Labour Day Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Checkpoint
  3. Checkpoint Certification
  4. 156-315.77 - Check Point Certified Security Expert

Checkpoint 156-315.77 Check Point Certified Security Expert Exam Practice Test

Demo: 100 questions
Total 754 questions
Get 156-315.77 Full Access Download 156-315.77 PDF

Check Point Certified Security Expert Questions and Answers

Question 1

Which of the following is the preferred method for adding static routes in GAiA?

Options:

A.

In the CLI with the command “route add”

B.

In Web Portal, under Network Management > IPv4 Static Routes

C.

In the CLI via sysconfig

D.

In SmartDashboard under Gateway Properties > Topology

Question 2

You are preparing computers for a new ClusterXL deployment. For your cluster, you plan to use three machines with the following configurations:

Cluster Member 1: OS - GAiA; NICs - QuadCard; Memory - 1 GB; Security Gateway - version: R71 and primary Security Management Server installed, version: R77

Cluster Member 2: OS - GAiA; NICs - 4 Intel 3Com; Memory - 1 GB; Security Gateway only, version: R77

Cluster Member 3: OS - GAiA; NICs - 4 other manufacturers; Memory - 512 MB; Security Gateway only, version: R77

Are these machines correctly configured for a ClusterXL deployment?

Options:

A.

No, Cluster Member 3 does not have the required memory.

B.

Yes, these machines are configured correctly for a ClusterXL deployment.

C.

No, the Security Management Server is not running the same operating system as the cluster members.

D.

No, the Security Gateway cannot be installed on the Security Management Server.

Question 3

MegaCorp has two different types of hardware with Check Point GAiA installed and set up as gateways. The Administrator wants to provide redundancy in case one of them fails. Choose the best approach.

Options:

A.

Configure Gateway HA

B.

Configure Management HA for gateways

C.

Configure ClusterXL

D.

Configure VRRP

Question 4

Which protocol can be used to provide logs to third-party reporting?

Options:

A.

CPMI (Check Point Management Interface)

B.

LEA (Log Export API)

C.

AMON (Application Monitoring)

D.

ELA (Event Logging API)

Question 5

When using migrate to upgrade a Secure Management Server, which of the following is included in the migration?

Options:

A.

System interface configuration

B.

SmartEvent database

C.

classes.C file

D.

SmartReporter database

Question 6

During a Security Management Server migrate export, the system:

Options:

A.

Creates a backup file that includes the SmartEvent database.

B.

Creates a backup archive for all the Check Point configuration settings.

C.

Saves all system settings and Check Point product configuration settings to a file.

D.

Creates a backup file that includes the SmartReporter database.

Question 7

The process _____ is responsible for GUI Client communication with the SmartCenter.

Options:

A.

CPGUI

B.

CPD

C.

FWD

D.

FWM

Question 8

A snapshot delivers a complete backup of GAiA. How do you restore a local snapshot named MySnapshot.tgz?

Options:

A.

Reboot the system and call the start menu. Select option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.

B.

As Expert user, type command snapshot - R to restore from a local file. Then, provide the correct file name.

C.

As Expert user, type command revert --file MySnapshot.tgz.

D.

As Expert user, type command snapshot -r MySnapshot.tgz.

Question 9

Typically, when you upgrade the Security Management Server, you install and configure a fresh R77 installation on a new computer and then migrate the database from the original machine.

What is the correct order of the steps below to successfully complete this procedure?

1) Export databases from source.

2) Connect target to network.

3) Prepare the source machine for export.

4) Import databases to target.

5) Install new version on target.

6) Test target deployment.

Options:

A.

3, 1, 5, 4, 2, 6

B.

5, 2, 6, 3, 1, 4

C.

3, 5, 1, 4, 6, 2

D.

6, 5, 3, 1, 4, 2

Question 10

What is the correct policy installation process order?

1) Verification

2) Code generation and compilation

3) Initiation

4) Commit

5) Conversion

6) CPTA

Options:

A.

1, 2, 3, 4, 5, 6

B.

3, 1, 5, 2, 6, 4

C.

4, 2, 3, 5, 6, 1

D.

