156-915.77 Online Practice Questions and Answers

Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?

A. Dynamic Source Address Translation

B. Hide Address Translation

C. Port Address Translation

D. Static Destination Address Translation

You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway's external interface. You browse to the Google Website from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?

A. Two, one for outbound, one for inbound

B. Only one, outbound

C. Two, both outbound, one for the real IP connection and one for the NAT IP connection

D. Only one, inbound

Because of pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti- spoofing settings. What is causing this?

A. Manual NAT rules are not configured correctly.

B. Allow bi-directional NAT is not checked in Global Properties.

C. Routing is not configured correctly.

D. Translate destination on client side is not checked in Global Properties under Manual NAT Rules.

As a Security Administrator, you must refresh the Client Authentication authorization time- out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

A. in the user object's Authentication screen.

B. in the Gateway object's Authentication screen.

C. in the Limit tab of the Client Authentication Action Properties screen.

D. in the Global Properties Authentication screen.

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

A. You checked the cache password on desktop option in Global Properties.

B. Another rule that accepts HTTP without authentication exists in the Rule Base.

C. You have forgotten to place the User Authentication Rule before the Stealth Rule.

D. Users must use the SecuRemote Client, to use the User Authentication Rule.

MegaCorps' disaster recovery plan is past due for an update to the backup and restore section to enjoy the benefits of the new distributed R77 installation. You must propose a plan that meets the following required and desired objectives:

Required: Security Policy repository must be backed up no less frequently than every 24 hours.

Desired: Back up R77 components enforcing the Security Policies at least once a week.

Desired: Back up R77 logs at least once a week.

You develop a disaster recovery plan proposing the following:

*

Use the utility cron to run the command upgrade_export each night on the Security Management Servers.

*

Configure the organization's routine backup software to back up files created by the command upgrade_export.

*

Configure GAiA back up utility to back up Security Gateways every Saturday night.

*

Use the utility cron to run the command upgrade_export each Saturday night on the log servers.

*

Configure an automatic, nightly logswitch.

*

Configure the organization's routine back up software to back up the switched logs every night. The corporate IT change review committee decides your plan:

A.

meets the required objective and only one desired objective.

B.

meets the required objective and both desired objectives.

C.

meets the rquired objective but does not meet either deisred objective.

D.

does not meet the required objective.

Fill in the blank. To verify the SecureXL status, you would enter command _____________ .

A. fwaccel stat

SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:

A. Analyzing traffic patterns against public resources.

B. Possible worm/malware activity.

C. Analyzing access attempts via social-engineering.

D. Tracking attempted port scans.

You have pushed a policy to your firewall and you are not able to access the firewall. What command will allow you to remove the current policy from the machine?

A. fw purge policy

B. fw fetch policy

C. fw purge active

D. fw unload local

A snapshot delivers a complete backup of Secure Platform. The resulting file can be stored on servers or as a local file in /var/CP snapshot/snapshots. How do you restore a local snapshot named MySnapshot.tgz?

A. As Expert user, type command snapshot - R to restore from a local file. Then, provide the correct file name.

B. As Expert user, type command revert --file MySnapshot.tgz.

C. As Expert user, type command snapshot -r MySnapshot.tgz.

D. Reboot the system and call the start menu. Select option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.