching pages to work properly?

A. Pop-up windows should not be blocked
B. JavaScript has to be enabled
C. Cookies have to be enabled
D. Both JavaScript and cookies have to be enabled
Answer: A

QUESTION NO: 67
What does the Blue Coat WebFilter do to classify sites not found in the WebFilter on-box database

A. Sends classification requests to WebPulse
B. Runs Bayes classification algorithm on ProxySG
C. Forwards categorization requests to other ProsySG
D. Matches against a list of forbidden keywords
Answer: A

QUESTION NO: 68
A ProxySG is designed to do which of the following? (choose all that apply)

(a) Enhance security through authentication, virus scanning, and logging.
(b) increase performance through TCP optimization, HTTP caching and pipelining.
(c) Control content with URL filtering, content stripping, and HTTP header analysis.

A. a & b only
B. b & c only
C. a & c only
D. All of the above
Answer: D

QUESTION NO: 69
Which of the following statements are true? (choose all that apply)

(a) Exceptions and notifications can be configured to use specific HTTP response codes.
(b) Exceptions and notify user objects can be created through the VPM.
(c) Exceptions and notify user objects can be utilized as action objects in the VPM.
(d) Exceptions and notify user objects can include substitutions such as the IP address, username or category.

A. a & b only
B. a, c & d only
C. b & c only
D. a, b & c only
Answer: B

QUESTION NO: 70
What happens, if there are multiple listeners to the same TCP port, and destination IP address belongs to multiple IP address ranges?

A. Such configuration is Inherently ambiguous and wrong
B. Such cases cause built-in exceptions to be thrown during policy processing
C. The most specific IP address range is always used
Answer: A

QUESTION NO: 71
Management Console of ProxySG (SGOS v. 5.4 or earlier) is based on the following client-side technology:

A. FIPS mode improves browser support
B. Java servlet application
C. JVM applet embedded in the Web page
D. Adobe Flex
E. AJAX and JavaScript
Answer: C

QUESTION NO: 72
Which of the following tracks client-server transactions going through the ProxySG?

A. Event logs
B. Sys logs
C. Report logs
D. Access logs
Answer: D

QUESTION NO: 73 (duplicated as no.41)
To implement ProxySG as a default gateway, which of the following options has to be enabled?

A. Early Intercept
B. Reflect Client IP
C. IP Forwarding
D. Detect Protocol
Answer: C

QUESTION NO: 74
If you set a service attribute on the ProxySG to "Reflect Client IP", what must you make sure is not going to happen in the network?

A. The service destination IP is set to "transparent" and Action is set to "Intercept".
B. Force Authentication through policy.
C. Asymmetric routing directly from client to OCS.
Answer: A

QUESTION NO: 75
Which layer can be used to block a particular URL?

A. Authentication
B. Web Access
C. Forwarding
D. Web Content
Answer: B

QUESTION NO: 76
All of the following are software based Blue Coat solutions: Blue Coat Reporter, Blue Coat WebFilter, Blue Coat K9, ProxyClient

A. True
B. False
Answer: A

QUESTION NO: 77
The following authentication realms will be used in a sequence realm. Which realm should go first?

A. Local
B. IWA
C. Radius
D. LDAP
Answer: A

QUESTION NO: 78
The ProxySG ICAP implementation is fully compatible with which of the following applications? (choose all that apply)

(a) Finjan SurfinGate
(b) Webwasher
(c) Antivirus Scan Engine (SAVSE)
(d) Trend Micro InterScan

A. a & b only
B. b & c only
C. c & d only
D. All of the above
Answer: D

QUESTION NO: 79 (duplicated No.28)
The ProxySG acts as both an ICAP client and ICAP server.

A. True
B. False
Answer: A

QUESTION NO: 80 (duplicated as no.33)
Which best describes the role of a proxy server?
A. A device that inspects Layer 2 - Layer 4 traffic running through it and denies or permits based on a set of policies.
B. An intermediary program which acts as both a server and a client for the purpose of making requests on behalf of other clients.
C. An intermediary program that protects the resources of a private network from users on other networks.
D. A device that extracts the destination address of a packet, selects the best path for the packet and forwards the packet the next device in the path.
Answer: B

QUESTION NO: 81
Which console services are NOT available on the ProxySG?

