Q1. - (Topic 1)
You are running a R77 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What back up method could be used to quickly put the secondary firewall into production?
A. manual backup
B. snapshot
C. upgrade_export
D. backup
Answer: B
Q2. - (Topic 3)
Your bank’s distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?
A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard
Answer: A
Q3. - (Topic 1)
Which item below in a Security Policy would be enforced first?
A. Network Address Translation
B. Security Policy First rule
C. Administrator-defined Rule Base
D. IP spoofing/IP options
Answer: D
Q4. - (Topic 2)
In order to have full control, you decide to use Manual NAT entries instead of Automatic NAT rules. Which of the following is NOT true?
A. When using Static NAT, you must enter ARP entries for the Gateway on all hosts that are using the NAT Gateway with that Gateway's internal interface IP address.
B. When using Static NAT, you must add proxy ARP entries to the Gateway for all hiding addresses.
C. If you chose Automatic NAT instead, all necessary entries are done for you.
D. When using Dynamic Hide NAT with an address that is not configured on a Gateway interface, you need to add a proxy ARP entry for that address.
Answer: A
Q5. - (Topic 3)
When using vpn tu, which option must you choose if you only want to clear phase 2 for a specific IP (gateway)?
A. (8) Delete all IPsec+IKE SAs for a given User (Client)
B. (5) Delete all IPsec SAs for a given peer (GW)
C. (6) Delete all IPsec SAs for a given User (Client)
D. (7) Delete all IPsec+IKE SAs for a given peer (GW)
Answer: B
Q6. - (Topic 2)
You are working with three other Security Administrators. Which SmartConsole component can be used to monitor changes to rules or object properties made by the other administrators?
A. Eventia Tracker
B. SmartView Monitor
C. Eventia Monitor
D. SmartView Tracker
Answer: D
Q7. - (Topic 2)
Of the following, what parameters will not be preserved when using Database Revision Control?
A. 3, 4, 5, 6, 9, 12, 13
B. 1, 2, 8, 10, 11
C. 5, 6, 9, 12, 13
D. 2, 4, 7, 10, 11
Answer: A
Q8. - (Topic 2)
You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?
A. Database Revision Control
B. Manual copies of the directory $FWDIR/conf
C. upgrade_export command
D. SecurePlatform backup utilities
Answer: A
Q9. - (Topic 3)
When attempting to connect with SecureClient Mobile you get the following error message:
The certificate provided is invalid. Please provide the username and password.
What is the probable cause of the error?
A. Your user configuration does not have an office mode IP address so the connection failed.
B. There is no connection to the server, and the client disconnected.
C. Your certificate is invalid.
D. Your user credentials are invalid.
Answer: C
Q10. - (Topic 3)
What physical machine must have access to the User Center public IP address when checking for new packages with SmartUpdate?
A. SmartUpdate Repository SQL database Server
B. A Security Gateway retrieving the new upgrade package
C. SmartUpdate installed Security Management Server PC
D. SmartUpdate GUI PC
Answer: D