6, 5, 4, 3, 2, 1

Question 11

Public keys and digital certificates provide which of the following? Select three.

Options:

A.

Non repudiation

B.

Data integrity

C.

Availability

D.

Authentication

Question 12

If a digital signature is used to achieve both data-integrity checking and verification of sender, digital signatures are only used when implementing:

Options:

A.

A symmetric-encryption algorithm

B.

CBL-DES

C.

Triple DES

D.

An asymmetric-encryption algorithm

Question 13

For a dedicated DLP Gateway that runs in inline bridge mode, why is it important to properly define the topology?

Options:

A.

Topology definition is necessary for correct anti-spoofing.

B.

Topology is used for Hide NAT.

C.

By default. My Organization is defined by the internal interfaces of a DLP Gateway.

D.

Topology definition is used for VPN communities definition.

Question 14

Network applications accessed using SSL Network Extender have been found to fail after one of their TCP connections has been left idle for more than one hour.

You determine that you must enable sending reset (RST) packets upon TCP time-out expiration.

Where is it necessary to change the setting?

Options:

A.

$FWDIR/conf/objects_5_0.C

B.

$FWDIR/conf/objects.C

C.

$WEBISDIR/conf/cpadmin.elg

D.

$CVPNDIR/conf/cvpnd.C

Question 15

You need to verify the effectiveness of your IPS configuration for your Web server farm.

You have a colleague run penetration tests to confirm that the Web servers are secure against traffic hijacks.

Of the following, which would be the best configuration to protect from a traffic hijack attempt?

Options:

A.

Enable the Web intelligence > SQL injection setting.

B.

Activate the Cross-Site Scripting property.

C.

Configure TCP defenses such as Small PMTU size.

D.

Create resource objects for the Web farm servers and configure rules for the Web farm.

Question 16

Which changes are tracked by SmartWorkflow?

Options:

A.

SmartDashboard, SmartView Tracker and SmartView Monitor logins and logouts

B.

Security Policies and the Rule Base, Network Objects, Network Services, VPN Communities.

C.

Users, Administrators, Groups and VPN Communities

D.

Security Policies and the Rule Base, Network Objects, Network Services, Resources, Users, Administrators, Groups, VPN Communities and Servers and OPSEC Applications.

Question 17

What command will stop all (and only) Management Portal services?

Options:

A.

cpstop

B.

spstop

C.

sportalstop

D.

smartportalstop

Question 18

When upgrading to NGX R65, which Check Point products do not require a license upgrade to be current?

Options:

A.

VPN-1 NGX (R64) and later

B.

VPN-1 NGX (R60) and later

C.

VPN-1 NG with Application Intelligence (R54) and later

D.

None, all versions require a license upgrade

Question 19

Which of the following can NOT be done on the Management Portal?

Options:

A.

Set the Management Portal to use HTTP instead of HTTPS

B.

Configure Management Portal to bypass authentication when connecting from a specific IP address

C.

Restrict hosts / networks that can access the portal

D.

Run the Management Portal on a port other than the default port 4433

Question 20

What is the bit size of DES?

Options:

A.

56

B.

112

C.

168

D.

128

E.

32

F.

64

Question 21

MultiCorp is running Smartcenter R71 on an IPSO platform and wants to upgrade to a new Appliance with R77. Which migration tool is recommended?

Options:

A.

Download Migration Tool R77 for IPSO and Splat/Linux from Check Point website.

B.

Use already installed Migration Tool.

C.

Use Migration Tool from CD/ISO

D.

Fetch Migration Tool R71 for IPSO and Migration Tool R77 for Splat/Linux from CheckPoint website

Question 22

MegaCorp is running Smartcenter R70, some Gateways at R65 and some other Gateways with R60. Management wants to upgrade to the most comprehensive IPv6 support. What should the administrator do first?

Options:

A.

Upgrade Smartcenter to R77 first.

B.

Upgrade R60-Gateways to R65.

C.

Upgrade every unit directly to R77.

D.

Check the ReleaseNotes to verify that every step is supported.

Question 23

Paul has just joined the MegaCorp security administration team. Natalie, the administrator, creates a new administrator account for Paul in SmartDashboard and installs the policy. When Paul tries to login it fails. How can Natalie verify whether Paul’s IP address is predefined on the security management server?