A. SSH
B. HTTP
C. HTTPS
D. Serial
E. All the above are available
Answer: E

QUESTION NO: 82
The ProxySG operating system is based on.

A. a customized, object oriented version of FreeBSD
B. a custom built operating system with integrated caching and compression
C. a Linux Kernel 2.6.x with byte caching and compression
Answer: B

QUESTION NO: 83
Which appliance does not need any licensing and is fully operable after deployment?

A. ProxyAV
B. ProxySG
C. ProxyRA
D. Blue Coat Director
Answer: D

QUESTION NO: 84
ProxySG can provide all these services to IM clients — client authentication at a proxy, message reflection, policy enforcement and logging.

A. True
B. False
Answer: A

QUESTION NO: 85
Can server initiate an HTTP transaction?

A. It cannot
B. It can for e.g. Web-based instant messaging, AJAX and similar server-push applications
C. It can only for some HTTP request methods
Answer: B

QUESTION NO: 86
The ProxySG can create configurable access logs for FTP, HTTP, and Telnet but not for Peer-to-Peer or RealMedia

A. True
B. False
Answer: B

QUESTION NO: 87
Which of the following policies CANNOT be implemented on the ProxyAV? (Choose all that apply)

(a) Blocking viruses, worms, spyware and trojans
(b) Blocking file types using apparent data type (file signature)
(c) Blocking files that exceed a size limit set by the administrator
(d) Blocking password protected archive files

A. a only
B. b only
C. c only
D. d only
E. All of the above can be implemented with the Proxy AV
Answer: E

QUESTION NO: 88
The SSL certificate returned by the Management Console upon HTTPS access____.

A. is birth certificate, which depends on the device serial number only; it can be cached for the whole lifetime of the ProxySG
B. is generated anew automatically every time ProxySG performs initial setup
C. has to be generated explicitly from the CLI
Answer: B

QUESTION NO: 89
ProxySG has to be deployed inline (in bridging mode) or virtually inline (using WCCP or an L4 switch) in order to block IM traffic.

A. True
B. False
Answer: A

QUESTION NO: 90
Which HTTP error code corresponds to the ProxySG default exception identifier policy_denied?

A. 403
B. 404
C. 503
D. 401
Answer: A

QUESTION NO: 91
Which of the following are true about the rules processing in the VPM? (choose all that apply)

(a) Rules are processed in a top down sequence.
(b) Layers are processed from left to right regardless of type.
(c) Layers are processed according to layer type.
(d) Layers of the same type are processed from left to right.

A. None of the above
B. b. c & d only
C. a, b & c only
D. a, c & d only
Answer: D

QUESTION NO: 92
Which capabilities are limited in Blue coat Reporter standard edition compared to Enterprise edition? (choose all that apply)
(a) Data profile number is limited to five
(b) Reports can be displayed, but cannot be saved as PDF or CSV
(c) Only single processor is supported
(d) Report customization is limited

A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Answer: C

QUESTION NO: 93
Find the configuration or management activity that is NOT among the functions of the Blue Coat Director CANNOT be used?

A. Configuration of a large number of ProxySG appliances
B. Policy updates on ProxySG appliances
C. Virus definition updates for AV scanning
D. Setup and licensing
E. All the above actions can be done by a Director
Answer: D

QUESTION NO: 94
In the VPM, source triggers can be used in conjunction with the ICAP RESPMOD action.

A. True
B. False
Answer: A

QUESTION NO: 95
What can be concluded about this request processing order?

A. ProxyAV is accessed in ICAP REQMOD mode
B. ProxyAV is accessed ICAP RESPMOD mode
C. ProxySG with ProxyAV is deployed as a forward proxy
D. Proxy SG with ProxyAV is deployed as a reverse proxy
Answer: A

QUESTION NO: 96 (duplicated as no. 45)
What are the best practices using anti-virus software on a Windows machine running Blue Coat Reporter?

