NEW QUESTION 1
Which of the following describes the default behavior of an R77 Security Gateway?

• A. Traffic not explicitly permitted is dropped.
• B. Traffic is filtered using controlled port scanning.
• C. All traffic is expressly permitted via explicit rules.
• D. IP protocol types listed as secure are allowed by default, i.
• E. ICMP, TCP, UDP sessions are inspected.

Answer: A

NEW QUESTION 2
Can a Check Point gateway translate both source IP address and destination IP address in a given packet?

• A. Yes.
• B. No.
• C. Yes, but only when using Automatic NAT.
• D. Yes, but only when using Manual NAT.

Answer: A

NEW QUESTION 3
Identify the correct step performed by SmartUpdate to upgrade a remote Security Gateway. After selecting Packages > Distribute and Install Selected Package and choosing the target Gateway, the:

• A. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway and the installation IS performed.
• B. SmartUpdate wizard walks the Administrator through a distributed installation.
• C. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway but the installation IS NOT performed.
• D. selected package is copied from the SmartUpdate PC CD-ROM directly to the Security Gateway and the installation IS performed.

Answer: A

NEW QUESTION 4
Users with Identity Awareness Agent installed on their machines login with , so that when the user logs into the domain, that information is also used to meet Identity Awareness credential requests.

• A. Key-logging
• B. ICA Certificates
• C. SecureClient
• D. Single Sign-On

Answer: D

NEW QUESTION 5
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:

• A. Exclusion of specific services for reporting purposes.
• B. Acceptance of IKE and RDP traffic for communication and encryption purposes.
• C. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
• D. Specific traffic that facilitates functionality, such as logging, management, and key exchange.

Answer: A

NEW QUESTION 6
When using vpn tu, which option must you choose if you only want to clear phase 2 for a specific IP (gateway)?
Exhibit:

• A. (5) Delete all IPsec SAs for a given peer (GW)
• B. (7) Delete all IPsec+IKE SAs for a given peer (GW)
• C. (6) Delete all IPsec SAs for a given User (Client)
• D. (8) Delete all IPsec+IKE SAs for a given User (Client)

Answer: A

NEW QUESTION 7
In which Rule Base can you implement an Access Role?

• A. DLP
• B. Mobile Access
• C. IPS
• D. Firewall

Answer: D

NEW QUESTION 8
What gives administrators more flexibility when configuring Captive Portal instead of LDAP query for Identity Awareness authentication?

• A. Captive Portal is more secure than standard LDAP
• B. Nothing, LDAP query is required when configuring Captive Portal
• C. Captive Portal works with both configured users and guests
• D. Captive Portal is more transparent to the user

Answer: C

NEW QUESTION 9
Lily has completed the initial setup of her Management Server with an IP address of 192.168.12.12. She must now run the First Time Configuration Wizard via the Gaia Portal to finish the setup. Lily knows she must use a browser to access the device, but it unsure of the correct URL to enter; which one below will she need to use?

• A. http://192.168.12.12
• B. https://192.168.12.12:4433
• C. https://192.168.12.12
• D. http://192.168.12.12:8080

Answer: C

NEW QUESTION 10
Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked.
What can be done to unlock Peter’s account? Give the BEST answer.

• A. You can unlock Peter’s account by using the command fwm lock_admin -u Peter on the Security Management Server.
• B. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Management Server
• C. It is not possible to unlock Peter’s accoun
• D. You have to install the firewall once again or abstain from Peter’s help.
• E. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Gateway.

Answer: A

NEW QUESTION 11
You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

• A. XlateDst
• B. XlateSPort
• C. XlateDPort
• D. XlateSrc

Answer: B

NEW QUESTION 12
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?

• A. Translates many destination IP addresses into one destination IP address
• B. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
• C. Translates many source IP addresses into one source IP address
• D. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Answer: C

NEW QUESTION 13
You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?

• A. Manual copies of the directory $FWDIR/conf
• B. GAiA back up utilities
• C. upgrade_export and upgrade_import commands
• D. Database Revision Control

Answer: B

NEW QUESTION 14
Where does the security administrator activate Identity Awareness within SmartDashboard?

• A. Gateway Object > General Properties
• B. Security Management Server > Identity Awareness
• C. Policy > Global Properties > Identity Awareness
• D. LDAP Server Object > General Properties

Answer: A

NEW QUESTION 15
The User Directory Software Blade is used to integrate which of the following with Security Gateway R77?

• A. RADIUS server
• B. Account Management Client server
• C. UserAuthority server
• D. LDAP server

Answer: D

NEW QUESTION 16
The SIC certificate is stored in the directory .

• A. $CPDIR/registry
• B. $CPDIR/conf
• C. $FWDIR/database
• D. $FWDIR/conf

Answer: B

NEW QUESTION 17
Choose the correct statement regarding Implied Rules:

• A. To edit Implied rules you go to: Launch Button > Policy > Global Properties > Firewall.
• B. Implied rules are fixed rules that you cannot change.
• C. You can directly edit the Implied rules by double-clicking on a specific Implicit rule.
• D. You can edit the Implied rules but only if requested by Check Point support personnel.

Answer: A

NEW QUESTION 18
Which R77 GUI would you use to see the number of packets accepted since the last policy install?

• A. SmartView Monitor
• B. SmartView Tracker
• C. SmartDashboard
• D. SmartView Status

Answer: A

NEW QUESTION 19
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:

Required. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet. Assuming you enable all the settings in the NAT page of Global Properties, how could you
achieve these requirements?

• A. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP addres
• B. Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
• C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range objec
• D. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
• E. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT pag
• F. Enter 200.200.200.5 as the hiding IP addres
• G. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
• H. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group objec
• I. Create a manual NAT rule like the following: Original source - group object; Destination - any; Service - any; Translated source - 200.200.200.5; Destination - original; Service - original.

Answer: B

NEW QUESTION 20
Central license management allows a Security Administrator to perform which of the following functions?
1. Check for expired licenses.
2. Sort licenses and view license properties.
3. Attach both R77 Central and Local licesnes to a remote module.
4. Delete both R77 Local Licenses and Central licenses from a remote module.
5. Add or remove a license to or from the license repository.
6. Attach and/or delete only R77 Central licenses to a remote module (not Local licenses).

• A. 1, 2, 5, & 6
• B. 2, 3, 4, & 5
• C. 2, 5, & 6
• D. 1, 2, 3, 4, & 5

Answer: D