Options:

A.

Login to Smart Dashboard, access Properties of the SMS, and verify whether Paul’s IP address is listed.

B.

Type cpconfig on the Management Server and select the option “GUI client List” to see if Paul’s IP address is listed.

C.

Login in to Smart Dashboard, access Global Properties, and select Security Management, to verify whether Paul’s IP address is listed.

D.

Access the WEBUI on the Security Gateway, and verify whether Paul’s IP address is listed as a GUI client.

Question 24

Fill in the blank.

In Load Sharing Unicast mode, the internal cluster IP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2. Internal host 10.4.8.108 Pings 10.4.8.3, and receives replies. The following is the ARP table from the internal Windows host 10.4.8.108.

Review the exhibit and type the IP address of the member serving as the pivot machine in the space below.

Options:

Question 25

Fill in the blank.

Write the full fw command and syntax that you would use to troubleshoot ClusterXL sync issues.

Options:

Question 26

Jon is explaining how the inspection module works to a colleague. If a new connection passes through the inspection module and the packet matches the rule, what is the next step in the process?

Options:

A.

Verify if another rule exists.

B.

Verify if any logging or alerts are defined.

C.

Verify if the packet should be moved through the TCP/IP stack.

D.

Verify if the packet should be rejected.

Question 27

Fill in the blank.

Type the command and syntax that you would use to view the virtual cluster interfaces of a ClusterXL environment.

Options:

Question 28

Fill in the blank.

The command useful for debugging by capturing packet information, including verifying LDAP authentication on all Check Point platforms is _____

Options:

Question 29

Fill in the blank.

In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. An internal host 10.4.8.108 successfully pings its Cluster and receives replies.

Review the ARP table from the internal Windows host 10.4.8.108. Based on this information, what is the active cluster member’s IP address?

Options:

Question 30

Fill in the blank.

In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2 Internal host 10.4.8.108 pings 10.4.8.3, and receives replies.

Review the ARP table from the internal Windows host 10.4.8.108. According to the output, which member is the standby machine?

Options:

Question 31

Which of the following is a CLI command for Security Gateway R77?

Options:

A.

fw merge

B.

fw tab -u

C.

fw shutdown

D.

fwm policy_print

Question 32

You intend to upgrade a Check Point Gateway from R65 to R76.

To avoid problems, you decide to back up the Gateway.

Which approach allows the Gateway configuration to be completely backed up into a manageable size in the least amount of time?

Options:

A.

snapshot

B.

database revision

C.

backup

D.

upgrade export

Question 33

Your primary SmartCenter Server is installed on a Secure PlatformPro machine, which is also a VPN-1 Pro Gateway. You want to implement Management High Availability (HA). You have a spare machine to configure as the secondary SmartCenter Server. How do you configure the new machine to be the standby SmartCenter Server, without making any changes to the existing primary SmartCenter Server? (Changes can include uninstalling and reinstalling.)

Options:

A.

You cannot configure Management HA, when either the primary or secondary SmartCenter Server is running on a VPN-1 Pro Gateway.

B.

The new machine cannot be installed as the Internal Certificate Authority on its own.

C.

The secondary Server cannot be installed on a SecurePlatform Pro machine alone.

D.

Install the secondary Server on the spare machine. Add the new machine to the same network as the primary Server.

Question 34

Which task will ThreatSpect Engine NOT do?

Options:

A.

Look for suspicious activity by monitoring outgoing mail traffic

B.

Review the IPS signatures

C.

Review the networks signatures for Bot families

D.

Perform a reputation check

Question 35

In Company XYZ, the DLP Administrator defined a new template Data Type that is based on an empty PDF form for an insurance claim.

Which of the following statements about this new data type are CORRECT?

Options:

A.

Only completed insurance claim forms of PDF file-type that were based on the empty PDF form will be matched by this Data Type.

B.

If the empty PDF insurance claim form is sent, it will NOT be matched by this Data Type.

C.

Word, Excel, PDF filled in insurance claim forms that were based on the empty PDF insurance claim form will be matched by this Data Type.

D.