A. Do not use anti-virus software as the log files cannot contain viruses
B. Perform scans as you would for any Windows server
C. Perform scans only during low activity of ProxySG
D. Perform scans, but bypass certain directories containing frequently changing files
Answer: D

QUESTION NO: 97 (duplicated as no. 3)
Forward proxy of SSL allows applying policies to encrypted SSL data.

A. True
B. False
Answer: B

QUESTION NO: 98
Coaching or splash pages have to be configured through CPL rather than VPM.

A. True
B. False
Answer: B

QUESTION NO: 99 (duplicated as no.152)
Which HTTP error code corresponds to the ProxySG default exception identifier authentication_failed?

A. 403
B. 404
C. 503
D. 401
Answer: D

QUESTION NO: 100
How many different anti-virus scanning engines can you run simultaneously on a ProxyAV?

A. 1
B. 2
C. 3
D. 4
Answer: A

QUESTION NO: 101
Which WAN Optimization feature can accelerate the transfer of several similar, uncompressed files between two locations? (Two files are called similar, if their editing distance is small, compared to the size of the files. For example, if one file can be obtained from another one by inserting or deleting a small fragment.)

A. Protocol Optimization
B. Object Caching
C. Byte Caching
D. Bandwidth Management
Answer: C

QUESTION NO: 102
Which HTTP error code corresponds to the ProxySG default exception identifier dns_unresolved_hostname?

A. 403
B. 404
C. 503
D. 401
Answer: B

QUESTION NO: 103
Which statement is true about a ProxySG with factory settings:

A. To get network access, initial setup is necessary — ProxySG does not have an IP address until then
B. Unconfigured ProxySG responds to some of the pre-built IP addresses, which are contained in the private IP address ranges 10.0.0.0/2S5.0.0.0 and 172.16.0.0/255.240.0.0 and 192.168.0.0/255.255.0.0 .
C. Unconfigured ProxySG tries to obtain IP address from a DHCP server
D. Unconfigured ProxySG sends RARP request to look up its IP address from the MAC address of its network interface card. If it cannot get a valid IP address, initial setup is required.
Answer: B

QUESTION NO: 104
If Proxy SG acts as a Web proxy, does the Origin Content Server (OCS) see the client's IP address or the proxy server's IP address

A. Content Server always sees client's IP address
B. Content Server always sees Proxy Server's IP address
C. Content Server sees client's IP address, if the proxy is configured as transparent proxy
D. The IP address seen by the Content Server depends on the Proxy SG configuration parameter reflect-client-ip
Answer: B

QUESTION NO: 105
HTTP response typically contains headers and the body (data). Does HTTP request contain body (data)?

A. HTTP requests contain headers (including cookie data) only
B. HTTP requests contain body only if the request is file upload
C. HTTP requests contain body only if it is a POST (rather than GET) request
D. HTTP requests contain body, if they are HTML form submissions
Answer: A

QUESTION NO: 106
Since which version the HTTP protocol has persistent TCP connections and Keep-alive headers?

A. HTTP/0.9
B. HTTP/1.0
C. HTTP/1.1
Answer: C

QUESTION NO: 107
Which WAN Optimization features require at least two ProxySG appliances to work? (Check all that apply)

(a) Protocol Optimization
(b) Object Caching
(c) Byte Caching
(d) Application Delivery Network (ADN)

A. a & b only
B. b & c only
C. c & d only
D. All of the above
Answer: C

QUESTION NO: 108
When the Blue Coat Web Filter is enabled, the DRTR

A. is disabled by default
B. is enabled only through VPM policy
C. is enabled to work in the background by default
D. is enabled to work in real-time by default
Answer: C

QUESTION NO: 109
Assume explicit proxy deployment where LDAP authentication realm is used. Authentication mode value is auto. What is the first response code that a client receives as it attempt to connect to the Internet for the first time?

A. 200
B. 302
C. 401
D. 407
Answer: C

QUESTION NO: 110
Client makes a Web request to a Web Server, and ProxySG is using ProxyAV in RESPMOD mode. Which devices are involved before the request reaches the original destination Web server?

