This is a winner and it is ready to rock with trandumper.
Good Luck!!
156�210
CCSA NG
1. What two encryption actions can you choose from in the Action column of Check Point Policy Editor?
A. Encrypt
B. Client Encrypt
C.
User Encrypt
D. Session Encrypt
E. OS Encrypt
Answer: B C
2. What are the two components of SecureUpdate?
A. Central License
B.
Installation Manager
C. Local Manager
D. License Manager
E. Installation Service
Answer: BD
3. What are the three types of
authentication?
A. User Authentication
B. Transparent Authentication
C. Session Authentication
D. Non�Transparent Authentication
E. Client
Authentication
Answer: ACE
4. Ami�spoofing rules defined in a firewalled objeefs properties, are enforced after any rule in the
Security
Policy's RuleBase
A. True
B. False
Answer: B
5. Which firewall type examines a packet up to the network layer of OSI model?
A.
Packet filtering
B. Application layer gateways
C. Proxy
D. Firewall� I
E. Session layer gateways
Answer: A
6. Study the diagram in the
picture and answer the question. What is the rule numbering 1 to 3 (in gray color. called?
A. linplicit rule.
B. Explicit rule
C. Cleanup rule
D. Stealth rule
E. Semi RULE
Answer: B
7. Anti�spoofing rules defined in a firewalled object's properties, are enforced before any rule
in the Security
Policy's Rule Base
A. True
B. False
Answer: A
8. You have a got windows 98 machine with the following specification:
memory~20MB, Disk Space = 800 MB, this machine is fully connected to your network with an Fast Ethernet NIC card. You are trying to install Check
Point Policy Editor on this machine without success as it keeps hanging and crashing. What do you think could be the reason why this is
happening?
A. The memory size is the problem. It needs to be increased to minimum of 32MB
B. The memory size is the problem. It needs to be
increased to minimum of 22MB
C. The hard disk space is the problem, it Deeds to be reduced to 40MB
D. The hard disk space is the problem, it
needs to be increased beyond 800MB E. The Fast Ethernet is the problem as Its not supported
Answer: A
9. All but one of the following are
elements of Check Point policy editor NG. Select the odd one.
B. Destination
C. Service
D. Information
E. Action
F. Time
Answer:
D
10. What would you use to create Firewall�I rule base?
A. Policy Editor NG
B. System Status Editor
C. Log Viewer Editor
D. Firewall�I
module Editor
E. Firewall� I server Editor
Answer: A
11. Creating automatic NAT rules is accomplished by modifying the NAT tab of the Network
Properties window, and when you generate NAT rules automatically, Static Source and Static Destination NAT rules are generated in pairs
A. True
B. False
Answer: A
12. What configuration is said to used If the Policy Editor and the Management Server are deployed on separate
machines?
A. Client/Ser�ver
B. Server/Server
C. Firewall
D. Client/Client
E. None of the above
Answer: A
13. What is the purpose
of Stealth rate?
A. To specify users that should be allowed to connect to the firewall.
B. To disable a firewall.
C. To allow any connection to
the firewall.
D. To prevent any user from connecting to the firewall.
E. To specify users that should be prevented from connecting to the
firewall.
Answer: D
14. Installation time for creating network objects can be decreased by listing machine names and IP addresses in which
host file ( on Solaris System.? A. \winnt\system32\etc\hosts B. \winnt\system32\drivers\etc\hosts C. objects/conf D. objects/bin E.
/etclhosts
15. Each NAT rules consists of what three elements? Choose all that is appropriate
A. Source
B. Destination
C. Service
D.
Policy
E. Action
Answer: ABC
16. Which type of authentication will require users to TELNET to port 259 or connect via HTTP at port 900 to
be authenticated for a service?
A. Session authentication
B. User authentication
C. Client authentication
D. IP authentication E.
None
Answer: C
17. ___________ VPNs are build to handle secure communications between a company's internal departments
2
and branch
offices
Answer: Internet
18. What directory in VPN�I/Firewall� ING contains all of the Rule Bases, objects, and the user database?
A.
$FWDIR/etc directory
B. $FWDIR/bin directory
C. $FWDIR/conf directory
D. $FWDIR/bin/etc directory
E. Winnt/Config directory
Answer:
C
19. What is the purpose of NAT?
A. To conceal external computers and users from outside networks.
B. To translate internal host names to IP
addresses.
C. To conceal internal computers and users from outside networks.
D. To overcome IP addressing limitations, by allowing usage of
private I P address allocation and
unregistered internal addressing schemes.
E. To conceal external computers and users from inside
networks.
Answer: CD
20. Disabling rules is one of the feature of VPN� I/Firewall�1, why would you want to use this feature?
A. To assist
you when installing a security policy
B. To assist you in troubleshooting a firewall problem
C. To assist you when re�installing a security
policy
D. To assist with enforcing a rule
E. None of the above
Answer: B
2 1. Log Viewer NG, Policy Editor NG, Reporting Tool NG,
SecureUpdate NG, System Status NG are components of what?
A. CheckPoint Management Client
B. VPN� I /Firewall� I
C. Management Module
D.
Management Server
E. None of the above
Answer: A
22. provides communications between modules, clients and hosts
A. Kernel
B.
Firewall
C. Service
D.Daemon
E. None of the above
Answer: D
23. Which Log Viewer mode shows elapsed time, bytes transferred, start date ,
and Connection ID of a connection? A. Log Mode B. Active Mode C. Audit Mode D. Connection Mode E. Bytes Mode
24. If security policy is enforced
by more than two firewalled objects, how many rule bases would you need?
A� Two rule bases.
B. Only one rule base.
C. One rule base each for each
number of network objects there
D. Three rule bases.
E. No rule base is needed to implement your security policy.
Answer: B
25. In Log
Viewer GUL what option do you select to delete all entries in the log file, regardless of which entries are selected? A. Kill B. Delete
3
C.
Purge
D. Cut
E.Remove
Answer: C
26. Which of these are members of Checkpoint Management Client?
A. Policy Editor NG
B. Secure Internal
Communications (SIC.
C. Log Viewer NG
D. System Status Editor
E. System Status NG
Answer: Ace
27. How would you display implied
rules?
A. By choosing Implied Rules from the View menu of Security Policy Editor
B. By choosing Implied Rules from the Policy menu of Security
Policy Editor
C. By choosing Implied Rules from the Manage menu of Security Policy Editor
D. By choosing Implied Rules from the Edit menu of
Security Policy Editor
E. By choosing Implied Rules from the File menu of Security Policy Editor
Answer: A
28. The rule that you create in
the RuleBase is known as rules
implicit (or Pseudo. rules are created by VPN�1 /firewall�1 NG, and are derived from the security
properties
Answer: Explicit
28A. How would you access Global Properties? Choose the best answer.
A. From Log View GUL click on Policy menu
and select Global Properties
B. From Check Point Policy Editor, click on Policy menu and select Global Properties
C. From Log View GUL click on
Policy menu and select Properties
D. From System Status GUL click on Policy menu and select Global Properties
E. From Check Point Policy Editor,
choose the window menu and select Global Properties
Answer: B
29. If you configure your gateway to use IP Pools, then the SecuRemote
connections passing through the gateway will be
A. Encrypted
B. Encapsulated
C. Authenticated
D. Decrypted
E. None of the above
Answer:
B
30. How will you install a rule base? Choose the best answer.
A. Before defining your rules in Security policy editor, choose install
from View menu
B. After defining your rules in Security policy editor, choose install from Policy menu.
C. Before defining your rules in
Security policy editor, choose Install from Policy menu.
D. After defining your rules in Security policy editor, choose Install from File menu.
E. After defining your mles in Security policy editor, choose Install from View menu.
Answer: B
31. What are the two types of licenses
available in VPN�I/Firewall�I NG ?
A. Central Licenses
B. Local Licenses
C. Operating System Licenses
D. System Licenses
E. Distributed
Licenses
Answer: AB
32. What is the minimum memory requiremetit for installing VPN�I/Firewall�1 NG Module?
A. 32 Mbytes
B. 64 Mbytes
C.
96 Mbytes
D. 128 Mbytes
E. 256 Mbytes
Answer: B
33. Study the diagram and answer the question below. Rule number 2 would allow FTP traffic
out from your
4
A. True
B. False
Answer: B
34. Which of these services is/are supported by client authentication?
A. FTP
B.
