156-215.77 Online Practice Questions and Answers

You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet.

What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?

A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.

B. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address.

C. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.

D. Place a static host route on the firewall for the valid IP address to the internal Web server.

The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running GAiA as both Security Management Server and the Security Gateway. This is an example of a(n):

A. Distributed Installation

B. Unsupported configuration

C. Hybrid Installation

D. Stand-Alone Installation

Tom has been tasked to install Check Point R77 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

A. Three machines

B. One machine

C. Two machines

D. One machine, but it needs to be installed using SecurePlatform for compatibility purposes

If you are experiencing LDAP issues, which of the following should you check?

A. Connectivity between the R77 Gateway and LDAP server

B. Secure Internal Communications (SIC)

C. Overlapping VPN Domains

D. Domain name resolution

UDP packets are delivered if they are ___________.

A. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP

B. a valid response to an allowed request on the inverse UDP ports and IP

C. bypassing the kernel by the forwarding layer of ClusterXL

D. referenced in the SAM related dynamic tables

Which command displays the installed Security Gateway version?

A. fw printver

B. fw ver

C. fw stat

D. cpstat -gw

What port is used for communication to the User Center with SmartUpdate?

A. CPMI 200

B. TCP 8080

C. HTTP 80

D. HTTPS 443

You find a suspicious FTP site trying to connect to one of your internal hosts. How do you block it in real time and verify it is successfully blocked? Highlight the suspicious connection in SmartView Tracker:

A. Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view.

B. Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as "dropped?.

C. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.

D. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as "dropped?.

You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how often the particular rules match. Where can you see it? Give the BEST answer.

A. In the SmartView Tracker, if you activate the column Matching Rate.

B. In SmartReporter, in the section Firewall Blade - Activity > Network Activity with information concerning Top Matched Logged Rules.

C. SmartReporter provides this information in the section Firewall Blade - Security > Rule Base Analysis with information concerning Top Matched Logged Rules.

D. It is not possible to see it directly. You can open SmartDashboard and select UserDefined in the Track column. Afterwards, you need to create your own program with an external counter.

Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?

A. Intrusion Detection System (IDS) Policy install

B. Change the Rule Base and install the Policy to all Security Gateways

C. SAM - Block Intruder feature of SmartView Tracker

D. SAM - Suspicious Activity Rules feature of SmartView Monitor