Q1. - (Topic 2)
Which SmartView Tracker selection would most effectively show who installed a Security Policy blocking all traffic from the corporate network?
A. Network and Endpoint tab
B. Custom filter
C. Management tab
D. Active tab
Answer: C
Q2. - (Topic 2)
When configuring anti-spoofing on the Security Gateway object interfaces, which of the following is NOT a valid R77 topology configuration?
A. Specific
B. External
C. Not Defined
D. Any
Answer: D
Q3. - (Topic 1)
Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore is done by selecting Snapshot Management from the boot menu of GAiA.
B. A backup cannot be restored, because the binary files are missing.
C. The restore can be done easily by the command restore and selecting the file netconf.C.
D. The restore is not possible because the backup file does not have the same build number (version).
Answer: C
Q4. - (Topic 3)
Which command gives an overview of your installed licenses?
A. cplic print
B. cplicense
C. fw lic print
D. showlic
Answer: A
Q5. - (Topic 1)
Where is the IPSO Boot Manager physically located on an IP Appliance?
A. On the platform's BIOS
B. In the directory /nvram
C. On an external jump drive
D. On built-in compact Flash memory
Answer: D
Q6. - (Topic 3)
What command syntax would you use to see accounts the gateway suspects are service accounts?
A. pdp check_log
B. adlog check_accounts
C. pdp show service
D. adlog a service_accounts
Answer: D
Q7. - (Topic 1)
When you change an implicit rule's order from Last to First in Global Properties, how do you make the change take effect?
A. Run fw fetch from the Security Gateway.
B. Select Install Database from the Policy menu.
C. Reinstall the Security Policy.
D. Select Save from the File menu.
Answer: C
Q8. - (Topic 2)
What CANNOT be configured for existing connections during a policy install?
A. Reset all connections
B. Re-match connections
C. Keep all connections D. Keep data connections
Answer: A
Q9. - (Topic 2)
You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do?
A. Create network objects that restrict all applicable rules to only certain networks.
B. Run separate SmartConsole instances to login and configure each Security Gateway directly.
C. Create a separate Security Policy package for each remote Security Gateway.
D. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
Answer: C
Q10. - (Topic 3)
You want to configure a mail alert for every time the policy is installed to a specific Gateway. Where would you configure this alert?
A. In SmartView Monitor, select Gateway > Configure Thresholds and in SmartDashboard select Global Properties > Log and Alerts > Alert Commands.
B. In SmartView Monitor, select Gateway > Configure Thresholds.
C. In SmartDashboard, select Global Properties > Log and Alerts > Alert Commands.
D. You cannot create a mail alert for Policy installation.
Answer: A