A. Client, (2) ProxySG, (3) ProxyAV, (4) ProxySG, (S) Web server
B. Client, (2) ProxySG, (3) ProxyAV, (4) Web server
C. client, (2) ProxySG, (3) Web server
D. (l) Client, (2) ProxyAV, (3) ProxySG, (4) Web server
Answer: B

QUESTION NO: 111
Which of the following tasks could be performed from the Blue Coat Management Console? (Choose all that apply)

(a) SG Initial Setup
(b) Authentication Realm Configuration
(c) Bandwidth Class Configuration
(d) Resetting Trial Period

A. a & b only
B. b & c only
C. c & d only
D. All of the above
Answer: B

QUESTION NO: 112
The HTTP request from a client to a proxy user addresses as shown in the picture. It follows that the ProxySG serves as transparent proxy.


A. True
B. False
Answer: B

QUESTION NO: 113
What ICAP refers to?

A. It is a protocol for Web-based AV appliances to communicate with scanning engines of various providers
B. It is a standard developed by Blue Coat to communicate between ProxySG and other Blue Coat appliances
C. It is a TCP-based protocol for HTTP request and response modification
D. It is an approach used by media servers for Digital Rights Management
Answer: A

QUESTION NO: 114
If the DRTR is enabled in real time, but does not have categorization value for the requested URL,

A. the URL will be assigned to the category none
B. the URL will be assigned to the category pending
C. the URL will be assigned to the category unavailable
D. the URL will assigned to the category uncategorized
Answer: D

QUESTION NO: 115
You need to have an open service request (SR) with Technical Support to upload your ProxySG configuration information to Blue Coat directly from the Management Console.

A. True
B. False
Answer: A

QUESTION NO: 116
A policy configured in VPM contains several Web Access layers, each contains several rules. Where a policy rule should be placed to ensure that it is always invoked and its action (e.g. ALLOW or DENY) is not overridden by any other rule?

A. First in the first layer
B. First in the last layer
C. Last in the first layer
D. Last in the last layer
Answer: A

QUESTION NO: 117
ICAP responses may be cached on a ProxySG, i.e. for some Web requests ICAP processing may be completed without involving ProxyAV

A. True
B. False
Answer: B

QUESTION NO: 118
You can obtain support information without contacting anyone from Blue Coat support via Blue Coat's online tool, Instant Support.

A. True
B. False
Answer: B

QUESTION NO: 119
Which of the following is true about enabling access logging? (Choose all that apply)

(a) Access logging is disabled by default on newly configured systems.
(b) You can enable access logging through the Management Console only.
(c) You must configure the ProxySG to intercept protocols you wish to log.

A. a & b only
B. a & c only
C. b & c only
D. All of the above
Answer: B

QUESTION NO: 120
What is sent over HTTP, if user enters non-ASCII characters into the address window of a Web browser (e.g. the URL address shown in the image)?


A. The UTF-16 representation of these characters is being sent, since HTTP supports Unicode
B. The special characters are Base64 encoded before sending
C. URL address contains sequence of the form %HH%HH%HH, where "HH" is a hex-encoding of bytes representing the non-ASCII characters
D. Special characters are sent as bytes, using the current encoding of the Web page
Answer: C

QUESTION NO: 121
Which of the following are trigger objects in the Visual Policy Management? (Choose all that apply)

(a) Source Address
(b) Destination Address
(c) Time
(d) Tracking

A. All of the above
B. b, c & d only
C. a, b & c only
D. a, c a d only
Answer: C

QUESTION NO: 122
Notify user objects utilize cookies and http redirection to deliver error messages to clients.

A. True
B. False
Answer: B

QUESTION NO: 123
How can a user restore ProxySG back to its default, factory settings, so that its IP address etc. needs to be configured anew? (Choose all that apply)

(a) Press a button on ProxySG back panel (left arrow on front panel for some models) and hold it for about S seconds
(b) Enter a CLI command ( restore-defaults factory-defaults ) and confirm it with y(yes) .
(c) Press a button in Management Console that drops the network configuration, and confirm the warning dialog.

