Blue Coat Certified Proxy Professional BCCPP Set 4

Which of these possible problems does a nearly-full ProxySG disk indicate? (Select all that apply)


Options are :

  • This ProxySG should be upgraded to a more powerful model.
  • One or more additional ProxySG appliances should be deployed in this network.
  • Caching parameters are improperly set in the Management Console.
  • None; this is a normal condition.

Answer : One or more additional ProxySG appliances should be deployed in this network. Caching parameters are improperly set in the Management Console.

Blue Coat Certified Proxy Professional BCCPP Set 3

Name two settings that can be configured in a forwarding group to define which hosts in the group receive traffic. (Select all that apply)


Options are :

  • Redirection
  • Host affinity
  • Fail open or closed
  • Load balancing

Answer : Redirection Load balancing

What is the pre-defined username that can be used to allow guest users to access content via the ProxySG?


Options are :

  • guest
  • guest_$ip, where $ip is the client’s IP address.
  • user
  • user_$ip, where $ip is the client’s IP address.

Answer : guest_$ip, where $ip is the client’s IP address.

http://support.bluecoat.com/products/proxysg/sg9000.html?customer=123
For the above URL, will the trigger url.extension=htm match or miss?


Options are :

  • Match
  • Miss

Answer : Match

After creating CPL in the local policy file, the policy is imported into the VPM CPL file so that it can be viewed through the Visual Policy Manager.


Options are :

  • True
  • False

Answer : True

With ProxySG failover, the failover Virtual IP address can be the same as the IP address assigned to the master.


Options are :

  • True
  • False

Answer : False

Blue Coat Certified Proxy Professional BCCPP Set 4

When creating a TCP tunnel service in explicit mode, you must also configure a forwarding host?


Options are :

  • True
  • False

Answer : True

In regards to authentication the ProxySG does not support origin-redirects with CONNECT method.


Options are :

  • True
  • False

Answer : True

The authentication mode origin-ip-redirect allows an administrator to assign a Time To Live (TTL) for the surrogate credentials. Meanwhile the authentication mode origin-cookie-redirect does not provide this feature.


Options are :

  • True
  • False

Answer : False

Blue Coat Certified Proxy Professional BCCPP Set 3

Blue Coat Certified Proxy Professional BCCPP Set 4

If a CPL rule is not part of a policy layer, when is it processed?


Options are :

  • Before any layers are processed.
  • After all layers are processed.
  • This cannot happen. All rules must be part of a layer.

Answer : After all layers are processed.

How can you instruct the ProxySG to disregard the HTTP request header Pragma: no-cache?


Options are :

  • By deselecting the Action object setting “Parse pragma-no-cache meta tag” in the VPM.
  • By changing the HTTP proxy Acceleration Profile settings in the Management Console.
  • By deselecting the HTTP proxy setting “Parse pragma-no-cache meta tag” in the Management Console.
  • You cannot do this.

Answer : By deselecting the HTTP proxy setting “Parse pragma-no-cache meta tag” in the Management Console.

When a <proxy> policy layer has set one or more actions to yes, when are these actions performed?


Options are :

  • At the end of policy processing, in the order they were encountered.
  • In order when they are encountered during policy processing.
  • Depending on the transaction, not all such actions are necessarily taken.
  • At the end of policy processing, in the reverse order they were encountered.

Answer : At the end of policy processing, in the order they were encountered.

Blue Coat Certified Proxy Professional BCCPP Set 3

How can you test whether an authentication realm has been properly configured on the ProxySG without requiring valid user credentials?


Options are :

  • The Test Configuration button in the Management Console for this realm.
  • The realm browser in the VPM.
  • You cannot do this.

Answer : The Test Configuration button in the Management Console for this realm.

In a network with three ProxySG appliances using IWA realms with BCAAA, what is the minimum number of BCAAAs that must be deployed, independent of performance considerations?


Options are :

  • One
  • Three
  • None of the above.

Answer : One

When SGOS processes a client HTTP request, how is a client worker started?


Options are :

  • By the SGOS cache administrator process.
  • By a retrieval worker.
  • By a server worker.

Answer : By a retrieval worker.

By default, are proxy transactions allowed or denied?


Options are :

  • Yes
  • No
  • The answer depends on the default proxy policy setting.

Answer : No

By, default is a Forwarding layer in the VPM processed before or after a Web Access layer?


Options are :

  • Before
  • After

Answer : After

Policy that is written in CPL to control ProxySG forwarding should be placed in which policy file?


Options are :

  • Forward policy file.
  • Threat protection policy file.
  • Local policy file.
  • Central policy file.
  • The answer depends on the processing order configured in the Management Console.

Answer : Forward policy file.

The HTTP request header Pragma: no-cache performs the same function as what other header?


