New Check Point CCSE 156-915.77 Dumps Questions

1. Control connections between the Security Management Server and the Gateway are not encrypted by the VPN Community.

How are these connections secured?

2. If Bob wanted to create a Management High Availability configuration, what is the minimum number of Security Management servers required in order to achieve his goal?

3. David wants to manage hundreds of gateways using a central management tool.

What tool would David use to accomplish his goal?

4. From the following output of cphaprob state, which Cluster XL mode is this?

5. Which of the following is NOT a feature of Cluster XL?

6. In which case is a Sticky Decision Function relevant?

7. You configure a Check Point QoS Rule Base with two rules: an HTTP rule with a weight of 40, and the Default Rule with a weight of 10.

If the only traffic passing through your QoS Module is HTTP traffic, what percent of bandwidth will be allocated to the HTTP traffic?

8. You have pushed a policy to your firewall and you are not able to access the firewall.

What command will allow you to remove the current policy from the machine?

9. How do you verify the Check Point kernel running on a firewall?

10. The process ________________ compiles $FWDIR/conf/*. W files into machine language.

11. Which of the following is NOT part of the policy installation process?

12. When, during policy installation, does the atomic load task run?

13. What process is responsible for transferring the policy file from Smart Center to the Gateway?

14. What firewall kernel table stores information about port allocations for Hide NAT connections?

15. Where do you define NAT properties so that NAT is performed either client side or server side?

16. The process ___________ is responsible for all other security server processes run on the Gateway.

17. The process ________ is responsible for GUI Client communication with the Smart Center.

18. The process ________ is responsible for Policy compilation.

19. The process ________ is responsible for Management High Availability synchronization.

20. _________ is the called process that starts when opening Smart View Tracker application.

21. Anytime a client initiates a connection to a server, the firewall kernel signals the FWD process using a trap. FWD spawns the ________ child service, which runs the security server.

22. Security server configuration settings are stored in _______________ .

23. User definitions are stored in ________________ .

24. Jon is explaining how the inspection module works to a colleague.

If a new connection passes through the inspection module and the packet matches the rule, what is the next step in the process?

25. Which of the following statements accurately describes the upgrade export command?

26. What are you required to do before running upgrade export?

27. A snapshot delivers a complete backup of Secure Platform. The resulting file can be stored on servers or as a local file in /var/CP snapshot/snapshots.

How do you restore a local snapshot named MySnapshot.tgz?

28. What is the primary benefit of using upgrade export over either backup or snapshot?

29. Your R7x-series Enterprise Security Management Server is running abnormally on Windows Server 2003 R2. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?

A)

B)

C)

D)

30. You need to back up the routing, interface, and DNS configuration information from your R76 Secure Platform Security Gateway.

Which backup-and-restore solution do you use?

31. Which of the following methods will provide the most complete backup of an R76 configuration?

32. Which of the following commands can provide the most complete restore of an R76 configuration?

33. When restoring R76 using the command upgrade import, which of the following items are NOT restored?

34. Your organization's disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R76 installation.

Your plan must meet the following required and desired objectives:

Upon evaluation, your plan:

35. You are running a R76 Security Gateway on Secure Platform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed.

What backup method could be used to quickly put the secondary firewall into production?

36. Before upgrading Secure Platform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.

An administrator has installed the latest HFA on the system for fixing traffic problems after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed.

Can the administrator use a restore to fix the errors in static routing?

37. You intend to upgrade a Check Point Gateway from R65 to R76. To avoid problems, you decide to back up the Gateway.

Which approach allows the Gateway configuration to be completely backed up into a manageable size in the least amount of time?

38. True or false? After creating a snapshot of a Windows 2003 SP2 Security Management Server, you can restore it on a Secure Platform R76 Security Management Server, except you must load interface information manually.

39. Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment.

Which back up method does Check Point recommend before major changes, such as upgrades?

40. Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment.