The Data Type will match only files where the name and file size is similar to that of the original insurance claim forms in PDF format.

Question 36

John is the Security Administrator in his company. He installs a new R77 Security Management Server and a new R77 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard - "Trust established" SIC still does not seem to work because the policy won't install and interface fetching does not work. What might be a reason for this?

Options:

A.

It always works when the trust is established

B.

This must be a human error.

C.

SIC does not function over the network.

D.

The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid.

Question 37

The TotallyCoolSecurity Company has a large security staff. Bob configured a new IPS Chicago_Profile for fw-chicago using Detect mode. After reviewing logs, Matt noticed that fw-Chicago is not detecting any of the IPS protections that Bob had previously setup.

Analyze the output below and determine how Matt can correct the problem.

Options:

A.

Matt should assign the fw-chicago Security Gateway to the Chicago_Profile.

B.

Matt should change the Chicago_Profile to use Protect mode because Detect mode will not work.

C.

Matt should re-create the Chicago_Profile and select Activate protections manually instead of per the IPS Policy.

D.

Matt should activate the Chicago_Profile as it is currently not activated.

Question 38

Jack needs to configure CoreXL on his Red Security Gateway. What are the correct steps to enable CoreXL?

Options:

A.

SSH to Red Security Gateway, run cpconfig > select Configure Check Point CoreXL > enable CoreXL > exit cpconfig > reboot the Security Gateway

B.

SSH to Red Security Gateway, run cpconfig > select Configure Check Point CoreXL > exit cpconfig > reboot the Security Gateway

C.

Open the SmartDashboard, Open the Red Check Point Object, select ClusterXL, check the CoreXL box, and push policy

D.

Open the SmartDashboard, Open the Red Check Point Object, select Optimizations, check the CoreXL box, and push policy

Question 39

You have installed a R77 Security Gateway on GAiA. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy.

When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?

Options:

A.

The new Gateway's temporary license has expired.

B.

The object was created with Node > Gateway.

C.

The Gateway object is not specified in the first policy rule column Install On.

D.

No Masters file is created for the new Gateway.

Question 40

Which of the following commands can be used to stop Management portal services?

Options:

A.

fw stopportal

B.

cpportalstop

C.

cpstop / portal

D.

smartportalstop

Question 41

For Management High Availability, if an Active SMS goes down, does the Standby SMS automatically take over?

Options:

A.

Yes, if you set up VRRP

B.

Yes, if you set up ClusterXL

C.

No, the transition should be initiated manually

D.

Yes, if you set up SecureXL

Question 42

In Management High Availability, what is an Active SMS?

Options:

A.

Active Security Master Server

B.

Active Smart Master Server

C.

Active Smart Management Server

D.

Active Security Management Server

Question 43

What configuration change must you make to change an existing ClusterXL cluster object from Multicast to Unicast mode?

Options:

A.

Change the cluster mode to Unicast on the cluster object. Reinstall the Security Policy.

B.

Change the cluster mode to Unicast on each of the cluster-member objects.

C.

Run cpstop and cpstart, to re-enable High Availability on both objects. Select Pivot mode in cpconfig.

D.

Reset Secure Internal Communications (SIC) on the cluster-member objects. Reinstall the Security Policy.

Question 44

When a packet is flowing through the security gateway, which one of the following is a valid inspection path?

Options:

A.

Acceleration Path

B.

Small Path

C.

Firewall Path

D.

Medium Path

Question 45

Which method of load balancing describes “Round Robin”?

Options:

A.

Assigns service requests to servers at random.

B.

Ensures that incoming requests are handled by the server with the fastest response time.

C.

Measures the load on each server to determine which server has the most available resources.

D.

Assigns service requests to the next server in a series.

Question 46

What SmartConsole application allows you to change the SmartReporter Policy?

Options:

A.

SmartDashboard

B.

SmartReporter

C.

SmartEvent Server

D.

SmartUpdate

Question 47

You are reviewing computer information collected in ClientInfo. You can NOT:

Options:

A.

Run Google.com search using the contents of the selected cell.

B.

Enter new credential for accessing the computer information.

C.

Save the information in the active tab to an .exe file.

D.

Copy the contents of the selected cells.

