Nortel VPN Router Rls.7.0 Advanced Configuration &
have questions for you but I have only one suggestion
for you to just go for www.examcheets.com study material.
Try my questions too. You will get the success.
Virtual Router Redundancy Protocol (VRRP) has
been configured to run as master on a physical interface
of a VPN Router. Three additional interfaces, each in
a separate interface group, have been associated with
this master VRRP interface. Assume one of the three
additional interface has gone down. How will the VPN
A. It will force a VRRP fail-over.
B. It will reroute traffic to the associated VRRP master
C. It will reroute traffic to one of the two remaining
additional interface groups.
D. No action necessary, since two additional interfaces
are available to the master.
A technician wants to specify and control network
traffic by class so that certain types of traffic receive
precedence in a VPN Router configuration. The technician
plans to accomplish this control by utilizing a protocol
that uses the TOS field in the IP packet header to notify
network devices which "Per-hop Behavior" to
apply to each outgoing traffic flow. Assume the Advanced
Routing license has been purchased for this system.
Which protocol will provide the required functionality?
B. Call Admission Protocol (CAP)
C. Network Address Translation (NAT)
D. Resource Reservation Protocol (RSVP)
A customer would like their remote users to
be able to establish a VPN tunnel with an alternate
VPN Router, if the primary VPN Router fails. What would
need to be configured to ensure Fail-over protection?
A. Demand Services
B. Firewall and DHCP settings on the remote PC
C. Only LDAP group parameters
D. VPN Router user tunnel for IPSec fail-over service
In a VPN Router network, a technician has enabled
the Fail-over feature so that all remote users working
offsite using the Nortel VPN Client will attempt to
connect to one or more alternate VPN Router devices
if the primary VPN Router fails. Which statement is
true regarding the IP addresses specified for the alternate
VPN Router devices in the Fail-over?
A. The IP addresses must be for public interfaces.
B. The IP addresses must be for private interfaces.
C. The IP addresses must match the VPN Router management
D. The IP addresses must match the primary VPN Router
A customer would like to address Quality of
Service (QoS) issue on their network and are wondering
how the VPN Router addresses this issue. They are not
aware of the VPN Router internal and external QoS capabilities.
Which statement describes a QoS mechanism used by the
A. Uses internal Firewall to guarantee what resources
are available to support the committed bandwidth.
B. Signals the private network to reserve a portion
of the network bandwidth for all connections.
C. Assigns each user group profile to one of four priority
classes (from 1-high to 4-low).
D. Provides the monitoring of data that exceeds forwarding
rates allowing for guaranteed bandwidth.
Virtual Router Redundancy Protocol (VRRP) has
been configured on the VPN Routers of a customer's network.
However, all of the traffic is being routed to the Backup
and not the Master. What could be a possible reason
for this problem?
A. The Virtual Router ID (VRID) is not configured correctly.
B. The Backup and Master VPN Routers are running two
different versions of code.
C. The Priority Value of the Master is set to 100, and
the Backup is set to a higher value.
D. The authentication string in the Authentication Data
field is not set.
To enable Fail-over support in a VPN Router
configuration, a technician is setting up Static Tunnel
Fail-over for Branch Office Tunnels. Primary and subsequent
static routes will be created. To provide the required
Fail-over support, how will the primary tunnel be configured?
A. It must be nailed up.
B. It must use RIP only.
C. It must use OSPF only.
D. It must be a virtual tunnel.
Employees at the company headquarters and out
in the field have found that they are moving from an
Ethernet connection to a wireless connection and back,
on a regular basis while still having a VPN tunnel established.
A network administrator has been tasked with finding
a solution that preserves the IPSec tunnel while roaming
within the LAN, without affecting applications that
use the VPN tunnel. Which solution would you recommend
for this customer?
A. IPSec fail-over
B. Nortel IPSec Mobility
C. TunnelPersistance Mode
D. Virtual Router Redundancy Protocol (VRRP)
A high-profile customer dealing with electronic
commerce requires non-repudiation of a signature and
needs a way to guarantee both the integrity of the data
and the authenticity of a sender. You recommend the
use of digital certificates and the associated digital
signature algorithm. Which statement about the digital
signature algorithm is false?
A. The digital signature is computed using a set of
rules and a set of parameters such that the identity
of the signatory and integrity of the data can be verified.
B. Each user possesses a private and public key pair.
Anyone can verify the signature of a user by employing
that user's public key.
C. The digital signature shows who actually ordered
the merchandise and but cannot guarantee that the information
on the order has not been changed.
D. A private key is restricted for signature use.
A VPN Router customer is using certificate
authentication for user and branch office tunnels. A
supervisor has suggested configuring Certificate Management
Protocol (CMP) on the VPN Routers company wide in order
to reduce the administrator's workload. In what way
would the configuration of CMP benefit the administrator?
A. CMP automates the processes of Certificate Revocation
List (CRL) updates and CRL distributions to all VPN
B. CMP allows the VPN Router to act as a Certification
Authority (CA) for other VPN Routers on the network.
C. CMP automates the process of client certificate distribution,
so the clients do not need to generate a certificate
D. CMP offers management of the entire certificate and
key life cycle for the server of the VPN Router.
A network administrator has worked with and configured
Secure Sockets Layer (SSL) /Transport Layer Security
(TLS) on their VPN Router and has been made aware of
a security vulnerability involving Cipher Block Chaining.
What information is important to the network administrator?
A. Block ciphers are the most common in cryptography
and are therefore prone to security risks.
B. Block ciphers split the message into fixed blocks
of text and encrypt them individually.
C. Optional padding has been added as a countermeasure
and the VPN Router default setting has been set to Not
D. The end of the message is padded with random contents
to ensure the entire message is aligned on block boundaries.