156-215.77 Online Practice Questions and Answers

What happens when you select File > Export from the SmartView Tracker menu?

A. Current logs are exported to a new *.log file.

B. Exported log entries are not viewable in SmartView Tracker.

C. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.

D. Exported log entries are deleted from fw.log.

Which SmartConsole tool would you use to see the last policy pushed in the audit log?

A. SmartView Tracker

B. None, SmartConsole applications only communicate with the Security Management Server.

C. SmartView Status

D. SmartView Server

Your internal network is configured to be 10.1.1.0/24. This network is behind your perimeter R77 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet?

A. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.

B. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.

C. Use automatic Static NAT for network 10.1.1.0/24.

D. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.

When configuring the Check Point Gateway network interfaces, you can define the direction as Internal or External. What does the option Interface leads to DMZ mean?

Exhibit:

A. Using restricted Gateways, this option automatically turns off the counting of IP Addresses originating from this interface.

B. Activating this option automatically turns this interface to External.

C. It defines the DMZ Interface since this information is necessary for Content Control

D. Select this option to automatically configure Anti-Spoofing to this net.

The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

A. When accuracy in detecting identity is crucial

B. Leveraging identity for Data Center protection

C. Protecting highly sensitive servers

D. Identity based enforcement for non-AD users (non-Windows and guest users)

Your company's Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow the Telnet service to itself from any location. How would you configure authentication on the Gateway? With a:

A. Client Authentication rule using the manual sign-on method, using HTTP on port 900

B. Client Authentication rule, using partially automatic sign on

C. Client Authentication for fully automatic sign on

D. Session Authentication rule

Identify the ports to which the Client Authentication daemon listens by default.

A. 259, 900

B. 256, 600

C. 80, 256

D. 8080, 529

Where does the security administrator activate Identity Awareness within SmartDashboard?

A. Gateway Object > General Properties

B. Security Management Server > Identity Awareness

C. Policy > Global Properties > Identity Awareness

D. LDAP Server Object > General Properties

What is the primary benefit of using the command upgrade_export over either backup or snapshot?

A. upgrade_export is operating system independent and can be used when backup or snapshot is not available.

B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.

C. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.

D. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.

You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do?

A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.

B. Run separate SmartConsole instances to login and configure each Security Gateway directly.

C. Create network objects that restrict all applicable rules to only certain networks.

D. Create a separate Security Policy package for each remote Security Gateway.