Q1. - (Topic 2)
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together
Answer: D
Q2. - (Topic 1)
UDP packets are delivered if they are ___________.
A. referenced in the SAM related dynamic tables
B. a valid response to an allowed request on the inverse UDP ports and IP
C. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
D. bypassing the kernel by the forwarding layer of ClusterXL
Answer: B
Q3. - (Topic 2)
Static NAT connections, by default, translate on which firewall kernel inspection point?
A. Post-inbound
B. Eitherbound
C. Inbound
D. Outbound
Answer: C
Q4. - (Topic 2)
SmartView Tracker R77 consists of three different modes. They are:
A. Log, Track, and Management
B. Log, Active, and Management
C. Network and Endpoint, Active, and Management D. Log, Active, and Audit
Answer: C
Q5. - (Topic 3)
What type of traffic can be re-directed to the Captive Portal?
A. FTP B. All of the above
C. SMTP
D. HTTP
Answer: D
Q6. - (Topic 3)
You have a mesh VPN Community configured to create a site-to-site VPN.
Given the displayed VPN properties, what can you conclude about this community?
A. Change the data-integrity setting for this VPN Community because MD5 is oncompatible with AES.
B. Changing the setting Perform key exchange encryption with from AES-256 to 3DES will enhance the VPN Community's security , and reduce encryption overhead.
C. The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R77 supports.
D. Changing the setting Perform IPsec data encryption with from AES-128 to 3Des will increase the encryption overhead.
Answer: D
Q7. - (Topic 2)
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway's external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Two, one for outbound, one for inbound
B. Only one, inbound
C. Only one, outbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection
Answer: C
Q8. - (Topic 1)
The customer has a small Check Point installation which includes one Windows 7 workstation as the SmartConsole, one GAiA device working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):
A. Unsupported configuration
B. Stand-Alone Installation
C. Hybrid Installation
D. Distributed Installation
Answer: D
Q9. - (Topic 1)
Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?
A. Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
B. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.
C. Run the command revert to restore the snapshot, establish SIC, and install the Policy.
D. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.
Answer: B
Q10. - (Topic 2)
What information is found in the SmartView Tracker Management log?
A. Administrator SmartDashboard logout event
B. SecurePlatform expert login event
C. Creation of an administrator using cpconfig
D. FTP username authentication failure
Answer: A