Which back up method does Check Point recommend every couple of months, depending on how frequently you make changes to the network or policy?

41. Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment.

Which back up method does Check Point recommend anytime outside a maintenance window?

42. Snapshot is available on which Security Management Server and Security Gateway platforms?

43. The file snapshot generates is very large, and can only be restored to:

44. Restoring a snapshot-created file on one machine that was created on another requires which of the following to be the same on both machines?

45. When restoring a Security Management Server from a backup file, the restore package can be retrieved from which source?

46. When upgrading Check Point products in a distributed environment, in which order should you upgrade these components?

1 GUI Client

2 Security Management Server

3 Security Gateway

47. When using migrate to upgrade a Secure Management Server, which of the following is included in the migration?

48. Typically, when you upgrade the Security Management Server, you install and configure a fresh R76 installation on a new computer and then migrate the database from the original machine.

When doing this, what is required of the two machines?

They must both have the same:

49. Typically, when you upgrade the Security Management Server, you install and configure a fresh R76 installation on a new computer and then migrate the database from the original machine.

Which of the following statements are TRUE?

50. Typically, when you upgrade the Security Management Server, you install and configure a fresh R76 installation on a new computer and then migrate the database from the original machine.

What is the correct order of the steps below to successfully complete this procedure?

1) Export databases from source.

2) Connect target to network.

3) Prepare the source machine for export.

4) Import databases to target.

5) Install new version on target.

6) Test target deployment.

51. During a Security Management Server migrate export, the system:

52. If no flags are defined during a back up on the Security Management Server, where does the system store the *.tgz file?

53. Which is NOT a valid option when upgrading Cluster Deployments?

54. In a zero downtime firewall cluster environment what command do you run to avoid switching problems around the cluster.

55. In a "zero downtime" scenario, which command do you run manually after all cluster members are upgraded?

56. Which command provides cluster upgrade status?

57. John is upgrading a cluster from NGX R65 to R76. John knows that you can verify the upgrade process using the pre-upgrade verifier tool.

When John is running Pre-Upgrade Verification, he sees the warning message:

Title: Incompatible pattern.

What is happening?

58. Which command would you use to save the interface information before upgrading a GAiA Gateway?

59. Which command would you use to save the routing information before upgrading a Secure Platform Gateway?

60. Which command would you use to save the routing information before upgrading a Windows Gateway?

61. Which command would you use to save the interface information before upgrading a Windows Gateway?

62. When upgrading a cluster in Full Connectivity Mode, the first thing you must do is see if all cluster members have the same products installed.

Which command should you run?

63. A Minimal Effort Upgrade of a cluster:

64. A Zero Downtime Upgrade of a cluster:

65. A Full Connectivity Upgrade of a cluster:

66. A Fast Path Upgrade of a cluster:

67. How does Check Point recommend that you secure the sync interface between gateways?

68. How would you set the debug buffer size to 1024?

69. Steve is troubleshooting a connection problem with an internal application.

If he knows the source IP address is 192.168.4.125, how could he filter this traffic?

70. Check Point support has asked Tony for a firewall capture of accepted packets.

What would be the correct syntax to create a capture file to a filename called monitor. out?

71. What is NOT a valid LDAP use in Check Point Smart Directory?

72. There are several Smart Directory (LDAP) features that can be applied to further enhance Smart Directory (LDAP) functionality, which of the following is NOT one of those features?

73. Choose the BEST sequence for configuring user management in Smart Dashboard, using an LDAP server.

74. The User Directory Software Blade is used to integrate which of the following with a R76 Security Gateway?

75. Your users are defined in a Windows 2008 Active Directory server. You must add LDAP users to a Client Authentication rule.

Which kind of user group do you need in the Client Authentication rule in R76?

76. Which of the following commands do you run on the AD server to identify the DN name before configuring LDAP integration with the Security Gateway?