HTTP
C. HTTPS
D. TELNET
E. RLOGIN
F. None of the above
Answer: ABCDE
35. Study the diagram and answer the question below.
Rule number 2
would allow FTP traffic out from you local network
A. True
B. False
Answer: A
36. Study the diagram and answer the question below What
role would allow access from your local network using FTP service with User Authentication as a method of authentication?
A. 1
B. 2
C. 3
D.
4
E. 5
Answer: B
37. What feature in VPN�I/Firewall�I allows you to verify the identity of the Management Serverbeing accessed via your
Policy Editor Clients?
A. Monitoring
B. Verification
C. QOS
D. Fingerprint
E. LDAP
Answer: D
38. Which of the VPNs are built to
handle secure communication between a company and its strategic partners, customers and suppliers?
A. Intranet
B. Extranet
C. Remote Access
D. Internal network
E. None of the above
Answer: B
39. VPN � 1 /Firewall� I NG implements stealth authentication by allowing the
connection, and then subsequently prompting the user for b i s 'her authentication data (password., hiding the VTN� 1 [Firewall� I NG from the
user. If correct authentication data is not supplied, the connection is dropped. What is the default connection attempts before the connection is
dropped?
A. 1
B. 2
C.3
D. 4
E. 5
Answer: C
40. What is the recommended memory requirement for installing Policy Editor Client?
A.
16 Mbytes
B. 64 Mbytes
C. 32 Mbytes
D. 128 Mbytes
E. 256 Mbytes
Answer: D
41. ______ rules, defined in a firewalfied object's
properties, are enforced before any rule in the
5
Security Policy's Rule Base
A. Anti�spoofing
B. Explicit
C. implicit
D. Implicit
drop
E. None of the above
Answer: A
42. (via a Security Policy.? choose all the appropriate options
A. Keep the RuleBase simple
B.
Position the most applied rules first in the RuleBase
C. Disable Accounting and Active connections mode in the Log Viewer GUI
D. Do not include
unnecessary services in the RuleBase
E. You can add services to the RuleRase as needed
F. Use faster hardware
Answer:
ABCDEF
43.________________ is a technique where an intruder attempts to gain unauthorized access by altering a
packet's IP address to make
it appear as though the packet originated in a part of the network with higher
access privileges.
A. Spoofing
B. Anti�spoofing
C. Services
D.
NAT
E. SYNDefender
Answer: A
44. If your Module is upgraded from version 4.1 to NG, you must make sure you also upgrade your license.
What
type of license do you think you would need?
A. Either Local licenses or Central licenses
B. Local licenses only
C. Central licenses only
D.
NG licenses only
E. None of the above
Answer: A
45. The three display modes of Log Viewer NG are
A. Audit
B. Log
C. Live
D. Active
E.
Connection
Answer: ABD
46. Which firewall architecture operates at the layer 7 of OSI model?
A. Stateful inspection
B. Hybrid firewall
C.
Application layer gateways
D. Packet filters
E. Firewall�1
Answer: C
47. What is the minimum memory requirement for installing Policy
Editor?
A. 16 Mbytes
B. 32 Mbytes
C. 64 Mbytes
D. 96 Mbytes
E. 128 Mbytes
Answer: B
48. On Log File Management, what happens to
current log file when you create a new log file?
A. New Log file cannot be created when current file is opened.
B. The current file is appended
to the new file.
C. The current Log file is opened in addition to the new Log file.
D. The current Log file is closed and written to disk with a
name that contains the current date and time,
as only one Log file can be opened in the Log Viewer at a time.
E. The current file is
lost.
Answer: E
49. What are the minimum requirements for installation of Firewall�1 NG Module? (On Windows NT 4.0
system.
A. Windows NT
Server 4.0 ( SP6a.
B. Disk space: 30 Mbytes disk space
C. Disk space: 40 Mbytes disk space
D. Memory: 64 Mbytes (minimum., 128 MB
(recommended.
E. Any Supported NIC
F. Windows NT Server 4.0 ( SP5a.
Answer: ACDE
50. What should action column of the Cleanup rule be set
to?
A. session authentication
B. drop
C. negate
D. user auth
E. accept
Answer: B
5 1. The rules that you define in the RuleBase are
known as Rules
A. Implicit
B. explicit
C. Properties setup
D. Stealth
E. Cleanup
Answer: B
52. Statiefial Inspection
technology, which is the technology upon which Firewall�l's enterprise security solution is based, is a technology designed to be aware of only the
information being received.
A. True
B. False
Answer: B
53. The______________Maintains the VPN� 1 /Firewal I� I NG database, which
include
network object definitions, user definitions, security policy, and the log files for firewalled enforcement points.
A. Firewall
Module
B. Management Server
C. Client Module
D. Server Module
E. None of the above
Answer: B
54. What rule is added whenever you add a
rule to the RuleBase?
A. A default rule
B. Cleanup rule
C. Stealth Rule
D. NAT nale
E. Anti�Spoofing
Answer: A
55. The technique
whereby an intruder attempts to gain unauthorized access by altering a packet's IP address to make it appear as though the packet originated in a
part of the network with higher access privileges is know as
A. NAT
B. Spoofing
C. Encryption
D. Authentication
E. Proxy
Answer:
B
56. How can a Firewall�I protect your internal network against a connection that does not pass through it?
A. It cannot.
B. By
redirecting the connection towards it and authenticate the connection.
C. By rejecting the coninection.
D. By rejecting the connection, advise the
source to reconnect and make sure the new connection pass
Answer: A
7
57. Study the diagram and answer the question that follows. What
answer correctly describes rule number 2 and 39
A. The two rules have been negated.
B. The two rules have been installed.
C. The two rules
have been verified.
D. The two rules have been disabled.
E. The two rules have been deleted
Answer: D
58. What command uninstalls the
currently loaded Inspection Code from selected targets?
A. fw load
B. f\v putkey
C. fw unload
D. fw install
E. fw uninstall
Answer:
C
59. How would you create NAT rules automatically?
A. By modifying the NAT tab of the Network Properties window
& By modifying the NAT tab
of the Service Properties window
C. By modifying the NAT tab of the SIC Properties window
D. By modifying your RuleBase
E. None of the
above
Answer: A
60. What would you specify to display only entries of interest in the Log Viewer, and to hide other entries?
A. Selection
criteria
B. record
C. column
D. selection
E. None of the above
Answer: A
6 1. Why would an administrator want to negate a selected
object in the Rule Base?
A. To include all objects or users and exclude a specific object or user
B. To include a specific object or user
C.
To nest a specific object or user
D. To connect to any destination using latip service.
E. To connect to any destination using ftp
service.
Answer: A
62. What NAT type Translates valid IP addresses to invalid IP addresses for connections initiated by external clients?
A. Static Source NAT
B. Static Destination NAT
C. Hide Mode
D. Static NAT
E. None of the above
Answer: B
63. What compiled script is
generated from the information in the security policy and its RuleBase?
A. Inspection script
B. Enforcement point
C. Management script
D.
Management point
E. None of the above
Answer: A
64. What would happen to the disabled rules if you fail to re�install your security policy
after re�enabling these
disabled rules?
A. The disabled rules remain disabled
B. The disabled rules would re�install itself automatically
C. The
disabled rules would enforce you to re�install the security policy
D. The disabled rules will re�install VPN� I /Firewall� I service
Answer:
A
8
65. Stateful Inspection technology, which is the technology upon which Firewall�l's enterprise security solution is based, is a
technology designed to be aware of, and inspect, not only the information being received, but the dynamic connection and transmission state of the
information being received
A. True
B. False
Answer: A
66. You are in System Status NG GUI and you want to create a Network Object of
the type fw.checkpoint.com.
How would you achieve this with minimal effort (without having to shut down Log Viewer GUI.?
A. You will have to
shut down System Status GUL and launch Check Point Policy Editor, then select
Manage menu. From Manage menu you will select Network objects.
B.
You will have to shut down System Status GUI, and launch Check Point System Status, then select
Manage menu. From Manage menu you will select
Network objects.
C. From Log Viewer GUI you will choose File Menu and select Policy Editor NG. In the Policy Editor NG,
you will choose Manage
menu and then select Network Objects
D. From System Status GUI you will choose Window Menu and select Policy Editor NG. In the Policy
Editor NG,
you will choose Manage menu and then select Network Objects
E. None of the above
Answer: D
67. cpstart/cpstop, Checkpoint Registry,
CPShared Daemon, Watch Dog for critical Services, and Cpconfig are components of whaf?
A. CPShared
B. Enforcement Module
C. sic
D.