Question 48

How can you disable SecureXL via the command line (it does not need to survive a reboot)?

Options:

A.

fw ctl accel off

B.

securexl off

C.

fwaccel off

D.

fw xl off

Question 49

Fill in the blank. The command that typically generates the firewall application, operating system, and hardware specific drivers is _____.

Options:

Question 50

_____ manages Standard Reports and allows the administrator to specify automatic uploads of reports to a central FTP server.

Options:

A.

SmartReporter Database

B.

SmartReporter

C.

SmartDashboard Log Consolidator

D.

Security Management Server

Question 51

The process that performs the authentication for SSL VPN Users is:

Options:

A.

cpd

B.

cvpnd

C.

fwm

D.

vpnd

Question 52

Which process should you debug if SmartDashboard login fails?

Options:

A.

sdm

B.

cpd

C.

fwd

D.

fwm

Question 53

Control connections between the Security Management Server and the Gateway are not encrypted by the VPN Community. How are these connections secured?

Options:

A.

They are not secured.

B.

They are not encrypted, but are authenticated by the Gateway

C.

They are encrypted and authenticated using SIC.

D.

They are secured by PPTP

Question 54

When configuring an LDAP Group object, select option _____ if you want the gateway to reference a specific group defined on the LDAP server for authentication purposes.

Options:

A.

Group Agnostic

B.

All Account-Unit's Users

C.

Only Sub Tree

D.

Only Group in Branch

Question 55

What is the proper command for importing users into the R77 User Database?

Options:

A.

fwm importusrs

B.

fwm dbimport

C.

fwm import

D.

fwm importdb

Question 56

Which of the following is a valid Active Directory designation for user Jane Doe in the MIS department of AcmeCorp.com?

Options:

A.

Cn=jane_doe,ou=MIS,dc=acmecorp,dc=com

B.

Cn= jane_doe,ou=MIS,cn=acmecorp,dc=com

C.

Cn= jane_doe,ca=MIS,dc=acmecorp,dc=com

D.

Cn= jane_doe,ca=MIS,cn=acmecorp,dc=com

Question 57

User definitions are stored in _____.

Options:

A.

$FWDIR/conf/users.NDB

B.

$FWDIR/conf/fwmuser.conf

C.

$FWDIR/conf/fwusers.conf

D.

$FWDIR/conf/fwauth.NDB

Question 58

Fill in the blank.

MultiCorp is located in Atlanta. It has a branch office in Europe, Asia, and Africa. Each location has its own AD controller for local user login. How many ADqueries have to be configured?

Options:

Question 59

When an Endpoint user is able to authenticate but receives a message from the client that it is unable to enforce the desktop policy, what is the most likely scenario?

Options:

A.

The gateway could not locate the user in SmartDirectory and is allowing the connection with limitations based on a generic profile.

B.

The user’s rights prevent access to the protected network.

C.

A Desktop Policy is not configured.

D.

The user is attempting to connect with the wrong Endpoint client.

Question 60

The process _____ is responsible for the authentication for Remote Access clients.

Options:

A.

fwm

B.

vpnd

C.

cvpnd

D.

cpd

Question 61

What does the command vpn crl_zap do?

Options:

A.

Nothing, it is not a valid command

B.

Erases all CRL’s from the gateway cache

C.

Erases VPN certificates from cache

D.

Erases CRL’s from the management server cache

Question 62

Which graded parameters help determine the protections to activate for security and which can be safely deactivated? Select the most correct answer.

Options:

A.

Type, Severity, Confidence level, Performance impact, Geo information.

B.

Severity, Confidence level, Performance impact, Protection type.

C.

Type, Severity, Confidence level, Performance impact.

D.

Type, Severity, Confidence level, Performance impact, Protection type.

Question 63

Katie has enabled User Directory and applied the license to Security Management Server, Green. Her supervisor has asked her to configure the Password Strength options of the least one digit, one symbol, 8 characters long and include an uppercase character. How should she accomplish this?

Options:

A.

Open the SmartDashboard, Select Global properties, select Identity Awareness; check the boxes for Password must include an upper character, Password must include a digit, Password must include a symbol and change the password length to 8 characters.

B.