77. In Smart Directory, what is each LDAP server called?

78. What is the default port number for standard TCP connections with the LDAP server?

79. What is the default port number for Secure Sockets Layer connections with the LDAP Server?

80. When defining an Organizational Unit, which of the following are NOT valid object categories?

81. When defining Smart Directory for High Availability (HA), which of the following should you do?

82. The set of rules that governs the types of objects in the directory and their associated attributes is called the:

83. When using Smart Dashboard to manage existing users in Smart Directory, when are the changes applied?

84. Where multiple Smart Directory servers exist in an organization, a query from one of the clients for user information is made to the servers based on a priority.

By what category can this priority be defined?

85. Each entry in Smart Directory has a unique _______________ ?

86. With the User Directory Software Blade, you can create R76 user definitions on a(n) _________ Server.

87. Which describes the function of the account unit?

88. An organization may be distributed across several Smart Directory (LDAP) servers.

What provision do you make to enable a Gateway to use all available resources?

Each Smart Directory (LDAP) server must be:

89. Which is NOT a method through which Identity Awareness receives its identities?

90. If using AD Query for seamless identity data reception from Microsoft Active Directory (AD), which of the following methods is NOT Check Point recommended?

91. When using Captive Portal to send unidentified users to a Web portal for authentication, which of the following is NOT a recommended use for this method?

92. Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO).

Which of the following is NOT a recommended use for this method?

93. Which of the following access options would you NOT use when configuring Captive Portal?

94. Where do you verify that Smart Directory is enabled?

95. Remote clients are using IPSec VPN to authenticate via LDAP server to connect to the organization.

Which gateway process is responsible for the authentication?

96. Remote clients are using SSL VPN to authenticate via LDAP server to connect to the organization.

Which gateway process is responsible for the authentication?

97. Which of the following is NOT a LDAP server option in Smart Directory?

98. An Account Unit is the interface between the __________ and the __________.

99. Which of the following is a valid Active Directory designation for user John Doe in the Sales department of AcmeCorp.com?

100. Which of the following is a valid Active Directory designation for user Jane Doe in the MIS department of AcmeCorp.com?

101. Which utility or command is useful for debugging by capturing packet information, including verifying LDAP authentication?

102. Check that the Login Distinguished Name configured has root (Administrator) permission (or at least write permission) in the access control configuration of the LDAP server.

103. If you are experiencing LDAP issues, which of the following should you check?

104. How are cached usernames and passwords cleared from the memory of a R76 Security Gateway?

105. When an Endpoint user is able to authenticate but receives a message from the client that it is unable to enforce the desktop policy, what is the most likely scenario?

106. When using a template to define a Smart Directory, where should the user's password be defined?

In the:

107. When configuring an LDAP Group object, which option should you select if you want the gateway to reference the groups defined on the LDAP server for authentication purposes?

108. When configuring an LDAP Group object, which option should you select if you do NOT want the gateway to reference the groups defined on the LDAP server for authentication purposes?

109. When configuring an LDAP Group object, which option should you select if you want the gateway to reference the groups defined on the LDAP server for authentication purposes?

110. The process that performs the authentication for Smart Dashboard is:

111. The process that performs the authentication for Remote Access is:

112. The process that performs the authentication for SSL VPN Users is:

113. The process that performs the authentication for legacy session authentication is:

114. While authorization for users managed by Smart Directory is performed by the gateway, the authentication is mostly performed by the infrastructure in which of the following?

115. When troubleshooting user authentication, you may see the following entries in a debug of the user authentication process.

In which order are these messages likely to appear?

116. Which of the following is NOT a Cluster XL mode?

117. In an R76 Cluster, some features such as VPN only function properly when:

118. In Cluster XL R76; when configuring a cluster synchronization network on a VLAN interface what is the supported configuration?

