Q1. - (Topic 1)
Which of the following tools is used to generate a Security Gateway R77 configuration report?
A. infoCP
B. cpinfo
C. infoview
D. fw cpinfo
Answer: B
Q2. - (Topic 3)
Your company's Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow the Telnet service to itself from any location. How would you configure authentication on the Gateway? With a:
A. Client Authentication rule using the manual sign-on method, using HTTP on port 900
B. Client Authentication rule, using partially automatic sign on
C. Client Authentication for fully automatic sign on
D. Session Authentication rule
Answer: A
Q3. - (Topic 3)
Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?
A. Change the Rule Base and install the Policy to all Security Gateways
B. SAM - Suspicious Activity Rules feature of SmartView Monitor
C. SAM - Block Intruder feature of SmartView Tracker
D. Intrusion Detection System (IDS) Policy install
Answer: B
Q4. - (Topic 3)
Access Role objects define users, machines, and network locations as:
A. One object
B. Credentialed objects
C. Separate objects
D. Linked objects
Answer: A
Q5. - (Topic 3)
You review this Security Policy because Rule 4 is inhibited. Which Rule is responsible? Exhibit:
A. No rule inhibits Rule 4.
B. Rule 1
C. Rule 2
D. Rule 3
Answer: C
Q6. - (Topic 2)
A Security Policy installed by another Security Administrator has blocked all SmartDashboard connections to the stand-alone installation of R77. After running the command fw unloadlocal, you are able to reconnect with SmartDashboard and view all changes. Which of the following change is the most likely cause of the block?
A. A Stealth Rule has been configured for the R77 Gateway.
B. The Gateway Object representing your Gateway was configured as an Externally Managed VPN Gateway.
C. The Security Policy installed to the Gateway had no rules in it.
D. The Allow Control Connections setting in Policy > Global Properties has been unchecked.
Answer: D
Q7. - (Topic 3)
Captive Portal is a __________ that allows the gateway to request login information from the user.
A. LDAP server add-on
B. Transparent network inspection tool
C. Separately licensed feature
D. Pre-configured and customizable web-based tool
Answer: D
Q8. - (Topic 1)
Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using cpconfig on the Security Management Server, choose Administrators
B. Using SmartDashboard, under Users, select Add New Administrator
C. Using the Web console on SecurePlatform under Product configuration, select Administrators
D. Using SmartDashboard or cpconfig
Answer: B
Q9. - (Topic 3)
With the User Directory Software Blade, you can create R77 user definitions on a(n) _________ Server.
A. NT Domain
B. SecureID
C. Radius
D. LDAP
Answer: D
Q10. - (Topic 1)
You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation?
A. Depends on the license installed on the Security Management Server
B. One
C. As many as you want
D. Only one with full access and one with read-only access
Answer: B