A. a & b only
B. a & c only
C. b & c only
D. All of the above
Answer: C

QUESTION NO: 124
What categories are included in Blue Coat WebFilter on-box database and recognized by the WebPulse dynamic categorization

A. There is a simple list of 23 categories
B. There is a hierarchy of 36 first level categories, and several hundred second level categories
C. There is a simple list of 69 categories
Answer: C

QUESTION NO: 125
What is the behaviour of content filtering policies, when the Blue Coat WebFilter license expires

A. All content is blocked
B. All content is allowed
C. Content is allowed or blocked depending on policy for System/unlicensed
D. Content is allowed or blocked depending on fail open or fail closed setting in Management Console.
Answer: C

QUESTION NO: 126 (duplicated as no. 146)
Which of the following types of traffic are scanned with ICAP RESPMOD?

A. HTTP responses
B. FTP uploads
C. HTTP PUT data
D. HTTP POST data
E. All of the above
Answer: A

QUESTION NO: 127
ProxySG uses a licensed Blue Coat Web Filter (BCWF), and has configured policies for URL categories. ProxySG uses a DNS server, which for some reason cannot resolve the domain name sp.cwfservice.net anymore. What happens to the content filtering policy evaluation in this case?

A. Any time when policy evaluation needs to categorize an URL, access to that page is denied.
B. ProxySG always uses whatever action is configured for the System/unavailable category
C. Policy evaluation is not affected, because ProxySG uses the default IP address of a WebPulse Service Point
D. Policy evaluation is not affected for URLs categorized in the BCWF database, and is evaluated as System/unavailable for any other URLS.
Answer: B

QUESTION NO: 128
In a TCP connection, what will a listener service attempt to match before deciding to intercept or to bypass the connection? (Choose all that apply)

(a) Source IP
(b) Destination IP
(c) Destination Port
(d) Source Port

A. a & b only
B. b & c only
C. c & d only
D. All of the above
Answer: D

QUESTION NO: 129
Name two different ways to create a transparent proxy environment.

A. Using the PAC File or configuring WCCP
B. Configuring a Layer 4 switch or configuring the appliance in bridging mode
C. Configuring WCCP or using an automatic configuration script
Answer: C

QUESTION NO: 130
How many content filtering databases can be used in a policy for SGOS 5.3 at the same time (apart from the local database and IWF restricted categories)?

A. Only one content filtering database
B. Any two content filtering databases
C. Two content filtering databases — BCWF and one other
D. Any number of content filtering databases from the list supported by ProxySG
Answer: D

QUESTION NO: 131
Which is NOT a good reason why to configure user authentication when deploying ProxySG as an Internet gateway proxy?

A. To allow creation of granular polices by user or group
B. To allow more detailed logging and reports
C. To enable more convincing coaching pages for AUP violations
D. To ensure that cache content is not expired
E. To protect against unauthorized access of Web objects found in cache
Answer: D

QUESTION NO: 132
Which of the following categorization method incur additional costs (not covered by ProxySG and BCWF licenses)?

A. Local Database Categorization
B. IWF Categorization
C. SurfContrl Categorization
D. DRTR Categorization
Answer: D

QUESTION NO: 133
What configuration of ProxySG can be created during web initial setup wizard? (Choose all that apply)

(a) IP address or addresses, mask, gateway, DNS address or addresses
(b) and settings – and manager and backup manager
(c) password for web management Console nad CLI enabled mode.

A. A, B only
B. A, C only
C. B, C only
D. All of the above
Answer: A

QUESTION NO: 134 (duplicated as no. 159, but with different answer)

By looking at the above HTTP GET request, what are the possible proxySG deployment methods that could be in used? (Choose all that apply)

(a) Default Route
(b) WCCP
(c) PAC
(d) WPAD

A. a, d only
B. c, d only
C. b, c only
D. None of the above
Answer: B

QUESTION NO: 135
What do you need to enable NTLM authentication?