119. Which process is responsible for delta synchronization in Cluster XL?

120. Which process is responsible for full synchronization in Cluster XL?

121. Which process is responsible for kernel table information sharing across all cluster members?

122. By default, a standby Security Management Server is automatically synchronized by an active Security Management Server, when:

123. The ________ Check Point Cluster XL mode must synchronize the physical interface IP and MAC addresses on all clustered interfaces.

124. __________ is a proprietary Check Point protocol. It is the basis for Check Point Cluster XL inter-module communication.

125. After you add new interfaces to a cluster, how can you check if the new interfaces and the associated virtual IP address are recognized by Cluster XL?

126. Which of the following is a supported Sticky Decision Function of Sticky Connections for Load Sharing?

127. Included in the customer's network are some firewall systems with the Performance Pack in use. The customer wishes to use these firewall systems in a cluster (Load Sharing mode). He is not sure if he can use the Sticky Decision Function in this cluster. Explain the situation to him.

128. A connection is said to be Sticky when:

129. How does a cluster member take over the VIP after a failover event?

130. Check Point Clustering protocol, works on:

131. A customer is calling saying one member's status is Down.

What will you check?

132. A customer calls saying that a Load Sharing cluster shows drops with the error First packet is not SYN. Complete the following sentence.

I will recommend:

133. Which of the following commands can be used to troubleshoot Cluster XL sync issues?

134. Which of the following commands shows full synchronization status?

135. Which of the following commands shows full synchronization status?

136. John is configuring a new R76 Gateway cluster but he can not configure the cluster as Third Party IP Clustering because this option is not available in Gateway Cluster Properties.

What's happening?

137. In Cluster XL, _______ is defined by default as a critical device.

138. In Cluster XL, _______ is defined by default as a critical device.

139. Refer to Exhibit below: Match the Cluster XL modes with their configurations.

140. When synchronizing clusters, which of the following statements is NOT true?

141. When synchronizing clusters, which of the following statements is NOT true?

142. When a failed cluster member recovers, which of the following actions is NOT taken by the recovering member?

143. You are the Mega Corp Security Administrator. This company uses a firewall cluster, consisting of two cluster members. The cluster generally works well but one day you find that the cluster is behaving strangely. You assume that there is a connectivity problem with the cluster synchronization cluster link (cross-over cable).

Which of the following commands is the best for testing the connectivity of the crossover cable?

144. You have a High Availability Cluster XL configuration. Machines are not synchronized.

What happens to connections on failover?

145. What command will allow you to disable sync on a cluster firewall member?

146. When using Cluster XL in Load Sharing, what is the default method?

147. If Cluster XL Load Sharing is enabled with state synchronization enabled, what will happen if one member goes down?

148. In the following cluster configuration; if you reboot sglondon_1 which device will be active when sglondon_1 is back up and running? Why?

149. What is a "sticky" connection?

150. Match the Best Management High Availability synchronization-status descriptions for your Security Management Server (SMS):

151. Review the R76 configuration.

Is it correct for Management High Availability?

152. Check Point New Mode HA is a(n) _________ solution.

153. What is the behavior of Cluster XL in a High Availability environment?

154. Review the cphaprob state command output from one New Mode High Availability Cluster XL cluster member.

Which member will be active after member 192.168.1.2 fails over and is rebooted?

155. Review the cphaprob state command output from a New Mode High Availability cluster member.

Which machine has the highest priority?

156. By default Check Point High Availability components send updates about their state every:

157. You have just upgraded your Load Sharing gateway cluster (both members) from NGX R65 to R76. cphaprob stat shows:

Which of the following is not a possible cause of this?

158. In Management High Availability, what is an Active SMS?

159. For Management High Availability, if an Active SMS goes down, does the Standby SMS automatically take over?

160. For Management High Availability synchronization, what does the Advance status mean?

161. Which of the following would be a result of having more than one active Security Management Server in a Management High Availability (HA) configuration?

162. You want to verify that your Check Point cluster is working correctly.

Which command line tool can you use?