SecureUpdate
E. Management Module
Answer: A
68. ________ VPNs are built to handle secure communications between a company and its
customers
Answer: Internet
69. What command would you use to stop running Firewall� I services?
A. fwstop
B. fwstart
C. Stop
D. Start
E. Fw� I stop
Answer: A
70. What command displays the VPN� I /Firewall� 1 version number, and version number Kernel Module?
A. fw ver
B. fw ver �k
C. fw version
D. fw version �k
E. fw] ver В–k
Answer: B
71. The VPN�1/Firewall�I NG network address translation mode that
hides internal IP addresses behind one legal address is always known as Hide mode
A. True
B. False
Answer: A
72. A__________is a system
designed to prevent unauthorized access to or from a secure network
A. Spoof
B. NAT
C. firewall
D. Rule
E. SYNDefiender
Answer: C
73.
When an Administrator is defining User Authentication role, where do you think that he/she can place the role in the RuleBase?
9
A. Above
the Default rule
B. Below the Cleanup rule
C. Above the Cleanup rule
D. Above or below the Stealth rule
E. Above the Stealth rate
Answer:
D
74. What mode in the Log Viewer NG enables you track changes made to objects in the RuIeBase, and tracks general Policy Editor usage?
A. Log
Mode
B. Active Mode
C. Audit Mode
D. Connection Mode
E. Track Mode
Answer: C
75. The correct way to stop the VPN�I/Firewall� I NG is
to use command
A. fwstart
B. fwstop
C. fw, pulkey
D. fw putfic
E. fw printlic
Answer: B
76. A user was initiating client authentication
session by beginning a TELNET session on port 900. What do
you think might be wrong?
A. The user was TELNET� ing at wrong port. The user should
use port 295.
B. Nothing is wrong.
C. The user was TELNET� ing at the wrong port. The user should use port 259.
D. The authentication type should
be changed to user authentication.
E. The authentication type should be changed to session authentication.
Answer: C
77. What two services
or protocols Client Authentication uses to initiate connection to the firewall?
A. TELNET and HTTP
B. TELNET and RPC C_ HTTP and HTTPS
D. HTTP
and UDP E. HTTP and TCP
Answer: A
78. What is the minimum memory requirement to installing Policy Editor on Windows ME?
A. 16 MB
B.
32MB
C. 64MB
D. 68MB
E. 98MB
Answer: B
79. Stateful Inspection is a third�generation firewall technology designed to be aware of, and
inspect, not only the information being received, but the dynamic connection and transmission state of the information being received. Control
decisions we made by analyzing and utilizing which of the following?
A. Communication Information
B. Communication�derived state
C.
Application�derived state
D. Information manipulation
E. Communication manipulation
Answer: ABCD
80. What command would you use to stop
VPN�I/Firewall�I NG Module?
A. fw putkey
B. fwstop
C. fwstart
D. fwprinlic
E. fw load
Answer: B
81. A_____________rule allows
you to specify logging for remaining packets, and drops all communication
not described by other rules.
A. Stealth
B. Rule
C. None of the
above
D. Traffic
E. Rulebase
Answer: C
82. How can you navigate or open System Status GUI from Log Viewer GUI?
A. Select System Status
from window menu.
B. Select System Status from select menu.
C. Select System Status from view menu.
D. Select System Status from edit menu.
E. Select System Status from file menu.
Answer: A
83. The command that displays the VPN�I/Firewall�I version number, and version number
Kernel Module is
A. fw ver
B. fw ver �k
C. fvv version
D. fw version A
E� lwl ver В–k
Answer: B
84. Why must Client Authentication
rule be placed above Stealth rule in the RuleBase?
A. In order that they can have access to the local Management Server
B. In order that they
can have access to the Management Server
C. In order that they can have access to the local firewall
D. In order that they can have access to
the Policy Editor
E. In order that they can have access to the OS
Answer: C
85. Any elements that come in contact with the network e.g.
hosts, routers, networks,gateways,switches,domains are known as what?
A. Network objects
B. Firewall objects
C. Management Servers
D. User
Objects
E. None of the above
Answer: A
86. Which of the following port would TELNET service use for commurrications?
A. 21
B. 23
C.
25
D. 29
E. 30
Answer: B
87. How would you define an Authentication Scheme for a certain user?
A. By going to the user Properties for
that user, select the Authentication tab, and choose the desired
scheme
B. By going to the Workstation Properties of that user, select the
Authentication tab, and choose the
desired scheme
C. By creating a workstation object to represent the PC that the user would log on from to
perform the
authentication, then select the Authentication tab, and choose the desired scheme
D. Authentication scheme is defined for every user
by VPN�I/Firewall�1, o input is needed from the
Administrator
E. None of the above
Answer: A
88. The Checkpoint____________enables a
VPN� I/Firewall�l NO Administration to easily define a
comprehensive Security Policy
A. Editor
B. Policy Editor
C. Management Editor
D.
Firewall Editor
E. GUI Editor
Answer: B
89. What is technique whereby an intruder attempts to gain unauthorized access by altering a
packet's IP address to make it appear as though the packet originated in a part of the network with higher access privileges?
A. NAT
B.
Spoofing
C. Authentication
D. Encryption
E. None of the above
Answer: B
90. Look at exhibit 1. What type of firewall does the exhibit
depict?
A. Application Layer
B. Firewall�I
C. Proxies
D. Packet filtering
E. Network layer firewal I
Answer: D
91. Study the
diagram on client authentication action properties and answer the question below. To allow users to use all services permitted by the rule for the
authorization period without having to perform authentication for each service, which option must you choose?
A. Required Sign On: Standard
B.
Required Sign On: Specific
C. Sign On Method: Manual
D. Sign On Method: Partially Automatic
E. Sign On Method: Fully Automatic
Answer:
A
92. When using Static Source or Hide modes, you must ensure that the translated (external. addresses are published so that replies will
be routed back to the firewall
A. True
B. False
Answer: A
93. How would you reveal all Hidden Rules?
A. By selecting Manage menu,
select Hide�> Unhide All
B. By selecting Rules menu, select Hide�> Unhide All
C. By selecting Policy menu, select Hide�> Unhide All
D. By
selecting File menu, select Hide�> Unbide All
E. By selecting Rules menu, select Unbide all
Answer: D
94. Which of these are components of
VPN�l/ Firewall�I NG architecture?
A. Management server
B. Enforcement Module
C. sic
D. Policy Editor
E. CPShared
Answer: ABDE
95.
What is the recommended memory size (by Checkpoint. for installing a Firewall� I NG Module or Management server?
A. 8NIbytes
B. 16 Mbytes
C.
32 Mbyres
D. 64 Mbytes
E. 128 Mbytes
Answer: E
96. Whether they are displayed, or not,hidden rules are enforced when the security Policy
is installed
A. True
B. False
Answer: A
97. What authentication type is not restricted to specific services, but provides a mechanism
for authenticating any application, be it standard or custom?
A. Session authentication
B. User authentication
C. Client authentication
D.
Transparent authentication
E. None of the above
Answer: C
98. The System Status interface is divided into three sections: Modules View,
Details View and Critical
Notifications. Which of these three would you switch to, to troubleshoot a problematic module?
A. Module View
B.
Detail View
C. Critical Notifications
Answer: C
99. What is the recommended hard disk requirement for installing VPN�I/Firewal�I NG
Module?
A. 10 Mbytes
B. 20 Mbytes
C. 30 Mbytes
D. 40 Mbytes
E. 50 Mbytes
Answer: D
100. What is the advantage of a VPN�I/ Firewall�I
NG password authentication scheme over the OS password
authentication scheme?
A. The user does not require an OS account on the gateway to use a
VPN�l/ Firewall�1 password.
B. The user does require an OS account on the gateway to use a VPN�l/ Firewall�I password.
C. The VPN�I/ Fnewall�I
password has no advantage over OS password.
D. Using VPN�I/ Firewall�I password will allow the authenticating user to bypass the
gateway.
Answer: A
101. The____________maintains the VPN�I/Firewall�I NG database, which include
network object definitions, user
definitions, security policy, and the log files for firewalled enforcement
points.
A. Firewall Module
B. Client Module
C. GUI Client
D. Server
Module
E. None of the above
Answer: E
102. The System Status interface is divided into which three sections?
A. Modules View
B. Details
View
C. Critical Notifications
D. Alert View
E. Audit View
Answer: ABC
103. When you disable a rule, the rule is not disabled until you
have reinstalled your Security Policy
A. True
B. False
Answer: A
104. What is meant by "bounce the firewall"?
A. To reinstall the
enforcement point
B. To establish connection between Management Server and Firewall Module
C. When you run fwstart command to stop the firewall.
After it has stopped, then run fwstop command to
restart
D. When you run fwstop command to stop the firewall. After it has stopped, then run
fwstart command to
restart
E. None of the above
Answer: D
105. Installation time for creating network objects can be decreased by
listing machine names and IP addresses in which host file ( on Windows.?