Open the SmartDashboard, Select Global properties, select User Authority; check the boxes for Password must include an upper character, Password must include a digit and Password must include a symbol.

C.

Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, and Password must include a symbol.

D.

Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, Password must include a symbol and change the password length to 8 characters.

Question 64

In GAiA, if one is unsure about a possible command, what command lists all possible commands.

Options:

A.

show all |grep commands

B.

show configuration

C.

show commands

D.

get all commands

Question 65

Lilly has generated an IKE debug on her Security Gateway. She has asked Jack to transfer the file to Support. Where is the file located?

Options:

A.

$FWDIR/log/ike.elg

B.

$FWDIR/opt/vpnd.elg

C.

$FWDIR/opt/ike.elg

D.

$FWDIR/log/vpnd.elg

Question 66

Which of the following is NOT an internal/native Check Point command?

Options:

A.

fwaccel on

B.

fw ctl debug

C.

tcpdump

D.

cphaprob

Question 67

In Gaia, the operating system can be changed to 32-bit or 64-bit, provided the processor supports 64-bit. What command toggles to 64-bit.

Options:

A.

set bitrate 64

B.

set edition default 64

C.

configure edition 64-bit

D.

set edition default 64-bit

Question 68

Fill in the blank.

You can set Acceleration to ON or OFF using command syntax _____.

Options:

Question 69

How do you verify the Check Point kernel running on a firewall?

Options:

A.

fw ver -k

B.

fw ctl pstat

C.

fw ctl get kernel

D.

fw kernel

Question 70

Frank is concerned with performance and wants to configure the affinities settings. His gateway does not have the Performance pack running. What would Frank need to perform in order configure those settings?

Options:

A.

Edit affinity.conf and change the settings

B.

Run fw affinity and change the settings

C.

Edit $FWDIR/conf/fwaffinity.conf and change the settings

D.

Run sim affinity and change the settings

Question 71

Where do you define NAT properties so that NAT is performed either client side or server side? In SmartDashboard under:

Options:

A.

Gateway Setting

B.

NAT Rules

C.

Global Properties > NAT definition

D.

Implied Rules

Question 72

The “MAC Magic” value must be modified under the following condition:

Options:

A.

There is more than one cluster connected to the same VLAN

B.

A firewall cluster is configured to use Multicast for CCP traffic

C.

There are more than two members in a firewall cluster

D.

A firewall cluster is configured to use Broadcast for CCP traffic

Question 73

What firewall kernel table stores information about port allocations for Hide NAT connections?

Options:

A.

NAT_dst_any_list

B.

NAT_alloc

C.

NAT_src_any_list

D.

fwx_alloc

Question 74

What is the proper CLISH syntax to configure a default route via 192.168.255.1 in GAiA?

Options:

A.

set static-route default nexthop gateway address 192.168.255.1 priority 1 on

B.

set static-route 192.168.255.0/24 nexthop gateway logical ethl on

C.

set static-route 192.168.255.0/24 nexthop gateway address 192.168.255.1 priority 1 on

D.

set static-route nexthop default gateway logical 192.168.255.1 priority 1 on

Question 75

You are the MegaCorp Security Administrator. This company uses a firewall cluster, consisting of two cluster members. The cluster generally works well but one day you find that the cluster is behaving strangely. You assume that there is a connectivity problem with the cluster synchronization link (cross-over cable). Which of the following commands is the BEST for testing the connectivity of the crossover cable?

Options:

A.

ifconfig -a

B.

arping

C.

telnet

D.

ping

Question 76

Which is NOT a method through which Identity Awareness receives its identities?

Options:

A.

AD Query

B.

Group Policy

C.

Identity Agent

D.

Captive Portal

Question 77

Which of the following access options would you NOT use when configuring Captive Portal?

Options:

A.

From the Internet

B.

Through all interfaces

C.

Through internal interfaces

D.

Through the Firewall policy

Question 78

When using Captive Portal to send unidentified users to a Web portal for authentication, which of the following is NOT a recommended use for this method?

Options:

A.

For deployment of Identity Agents

B.

Identity-based enforcement for non-AD users (non-Windows and guest users)

C.

Leveraging identity in Internet application control

D.