163. How can you view the virtual cluster interfaces of a Cluster XL environment?

164. How can you view the critical devices on a cluster member in a Cluster XL environment?

165. When Load Sharing Multicast mode is defined in a Cluster XL cluster object, how are packets being handled by cluster members?

166. Which of the following does NOT happen when using Pivot Mode in Cluster XL?

167. When distributing IPSec packets to gateways in a Load Sharing Multicast mode cluster, which valid Load Sharing method will consider VPN information?

168. By default, the Cluster Control Protocol (CCP) uses this to send delta sync messages to other cluster members.

169. To configure the Cluster Control Protocol (CCP) to use Broadcast, the following command is run:

170. What cluster mode is represented in this case?

171. What cluster mode is represented in this case?

172. Which of the listed load-balancing methods is NOT valid?

173. Which method of load balancing describes "Round Robin"?

174. In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2. Internal host 10.4.8.108 Pings 10.4.8.3, and receives replies.

Review the ARP table from the internal Windows host 10.4.8.108. According to the output, which member is the standby machine?

175. In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. An internal host 10.4.8.108 successfully pings its Cluster and receives replies. Review the ARP table from the internal Windows host 10.4.8.108.

Based on this information, what is the active cluster member's IP address?

176. State Synchronization is enabled on both members in a cluster, and the Security Policy is successfully installed. No protocols or services have been unselected for selective sync. Review the fw tab -t connections -s output from both members.

Is State Synchronization working properly between the two members?

177. You have two IP Appliances: one IP565 and one IP395. Both appliances have IPSO 6.2 and R76 installed in a distributed deployment.

Can they be members of a Gateway Cluster?

178. Reinstall the Security Policy.

179. Included in the client's network are some switches, which rely on IGMP snooping. You must find a solution to work with these switches.

Which of the following answers does NOT lead to a successful solution?

180. The customer wishes to install a cluster. In his network, there is a switch which is incapable of forwarding multicast.

Is it possible to install a cluster in this situation?

181. What could be a reason why synchronization between primary and secondary Security Management Servers does not occur?

182. What is the proper command for importing users into the R76 User Database?

183. The user database is installed.

Select the BEST response for the synchronization trigger.

184. What is a requirement for setting up R76 Management High Availability?

185. You are preparing computers for a new Cluster XL deployment.

For your cluster, you plan to use three machines with the following configurations:

Are these machines correctly configured for a Cluster XL deployment?

186. You are preparing computers for a new Cluster XL deployment.

For your cluster, you plan to use four machines with the following configurations:

Cluster Member 1: OS: Secure Platform, NICs: Quad Card, memory: 1 GB, Security Gateway only, version: R76

Cluster Member 2: OS: Secure Platform, NICs: 4 Intel 3Com, memory: 1 GB, Security Gateway only, version: R76

Cluster Member 3: OS: Secure Platform, NICs: 4 other manufacturers, memory: 512 MB, Security Gateway only, version: R76

Security Management Server: MS Windows 2003, NIC. Intel NIC (1), Security Gateway and primary Security Management Server installed, version: R76

Are these machines correctly configured for a Cluster XL deployment?

187. You are establishing a Cluster XL environment, with the following topology:

External interfaces 192.168.10.1 and 192.168.10.2 connect to a VLAN switch. The upstream router connects to the same VLAN switch. Internal interfaces 172.16.10.1 and 172.16.10.2 connect to a hub. 10.10.10.0 is the synchronization network. The Security Management Server is located on the internal network with IP 172.16.10.3.

What is the problem with this configuration?

188. What is the reason for the following error?

189. You find that Gateway fw2 can NOT be added to the cluster object.

What are possible reasons for that?

190. In which Cluster XL Load Sharing mode, does the pivot machine get chosen automatically by Cluster XL?

191. What configuration change must you make to change an existing Cluster XL cluster object from Multicast to Unicast mode?