A. Active directory server and authentication license
B. BCAAA and auyhentication license
C. BCAAA
Answer: C

QUESTION NO: 136
In the exception hierarchy exception myexception is a child of Exception.User-defined.all. This means that the values for all parameters (format, contact, summary, http code, etc.) are copied from Exception. User-defined all settings to myexception unless these values are explicitly overridden.

A. True
B. False
Answer: B

QUESTION NO: 137
Licensing of the Proxy AV is done through the ProxySG interface.

A. True
B. False
Answer: B

QUESTION NO: 138
It is possible to upgrade the version of ProxyClient installation a ProxySG without upgrading its SGOS version.

A. True
B. False
Answer: A

QUESTION NO: 139
What happens, if ProxyClient is deployed in a place that does not match any conditions in the Location Awareness?

A. Content filtering is enabled, but acceleration is disabled
B. Default settings for filtering and acceleration are applied
C. ProxyClient is passive in such case, so neither filtering nor acceleration can work
Answer: C

QUESTION NO: 140
For ProxyClient content filtering to work, the client’s computer should be able to do a correct lookup of DNS address sp.cwfservice.net.

A. True
B. False
Answer: A

QUESTION NO: 141
What are the two hardware chassis options that are available in Blue Coat Director? (Choose all that apply)

(a) SG210
(b) SG510
(c) SG810
(d) SG8100

A. a & b only
B. b & c only
C. c & d only
D. a & d only
Answer: B

QUESTION NO: 142
Which of the following statements are true about WCCP? (Choose all that apply)

(a) WCCP version 1 only redirects traffic based on TCP destination port 80 while WCCP version 2 can redirect more than just port 80.
(b) WCCP version 1 supports only single proxy while WCCP version 2 can support up to 32 proxies in a single service group.
(c) WCCP version 1 is the default version supported by ProxySG unless configured otherwise.
(d) WCCP version 2 is more suitable for multiple router deployment as it allows multicast discovery.

A. a & b only
B. b & d only
C. a & d only
D. a & c only
Answer: C

QUESTION NO: 143
Which are the two packets that are used in WCCP discovery process? (Choose all that apply)

(a) HERE_I_AM
(b) HOME_ROUTER_IP:
(c) I_SEE_YOU
(d) WEB_CACHE_HERE

A. All of the above
B. a, b & c only
C. b & d only
D. a & c only
Answer: D

QUESTION NO: 144
When using transparent authentication, which of the following statements is true?
A. The virtual URL used for origin-style redirects must resolve to the IP address of the ProxySG.
B. The virtual URL used for origin-style redirects must resolve to an IP address.
C. The virtual URL used for origin-style redirects must be configured as an IP address.
D. The virtual URL used for origin-style redirects must be configured as a host name.
Answer: A

QUESTION NO: 145
Why should ProxySG set HTTP proxy behaviour profile to "portal" in a reverse proxy deployment? (Choose all that apply)

(a) To ensure ProxySG will ignore reload attempt.
(b) To only allow authenticated users that are allowed to browse the page.
(c) To ensure that ProxySG will trust server expiration header.
(d) To restrict client access by User-Agent type.

A. a & b only
B. a & c only
C. b & d only
D. b & c only
E. c & d only
Answer: B

QUESTION NO: 146 (duplicated as no. 126)
Which of the following types of traffic are scanned with ICAP RESPMOD?

A. HTTP responses
B. FTP uploads
C. HTTP PUT data
D. HTTP POST data
E. All of the above
Answer: A

QUESTION NO: 147
User with administrative rights can stop ProxyClient as a Windows service.
A. True
B. False
Answer: A

QUESTION NO: 148
Which statement is not true?

A. A VLAN trunk is a physical link that connects two switches together.
B. A VLAN trunk is used for frame-tagging.
C. A trunk port connects to CIFS server.
D. A trunk port erases the tag in a frame.
Answer: C

QUESTION NO: 149
The placeholder variables that are available in ProxyClient’s exception templates (i.e. the screens that are displayed, when there is a policy violation) are the same ones that are available for userdefined exceptions within ProxySG.
A. True
B. False
Answer: B

QUESTION NO: 150
Assume that ProxySG has default policy Allow, it is configured so that the HTTP proxy service on port 8080 has Detect Protocol option disabled and there are no policy rules on either SSL Intercept Layer or SSL Access Layer . A Web browser is accessing an HTTPS site, using explicity proxying on the ProxySG, port 8080. What would happen to this traffic?