Basic identity enforcement in the internal network

Question 79

Which two processes are responsible on handling Identity Awareness?

Options:

A.

pdp and lad

B.

pdp and pdp-11

C.

pep and lad

D.

pdp and pep

Question 80

In the following cluster configuration; if you reboot sglondon_1 which device will be active when sglondon_1 is back up and running? Why?

Options:

A.

sglondon_1 because it the first configured object with the lowest IP.

B.

sglondon_2 because sglondon_1 has highest IP.

C.

sglondon_1, because it is up again, sglondon_2 took over during reboot.

D.

sglondon_2 because it has highest priority.

Question 81

You want to upgrade a cluster with two members to VPN-1 NGX. The Smart CenterServer and both members are version VPN-1/Firewall-1 NG FP3, with the latest Hotfix.

What is the correct upgrade procedure?

1. Change the version, in the General Properties of the gateway-cluster object.

2. Upgrade the Smart CenterServer, and reboot after upgrade.

3. Run cpstop on one member, while leaving the other member running. Upgrade one member at a time, and reboot after upgrade.

4. Reinstall the Security Policy.

Options:

A.

3, 2, 1, 4

B.

2, 4, 3, 1

C.

1, 3, 2, 4

D.

2, 3, 1, 4

E.

1, 2, 3, 4

Question 82

A Smart ProvisioningGateway could be a member of which VPN communities?

(i) Center In Star Topology

(ii) Satellite in Star Topology

(iii) Carter in Remote Access Community

(iv) Meshed Community

Options:

A.

(ii) and (iii)

B.

All

C.

(i), (ii) and (iii)

D.

(ii) only

Question 83

Match the Best Management High Availability synchronization-status descriptions for your Security Management Server (SMS):

Options:

A.

A - 3, B - 1, C - 2, D - 4

B.

A - 3, B - 1, C - 4, D - 2

C.

A - 4, B - 3, C - 1, D - 2

D.

A - 3, B - 2, C - 1, D - 4

Question 84

Based on the following information, which of the statements below is FALSE?

A DLP Rule Base has the following conditions:

Data Type =Password Protected File

Source=My Organization

Destination=Outside My Organization

Protocol=Any

Action=Ask User

Exception: Data Type=Any,

Source=Research and Development (R&D)

Destination=Pratner1.com

Protocol=Any

All other rules are set to Detect. User Check is enabled and installed on all client machines.

Options:

A.

When a user from R&D sends an e-mail with a password protected PDF file as an attachment to xyz@partner1 .com, he will be prompted by User Check.

B.

When a user from Finance sends an e-mail with an encrypted ZIP file as an attachment to. He will be prompted by User Check.

C.

Another rule is added: Source = R&D, Destination = partner1.com, Protocol = Any, Action = Inform. When a user from R&D sends an e-mail with an encrypted ZIP file as an attachment to, he will be prompted by User Check.

D.

When a user from R&D sends an e-mail with an encrypted ZIP file as an attachment to , he will NOT be prompted by User Check.

Question 85

In Company XYZ, the DLP Administrator defined a new Keywords Data Type that contains a list of secret project names; i.e., Ayalon, Yarkon, Yarden. The threshold is set to At least 2 keywords or phrases. Based on this information, which of the following scenarios will be a match to the Rule Base?

Options:

A.

A PDF file that contains the following textYarkon1 can be the code name for the new product.Yardens list of protected sites

B.

An MS Excel file that contains the following text Mort resources for Yarkon project..Are you certain this is about Yarden?

C.

A word file that contains the following text will match:AyalonayalonAYALON

D.

A password protected MS Excel file that contains the following text AyalonYarkonYarden

Question 86

What command will allow you to disable sync on a cluster firewall member?

Options:

A.

fw ctl syncstat stop

B.

fw ctl setsync off

C.

fw ctl setsync 0

D.

fw ctl syncstat off

Question 87

What is the lowest possible version a Security Gateway may be running in order to use it as an LSM enabled Gateway?

Options:

A.

NG-AI R55 HFAJ7

B.

NGX R60

C.

NGXR65HFA_50

D.