192. In a R76 Cluster XL Load Sharing configuration, which type of ARP related problem can force the use of Unicast Mode (Pivot) configuration due to incompatibility on some adjacent routers and switches?

193. In Load Sharing Unicast mode, the internal cluster IP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2. Internal host 10.4.8.108 Pings 10.4.8.3, and receives replies. The following is the ARP table from the internal Windows host 10.4.8.108.

Review the exhibit and identify the member serving as the pivot machine.

194. Which of the following commands will stop acceleration on a Security Gateway running on Secure Platform?

195. How do new connections get established through a Security Gateway with Secure XL enabled?

196. Which of the following commands can be used to bind a NIC to a single processor when using a Performance Pack on Secure Platform?

197. Review the Rule Base displayed.

For which rules will the connection templates be generated in Secure XL?

198. Your customer asks you about the Performance Pack. You explain to him that a Performance Pack is a software acceleration product which improves the performance of the Security Gateway.

You may enable or disable this acceleration by either:

1) the command: cpconfig

2) the command .fwaccel on off

What is the difference between these two commands?

199. Your customer complains of the weak performance of his systems. He has heard that Connection Templates accelerate traffic.

How do you explain to the customer about template restrictions and how to verify that they are enabled?

200. Frank is concerned with performance and wants to configure the affinities settings. His gateway does not have the Performance Pack running.

What would Frank need to perform in order configure those settings?

201. You are concerned that the processor for your firewall running NGX R71 Secure Platform may be overloaded.

What file would you view to determine the speed of your processor(s)?

202. Which of the following is NOT a restriction for connection template generation?

203. In Core XL, what process is responsible for processing incoming traffic from the network interfaces, securely accelerating authorized packets, and distributing non-accelerated packets among kernel instances?

204. Due to some recent performance issues, you are asked to add additional processors to your firewall.

If you already have Core XL enabled, how are you able to increase Kernel instances?

205. Which of the following platforms does NOT support Secure XL?

206. Which of the following is NOT supported by Core XL?

207. If the number of kernel instances for Core XL shown is 6, how many cores are in the physical machine?

208. Which of the following is NOT accelerated by Secure XL?

209. To verify Secure XL statistics you would use the command ________?

210. How can you disable Secure XL via the command line (it does not need to survive a reboot)?

211. Which of these is a type of acceleration in Secure XL?

212. The Core XL SND (Secure Network Distributor) is responsible for:

213. How can you verify that Secure XL is running?

214. Which of the following services will cause Secure XL templates to be disabled?

215. How do you enable Secure XL (command line) on GAiA?

216. The following graphic illustrates which command being issued on Secure Platform?

217. After Travis added new processing cores on his server, Core XL did not use them.

What would be the most plausible reason why? Travis did not:

218. Steve tries to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. Steve sees the following screen.

What is the problem?

219. A Smart Provisioning Gateway could be a member of which VPN communities?

(i) Center In Star Topology

(ii) Satellite in Star Topology

(iii) Carter in Remote Access Community

(iv) Meshed Community

220. What process manages the dynamic routing protocols (OSPF, RIP, etc.) on SecurePlatform Pro?

221. What is the command to enter the router shell?

222. Which statement is TRUE for route-based VPN's?

223. VPN routing can also be configured by editing which file?

224. If both domain-based and route-based VPN's are configured, which will take precedence?

225. Which of the following is TRUE concerning unnumbered VPN Tunnel Interfaces (VTIs)?

226. Which of the following is TRUE concerning unnumbered VPN Tunnel Interfaces (VTIs)?

227. Which of the following is TRUE concerning unnumbered VPN Tunnel Interfaces (VTIs)?

228. Which of the following is TRUE concerning numbered VPN Tunnel Interfaces (VTIs)?

229. Which of the following is TRUE concerning numbered VPN Tunnel Interfaces (VTIs)?

230. When configuring numbered VPN Tunnel Interfaces (VTIs) in a clustered environment, what issues need to be considered?

