Q1. - (Topic 2)
To reduce the information given to you in SmartView Tracker, what can you do to find information about data being sent between pcosaka and pctokyo?
A. Apply a source filter by adding both endpoint IP addresses with the equal option set.
B. Use a regular expression to filter out relevant logging entries.
C. Double-click an entry representing a connection between both endpoints.
D. Press CTRL+F in order to open the find dialog, and then search the corresponding IP addresses.
Answer: A
Q2. - (Topic 3)
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?
A. Check Point Password
B. WMI object
C. Domain Admin username
D. Windows logon password
Answer: A
Q3. - (Topic 2)
Which of the following is NOT useful to verify whether or not a Security Policy is active on a Gateway?
A. fw ctl get string active_secpol
B. cpstat fw -f policy
C. Check the Security Policy name of the appropriate Gateway in SmartView Monitor.
D. fw stat
Answer: A
Q4. - (Topic 2)
You have three servers located in a DMZ, using private IP addresses. You want internal users from 10.10.10.x to access the DMZ servers by public IP addresses. Internal_net
10.10.10.x is configured for Hide NAT behind the Security Gateway's external interface.
What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers' public IP addresses?
A. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers.
B. When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface.
C. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.
D. When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ's interface.
Answer: C
Q5. - (Topic 2)
Which R77 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway?
A. SmartView Server
B. SmartView Tracker
C. None, SmartConsole applications only communicate with the Security Management Server.
D. SmartUpdate
Answer: B
123. - (Topic 2)
You are reviewing the Security Administrator activity for a bank and comparing it to the change log. How do you view Security Administrator activity?
A. SmartView Tracker in Network and Endpoint Mode
B. SmartView Tracker in Management Mode
C. SmartView Tracker cannot display Security Administrator activity; instead, view the system logs on the Security Management Server's Operating System.
D. SmartView Tracker in Active Mode
Q6. - (Topic 1)
Which of the following uses the same key to decrypt as it does to encrypt?
A. Asymmetric encryption
B. Symmetric encryption
C. Certificate-based encryption
D. Dynamic encryption
Answer: B
Q7. - (Topic 3)
Review the rules. Assume domain UDP is enabled in the impled rules.
What happens when a user from the internal network tries to browse to the internet using HTTP? The user:
A. is prompted three times before connecting to the Internet successfully.
B. can connect to the Internet successfully after being authenticated.
C. can go to the Internet, without being prompted for authentication.
D. can go to the Internet after Telnetting to the client authentication daemon port 259.
Answer: C
Q8. - (Topic 3)
When using vpn tu, which option must you choose if you only want to clear phase 2 for a specific IP (gateway)?
A. (8) Delete all IPsec+IKE SAs for a given User (Client)
B. (5) Delete all IPsec SAs for a given peer (GW)
C. (6) Delete all IPsec SAs for a given User (Client)
D. (7) Delete all IPsec+IKE SAs for a given peer (GW)
Answer: B
Q9. - (Topic 3)
Your company is still using traditional mode VPN configuration on all Gateways and policies. Your manager now requires you to migrate to a simplified VPN policy to benefit from the new features. This needs to be done with no downtime due to critical applications which must run constantly. How would you start such a migration?
A. This can not be done as it requires a SIC- reset on the Gateways first forcing an outage.
B. This cannot be done without downtime as a VPN between a traditional mode Gateway and a simplified mode Gateway does not work.
C. Convert the required Gateway policies using the simplified VPN wizard, check their logic and then migrate Gateway per Gateway.
D. You first need to completely rewrite all policies in simplified mode and then push this new policy to all Gateways at the same time.
Answer: C
Q10. - (Topic 3)
Which feature in R77 permits blocking specific IP addresses for a specified time period?
A. Block Port Overflow
B. Suspicious Activity Monitoring
C. HTTP Methods
D. Local Interface Spoofing
Answer: B
368. - (Topic 3)
Which of the following objects is a valid source in an authentication rule?
A. User@Network
B. Host@Any
C. User@Any
D. User_group@Network
Q11. - (Topic 3)
The customer has a small Check Point installation, which includes one GAiA server working as the SmartConsole, and a second server running Windows 2008 as both Security Management Server and Security Gateway. This is an example of a(n):
A. Distributed Installation
B. Hybrid Installation
C. Unsupported configuration
D. Stand-Alone Installation
Answer: C
Q12. - (Topic 3)
A company has disabled logging for some of the most commonly used Policy rules. This was to decrease load on the Security Management Server and to make tracking dropped connections easier. What action would you recommend to get reliable statistics about the network traffic using SmartReporter?
A. Configure Additional Logging on an additional log server.
B. Turn the field Track of each rule to LOG.
C. Network traffic cannot be analyzed when the Security Management Server has a high load.
D. SmartReporter analyzes all network traffic, logged or not.
Answer: A
Q13. - (Topic 2)
You are MegaCorp's Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the best answer.
A. The Administrator decides the rule order by shifting the corresponding rules up and down.
B. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range.
C. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range.
D. The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.
Answer: C
Q14. - (Topic 3)
Which tool CANNOT be launched from SmartUpdate R77?
A. SecurePlatform WebUI
B. cpinfo
C. IP Appliance Voyager
D. snapshot
Answer: D
Q15. - (Topic 2)
You would use the Hide Rule feature to:
A. View only a few rules without the distraction of others.
B. Hide rules from read-only administrators.
C. Hide rules from a SYN/ACK attack.
D. Make rules invisible to incoming packets.
Answer: A