156-315.81 Practice Test

Explanation: The verified answer is B. Automatic proxy ARP configuration can be enabled.
Proxy ARP is a feature that allows a gateway to respond to ARP requests on behalf of another IP address that is not on the same network segment. Proxy ARP is required for manual NAT rules when the NATed IP addresses are not routed to the gateway1.
By default, proxy ARP for manual NAT rules has to be configured manually by editing the local.arp file or using the CLISH commands on the gateway2. However, since R80.10, there is an option to enable automatic proxy ARP configuration for manual NAT rules by modifying the files $CPDIR/tmp/.CPprofile.sh and $CPDIR/tmp/.CPprofile.csh on the gateway3.
fw ctl proxy is a command that displays the proxy ARP table on the gateway, but it does not configure proxy ARP4.
Translate Destination on Client Side is a NAT option that determines whether the destination IP address is translated before or after the routing decision. It does not affect proxy ARP.

Explanation: The valid authentication methods for mutual authenticating the VPN gateways are Pre-shared Secret and PKI Certificates. Pre-shared Secret is a method that uses a secret key that is known only to the two VPN gateways. PKI Certificates is a method that uses digital certificates that are issued by a trusted Certificate Authority (CA) and contain the public key of each VPN gateway. Both methods ensure that the VPN gateways can verify each other’s identity before establishing a secure VPN tunnel.