NGX R71

Question 88

Match the SmartDashboard session status icons with the appropriate SmartWorkflow session status:

Options:

A.

1-A, 2-B, 3-C, 4-D, 5-E

B.

1-B, 2-A, 3-D, 4-E, 5-C

C.

1-C, 2-B, 3-A, 4-D, 5-E

D.

1-E, 2-D, 3-C, 4-B, 5-A

Question 89

What Smart Console application allows you to change the Log Consolidation Policy?

Options:

A.

Smart Dashboard

B.

Smart Reporter

C.

Smart Update

D.

Smart Event Server

Question 90

Which technology is responsible for assembling packet streams and passing ordered data to the protocol parsers in IPS?

Options:

A.

Pattern Matcher

B.

Content Management Infrastructure

C.

Accelerated INSPECT

D.

Packet Streaming Layer

Question 91

You are trying to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. You see the following window. What must you enable to see the Directional Match?

Exhibit:

Options:

A.

directional_match (true) in the objects_5_0.C file on Security Management Server

B.

VPN Directional Match on the Gateway object’s VPN tab

C.

VPN Directional Match on the VPN advanced window, in Global Properties

D.

Advanced Routing on each Security Gateway

Question 92

What is the command to show OSPF adjacencies?

Options:

A.

show ospf summary-address

B.

show ospf interface

C.

show ospf neighbors

D.

show running-config

Question 93

A VPN Tunnel Interface (VTI) is defined on GAiA as:

vpn shell interface add numbered 10.10.0.1 10.10.0.2 madrid.cp

What do you know about this VTI?

Options:

A.

10.10.0.1 is the local Gateway’s internal interface, and 10.10.0.2 is the internal interface of the remote Gateway.

B.

The peer Security Gateway’s name is madrid.cp.

C.

The VTI name is madrid.cp.

D.

The local Gateway's object name is madrid.cp.

Question 94

Review the following list of actions that Security Gateway R75 can take when it controls packets. The Policy Package has been configured for Simplified Mode VPN. Select the response below that includes the available actions:

Options:

A.

Accept, Reject, Encrypt, Drop

B.

Accept, Hold, Reject, Proxy

C.

Accept, Drop, Reject, Client Auth

D.

Accept, Drop, Encrypt, Session Auth

Question 95

What type of object may be explicitly defined as a MEP VPN?

Options:

A.

Star VPN Community

B.

Any VPN Community

C.

Mesh VPN Community

D.

Remote Access VPN Community

Question 96

Which of the following statements is TRUE concerning MEP VPN’s?

Options:

A.

MEP Security Gateways can be managed by separate Management Servers.

B.

The VPN Client is assigned a Security Gateway to connect to based on a priority list, should the first connection fail.

C.

State synchronization between Security Gateways is required.

D.

MEP VPN’s are restricted to the location of the gateways.

Question 97

Which type of VPN routing relies on a VPN Tunnel Interface (VTI) to route traffic?

Options:

A.

Host-based VPN

B.

Route-based VPN

C.

Domain-based VPN

D.

Subnet-based VPN

Question 98

Which of the following is TRUE concerning numbered VPN Tunnel Interfaces (VTIs)?

Options:

A.

VTIs are assigned only local addresses, not remote addresses

B.

VTIs cannot share IP addresses

C.

VTIs are only supported on IPSO

D.

VTIs cannot use an already existing physical-interface IP address

Question 99

There are times when you want to use Link Selection to manage high-traffic VPN connections. With Link Selection you can:

Options:

A.

Assign links to specific VPN communities.

B.

Probe links for availability.

C.

Use links based on authentication method.

D.

Use links based on Day/Time.

Question 100

When configuring numbered VPN Tunnel Interfaces (VTIs) in a clustered environment, what issues need to be considered?

1) Each member must have a unique source IP address.

2) Every interface on each member requires a unique IP address.

3) All VTI's going to the same remote peer must have the same name.

4) Cluster IP addresses are required.

Options:

A.

1, 2, and 4

B.

2 and 3

C.

1, 2, 3 and 4

D.

1, 3, and 4

Load More 156-315.77 Questions
Demo: 100 questions
Total 754 questions
Get 156-315.77 Full Access Download 156-315.77 PDF