A. \winnt\system32\etc\host
B.
\winnt\system32\drivers\etc\hosts
C. objects/conf
D. objects/bin
E. /etc/hosts
Answer: B
106. SecureUpdate License Manager
supports which two types of licenses for Checkpoint products?
A. PE�bound
B. Firewall�I bound
C. OS�bound
D. Management�bound
E.
Module�bound
Answer: DE
107. To log on the Policy Editor NG, you need your username, password and your Management Server name.
" you
don't have the name for your Management server, what then can you use in place of this?
A. ARP address of the Management Server
B. MAC address of
the Management Server
C. IT address of the Management Server
D. DNS address of the Management Server
E. You cannot use anything in place of the
name
Answer: C
108. The three blocking scope options in the Block Intruder windows are
A. Block every connections
B. Block Only this
connection
C. Block access from this source
D. Block access to this destination
E. Block all access from local firewall
Answer:
BCD
109. Examine the diagram and answer the question that follows. The action column on rule number4 is set to session Authentication. For
session Authentication to work, what must be installed on user's PCs making connection?
A. Checkpoint Session Authentication Agent
B. User
Authentication program
C. System module
D. Checkpoint Client Authentication program
E. None of the above
Answer: A
110. What command
displays the VPN�1/Firewall�I NG Module's ARP proxy table?
A. fw ed arp
B. fw
C. putlic
D. fw putkey
E. cpconfig
Answer: A
111.
Study the diagram and answer the question below. The diagram shows Log Viewer NG GUI.
How would create a user object from this GUI without having
to shut down from it?
A. You will choose File Menu and select Policy Editor NG. In the Policy Editor NG, you will choose
Manage menu and then
select User
B. You will choose Window Menu and select Policy Editor NG. In
the Policy Editor NG, you will choose Manage menu and then Network
Objects
C. You will choose Window Menu and select Log Viewer. In the Log Viewer GUL you will choose Manage
menu and then select User
D. You will
choose Window Menu and select Policy Editor NG. In Policy Editor NG, you will choose
Manage menu and then select User
E. There is now way to do
this without shutting down from the GUI and then launch the Policy Editor GUI
Answer: D
112. User authentication cannot provide access
privilege for which service(s.?
14
A. HTTP
B. FTP
C. TELNET
D. RPC
E. RLOGIN
Answer: D
113. Which of these is NOT a component of
SecureUpdatc?
A. Installation Server
B. Installation Manager
C. License Manager
D. None of the above
Answer: A
114. Study the diagram and
answer the question below. George was initiating a client authentication session by beginning an HTTP session on port 259 with the gateway named
london as shown. What do you think might be wrong with the address George specified in the browser?
A. THE user should use Session Authentication
method to successfully connect to the destination server.
B. The user should be able to connect, since he was using the right port
C. The user
was using the wrong port. He needs to use port 900 to connect successfully.
D. The user should bypass the firewall at port 900 to connect
successfully. E. The user should bypass the firewall at port 259 to connect successfully.
Answer: C
115. A host is considered a
firewalled________________point, if a VPN�I/Firewalled� 1 NG Enforcement
Module is installed on that host
A. Management
B. Module
C.
Enforcement
D, Connect Control
E. Encryption
Answer: C
116. You are in Log Viewer NG GUI and you want to create a Network Object of the type
fw.checkpoint.com.
How would you achieve this with minimal effort (without having to shut down Log Viewer GUI.?
A. You will have to shut down
Log Viewer GUI, and launch Check Point Policy Editor, then select Manage
menu. From Manage menu you will select Network objects.
B. You will have
to shut down Log Viewer GUL and launch Check Point System Status, then select
Manage menu. From Manage menu you will select Network objects.
C.
From Log Viewer GUI you will choose Window Menu and select Policy Editor NG. In Policy Editor NG,
you will choose Manage menu and then select
Network Objects
D. From Log Viewer GUI you will choose File Menu and select Policy Editor NG. In Policy Editor NG, you
will choose Manage menu and
then select Network Objects
E. From Log Viewer GUI you will choose Policy Menu and select Policy Editor NG. In Policy Editor NG,
you will choose
Manage menu and the select Network Objects
Answer: C
117. The Enterprise Security Policies are defined using the Policy Editor GUI and
saved on the
Server
A. OS
B. Management
C. Enforcement
D. PE
E. None of the above
Answer: B
118. Before using SecureUpdate License
Manager, you must install a Managementound license (central. [or the Management Server. What tool (s. or command line (s. would you use to install
this license? Select ail the correct answers
A. cipconfig configuration client
B. eplic put command line
C. cprlic remote
D. fwfic command
line
E. config configuration client
Answer: ABC
119. You can choose to hide your internal IP addresses in which of the following
ways?
A. Hide behind the IP address of the gateway's external interface
B. Hide behind 255.255.255.255
C. Hide behind an imaginary IP
address
D. Hide behind the IP address of the gateway's internal interface
E. Hide behind 0.0.0.0
Answer: ACE
120. Which of the following
port would FTP service use for communications?
A. 21
B. 24
C. 25
D. 80
E. 161
Answer: A
12 1. A host is considered a firewalled
enforcement point if a
A. Management Module is installed on it
B. Management Server is installed on it
C. VPN�1/Firewall�I NG Enforcement
Module is installed on it
D. Operating System is installed on it
E. VPN� I /Firewall�1 NG Enforcement Module is uninstalled from it
Answer:
C
122. What is the difference between a Host and a Gateway?
A. A Host is a device with multiple IP addresses while a Gateway is a device
with single IP address.
B. Both Host and Gateway have a single IP address.
C. Both Host and Gateway have multiple IP addresses.
D. Host and
Gateway are the same, no difference between them.
E. A Host is a device with a single IP address while a Gateway
Answer: E
123. Which of
these authentication types is used to grant access on a per host basis?
A. User authentication
B. Client authentication
C. Session
authentication
D. Transparent Session authentication
E. Implicit Session authentication
Answer: B
124. Study the diagram and answer the
question that follows.
What do you think is the reason why role number 3 is missing?
A. The rule has been made hidden
B. Tbe memory or hard
disk space of machine on which the Rule base is running needs upgrading.
C. The administrator has mistakenly omitted rule 3.
D. You can omit rule
when adding rules. You can always go back to complete the omitted mle.
E. The Security Policy Editor is corrupted and client GUIs need
re�installation.
Answer: A
125. What other way can you use to administer Security Policy apart from Checkpoint Policy Editor?
A. By command
Line options
B. By MSDOS command
C. By Check Point Managing Editor
D. Check Policy Application configuration
E. None of the above
Answer:
A
126. S/Key, OS Password, VPN� I/Firewall�1 NG Password, SecurID, RADIUS are types of what?
A. VPN schemes
B. Encryption schemes
C.
Authentication schemes
D. Firewall�I schemes
E. None of the above
Answer: C
127. What is a Security policy?
A. It's a set of rules
that define your internal network security.
16
B. Its a set of rules that define your external network security.
C. It's a set of rules
that define both your internal and external network security.
D. IVs a set of rules that define your internal network objccts.
E. It's a set of
rules that define your external network objects.
Answer: A
128. Which of the VPNs are built to handle secure communication between a
corporate network and its remote or mobile employees?
A. Intranet
B. Extranet
C. Remote Access
D. Internet
E. None of the above
Answer:
C
129. What is the recommended memory requirement for installing Management Module on Windows 2000
Advanced Server?
A. 32MB
B. 24MB
C.
64MB
D. 96MB
E. 128MB
Answer: E
130. Workstation, Network, Domain, OSE Devive, Embedded Device, Logical Server, Address range and
Dynamic
Object are types of which objects?
A. Network objects
B. Services objects
C. Resources objects
D. Servers objects
E. Virtual Links
objects
Answer: A
131. The last rule in the RuleBase must be the rule
Answer: Cleanup
132. The action field of the Cleanup
Rule must be set to
A. Drop
B. Reject
C. Accept
D. User Authentication
E. Allow
Answer: A
133. Checkpoint's SVM architecture is
designed to meet the challenges of eBusiness and connect four elements cormnon to any enterprise network. These elements are
A. Networks
B.
