156-215.81.20 Online Practice Questions and Answers

Which encryption algorithm is the least secured?

A. 3DES

B. AES-128

C. DES

D. AES-256

What are valid authentication methods for mutual authenticating the VPN gateways?

A. Pre-shared Secret and PKI Certificates

B. PKI Certificates and Kerberos Tickets

C. Pre-Shared Secrets and Kerberos Ticket

D. PKI Certificates and DynamicID OTP

In SmartEvent, a correlation unit (CU) is used to do what?

A. Receive firewall and other software blade logs in a region and forward them to the primary log server.

B. Collect security gateway logs, index the logs and then compress the logs.

C. Send SAM block rules to the firewalls during a DOS attack.

D. Analyze log entries and identify events.

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

A. ThreatWiki

B. Whitelist Files

C. AppWiki

D. IPS Protections

One of major features in R80 SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?

A. A lock icon shows that a rule or an object is locked and will be available.

B. AdminA and AdminB are editing the same rule at the same time.

C. A lock icon next to a rule informs that any Administrator is working on this particular rule.

D. AdminA, AdminB and AdminC are editing three different rules at the same time.

An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets

are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install). Your partner site indicates they are successfully receiving the GRE

encapsulated keep-alive packets on the 1-minute interval. If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.

Which of the following is the BEST explanation for this behavior?

A. The setting Log does not capture this level of detail for GRE. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way.

B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the R77 Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non-standard GRE protocol for encapsulation.

C. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.

D. The Log Server is failing to log GRE traffic properly because it is VPN traffic. Disable all VPN configuration to the partner site to enable proper logging.

Fill in the blank: A _________ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.

A. Clientless remote access

B. Clientless direct access

C. Client-based remote access

D. Direct access

Fill in the blanks: The _________ collects logs and sends them to the _________ .

A. Log server; security management server

B. Log server; Security Gateway

C. Security management server; Security Gateway

D. Security Gateways; log server

Look at the following screenshot and select the BEST answer.

A. Clients external to the Security Gateway can download archive files from FTP_Ext server using FTP.

B. Internal clients can upload and download any-files to FTP_Ext-server using FTP.

C. Internal clients can upload and download archive-files to FTP_Ext server using FTP.

D. Clients external to the Security Gateway can upload any files to the FTP_Ext-server using FTP.

What is a role of Publishing?

A. The Publish operation sends the modifications made via SmartConsole in the private session and makes them public

B. The Security Management Server installs the updated policy and the entire database on Security Gateways

C. The Security Management Server installs the updated session and the entire Rule Base on Security Gateways

D. Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base