231. How do you verify a VPN Tunnel Interface (VTI) is configured properly?

232. What is used to validate a digital certificate?

233. Which statement defines Public Key Infrastructure? Security is provided:

234. Match the VPN-related terms with their definitions:

235. You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway bound for all site-to-site VPN Communities, including Remote Access Communities.

How should you configure the VPN match rule?

236. Which of the following statements is FALSE regarding OSPF configuration on Secure Platform Pro?

237. If you need strong protection for the encryption of user data, what option would be the BEST choice?

238. Review the following list of actions that Security Gateway R76 can take when it controls packets. The Policy Package has been configured for Simplified Mode VPN. Select the response below that includes the available actions:

239. Your organization maintains several IKE VPN's. Executives in your organization want to know which mechanism Security Gateway R76 uses to guarantee the authenticity and integrity of messages.

Which technology should you explain to the executives?

240. There are times when you want to use Link Selection to manage high-traffic VPN connections.

With Link Selection you can:

241. There are times when you want to use Link Selection to manage high-traffic VPN connections.

With Link Selection you can:

242. There are times when you want to use Link Selection to manage high-traffic VPN connections.

With Link Selection you can:

243. There are times when you want to use Link Selection to manage high-traffic VPN connections.

With Link Selection you can:

244. What type of object may be explicitly defined as a MEP VPN?

245. MEP VPN's use the Proprietary Probing Protocol to send special UDP RDP packets to port ____ to discover if an IP is accessible.

246. Which of the following statements is TRUE concerning MEP VPN's?

247. Which of the following statements is TRUE concerning MEP VPN's?

248. Which of the following statements is TRUE concerning MEP VPN's?

249. Which of the following statements is TRUE concerning MEP VPN's?

250. You need to publish GAiA routes using the OSPF routing protocol.

What is the correct command structure, once entering the route command, to implement OSPF successfully?

251. At what router prompt would you save your OSPF configuration?

252. What is the router command to save your OSPF configuration?

253. What is the command to show OSPF adjacencies?

254. A VPN Tunnel Interface (VTI) is defined on Secure Platform Pro as:

vpn shell interface add numbered 10.10.0.1 10.10.0.2 madrid.cp

What do you know about this VTI?

255. Which of the following operating systems support numbered VTI's?

256. Which type of routing relies on a VPN Tunnel Interface (VTI) to route traffic?

257. You have installed Secure Platform R76 as Security Gateway operating system. As company requirements changed, you need the VTI features of R76.

What should you do?

258. Which operating system(s) support(s) unnumbered VPN Tunnel Interfaces (VTIs) for route-based VPN's?

259. You have three Gateways in a mesh community. Each gateway's VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway based on Topology information.

You want to test the route-based VPN, so you created VTIs among the Gateways and created static route entries for the VTIs.

However, when you test the VPN, you find out the VPN still go through the regular domain IPsec tunnels instead of the routed VTI tunnels.

What is the problem and how do you make the VPN use the VTI tunnels?

260. When configuring a Permanent Tunnel between two gateways in a Meshed VPN community, in what object is the tunnel managed?

261. Which of the following commands would you run to remove site-to-site IKE and IPSec Keys?

262. Which of the following log files contains information about the negotiation process for encryption?

263. Which of the following log files contains verbose information regarding the negotiation process and other encryption failures?

264. What is the most common cause for a Quick mode packet 1 failing with the error "No Proposal Chosen" error?

265. Which component receives events and assigns severity levels to the events; invokes any defined automatic reactions, and adds the events to the Events Data Base?