Options are :

  • Cache-control: no-cache
  • Cache-control: cache=none
  • GET If-Modified-Since
  • None of the above

Answer : Cache-control: no-cache

By default, which standard keying is used to authenticate a ProxySG to other devices?


Options are :

  • authentication-key
  • default
  • appliance-key
  • default-untrusted

Answer : default

When analyzing an authentication error, which of these diagnostic tools provides the most detailed information about the protocol-level messages among the client, the ProxySG, and the authentication server?


Options are :

  • Packet captures
  • Policy traces
  • Access logs
  • Event logs

Answer : Access logs

What does this CPL layer do?


Options are :

  • Sets the transaction status to Allow for all users who have the group attribute of Administrators.
  • This policy contains a syntax error and cannot be installed.
  • Nothing.
  • Sets the group attribute of Administrators for all users whose transactions are allowed.

Answer : Sets the transaction status to Allow for all users who have the group attribute of Administrators.

Perl statements can be included into CPL code as part of policy processing.


Options are :

  • True
  • False

Answer : False

Is SGOS a 32-bit or 64-bit operating system?


Options are :

  • 32-bit
  • 64-bit
  • Either, depending on the model of ProxySG on which it runs

Answer : Either, depending on the model of ProxySG on which it runs

The ProxySG simultaneously opens multiple server connections to retrieve objects referenced on a web page before the client actually issues the requests for those objects. This statement best describes which ProxySG caching technique?


Options are :

  • Pipelining
  • Asynchronous adaptive refresh
  • Popularity contest
  • Cost-based deletion

Answer : Pipelining

In CPL, using the define category construct with a list of 1,000 URLs usually produces more efficient code than explicitly specifying each individual URL as a separate test.


Options are :

  • True
  • False

Answer : False

In a hybrid configuration using the ProxySG in conjunction with the Blue Coat Cloud Service Web Security Module, how does the ProxySG determine when content filtering should be processed by the Cloud Service and not the ProxySG?


Options are :

  • The administrator must delete any local policy in the VPM and CPL on the ProxySG.
  • Selective forwarding must be configured on the ProxySG.
  • The administrator must disable content filtering on the ProxySG.
  • This cannot happen; in such a configuration, content filtering is always processed by the ProxySG.

Answer : Selective forwarding must be configured on the ProxySG.

Which policy file is processed last?


Options are :

  • Local policy file.
  • Threat protection policy file.
  • Forward policy file.
  • Central policy file.
  • The answer depends on the processing order configured in the Management Console.

Answer : Forward policy file.

What type of SGOS software worker can be invoked to perform pipelining of HTTP requests?


Options are :

  • Client worker.
  • Server worker.
  • Retrieval worker.
  • SGOS software workers do not perform pipelining of HTTP requests.

Answer : Server worker.

Which standard CA certificate list on the ProxySG is normally used in processing client-server SSL transactions?


Options are :

  • appliance-ccl
  • image-validation
  • appliance-key
  • browser-trusted
  • default

Answer : browser-trusted

When the ProxySG processes a client request to a server that requires a client certificate, how does the ProxySG determine which certificate to present to the server?


Options are :

  • The administrator configures this in the Management Console at Configuration > SSL.
  • The ProxySG negotiates with the client.
  • The ProxySG negotiates with the server.
  • The client sends its certificate to the ProxySG.
  • The administrator configures this in policy.

Answer : The administrator configures this in the Management Console at Configuration > SSL.

Which one of these statements is NOT true about the caching architecture of the ProxySG?


Options are :

  • Objects are first stored in the RAM object cache and are swapped into the disk-based object cache as needed.
  • Information about a single object in the cache can be viewed from the Management Console or CLI.
  • If the same object is cached as a result of being accessed by two different protocols (such as HTTP and FTP), two objects are stored in the cache.
  • The object store uses a directory structure so that objects in the cache can be accessed quickly.

Answer : Objects are first stored in the RAM object cache and are swapped into the disk-based object cache as needed.

When using a transparent proxy connection, the ProxySG detects Flash traffic using listeners for which proxy service by default?


Options are :

  • External HTTP
  • None of the above
  • RTMP
  • Flash

Answer : External HTTP

By default, what method does the ProxySG use to balance traffic load among members of a forwarding group?


Options are :

  • Least connections
  • Round robin
  • None of the above

Answer : Least connections

When performing anti-virus scanning using Blue Coat appliances, how does the ProxySG determine what specific actions to perform for high-performance or maximum-security deployments?


Options are :

  • In the Configuration > Threat Protection settings of the Management Console.
  • By reading the Threat Protection policy file.
  • By querying the configuration of the anti-virus scanning appliance.

Answer : In the Configuration > Threat Protection settings of the Management Console.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions