Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 2)
Which statement below describes the most correct strategy for implementing a Rule Base?
A. Place a network-traffic rule above the administrator access rule.
B. Limit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Add the Stealth Rule before the last rule.
Answer: C
Q2. - (Topic 3)
Which of these components does NOT require a Security Gateway R77 license?
A. SmartConsole
B. SmartUpdate upgrading/patching
C. Check Point Gateway
D. Security Management Server
Answer: A
Q3. - (Topic 2)
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway's external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Two, one for outbound, one for inbound
B. Only one, inbound
C. Only one, outbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection
Answer: C
Q4. - (Topic 2)
Which command allows Security Policy name and install date verification on a Security Gateway?
A. fw ver -p
B. fw stat -l
C. fw show policy
D. fw ctl pstat -policy
Answer: B
Q5. - (Topic 3)
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?
A. WMI object
B. Check Point Password
C. Domain Admin username
D. Windows logon password
Answer: C
Q6. - (Topic 2)
Which SmartConsole tool would you use to see the last policy pushed in the audit log?
A. SmartView Tracker
B. SmartView Status
C. None, SmartConsole applications only communicate with the Security Management Server.
D. SmartView Server
Answer: A
197. - (Topic 2)
Where is the easiest and BEST place to find information about connections between two machines?
A. On a Security Gateway Console interface; it gives you detailed access to log files and state table information.
B. On a Security Management Server, using SmartView Tracker.
C. All options are valid.
D. On a Security Gateway using the command fw log.
Q7. - (Topic 1)
How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. Address resolution (ARP, RARP)
C. Name resolution (hosts file, DNS, cache)
D. SNMP Get
Answer: C
Q8. - (Topic 2)
When translation occurs using automatic Hide NAT, what also happens?
A. The destination port is modified.
B. Nothing happens.
C. The destination is modified.
D. The source port is modified.
Answer: D
Q9. - (Topic 2)
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. The POP3 rule is hidden.
C. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R75.
D. POP3 is accepted in Global Properties.
Answer: B
Q10. - (Topic 3)
MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How do you apply the license?
A. Using each of the Gateways' IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.
B. Using the remote Gateway's IP address, and applying the license locally with the command cplic put.
C. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.
D. Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate.
Answer: C
Q11. - (Topic 1)
The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?
A. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
B. Type fwm lock_admin -u <account name> from the Security Management Server command line.
C. Type fwm unlock_admin -u from the Security Gateway command line.
D. Type fwm unlock_admin from the Security Management Server command line.
Answer: B
Q12. - (Topic 1)
Chris has lost SIC communication with his Security Gateway and he needs to re-establish SIC.
What would be the correct order of steps needed to perform this task?
A. 3, 1, 4, 2 B. 2, 3, 1, 4
C. 5, 1, 2, 4
D. 5, 1, 4, 2
Answer: C
Q13. - (Topic 3)
When using vpn tu, which option must you choose if you want to rebuild your VPN for a
specific IP (gateway)? Exhibit:
A. (6) Delete all IPsec SAs for a given User (Client)
B. (5) Delete all IPsec SAs for a given peer (GW)
C. (8) Delete all IPsec+IKE SAs for a given User (Client)
D. Delete all IPsec+IKE SAs for a given peer (GW)
Answer: D
Q14. - (Topic 1)
Match the following commands to their correct function.
Each command has one function only listed.
A. C1>F2; C2>F1; C3>F6; C4>F4
B. C1>F4; C2>F6; C3>F3; C4>F2
C. C1>F2; C2>F4; C3>F1; C4>F5
D. C1>F6; C2>F4; C3>F2; C4>F5
Answer: D
Q15. - (Topic 1)
The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running SecurePlatform as both Security Management Server and the Security Gateway. This is an example of a(n):
A. Stand-Alone Installation
B. Distributed Installation
C. Unsupported configuration
D. Hybrid Installation
Answer: A