EnsurepassQuestion 221 Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection? A. Intrusion Detection System (IDS) Policy install B. SAM - Suspicious Activity Rules feature of SmartView Monitor C. Block Intruder feature of SmartView Tracker D. Change the Rule Base and install the Policy to all Security Gateways   Answer: C     Question 222 Which R75 component displays the number Read more [...]
EnsurepassQuestion 211 Which R76 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway? A. SmartUpdate B. SmartView Status C. SmartView Monitor D. None, SmartConsole applications only communicate with the Security Management Server.   Answer: C     Question 212 Which R76 GUI would you use to see the number of packets accepted since the last policy install? A. SmartView Monitor B. SmartView Status C. SmartView Tracker D. SmartDashboard   Read more [...]
EnsurepassQuestion 201 What happens when you run the commanD. fw sam -J src [Source IP Address]? A. Connections to and from the specified target are blocked without the need to change the Security Policy. B. Connections to and from the specified target are blocked with the need to change the Security Policy. C. Connections from the specified source are blocked without the need to change the Security Policy. D. Connections to the specified target are blocked without the need to change the Security Read more [...]
EnsurepassQuestion 191 Which SmartView Tracker selection would most effectively show who installed a Security Policy blocking all traffic from the corporate network? A. Network and Endpoint tab B. Custom filter C. Management tab D. Active tab   Answer: C     Question 192 You are reviewing the Security Administrator activity for a bank and comparing it to the change log. How do you view Security Administrator activity? A. SmartView Tracker in Network and Endpoint Mode B. SmartView Tracker Read more [...]
EnsurepassQuestion 181 You can include External commands in SmartView Tracker by the menu Tools > Custom Commands. The Security Management Server is running under SecurePlatform, and the GUI is on a system running Microsoft Windows. How do you run the command traceroute on an IP address? A. There is no possibility to expand the three pre-defined options Ping, Whois, and Nslookup. B. Go to the menu Tools > Custom Commands and configure the Windows command tracert.exe to the list. C. Use the Read more [...]
EnsurepassQuestion 171 You plan to create a backup of the rules, objects, policies, and global properties from an R76 Security Management Server. Which of the following backup and restore solutions can you use? A. 2, 4, and 5 B. 1, 3, and 4 C. 1, 2, and 3 D. 1, 2, 3, 4, and 5   Answer: C     Question 172 Which R76 feature or command allows Security Administrators to revert to earlier Security Policy versions without changing object configurations? A. Policy Package management B. Database Read more [...]
EnsurepassQuestion 161 You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause? A. The POP3 rule is disabled. B. The POP3 rule is hidden. C. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R75. D. POP3 is accepted in Global Properties.   Answer: B     Question 162 Read more [...]
EnsurepassQuestion 151 Which statement below describes the most correct strategy for implementing a Rule Base? A. Place a network-traffic rule above the administrator access rule. B. Limit grouping to rules regarding specific access. C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down. D. Add the Stealth Rule before the last rule.   Answer: C     Question 152 Which of the following is a viable consideration when determining Read more [...]
EnsurepassQuestion 141 After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue? A. A SmartDefense module has blocked the packet. B. It is due to NAT. C. An IPSO ACL has blocked the packet's outbound passage. D. The packet has been sent out through a VPN tunnel unencrypted.   Answer: B     Question 142 Your internal network is configured to be Read more [...]
EnsurepassQuestion 131 A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server? A. A static route for the NAT IP must be added to the Gateway's upstream router. B. Automatic ARP must be unchecked in the Global Properties. C. Nothing Read more [...]
EnsurepassQuestion 121 Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity? A. Static Source B. Static Destination C. Dynamic Destination D. Hide   Answer: D     Question 122 NAT can NOT be configured on which of the following objects? A. Host B. HTTP Logical Server C. Address Range D. Gateway   Answer: B     Question 123 Which Check Point address Read more [...]
EnsurepassQuestion 111 A  rule is used to prevent all traffic going to the R75 Security Gateway. A. Cleanup B. Stealth C. Reject D. IPS   Answer: B     Question 112 In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy > Global Properties > FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to Read more [...]