NEW QUESTION 1
An Administrator without access to SmartDashboard installed a new IPSO-based R77 Security Gateway over the weekend. He e-mailed you the SIC activation key and the IP
address of the Security Gateway. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy?

• A. An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway applianc
• B. Resolve by running the command fw unloadlocal on the local Security Gateway.
• C. You first need to run the command fw unloadlocal on the R77 Security Gateway appliance in order to remove the restrictive default policy.
• D. You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway’s topology.
• E. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Serve
• F. You must initialize SIC on the Security Management Server.

Answer: C

NEW QUESTION 2
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?

• A. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
• B. A Rule Base can always be installed on any Check Point firewall objec
• C. It is necessary to select the appropriate target directly after selecting Policy > Install.
• D. In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule.
• E. A Rule Base is always installed on all possible target
• F. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.

Answer: C

NEW QUESTION 3
What information is found in the SmartView Tracker Management log?

• A. Creation of an administrator using cpconfig
• B. GAiA expert login event
• C. FTP username authentication failure
• D. Administrator SmartDashboard logout event

Answer: D

NEW QUESTION 4
To check the Rule Base, some rules can be hidden so they do not distract the administrator from the unhidden rules. Assume that only rules accepting HTTP or SSH will be shown. How do you accomplish this?

• A. Ask your reseller to get a ticket for Check Point SmartUse and deliver him the Security Management Server cpinfo file.
• B. In SmartDashboard, right-click in the column field Service > Query Colum
• C. Then, put the services HTTP and SSH in the lis
• D. Do the same in the field Action and select Accept here.
• E. In SmartDashboard menu, select Search > Rule Base Querie
• F. In the window that opens, create a new Query, give it a name (e.
• G. “HTTP_SSH”?) and define a clause regarding the two services HTTP and SS
• H. When having applied this, define a second clause for the action Accept and combine them with the Boolean operator AND.
• I. This cannot be configured since two selections (Service, Action) are not possible.

Answer: C

NEW QUESTION 5
Complete this statement from the options provided. Using Captive Portal, unidentified users may be either; blocked, allowed to enter required credentials, or required to download the
.

• A. Identity Awareness Agent
• B. Full Endpoint Client
• C. ICA Certificate
• D. SecureClient

Answer: A

NEW QUESTION 6
Which Check Point address translation method allows an administrator to use fewer ISP- assigned IP addresses than the number of internal hosts requiring Internet connectivity?

• A. Hide
• B. Static Destination
• C. Static Source
• D. Dynamic Destination

Answer: A

NEW QUESTION 7
Which rule position in the Rule Base should hold the Cleanup Rule? Why?

• A. Firs
• B. It explicitly accepts otherwise dropped traffic.
• C. Las
• D. It explicitly drops otherwise accepted traffic.
• E. Las
• F. It serves a logging function before the implicit drop.
• G. Before last followed by the Stealth Rule.

Answer: C

NEW QUESTION 8
You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how often the particular rules match. Where can you see it? Give the BEST answer.

• A. In the SmartView Tracker, if you activate the column Matching Rate.
• B. In SmartReporter, in the section Firewall Blade - Activity > Network Activity with information concerning Top Matched Logged Rules.
• C. SmartReporter provides this information in the section Firewall Blade - Security > Rule Base Analysis with information concerning Top Matched Logged Rules.
• D. It is not possible to see it directl
• E. You can open SmartDashboard and select UserDefined in the Track colum
• F. Afterwards, you need to create your own program with an external counter.

Answer: C

NEW QUESTION 9
Which of the following statements accurately describes the command upgrade_export?

• A. upgrade_export stores network-configuration data, objects, global properties, and the database revisions prior to upgrading the Security Management Server.
• B. Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the /conf directories for importing to a newer Security Gateway version.
• C. upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included or excluded before exporting.
• D. This command is no longer supported in GAiA.

Answer: B

NEW QUESTION 10
You are working with three other Security Administrators.
Which SmartConsole component can be used to monitor changes to rules or object properties made by the other administrators?

