Q1. - (Topic 3)
John is the Security Administrator in his company. He installs a new R77 Security Management Server and a new R77 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard -
“Trust established?
SIC still does not seem to work because the policy won’t install and interface fetching does not work. What might be a reason for this?
A. SIC does not function over the network.
B. It always works when the trust is established
C. The Gateway’s time is several days or weeks in the future and the SIC certificate is not yet valid.
D. This must be a human error.
Answer: C
Q2. - (Topic 3)
Which authentication type permits five different sign-on methods in the authentication properties window?
A. Manual Authentication
B. Client Authentication
C. Session Authentication
D. User Authentication
Answer: B
Q3. - (Topic 2)
How do you use SmartView Monitor to compile traffic statistics for your company's Internet Web activity during production hours?
A. View total packets passed through the Security Gateway.
B. Configure a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway.
C. Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.
D. Select Tunnels view, and generate a report on the statistics.
Answer: C
Q4. - (Topic 2)
NAT can NOT be configured on which of the following objects?
A. Host
B. HTTP Logical Server
C. Address Range
D. Gateway
Answer: B
Q5. - (Topic 3)
Which R75 component displays the number of packets accepted, rejected, and dropped on a specific Security Gateway, in real time?
A. SmartView Monitor
B. SmartView Status
C. SmartEvent
D. SmartUpdate
Answer: A
Q6. - (Topic 2)
What CANNOT be configured for existing connections during a policy install?
A. Reset all connections
B. Re-match connections
C. Keep all connections D. Keep data connections
Answer: A
Q7. - (Topic 3)
How many packets does the IKE exchange use for Phase 1 Aggressive Mode?
A. 1
B. 12
C. 6
D. 3
Answer: D
Q8. - (Topic 1)
Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?
A. Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
B. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.
C. Run the command revert to restore the snapshot, establish SIC, and install the Policy.
D. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.
Answer: B
Q9. - (Topic 2)
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?
A. Secure Internal Communications (SIC) not configured for the object.
B. A Gateway object created using the Check Point > Security Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.
C. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.
D. Anti-spoofing not configured on the interfaces on the Gateway object.
Answer: C
Q10. - (Topic 2)
Where are custom queries stored in R77 SmartView Tracker?
A. On the Security Management Server tied to the GUI client IP.
B. On the SmartView Tracker PC local file system shared by all users of that local PC.
C. On the Security Management Server tied to the Administrator User Database login name.
D. On the SmartView Tracker PC local file system under the user's profile.
Answer: C
148. - (Topic 2)
Where can an administrator specify the notification action to be taken by the firewall in the event that available disk space drops below 15%?
A. SmartView Tracker > Audit Tab > Gateway Counters
B. SmartView Monitor > Gateway Status > Threshold Settings
C. This can only be monitored by a user-defined script.
D. SmartView Monitor > Gateway Status > System Information > Thresholds
Q11. - (Topic 3)
Which R77 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway?
A. SmartUpdate
B. SmartView Status
C. SmartView Monitor
D. None, SmartConsole applications only communicate with the Security Management Server.
Answer: C
Q12. - (Topic 3)
How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface?
A. Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces.
B. Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface.
C. Change the gateway settings to allow Captive Portal access via an external interface.
D. No action is necessary. This access is available by default.
Answer: C
351. - (Topic 3)
For remote user authentication, which authentication scheme is NOT supported?
A. Check Point Password
B. TACACS
C. SecurID
D. RADIUS
Q13. - (Topic 1)
UDP packets are delivered if they are ___________.
A. referenced in the SAM related dynamic tables
B. a valid response to an allowed request on the inverse UDP ports and IP
C. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
D. bypassing the kernel by the forwarding layer of ClusterXL
Answer: B
Q14. - (Topic 1)
Anti-Spoofing is typically set up on which object type?
A. Network
B. Security Management object
C. Host
D. Security Gateway
Answer: D
Q15. - (Topic 1)
Where can you find the Check Point's SNMP MIB file?
A. $CPDIR/lib/snmp/chkpt.mib
B. There is no specific MIB file for Check Point products.
C. $FWDIR/conf/snmp.mib
D. It is obtained only by request from the TAC.
Answer: A