Systems
C. Applications
D. Users
E. Strategy
Answer: ABCD
134. What two routing issues are involved with Firewall�I with regards to
address translation?
A. Ensuring that the packet reaches the gateway.
B. Ensure that IP configuration are done on the network objects.
C.
Ensuring that the internal IP address are mapped to MAC address.
D. Ensuring that the internal IP address are mapped to host name.
E. Ensuring
that the gateway forwards the packet to the correct interface and host.
Answer: AE
135. SecureUpdate allows you to do which of the
following?
A. Track current installed versions of Checkpoint and OPSEC products
B. Update installed CheckPoint and OPSEC software remotely
from a centralized location
C. Centrally manage licenses
D. Convert Local licenses to Central licenses
E. Allows you track all the firewalled
objects that are operational
Answer: ABC
17
136. Before you install security policy you should verify it.
A. True
B.
False
Answer: A
137. What are the minimum requirements for the installation of Policy Editor Windows NT4 system?
A. Disk space =
40Mbytes
B. Memory = 32Mbytes (minimum., 128 Mbytes recommended
C. The system must have at least SP4 installed
D. The system must have at least
SP2 installed
E. Memory = 24Mbytes (minimum., 128 Mbytes recommended
Answer: ABC
138. A system administrator wants to find out list of
users currently connected and number of bytes being transferred by each user. Which log viewer mode do you think the administrator should use?
A. Log Mode
B. Active Mode
C. Audit Mode
D. Active Connections
E. Active Log
Answer: B
139. Study the diagram in the picture and
answer the question below. What is the rule without numbering (in yellow. called?
A. Implicit rule
B. Explicit role.
C. Cleanup role
D.
Stealth rule
E. Semi rule
Answer: A
140. What are the reasons for using NAT?
A. To conceal a network's internal IP address from the
internet for security reasons
B. To reveal a network's internal IP address from the internet for security reasons
C. To translate invalid
addresses to Vatid or legal addresses , and vice versa
D. To map hardware addresses to IP addresses in internal network
E. To map Netbios names
to IP addresses in internal network
Answer: AC
14 1. Your company was unable to obtain more than four legal internet 1P addresses from your
ISP, and as an administrator you decide to use a single IP address for internet access. What will you implement to allow all your internal users to
access the internet with a single IP address?
A. Source Static NAT
B. Static NAT
C. Hide NAT
D. Source Destination NAT
E. Undynamic
NAT
Answer: C
142. To prevent more than one Administrator from modifying a security Policy at the same time, VPN�I/ Firewall�I NG locks the
Policy. Any number of Administrators can view a Security Policy, but only one of them can have write permission at any given moment
A. True
B.
False
Answer: A
143. How would you verify a security policy?
A. By selecting Verify from Window menu in Security Policy Editor.
B. By
selecting Verify from Manage menu in Security Policy Editor.
C. By selecting Verify from Policy menu in Security Policy Editor.
D. By selecting
Verify from Edit menu in Security Policy Editor. E. By selecting Verify from File menu in Security Policy Editor.
Answer: C
144. Study the
diagram and answer the question below.
18
What role is shown in the diagram?
A. Stealth Rule
B. Default Rule
C. Cleanup Rule
D. NAT
Rule
E. Anti�Spoofing
Answer: A
145. What GUI client allows you to block or terminate any active connection from or to a specific IP
address?
A. Checkpoint Security Policy Editor NG
B. Log Viewer NG
C. System Status NG
D. RuleBase Editor
E. None of the above
Answer:
B
146. Where must you place Client authentication role in the Rule Base in order that it can have access to the firewall?
A. Above the
Stealth rule
B. Above Cleanup rule
C. Below Stealth role
D. Below Cleanup rule
E. Any where in the rulebase
Answer: A
147. To
create a firewall object called fw.checkpoint.com, what object type must you create?
A. Workstation object
B. Network object
C. Domain
object
D. Group object
E. Address object
Answer: A
148. Which of these are not advantages of proxy? Choose three answers.
A. Good
security
B. Full application�layer awareness
C. Vulnerable to operating system and application level bugs
D. Poor Performance
E.
Non�transparent
Answer: CDE
149. Study the diagram and answer the question below. ne diagram shows Checkpoint Policy Editor �
Topology
view. What menu would you select to access Global Properties window?
A. File
B. Manage
C. Rules
D. Policy
E. Topology
Answer: D
150.
A machine that enforces at least some part of a FireWall�I Security Policy is known as what?
A. Security Node
B. Secure Point
C. Enforcement
Point
D. Workstation
E. Server
Answer: C
151. Which of the VPNs are built to handle secure communication between a company's internal
departments and its branch offices9
A. Intranet
B. Extranet
C. Remote Access
D. Internet
E. None of the above
Answer: A
152.
Study the diagram and answer the question below Select all that is true of rule shown in the diagram
A. The rule is known as Cleanup rule
B. The
rule is also known as "None of the above" rule
C. That rule allows you specify logging for remaining packets, and drops all communication not
described
by the other rules
D. The rule should he the last rule in the RuleBase
E. The rule is known as Stealth role
Answer: ABCD
153.
What is recomanended that you should do before you upgrade your VPN�l?flrerwall�I NG?
A. Do complete backup
B. Uninstall VPN�l?flrewall�I NG
C.
Remove icon from control panel
D. Install Service packs
E. Do nothing, just proceed with the upgrade
Answer: A
154. How would you create a
new firewall object?
A. From Log Viewer, select Manage menu, then choose Network Objects, from Network Objects box,
click on New button and
select Workstation.
B. From System Status, select Manage menu, then choose Network Objects, from Network Objects box,
click on New button and
select
Workstation.
C. From Checkpoint Policy Editor, select Policy menu, then choose Network Objects, from Network
Objects box, click on New
button and select Workstation.
D. From Checkpoint Policy Editor, select Manage menu, then choose Firewall Objects, from Firewall
Objects box,
click on New button and select Workstation.
E. From Checkpoint Policy Editor, select Manage menu, then choose Network Objects, from
Network
Objects box, click on New button and select Workstation.
Answer: E
155. The recommended memory requirement for installing
VPN�I/Firewall�I NG Module is_____ Mbytes
Answer:128
156. What should the Destination column of Stealth rule be set to?
A. Any
B. Local
network
C. Email server
D. Local firewall host
E. Any service
Answer: D
157. What VPNs are build to handle secure communications between
a corporate network and remote or mobile employees?
A. Internet
B. Intranet
C. Remote Access
D. Extranct
E. None of the above
Answer:
C
158. What is the correct list of firewall architecture ?
A. Packet Filter, Application Layer Gateway, Stateful Inspection.
B. Proxy,
Application Layer Gateway, Stateful Inspection.
C. Packet Filter, Application Layer Gateway, Firewall Inspection.
D. Hybrid, Application Layer
Gateway, Stateful Inspection.
E. Packet Filter, Application Layer Gateway, Proxy.
Answer: A
159. Firewall�1 provides two distinct
Encrypt Actions (on Action column of rule base.. These are .......
A. Encrypt
B. User Encryption
C. Client Encrypt
D. Session Encryption
E.
Client Authentication
Answer: AC
160. If you double�clicked an object displayed in the Visual Policy Editor, the Network Properties Implied
screen
is appeared for that object, and are read�only and non�editable. what do you have to do to make
the object editable?
A. Right�click on
the object in the Visual Policy Editor and then select "Actualize Network" from the
emerging menu
B. Left�click on the object in the Visual
Policy Editor and then select "Actualize Network" from the
emerging menu
C. Right�click on the object in the System Status NG and then select
"Actualize Network" from the
emerging menu
D. Fight�click on the object in the Log Viewer NG and then select "Actualize Network" from the
emerging
menu
E. None of the above
Answer: A
161. The VPN� l/Firewall�I NG network address translation mode that hides internal IP
addresses behind one legal address is known as
A. Static source mode
B. Static destination mode
C. Hide mode
D. Reveal Mode
E. None of the
above
Answer: C
162. How would you create or define a new user Template?
A. By going to System Status GUL Select Users From Manage menu.
In the emerging Users window,
click on New button and select Template
B. By going to Log Viewer GUI, Select Users From Manage menu. In the
emerging Users window, click
on New button and select Template
C. By going to Checkpoint Policy Editor, Select Users From Manage menu. In the
emerging Users
window, click on New button and select Template
D. By going to Policy Editor, Select Users menu. In the emerging Users window,
click on New button and
select Template
E. None of the above
Answer: C
163. To configure Anti�spoofing in Workstation Properties window,
what option would you select in the properties list of your Workstation Properties window?