A. The HTTPS connection will never be established
B. The HTTPS connection will always be established
C. The HTTPS connection will be established only for the remote server port 443.
D. The HTTPS connection will be established only for the remote server port 443 unless there are rules on Web Access Layer, explicitly allowing other port numbers.
Answer: D

QUESTION NO: 151
In which of the following ways can Access Logging be enabled? (Choose all that apply)

(a) By a CLI command
(b) In the Management Console under Access Logging
(c) By adding another layer to VPM policy

A. a & b only
B. a & c only
C. b & c only
D. All of the above
Answer: A

QUESTION NO: 152 (duplicated as no.99)
Which HTTP error code corresponds to the ProxySG default exception identifier authentication failed?

A. 403
B. 404
C. 503
D. 401
Answer: D

QUESTION NO: 153
Which group of services does not have a specialized proxy and is handled by TCP Tunnel instead?

A. HTTP, HTTPS, FTP
B. SOCKS
C. LDAP, IMAP, SSH
D. QuickTime, Real Audio
E. AOL, MSN IM, Yahoo IM
Answer: B

QUESTION NO: 154
HTTP status codes requesting client authorization are 3-digit numbers of the following form
A. 1xx
B. 2xx
C. 3xx
D. 4xx
E. 5xx

QUESTION NO: 155
The bcreportermain_vl access log format has a configurable ordering of fields, and this custom order is reflected in a log file header.
A. True
B. False
Answer: B

QUESTION NO: 156
Which types of requests are likely to be served the fastest?

A. TCP_MISS
B. TCP_NC_MISS
C. TCP_HIT
D. TCP_MEM_HIT
E. TCP_RESCAN_HIT

QUESTION NO: 157
Which of the following access log formats are supported by the ProxySG? (Choose all that apply)

(a) ELFF
(b) SQUID
(c) Websense
(d) NCSA

A. a, b & c only
B. a, b & d only
C. a, c & d only
D. b, c & d only
E. All of the above
Answer: B

QUESTION NO: 158
What happens, when administrator makes some changes in ProxySG Management Console and presses Revert button two times?

A. The next-to-last configuration (i.e. immediately preceding the last press of Apply) is restored.
B. The next-to-last configuration (i.e. immediately preceding the last press of Apply) is restored only if the history tracking is enabled in the Management Console.
C. The last saved configuration is restored and the second Revert has no effect.
D. Nothing is changed on ProxySG as the two presses of the same button cancel each other.

QUESTION NO: 159 (duplicated as no. 134, but with different answer)


By looking at the above HTTP GET request, what are the possible ProxySG deployment methods that could be in used? (Choose all that apply)

(a) Default Route
(b) WCCP
(c) PAC
(d) WPAD

A. a & b only
B. b &c only
C. c & d only
D. All of the above
Answer: C

QUESTION NO: 160
Can ProxySG services configure multiple listeners on the same TCP port?

A. Yes, the service listeners are scanned top down as displayed under Configuration > Services > Proxy Services , and the first matching listener is always used
B. No, each TCP port can have up to one listener, which is set to either Bypass or Intercept .
C. Yes, the listener with the most specific (longest) network mask is chosen, if there are several listeners configured on the same port
D. Yes, configuring multiple listeners is used to do internal load balancing; they help to distribute incoming TCP connections between multiple listener threads
Answer: B

QUESTION NO: 161
When accessing Management Console from the Web, the built in admin account uses the regular password of CLI access (NOT the enable password of admin account)

A. True
B. False
Answer: A

16 June 2009

Updated on Look-alike-Meter

After visiting Beatrice meimei blog and saw what Laura Yiyi has done, I have decided to re-take the look-alike-meter and see what's the out come.

Well, well . . I am not surprise Aicia looks more like daddy, in fact I am surprise by the small percentage ahahaha.