266. The ______________ contains the Events Data Base.

267. The Smart Event Correlation Unit:

268. The Smart Event Server:

269. The Smart Event Client:

270. The Smart Event Correlation Unit:

271. The Smart Event Correlation Unit:

272. The Smart Event Server:

273. What are the 3 main components of the Smart Event Software Blade?

274. How many Events can be shown at one time in the Event preview pane?

275. You are reviewing computer information collected in Client Info.

You can NOT:

276. Which of the following is NOT a Smart Event Permission Profile type?

277. What is the Smart Event Correlation Unit's function?

278. What is the Smart Event Analyzer's function?

279. What is the Smart Event Client's function?

280. A tracked Smart Event Candidate in a Candidate Pool becomes an Event.

What does NOT happen in the Analyzer Server?

281. How many pre-defined exclusions are included by default in Smart Event R76 as part of the product installation?

282. What is the purpose of the pre-defined exclusions included with Smart Event R76?

283. What is the benefit to running Smart Event in Learning Mode?

284. ______________ is NOT an Smart Event event-triggered Automatic Reaction.

285. For best performance in Event Correlation, you should use:

286. What access level cannot be assigned to an Administrator in Smart Event?

287. _______________ manages Standard Reports and allows the administrator to specify automatic uploads of reports to a central FTP server.

288. _____________ generates a Smart Event Report from its SQL database.

289. Which Smart Reporter report type is generated from the Smart View Monitor history file?

290. Which Check Point product is used to create and save changes to a Log Consolidation Policy?

291. Which Check Point product implements a Consolidation Policy?

292. You have selected the event Port Scan from Internal Network in Smart Event, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other.

How would you accomplish this?

293. When do modifications to the Event Policy take effect?

294. To back up all events stored in the Smart Event Server, you should back up the contents of which folder (s)?

295. To clean the system of all events, you should delete the files in which folder(s)?

296. What Smart Console application allows you to change the Log Consolidation Policy?

297. Where is it necessary to configure historical records in Smart View Monitor to generate Express reports in Smart Reporter?

298. In a UNIX environment, Smart Reporter Data Base settings could be modified in:

299. In a Windows environment, Smart Reporter Data Base settings could be modified in:

300. Which specific R76 GUI would you use to view the length of time a TCP connection was open?

301. Smart Reporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:

302. What is the best tool to produce a report which represents historical system information?

303. If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?

304. Your company has the requirement that Smart Event reports should show a detailed and accurate view of network activity but also performance should be guaranteed.

Which actions should be taken to achieve that?

(i) Use same hard driver for database directory, log files and temporary directory

(ii) Use Consolidation Rules

(iii) Limit logging to blocked traffic only

(iv) Using Multiple Database Tables

305. To help organize events, Smart Reporter uses filtered queries.

Which of the following is NOT an Smart Event property you can query?

306. When migrating the Smart Event data base from one server to another, the first step is to back up the files on the original server.

Which of the following commands should you run to back up the Smart Event data base?

307. When migrating the Smart Event data base from one server to another, the last step is to save the files on the new server.

Which of the following commands should you run to save the Smart Event data base files on the new server?

308. How could you compare the Fingerprint shown to the Fingerprint on the server?

309. Which file defines the fields for each object used in the file objects. C (color, num/string, default value…)?

310. Which procedure creates a new administrator in Smart Workflow?

311. When you check Web Server in a host-node object, what happens to the host?

312. Which external user authentication protocols are supported in SSL VPN?

313. Which of the following commands can be used to stop Management portal services?

314. Which of the following manages Standard Reports and allows the administrator to specify automatic uploads of reports to a central FTP server?

315. What is a task of the Smart Event Correlation Unit?

316. Based on the following information, which of the statements below is FALSE?

A DLP Rule Base has the following conditions:

Data Type =Password Protected File

Source=My Organization

Destination=Outside My Organization

Protocol=Any

Action=Ask User

Exception: Data Type=Any,

- Source=Research and Development (R&D)

- Destination=Pratner1.com

- Protocol=Any

All other rules are set to Detect. User Check is enabled and installed on all client machines.

317. You use the snapshot feature to store your Connecter SSL VPN configuration.

What do you expect to find?