Question 591

Which internal user authentication protocols are supported in SSL VPN?

A. Check Point Password, SecurID, LDAP, RADIUS, TACACS

B. Check Point Password, SecurID, L2TP, RADIUS, TACACS

C. Check Point Password, SecurID, Active Directory, RADIUS, TACACS

D. Point Password, SecurID, OS Password, RADIUS, TACACS


Answer: D



Question 592

Which Remote Desktop protocols are supported natively in SSL VPN?

A. Microsoft RDP only

B. AT&T VNC and Microsoft RDP

C. Citrix ICA and Microsoft RDP

D. AT&T VNC, Citrix ICA and Microsoft RDP


Answer: C



Question 593

Your customer asks you about the Performance Pack. You explain to him that a Performance Pack is a software acceleration product which improves the performance of the Security Gateway. There are two ways to enable or disable this acceleration. The first one is to use the command cpconfig (see the Figure 1).

The second one is to use the command fwaccel on off (see the Figure 2). What is the difference between those two commands?

A. The command cpconfig works on the Security Platform only. The command fwaccel can be used on all platforms.

B. The fwaccel command determines the default setting. The command cpconfig can dynamically change the setting, but after the reboot it reverts to the default setting.

C. Both commands have the same function.

D. The cpconfig command enables acceleration. The command fwaccel can dynamically change the setting, but after the reboot it reverts to the default setting.


Answer: D



Question 594

Which command can be used to verify SecureXL statistics?

A. fwaccel top

B. fwaccel stats

C. fw ctl pstat

D. cphaprob stat


Answer: B



Question 595

In ClusterXL, which of the following are defined by default as a critical device?


B. Filter

C. fw.d

D. protect.exe


Answer: B



Question 596

You are trying to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. You see the following window.

clip_image002What must you enable to see the Directional Match?

A. VPN Directional Match on the Gateway object’s VPN tab

B. Advanced Routing on each Security Gateway

C. VPN Directional Match on the VPN advanced window, in Global Properties

D. directional_match(true) in the objects_5_0.C file on Security Management Server


Answer: C



Question 597

Which of these four Check Point QoS technologies prevents the transmission of redundant packets when multiple copies of a packet are concurrently queued on the same flow?

A. Weighted Flow Random Early Drop (WFRED)

B. Intelligent Queuing Engine

C. Retransmission Detection Early Drop (RDED)

D. Stateful Inspection


Answer: C



Question 598

Using the output below, why is the QoS rule not limiting the internal users to 2000 Bps of GNUtella traffic?

A. Rule Guarantee needs to be changed to Rule Limit

B. Rule Weight needs to be changed to 10

C. The Source and Destination columns need to be reversed

D. Encrypted traffic needs to be added to the Action field


Answer: A



Question 599

Which technology would describe RDED for Qos?

A. A mechanism for reducing the number of retransmits and retransmit storms.

B. A mechanism for managing packet buffers.

C. A mechanism to accurately classify traffic and place it in the proper transmission queue.

D. A mechanism to derive complete state and context information for all network traffic.


Answer: A



Question 600

Please review the following QoS policy:


Assume you have 200 Kbps bandwidth available at all times. Which statement would describe this policy?

A. The un-named rule has a total Guarantee of 5 Kbps, which should be 50 and lower the other Guarantees.

B. Guarantee values are set too high, you have no bandwidth available for anything else besides traffic describe in first rules.

C. All traffic matching the default rule will have priority

D. All traffic will receive sufficient bandwidth because the default rule has a low weight value.


Answer: B

Comments are closed.