EnsurepassQuestion 121 Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity? A. Static Source B. Static Destination C. Dynamic Destination D. Hide   Answer: D     Question 122 NAT can NOT be configured on which of the following objects? A. Host B. HTTP Logical Server C. Address Range D. Gateway   Answer: B     Question 123 Which Check Point address Read more [...]
EnsurepassQuestion 111 A  rule is used to prevent all traffic going to the R75 Security Gateway. A. Cleanup B. Stealth C. Reject D. IPS   Answer: B     Question 112 In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy > Global Properties > FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to Read more [...]
EnsurepassQuestion 101 A Cleanup rulE. A. drops packets without logging connections that would otherwise be dropped and logged by default. B. logs connections that would otherwise be accepted without logging by default. C. drops packets without logging connections that would otherwise be accepted and logged by default. D. logs connections that would otherwise be dropped without logging by default.   Answer: D     Question 102 Which statement is TRUE about implicit rules? A. You create Read more [...]
EnsurepassQuestion 91 Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway's side with the command cpconfig and put in the same activation key in the Gateway's object on the Security Management Server. Unfortunately, SIC cannot be established. What is a possible reason for the problem? A. Joe forgot to exit from cpconfig. B. The installed policy blocks the communication. C. The old Gateway Read more [...]
EnsurepassQuestion 81 How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address? A. Route Table B. Address resolution (ARP, RARP) C. Name resolution (hosts file, DNS, cache) D. SNMP Get   Answer: C     Question 82 Anti-Spoofing is typically set up on which object type? A. Network B. Security Management object C. Host D. Security Gateway   Answer: D     Question 83 Spoofing is a method of: A. Disguising an illegal Read more [...]
EnsurepassQuestion 71 Which command would provide the most comprehensive diagnostic information to Check Point Technical Support? A. cpstat - date.cpstat.txt B. fw cpinfo C. cpinfo -o date.cpinfo.txt D. diag   Answer: C     Question 72 Which of the following statements accurately describes the command snapshot? A. snapshot creates a Security Management Server full system-level backup on any OS. B. snapshot stores only the system-configuration settings on the Gateway. C. A Gateway snapshot Read more [...]
EnsurepassQuestion 61 When restoring R76 using the command upgrade_import, which of the following items are NOT restored? A. Licenses B. SIC Certificates C. Global properties D. Route tables   Answer: D     Question 62 Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R76 installation benefits. Your plan must meet the following required and desired objectives: Required ObjectivE. The Security Policy repository must Read more [...]
EnsurepassQuestion 51 The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account? A. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/. B. Type fwm lock_admin -u <account name> from the Security Management Server command line. C. Type fwm unlock_admin -u from the Security Gateway command line. D. Type fwm unlock_admin from Read more [...]
EnsurepassQuestion 41 What is the primary benefit of using the command upgrade_export over either backup or snapshot? A. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time. B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not. C. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not. D. upgrade_export Read more [...]
EnsurepassQuestion 31 How can you reset the Security Administrator password that was created during initial Security Management Server installation on SecurePlatform? A. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password. B. Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator. C. Type Read more [...]
EnsurepassQuestion 21 You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation? A. Depends on the license installed on the Security Management Server B. One C. As many as you want D. Only one with full access and one with read-only access   Answer: B     Question 22 During which step in the installation process is it necessary to note the fingerprint for first-time verification? Read more [...]
EnsurepassQuestion 11 Which SmartConsole component can Administrators use to track changes to the Rule Base? A. SmartView Monitor B. SmartReporter C. WebUI D. SmartView Tracker   Answer: D     Question 12 UDP packets are delivered if they are  _. A. referenced in the SAM related dynamic tables B. a valid response to an allowed request on the inverse UDP ports and IP C. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP D. bypassing the kernel by the forwarding Read more [...]
EnsurepassQuestion 1 Which of the following are available SmartConsole clients which can be installed from the R76 Windows CD? Read all answers and select the most complete and valid list. A. SmartView Tracker, CPINFO, SmartUpdate B. SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor C. SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status D. Security Policy Editor, Log Viewer, Real Time Monitor GUI   Answer: A     Question 2 You manage a global network Read more [...]