A. General
B. Topology
C. NAT
D. VPN
E.
Authentication F. Management
Answer: B
164. Which of the following ports numbers are associated with FTP, SMTP and HTTP services? Select the
best answer
A. 23,25,80
B. 21,23,80
C. 21,25,80
D. 30,40,80
E. 21,23,25
Answer: C
165. Checkpoint's__________nhance network
security by securing
administrative communication between CheckPoint VPN�1/Firewall�I NG components
A. SIC
B. SVM
C. Secure Virtual Network
Architecture
D. eBusiness Application
E. Management Application
Answer: A
166. Study the diagram and answer the question below. What
type of client GUI is shown in the diagrani?
A. Log Viewer NG
B. System Status
C. Security Policy Editor NG
D. Security Status NG
E. Rule
Base Editor
Answer: A
167. All Client Authentication rules must be place below the Stealth rule, so that they have access to the
firewall
A. True
B. False
Answer: B
168. A host is considered a firewall_________if a VPN�I/Firewall�I NG Enforcement Module
is
installed on that host.
A. Enforcement Point
B. Management Module
C. Management Server
D. NT4 Server
E_ Policy Editors
Answer:
A
169. Which of the following are true of User Authentication type?
A. User Authentication grants access on a per user basis
B. User
Authentication can be used for TELNET,FTP,HTTP and RLOGIN, and requires a separate
authentication for each connection
C. User Authentication is a
secure form of authentication as the authentication is valid only for one
connection.
D. User Authentication can be used with any service
E. User
Authentication grants access on a per host basis
Answer: ABC
170. VPN deployments can be grouped into which three categories?
A.
Internet
B.Intranet
C. Remote Access
D. Extranet
E. None of the above
Answer: BCD
171. How would you test a security policy before
installing it on a firewalled computer?
A. By testing the security policy
B. By installing the security policy.
C. By synchronizing the
security policy.
D. By deleting the security policy.
E. By verifying the security policy.
Answer: E
172. How do you navigate from one
GUI to another?
A. Not possible to navigate.
B. Select window menu from the GUI you are working on, then choose the client GUI you are
switching
to.
C. Select policy menu from the GUI you are working on, then choose the client GUI you are switching to.
D. Select file menu from
the GUI you are working on, then choose the client GUI you are switching to.
E. Reboot the Client machine. Log on into the machine, choose the
progmms,Firewall� I and client you
want to switch to.
Answer: B
173. The implicit�drop rule follows the principle "that which is not
expressly permitted is
Choose the best word that completes the saying.
A. Prohibited
B. Allowed
C. Rejected
D. Dropped
E. Moved
Answer:
A
175. Study the diagram and answer the question below. In what situation would you get that window
A. When blocking an intruder with
unknown connection ID
B. When blocking an intruder with known connection ID
C. When reconnecting a Connection ID
D. None of the above
Answer:
B
176. What is the purpose of Action element in the rule base?
A. The Action element determines what firewall needs to do with packets.
B.
The Action element determines where on host on the external network it needs to forward the packets.
C. The Action element determines when the
firewal I hosts have to be replaced.
D. The Action element determines when the firewall hosts and gateways services need to be restarted.
E. The
Action element determines when the firewall hosts and gateways services need to be rebooted.
Answer: A
177. Which of the following is/ are NOT
advantages of Packet Filtering?
A. Inexpensive
B. Applications Transparency
C. Faster than application layer gateways
D. Difficult to
configure, monitor and manage
E. Provides only minimal logging and alerting mechanisms
Answer: DE
178. Study the diagram and answer the
question. To use Fully automatic in Sign On Method frame, what must
be done on the client machine(s.?
A. Reconfigure the TCP/IP stack on client
machines to use this Fully automatic feature
B. Modify your role to accommodate the Fully automatic feature on your client machines
C. Install
Firewall�I Session Authentication agent on them
D. Modify your rule to accommodate the Fully automatic feature on your server machines
E. None of
the above
Answer: C
179. What command stops all the Checkpoint applications running on a machine, except cprid, which is invoked upon boot
and runs independently?
A. fw rputlic
B. fw putlic
C. cpstop
D. remote putlic
E. cpstart
Answer: C
180. Study the diagram and
answer the question that follows. What answer correctly described nale number 4?
A. The rule allows any users of any service external access
after successful Session Authentication.
B. The rule allows local network of my service external access after successful Session
Authentication.
C. The nale allows all users at local network of specific service external access after successful Session
Authentication.
D. The
rule allows all users at local network of any service external access after successful Client
Authentication.
E. The rule allows all users at
local network of any service external access after successful User
Authentication.
Answer: A
181. What types of NAT Modes are supported by
Firewall� I?
A. Static and Mile
B. Source Static and Hide
C. Destination Static and Hide
D. Source Static and Destination Static
E.
Hide
Answer: A
182. Why would an administrator want to disable a rule 9
A. Only when troubleshooting a firewall problem
B. Only when
enforcing a security policy without affecting the actual firewalled network.
C. Only when testing a security policy on external network without
affecting the actual firewalled network.
D. Only when verifying a security policy without affecting the actual firewalled network.
E. Only when
installing a security policy without affecting Lhe actual firewalled network.
Answer: A
183. Study diagram I and answer the question that
follows. On rule number 3, Which Firewalled object will enforce the rule? Note: Do not see diagram 2 until you have answered the question
A.
Router object
B. Gateway object
C. DMZ D. http service
E. accept action
Answer: A
184. What is the recommended memory requirement
for installing Policy Editor on Sun Solaris SPARC
A. 32MB
B. 24MB
C. 64MB
D. 96MB
E. 128MB
Answer: E
185. To prevent more than
four Administrators from modifying a security Policy at the same time, VPN�l/ Firewall� I NG locks the Policy. Any number of Administrators can edit
a Security Policy, but only three of them can have write pentrission at any given moment
A. True
B. False
Answer: B
186. Another name
for Network Address Translation modes is
A. IP address translation
B. Network address translation
C. Address IP translation
D. IP address
mapping
E. None of the above
Answer: A
187. If you open a new Log File in Log viewer GUL the current Log File is closed and written to
disk with a certain name. What do you think this time might be?
A. The name you input in the Save As box.
B. The name of you (an administrator..
C. The current date and time.
D. The current date.
E. The current time.
Answer: C
188. How would you remedy a conflict between
Anti�Spoofing and NAT?
A. By adding the translated, external IP address to the Valid Addresses on the external interface
B. By removing die
translated, external I? address to the invalid Addresses on the internal interface
C. By adding the translated, external IP address to the Valid
Addresses on the internal interface
D. Reinstall NAT rules
E. Do nothing
Answer: C
189. How many log file(s. can be opened in the Log
Viewer GUI at a time?
A. One
B. Two
C. Three
D. Four
E. Five
Answer: A
190. Which of these is not a component VPN�I/Firewall�I
NG
A. Policy Editor
B. Management server
C. Enforcement Module
D. Enforcement Server
E. None of the above
Answer: D
191. What
are the disadvantages of the Packet Filtering?
24
A. Access to a limited part of a packet header
B. Limited screening above the network
layer
C. Very limited ability to manipulate information
D. Difficult to configure, monitor and manage
E. Provide only minimal logging and
alerting mechanisms
Answer: ABCDE
192. What is true of Static Source and Static Destination NAT when you generate NAT rules
automatically?
A. The Static Source and Static Destination NAT rules are disabled
B. The Static Source and Static Destination NAT rules are
reinstalled
C. The Static Source and Static Destination NAT rules are generated in pairs
D. The Hide NAT blocks the Static Source and Static
Destination NAT rules
E. The Static Source and Static Destination NAT rules blocks the Hide NAT
Answer: C
193. What licensing type allows
you remove a license from a Module and install it on another Module?
A. Administration Licenses
B. Remote Licenses
C. Central Licenses
D. Local
Licenses
E. None of the above
Answer: C
194. NG from your Solaris system?
A. fw remove
B.pkgadd
C. pkgrm
D. cp rm
E. cp
remove
Answer: C
195. VPN� I /Firewall� I NG consists of which components?
A. Architecture Module
B. Policy Editor
C. Gateway Module
D.
Management Server
E. Enforcement Module
Answer: BDE
196. In the RuleBase, which element deterimmes what Firewall should do with a
packet?
