Q1. - (Topic 2)
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Source
B. Static Destination
C. Dynamic Destination
D. Hide
Answer: D
Q2. - (Topic 3)
What is the Manual Client Authentication TELNET port?
A. 264
B. 259
C. 900
D. 23
Answer: B
Q3. - (Topic 1)
The INSPECT engine inserts itself into the kernel between which two OSI model layers?
A. Physical and Data
B. Session and Transport
C. Data link and Network
D. Presentation and Application
Answer: C
Q4. - (Topic 3)
If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?
A. 9
B. 6
C. 3
D. 2
Answer: B
Q5. - (Topic 2)
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?
A. Custom scripts cannot be executed through alert scripts.
B. Pop-up alert script
C. SNMP trap alert script
D. User-defined alert script
Answer: D
Q6. - (Topic 2)
Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote Gateway after reboot?
A. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
B. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
C. The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.
D. Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
Answer: C
Q7. - (Topic 2)
When configuring anti-spoofing on the Security Gateway object interfaces, which of the following is NOT a valid R77 topology configuration?
A. Specific
B. External
C. Not Defined
D. Any
Answer: D
Q8. - (Topic 2)
Of the following, what parameters will not be preserved when using Database Revision Control?
A. 3, 4, 5, 6, 9, 12, 13
B. 1, 2, 8, 10, 11
C. 5, 6, 9, 12, 13
D. 2, 4, 7, 10, 11
Answer: A
Q9. - (Topic 3)
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:
A. Required. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet,
using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you
achieve these requirements?
B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on
both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for
200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable
Hide NAT on the NAT page of the address range object. Enter Hiding IP address
200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of
200.200.200.3.
D. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter
200.200.200.5 as the hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC
address of 200.200.200.3.
Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network
objects to a group object. Create a manual NAT rule like the following: Original source -group object; Destination - any; Service - any; Translated source - 200.200.200.5;
Destination - original; Service - original.
Answer: B
Q10. - (Topic 2)
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
A. Install the View Implicit Rules package using SmartUpdate.
B. Define two log servers on the R77 Gateway object. Enable Log Implied Rules on the first log server. Enable Log Rule Base on the second log server. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.
C. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.
D. Check the Log Implied Rules Globally box on the R77 Gateway object.
Answer: C
Q11. - (Topic 3)
If a Security Gateway enforces three protections, LDAP Injection, Malicious Code Protector, and Header Rejection, which Check Point license is required in SmartUpdate?
A. SmartEvent Intro
B. IPS
C. SSL: VPN
D. Data Loss Prevention
Answer: B
Q12. - (Topic 2)
SmartView Tracker logs the following Security Administrator activities, EXCEPT:
A. Object creation, deletion, and editing
B. Rule Base changes
C. Administrator login and logout
D. Tracking SLA compliance
Answer: D
Q13. - (Topic 2)
What happens when you select File > Export from the SmartView Tracker menu?
A. Exported log entries are not viewable in SmartView Tracker.
B. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
C. Exported log entries are deleted from fw.log.
D. Current logs are exported to a new *.log file.
Answer: B
Q14. - (Topic 1)
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced > Permission to Install.
C. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
D. In the object General Properties representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
Answer: B
Q15. - (Topic 3)
Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user's credentials?
A. Access Role
B. Access Rule
C. Access Policy
D. Access Certificate
Answer: A
374. - (Topic 3)
In which Rule Base can you implement a configured Access Role?
A. DLP
B. Mobile Access
C. Firewall
D. IPS