|
1. You are Security Administrator for a large call center. The management team is concerned that
employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch
breaks. The call center's network is protected by an internal Security Gateway, configured to drop
peer-to-peer file-sharing traffic. How do you determine the number of packets dropped by each Gateway?
A. SmartDashboard
B. SmartView Status
C. SmartView Tracker
D. SmartView Monitor
Answer: D
2. Which of the following statements BEST describes Hide Mode Translation?
A. Allows you to hide any entire network or IP range behind one routable IP address only
B. Allows you to hide an entire network behind a pool of IP addresses, selected randomly
C. Translates non-routable internal IP addresses to one routable IP address only
D. Allows you to hide any entire network or IP range behind one IP address
Answer: D
3. Which option or utility includes only Security and NAT, QoS, and Desktop Security settings?
A. Policy Package Management
B. File > Save from SmartDashboard
C. Database Revision Control
D. Backup
Answer: A
4. It is possible to configure Network Address Translation in all of the following areas, EXCEPT:
A. Global Properties
B. Dynamic Object Properties
C. Object Properties
D. Address-translation rules
Answer: B
5. Which of the following statements about the Port Scanning feature of SmartDefense is TRUE?
A. A typical scan detection is when more than 500 open inactive ports are open for a period of 120
seconds.
B. Port Scanning does not block scanning, it detects port scans with one of three levels of detection
sensitivity.
C. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
D. When a port scan is detected, only a log is issued ?never an alert.
Answer: B
6. The customer has a small Check Point installation which includes one Window 2003 server working as
SmartConsole and SmartCenter with a second server running SecurePlatform working as Security
Gateway. This is an example of:
A. Hybrid Installation
The safer , easier way to help you pass any IT exams.
3 / 9
B. Stand-Alone Installation
C. Distributed Installation
D. Unsupported configuration
Answer: C
7. A _______ rule is used to prevent all traffic going to the VPN-1 NGX Security Gateway
A. Reject
B. Cleanup
C. Stealth
D. SmartDefense
Answer: C
8. When troubleshooting the behavior of Check Point Stateful Inspection, it is important to consider
"inbound" vs "outbound" packet inspection from the point of view of the __________.
A. Logical Topology
B. Administrator
C. Security Gateway
D. Internet
Answer: C
9. Which of the below is the MOST correct process to reset SIC?
A. Run cpconfig, and select "Secure Internal Communication > Change One Time Password".
B. Run cpconfig, and click Reset.
C. Click Reset in the Communication window of the Gateway object, and type a new activation key.
D. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new
activation key.
Answer: D
10. What information is found in the SmartView Tracker audit log?
A. ClusterXL sync failure
B. Policy Package rule modification date/time stamp
C. Historical reports log
D. Destination IP address
Answer: B
11. Which of the following statements accurately describes the upgrade_export command?
A. upgrade_export stores network-configuration data, all settings configured by the WebUI, and the
database of user settings prior to upgrading the SmartCenter Server.
B. Used when upgrading the Security Gateway, upgrade_export includes modified files, such as in the /lib
directory.
C. Used primarily when upgrading the SmartCenter Server, upgrade_export stores all object databases
and the conf directories for importing to a newer version of VPN-1.
D. upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included
or excluded before exporting.
The safer , easier way to help you pass any IT exams.
4 / 9
Answer: C
12. You want to display log entries containing information from a specific column in the SmartView Tracker.
If you want to see ONLY those entries, what steps would you take?
A. Right-click column, Search? Add string, Apply Filter
B. Right-click column, Edit Filter, Specific, Add, OK
C. Left-click column, Specific, Add, Apply Filter
D. Left-click column, Search, Add string, Apply Filter
Answer: B
13. You are about to test some rule and object changes suggested in an NGX newsgroup. Which backup
solution should you use, to ensure the easiest restoration of your Security Policy to its previous
configuration, after testing the changes?
A. Manual copies of the $FWDIR/conf directory
B. SecurePlatform backup utilities
C. upgrade_export command
D. Database Revision Control
Answer: D
14. You have blocked an IP address via the Block Intruder feature of SmartView Tracker. How can you
see the addresses you have blocked?
A. Run fwm blocked_view.
B. In SmartView Monitor, select Suspicious Activity Rules from the Tools menu and select the relevant
Security Gateway from the list.
C. In SmartView Monitor, select the Blocked Intruder option from the query tree view.
D. In SmartView Tracker, click the Active tab, and the actively blocked connections display.
Answer: B
15. Which of the following features in SmartDefense, CANNOT be configured per profile?
A. Report to DShield
B. Spoofed Reset Protection
C. Successive Events
D. Blocked FTP Commands
Answer: D
16. Regarding QoS guarantees and limits, which of the following statements is FALSE?
A. If a guarantee is defined in a sub-rule, then a guarantee must be defined for the rule above it.
B. If both a rule limit and a per connection limit are defined for a rule, the per connection limit must not be
greater than the rule limit.
C. A rule guarantee must not be less than the sum the guarantees defined in its sub-rules.
D. If both a limit and a guarantee per rule are defined in a QoS rule, then the limit must be smaller than the
guarantee.
Answer: D
The safer , easier way to help you pass any IT exams.
5 / 9
17. You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your
manager gives you the following requirements for controlling DNS traffic:
Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic).
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic).
Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic).
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic).
Desired Result #3: Do not clutter the Rule Base by creating explicit rules for traffic that can be controlled
using Global Properties.
To begin, you make the following configuration changes, and install the Security Policy:
?Select the box "Accept Domain Name over TCP (Zone Transfer)" in Global Properties.
?Select the box "Accept Domain Name over UDP (Queries)" in Global Properties.
?Select the box "Log Implied Rules" in Global Properties.
Do your initial actions meet the required and desired results?
A. The actions meet the required results, and two of the desired results.
B. The actions meet not meet the required results.
C. The actions meet all required results, and none of the desired results.
D. The actions meet all required and desired results.
Answer: A
18. Which option or utility includes Security Policies and Global Properties settings?
A. Policy Package Management
B. File > Save from SmartDashboard
C. Database Revision Control
D. Backup
Answer: C |
|