A. No
B. Source
C. Destination
D. Service
E. Action
Answer: E
197. From what two windows can you use to block or terminate any
connection from or to a specific IP address
(in Log Viewer NG.?
A. Request window
B. Intruder window
C. Block Intruder window
D. Block Request
window
E. Block Request/Intruder window
Answer: CD
198. What is the correct syntax you will use when retrieving the INSPECT code from a
host called
www.checkpoint.com.com and install it on the kernel?
A. fetch www. checkpoint.com
B. fw fetch www. checkpoint.com
C. fw retrieve
www. checkpoint.com
D. retrieve www. checkpoint.com
E. None of the above
Answer: B
199. NAT specific question: What are the Hide Mode
limitations?
A. Hide Mode cannot be used for protocols where the port number can be changed
B. Hide Mode cannot be used for protocols where
the port number cannot be changed
C. Hide Mode cannot be used when the external server must distinguish between clients based on their
1P address,
since all clients share the same IP address under Hide Mode.
D. Hide Mode can be used when the external server must distinguish between clients
based on their IP
address, since all clients share the same IP address under Hide Mode.
E. Hide Mode must be used for connections initiated by
hosts in an internal network, where the host's IP
addresses are invalid
Answer: BC
200. Checkpoints____________is a true security
architecture that provides an integrated framework for
deploying and managing an Internet security implementation
A. SIC
B. SVN
C.
SecureUpdate
D. Secure Internal Communication
E. VPN
Answer: B
201. In order for SecureUpdate to work in a remote Management Server, what
component (s. must be installed on it?
A. NG Local
B. fwconfig
C. GUI component
D. CPShared component
E. 4.1 Local
Answer:
D
202. What mode would you switch to when viewing connections currently open through any of the firewalled gateways in Log Viewer NG ?
A.
Log mode
B. Audit Mode
C. Active Mode
D. Live Log
E. None of the above
Answer: C
203. You will add a Client authentication rule to
your company's rule shown in the diagram, as follows:
Source: sales@checkpoint�net L destination: Any] Service: hup [Action: Client
Authentication] Track: Short
[Install: Gateways] Time: Any Where must you place this rule in your company's Rule Base?
A. Above rule number
1
B. Below rule number I
C. Above rule number 7
D. Below rule number 7
E. Any where in the rulebase
Answer: A
204. Which of the VPNs are
built to handle secure communication between a company's internal departments and its strategic partners, customers and suppliers?
A. Intranet
B. DMZ
C. Remote Access
D. Internet
E. None of the above
Answer: E
205. What are the advantages of Central Licensing?
A. Only one
IP address is needed for all licenses
13� Multiple IP address are needed for all licenses
C. The licenses remains valid when changing the IP
address of a Module
D. The licenses are revoked when changing the IP address of a Module
E. A license can be removed from one Module and installed
on another Module
Answer: ACE
206. Tbe session Authentication Agent is a utility provided with VPN�1/firewal �1 NG and must be installed on
any workstation using session authentication
A. True
B. False
Answer: A
207. What NAT mode Translates invalid internal source IP
addresses to valid external source IP address?
A. Static
B. Dynamic
C. Static Source
D. Destination Static
E. Hide
Answer: C
208.
What tab in the Interface Properties screen would you select in order to configure Anti�spoofing feature?
A. SIC
B. SYNDefender
C. NAT
D.
General
E. Topology
Answer: E
209. The components of VPN� I /Firewall� I NG Architecture are Management Server, Enforcement Module, Policy
Editor and CPShared. Which of these four is the Checkpoint Operating system that is silently installed with every CheckPoint product?
A. Policy
Editor
B. Enforcement Module
C. Management Server
D. CPShared
E. None of the above
Answer: D
210. You have got a Window NT Server
machine with the following specification:
Memory 256 Mbytes, I GB Hard disk ( of this you create a partition
of 30MB for VPN�I/Firewall�1., Fast
EthemetNIC.
What do you think would be the result of the installation of VPN�I/Firewall�1 Module on this machine?
A. The installation should be
successful as you have correct requirements for the installation of the
Module
B. The installation would not be successful as the partition has to
be minimum of 40MB
C. The installation would not be unsuccessful as the partition has to be minimum of 40MB
D. The installation would not be
successful as the memory size needs to be reduced
E. The installation would not be successful as the memory size needs to be increased
Answer:
B
211. What are the two types of Local licenses?
A. Central Licenses
B. NG Local
C. 2000 Local
D. 4.1 Local
E. Module
Licenses
Answer: BD
212. Which of these is NOT a disadvantage of the Packet Filtering?
A. Access to a limited part of a packet header
B.
Limited screening above the network layer
C. Very limited ability to manipulate information
D. Difficult to configure, monitor and manage
E.
Inexpensive
Answer: E
213. The implicit�drop rule follows the principle " that which is not expressly permitted is
Answer :
prohlbeted
214. What service or component allows the Firewall administrator to confirm that a Policy Editor connecting to a
Management Server is
authorized to connect to that Management Server?
A. SIC
B. SVM
C. Secure Virtual Network Architecture
D. eBusiness Application
E. Management
Application
Answer: A
215. What type of authentication is used to authenticate any service on a per�session basis?
A. Client
authentication
B. User authentication
C. Session authentication
D. Automatic authentication
E. Transparent authentication
Answer: C
216.
What is a Firewall?
Choose the best answer
A. A system designed to prevent unauthorized access to or from an internal network.
B. A system
designed to prevent unauthorized access to or from an external network.
C. A system designed to connect to imcmets and control communications
between networks.
D. A system designed to connect to intranets and control communications between networks.
E. None of the above
Answer:
A
217. The complete VPN must include which three critical components?
A. Security
B. QoS
C. Performance and Management
D. Management
Module
E. Inventory
Answer: ABC
218. Any number of Administrators can view a Security policy . How many Administrators can have write
permission and edit Security Policy at any given moment?
A. Maximum of 5
B. Maximum of 4
C. Maximum of 3
D. Maximum of 2
E. Maximum of
I
Answer: E
219. derived from the past communications andother applications, is an
essential factor in making the control decision
for new communication attempts.
A. Firewall�I Module
B. Management Server
C. Qos
D. Stateful Inspection
E. None of the above
Answer:
D
220. Study the diagram and answer the question below What rule would drop all communications not described by any other rules?
A. 1
B. 2
C. 3
D. 4
E. 5
F. 6
Answer: F
221. Examine the diagram and answer the question that follows. Something is fundamentally wrong with
rule number 6. what is it?
A. The Service column be set to "drop".
B. The Destination column be set to "drop".
C. The Source column be set
to "drop".
D. The Installed on column be set to "drop".
E. The Action column must be set to "drop".
Answer: E
222. How would you
ensure that all rules in a security policy are accurate?
A. By testing the security policy.
B. By verifying the security policy.
C. By
installing the security policy
D. By deleting the security policy. E. By synchronizing the security policy.
Answer: B
223. When an
Administrator wants a user to authenticate once, and then be able to use any service until logging off, which type of authentication do you think
the Administrator should use?
A. User Authentication
B. Client Authentication
C. Session Authentication
D. Server Authentication
E. None
of the above
Answer: B
224. What command would you use to install a security policy onto a designated 'vTN�I/Firewall�I NG module?
A. fw
putkey
B. fw printlic
C. cp putlic
D. fw start
E. fw load
Answer: E
225. When hiding individual rules, all other rules remain
visible, but their role numbers do not change.
A. True
B. False
Answer: A
226. Select all that is true of Implicit Drop role
A.
Packets that are dropped by the Implicit drop rule will be logged
B. Packets that are dropped by the Implicit drop rule will not be logged
C. The
implicit�drop rule follows the principle " that which is not expressly permitted is prohibited"
D. Only Cleanup Rule can be relied upon to log
dropped packets but not Implicit�drop rule
E. The Implicit Drop rule is the same as Cleanup Rule One of FireWall�l's implicit rules is the
implicit�drop
rule. The implicit�drop rule
Answer: BCD
227. What is the recommended hard disk requirement for installing Policy Editor
Client?
A. 10 Mbytes
B. 20 Mbytes
C. 30 Mbytes
D. 40 Mbytes
E. 50 Mbytes
Answer: D
228. Why would an Administrator want to
verify a security policy? Choose all the correct answers.
A. To create a security policy but not install it on a firewalled computer.
B. To
identify the conflicting rules present in your Security Policy
C. To ensure all rules in a security policy are placed accurately D. To verify the
implicit rule created from new rule.