• A. Eventia Tracker
• B. SmartView Monitor
• C. Eventia Monitor
• D. SmartView Tracker

Answer: D

NEW QUESTION 11
Which tool CANNOT be launched from SmartUpdate R77?

• A. IP Appliance Voyager
• B. snapshot
• C. GAiA WebUI
• D. cpinfo

Answer: B

NEW QUESTION 12
Where can an administrator configure the notification action in the event of a policy install time change?

• A. SmartView Monitor > Gateways > Thresholds Settings
• B. SmartView Monitor > Gateway Status > System Information > Thresholds
• C. SmartDashboard > Policy Package Manager
• D. SmartDashboard > Security Gateway Object > Advanced Properties Tab

Answer: A

NEW QUESTION 13
VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?

• A. 3DES and MD5
• B. Certificates and IPsec
• C. Certificates and pre-shared secret
• D. IPsec and VPN Domains

Answer: C

NEW QUESTION 14
Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?

• A. Users being authenticated by Client Authentication have to re-authenticate.
• B. All connections are reset, so a policy install is recommended during announced downtime only.
• C. All FTP downloads are reset; users have to start their downloads again.
• D. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.

Answer: A

NEW QUESTION 15
John is the Security Administrator in his company. He installs a new R77 Security Management Server and a new R77 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard -
“Trust established?”
SIC still does not seem to work because the policy won’t install and interface fetching does not work. What might be a reason for this?

• A. SIC does not function over the network.
• B. It always works when the trust is established
• C. The Gateway’s time is several days or weeks in the future and the SIC certificate is not yet valid.
• D. This must be a human error.

Answer: C

NEW QUESTION 16
Which statement below describes the most correct strategy for implementing a Rule Base?

• A. Limit grouping to rules regarding specific access.
• B. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
• C. Place a network-traffic rule above the administrator access rule.
• D. Add the Stealth Rule before the last rule.

Answer: B

NEW QUESTION 17
You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows:
Source: Any || Destination: web_public_IP || Service: Any || Translated Source: original || Translated Destination: web_private_IP || Service: Original
“web_public_IP” is the node object that represents the new Web server’s public IP address. “web_private_IP” is the node object that represents the new Web site’s private IP address. You enable all settings from Global Properties > NAT.
When you try to browse the Web server from the Internet you see the error “page cannot be displayed”.
Which of the following is NOT a possible reason?

• A. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
• B. There is no ARP table entry for the protected Web server’s public IP address.
• C. There is no route defined on the Security Gateway for the public IP address to the Web server’s private IP address.
• D. There is no NAT rule translating the source IP address of packets coming from the protected Web server.

Answer: A

NEW QUESTION 18
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19).
He wants to move around the organization and continue to have access to the HR Web
Server. To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy.
John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server. What is the next BEST troubleshooting step?

• A. Investigate this as a network connectivity issue
• B. Install the Identity Awareness Agent
• C. Set static IP to DHCP
• D. After enabling Identity Awareness, reboot the gateway

Answer: C

NEW QUESTION 19
What happens when you open the Gateway object window Trusted Communication and press and confirm Reset?
Exhibit:

• A. Sic will be reset on the Gateway only.
• B. The Gateway certificate will be revoked on the Gateway only.
• C. The Gateway certificate will be revoked on the Security Management Server only.
• D. The Gateway certificate will be revoked on the Security Management Server and SIC will be reset on the Gateway.

Answer: C

NEW QUESTION 20
If a SmartUpdate upgrade or distribution operation fails on GAiA, how is the system recovered?

• A. The Administrator can only revert to a previously created snapshot (if there is one) with the command cprinstall snapshot <object name> <filename>.
• B. The Administrator must reinstall the last version via the command cprinstall revert <object name> <file name>.
• C. The Administrator must remove the rpm packages manually, and re-attempt the upgrade.
• D. GAiA will reboot and automatically revert to the last snapshot version prior to upgrade.

Answer: D