156-315 - Check Point Security Administration NGX II

Go back to CheckPoint

Example Questions

Which technology is responsible for assembling packet streams and passing ordered data to the protocol parsers in IPS? VPN-1 NGX includes a resource mechanism for working with the Common Internet File System (CIFS). However, this service only provides a limited level of actions for CIFS security. Which of the following services is NOT provided by a CIFS resource? You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this? Review the following list of actions that Security Gateway R75 can take when it controls packets. The Policy Package has been configured for Simplified Mode VPN. Select the response below that includes the available actions: Which protocol can be used to provide logs to third-party reporting? Which of the following does NOT happen when using Pivot Mode in ClusterXL? Which statement defines Public Key Infrastructure? Security is provided: If you are experiencing LDAP issues, which of the following should you check? What is the best tool to produce a report which represents historical system information? Due to some recent performance issues, you are asked to add additional processors to your firewall. If you already have CoreXL enabled, how are you able to increase Kernel instances? What is the SmartEvent Analyzer's function? The file snapshot generates is very large, and can only be restored to: Which Remote Desktop protocols are supported natively in SSL VPN? Which of the following is NOT supported by CoreXL? The SmartEvent Client: Which of the following is a supported Sticky Decision Function of Sticky Connections for Load Sharing? Robert has configured a Common Internet File System (CIFS) resource to allow access to the public partition of his company's file server, on \\erisco\goldenapple\files\public. Robert receives reports that users are unable to access the shared partition, unless they use the file server's IP address. Which of the following is a possible cause? By default Check Point High Availability components send updates about their state every: You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule? Your current VPN-1 NG with Application Intelligence (AI) R55 stand-alone VPN-1 Pro Gateway and SmartCenter Server runs on SecurePlatform. You plan to implement VPN-1 NGX R65 in a distributed environment, where the new machine will be the SmartCenter Server, and the existing machine will be the VPN-1 Pro Gateway only. You need to migrate the NG with AI R55 SmartCenter Server configuration, including licensing. How do you handle licensing for this NGX R65 upgrade? Why should the upgrade_export configuration file (.tgz) be deleted after you complete the import process? When does the SmartWorkflow Policy Installation window appear? Which of the following does IPSec use during IPSec key negotiation? During a Security Management Server migrate export, the system: How does Check Point recommend that you secure the sync interface between gateways? What is the benefit to running SmartEvent in Learning Mode? MEP VPNs use the Proprietary Probing Protocol to send special UDP RDP packets to port ____ to discover if an IP is accessible. You want to upgrade a cluster with two members to R77. The Security Management Server and both members are version NGX R65, with the latest Hotfix Accumulator. What is the correct upgrade procedure? 1. Change the version in the General Properties of the Gateway-cluster object. 2. Upgrade the Security Management Server, and reboot. 3. Run cpstop on one member, while leaving the other member running. Upgrade one member at a time and reboot after upgrade. 4. Install the Security Policy. You want to upgrade an NG with Application Intelligence R55 Security Gateway running on SecurePlatform to VPN-1 NGX R65 via SmartUpdate. Which package(s) is(are) needed in the Repository prior to upgrade? Using IPS, how do you notify the Security Administrator that malware is scanning specific ports? By enabling: Check Point New Mode HA is a(n) _________ solution. When running DLP Wizard for the first time, which of the following is a mandatory configuration? In a R75 Management High Availability (HA) configuration, you can configure synchronization to occur automatically, when: 1. The Security Policy is installed. 2. The Security Policy is saved. 3. The Security Administrator logs in to the secondary SmartCenter Server, and changes its status to active. 4. A scheduled event occurs. 5. The user database is installed. Select the BEST response for the synchronization trigger. A user attempts to initialize a network application using SSL Network Extender. The application fails to start. What is the MOST LIKELY solution? In a R75 Management High Availability (HA) configuration, you can configure synchronization to occur automatically, when: 1. The Security Policy is installed. 2. The Security Policy is saved. 3. The Security Administrator logs in to the seconday Security Management Server and changes its status to Active. 4. A scheduled event occurs. 5. The user data base is installed. Select the BEST response for the synchronization trigger. Which of the listed load-balancing methods is NOT valid? What proprietary Check Point protocol is the basis of the functionality of Check Point ClusterXL inter-module communication? Which operating system(s) support(s) unnumbered VPN Tunnel Interfaces (VTIs) for route-based VPN's? User definitions are stored in ________________ . You have a High Availability ClusterXL configuration. Machines are not synchronized. What happens to connections on failover? Which of the following are valid reasons for beginning with a fresh installation VPN-1 NGX R65, instead of upgrading a previous version to VPN-1 NGX R65? Select all that apply. You must set up SIP with proxy for your network. IP phones are in the 172.16.100.0 network. The Rigistrar and proxy are installed on host 172.16.100.100. To allow handover enforcement for outbound calls from SIP-net to network Net_B on the Internet, you have defined the following object: * Network object: SIP-net 172.16.100.0/24 * SIP-gateway: 172.16.100.100 * VoIP Domain Object: VoIP_domain_A 1. End-point domain: SIP-net 2. VoIP gateway installed at: SIP-gateway host object How should you configure the rule`? You are the MegaCorp Security Administrator. This company uses a firewall cluster, consisting of two cluster members. The cluster generally works well but one day you find that the cluster is behaving strangely. You assume that there is a connectivity problem with the cluster synchronization link (cross-over cable). Which of the following commands is the BEST for testing the connectivity of the crossover cable? Which Check Point product is used to create and save changes to a Log Consolidation Policy? A snapshot delivers a complete backup of GAiA. How do you restore a local snapshot named MySnapshot.tgz? The process ________ is responsible for Policy compilation. What physical machine must have access to the UserCenter public IP when checking for new packages with SmartUpdate? Which procedure creates a new administrator in SmartWorkflow? You are a Security Administrator preparing to deploy a new HFA (Hot fix Accumulator) to ten Security Gateways at five geographically separated locations. What is the BEST method to implement this HFA? If Bob wanted to create a Management High Availability configuration, what is the minimum number of Security Management servers required in order to achieve his goal?