E. To test a security policy before installing it on a firewalled computer.
Answer: ABCE
229. Study the
diagram and answer the question below If you create a user template and leave the Source and destination boxes in the Location tab blank (as shown
in the diagram., what do you think will be the consequence for the users that you will create based on this template?
A. Your VPN�I/Firewall�I
will not be able to safeguard your internal network from hackers
B. The users will not be able to login to their PC
C. The users will not be
able to authenticate
D. The communications to and from your internal network would not be encrypted
E. The communications to and from your
Enforcement Module and Management Server would not be encrypted
Answer: C
230. What firewall type possesses partial
communication�derived and full application�derived state inforniation capabilities?
A. Stateful inspection
B. Application layer gateway
(proxy.
C. Packet filter
D. Data filter
E. Firewall�I
Answer: B
231. Study the diagram and answer the question below How would you
disconnect Connection ID 564 in Log
Viewer? Choose all correct answer
A. Click on the connection 564,select Block Intruder from Tool Menu
B.
Click on the connection 564,select Block Intruder from File Menu
C. Choose Block Intruder from Tool menu without Clicking on connection 564, then
enter 564 on the
Block Request by Connection box.
D. Click on the connection 564,select Block Intruder from Edit Menu
E. Click on the connection
564,select Block Intruder from Window Menu
Answer: AC
232. Before the advent of Firewall�1 Stateful inspection technology, what types of
traditional firewall technology were in use? Choose the correct answer(s..
A. Packet filtering
B. Application layer gateways
C. Packet
proxies
D. Stateful inspection gateways
E. OSI layers gateways
Answer: AB
233. Firewall� I applies the rules in a security policy to
packets in a certain order. From the answers below,
select the option which correctly shows the order in which Firewall�I applies these rules
A.
IP�Spoofing, Security Policy "First" Rule, rule base above stealth rule, Stealth rule, rule base below
stealth rule , Security Policy "Before
Last" Rule, Cleanup rule, Security Policy "Last" Rule, Implicit
Drop.
B. IP�Spoofing, Security Policy "First" Rule, role base above stealth
rule, Stealth rule, rule base below
stealth rule , Security Policy "Before Last" Rule, Cleanup role, Security Policy tab "Last" Rule
C.
Security Policy "First" Rule, rule base above stealth rule, Stealth rule, rule base below stealth rule ,
Security Policy "Before Last" Rule,
Cleanup rule, Security Policy "Last" Rule, Implicit Drop.
D. IP�Spoofing, Security Policy "First" Rule, rule base above stealth rule, role base
below stealth rule ,
Security Policy "Before Last" Rule, Cleanup rule, Security Policy "Last" Rule, Implicit Drop.
E. IP�Spoofing, Security
Policy "First" Rule, title base above stealth role, Stealth rule, role base below
stealth role , Security Policy "Before Last" Rule, Security
Policy "Last" Rule, Implicit Drop.
Answer: A
234. What command line will you use to start all the Checkpoint applications running on a
machine?
A. Fwma
B. fwstart
C. cpstart
D. cpstop
E. Pkgrm
Answer: C
235. What would you use "cplic print" command to do?
A. To
Install VPN�I/FireWall�I licenses on the Management Server's internal database.
B. To display the VPN�I/Firewall�I NG version number
C. To print
the details of the VPN�1/FireWall�1 NG licenses
D. To Install VP`N�l/FircWaIl�l licenses on the Firewall Module's internal database.
E. To stop
all the running Firewall�1 processes
Answer: C
236. What is the recommended memory requirement for installing Policy Editor on Windows
ME?
A. 32MB
B. 24MB
C. 64MB
D. 96MB
E. 128MB
Answer: E
237. What permission would you give an Administrator in order to grant him full
access to all Check Point
Products
A. Read / Write All
B. Read only
C. Full Access
D. Supervisor
E. Administrator
Answer: A
238.
Study the diagram and answer the question below. What role is shown in the diagram?
A. Stealth Rule
B. Default Rule
C. Cleanup role
D. NAT
rule
E. None of the above
Answer: B
239. How would you uninstall the Security Policy on the selected hosts?
A. By choosing Uninstall
from the Policy menu of Security Policy Editor to uninstall the Security Policy on
the selected hosts.
B. By choosing Uninstall from the Policy
menu of System Status GUI to uninstall the Security Policy on
the selected hosts.
C. By choosing Uninstall from the Policy menu of Log Viewer GUI
to uninstall the Security Policy on the
selected hosts.
D. By choosing Uninstall from the Window menu of Security Policy Editor to uninstall the
Security Policy
on the selected hosts.
E. By choosing Uninstall from the Manage menu of Security Policy Editor to uninstall the Security
Policy
on the selected hosts.
Answer: A
240. Which of these authenticates users for specific services?
A. Client authentication
B. User
authentication
C. Session authentication
D. Implicit client authentication
E. Implicit session authentication
Answer: A
241. The simplest
way to protect your installation is, to do proper backups of critical files, to allow for rapid reinstallation and recovery.
A. True
B.
False
Answer: A
242. How would you disable a rule?
A. By selecting the rule, then select "Disable Rule" option from Topology menu in
Checkpoint policy
EditorNG.
B. By selecting the rule, then select "Disable Rule" option from Rules menu in Checkpoint policy Editor
NG.
C. By
selecting the rule, then select "Disable Rule" option from File menu in Checkpoint policy Editor NG
D. By selecting the role, then select
"Disable Rule" option from Rules menu in Log Viewer NG
E. By selecting the role, then select "Disable Rule" option from Rules menu in System
Status NG
Answer: B
243. What is the difference between Cleanup and Stealth rule? Choose the best answer.
A. Stealth rule is used to
prevent external users from connecting to the firewall while Cleanup rule allows
the firewall to drop all
communication not described by other
rules.
B. Stealth rule is used to prevent external users from connecting to the firewall while Cleanup rule allows
the firewall to accept all
communication not described by other rules.
C. Stealth rule is the same as Cleanup rule.
D. Stealth rule is used to prevent any user from
connecting to the firewall while Cleanup rule allows the
firewall to drop all communication not described by other rules.
E. Stealth rule is an
extension of Cleanup rule.
Answer: D
244. What command prints the details of the VPN�LTirewall�1 NG licenses?
31
A. Pkgadd �d
B.
Print
C. eplic print
D. Setup
E. fw print
Answer: C
245. Select what is true of hidden rules
A. Whether they are displayed, or
not,hidden rules are made redundant when the security Policy is
installed
B. Whether they are displayed, or not,hidden rules are displayed when
the security Policy is installed
C. Whether they are displayed, or not,hidden rules are enforced when the security Policy is installed
D. Whether
they are displayed, or not hidden rules numbering would change when the security Policy is
installed
E. None of the above
Answer: C
246.
Examine the diagram and answer the question. What do you think is missing from the rule?
A. Stealth role
B. Cleanup rule
C. Anti�spoofing
rule
D. Implicit rule
E. Pseudo rule
247. Packet filter can inspect packets up to the network layer of the OSI model. Choose the statement that
is
true of the upper four layers of the OSI model.
A. The upper four layers are left unexamined and Packet filter allows packets into internal
network on
these layers.
B. The upper four layers are left examined and Packet filter allows packets into internal network on these
layers.
C.
The upper four layers are left unexamined and Packet filter disallows packets into internal network on
these layers.
D. The upper four layers are
left examined and disallow packets into internal network on these layers.
E. The packets are forced into lower three layers and hence, examined.
Packet filter firewall examines
packets up to network layer of OSI model. The upper four layers are left unexamined and packets are
allowed on
these levels.
Answer: A
248. What are the three pre�defined selection view modes in Log Viewer GUI?
A. Log Mode
B. Active Mode
C. Audit
Mode
D. Active status
E. Connection Mode
Answer: ABC
249. Study the diagram and answer the question below Select all that is true of rule
shown in the diagram
A. The rule is Stealth rule
B. It prevents any unauthorized users from connecting directly to the firewall
C. This rule
should be placed above all other rules
D. Client authentication, encryption and CVP rules, usually go above this rule
E. The role is Cleanup
rule
Answer: ABCD
250. What rules are enforced before any rule in the security policy's RuleBase?
A. Anti�spoofing rules defined in a
firewalled object's properties
B. Anti�spoofing rules defined in the RuleBase
C. All rules defined in a firewalled object's properties
D. Any
rules defined in a firewalled object's properties
E. None of the above
Answer: A
|
gen. 0.593
Forum
User braindumps