Checkpoint 156-315: Check Point Security Administration NGX II
#11. You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule
#12. You receive an alert indicating a suspicious FTP connection is trying to connect to one of your internal hosts. How do you block the connection in real time and verify the connection is successfully blocked?
#13. Exhibit: Company is using a mesh VPN Community to create a site-to-site VPN. The VPN properties in this mesh Community is displayed in the exhibit. Which of the following statements are true?
#14. Exhibit: You are preparing computers for a new ClusterXL deployment. For your cluster, you plan to use three machines with the configurations displayed in the exhibit. Are these machines correctly configured for a ClusterXL deployment?
#15. You want only RAS signals to pass through H.323 Gatekeeper and other H.323 protocols, passing directly between end points. Which routing mode in the VoIP Domain Gatekeeper do you select?
#16. Company is concerned that a denial-of-service (DoS) attack may affect her VPN Communities. She decides to implement IKE DoS protection. Exams needs to minimize the performance impact of implementing this new protection. Which of the following configurations is MOST appropriate for Mrs. Sheets?
#17. You have a production implementation of Management High Availability, at Version VPN-1 NG with application Intelligence R55. You must upgrade two Smart Center Servers to VPN-1. What is the correct procedure?
#19. Assume an intruder has compromised your current IKE Phase 1 and Phase 2 keys. Which of the following options will end the intruder’s access, after the next Phase 2 exchange occurs?
#20. You set up a mesh VPN community, so your internal networks can access your partner’s network, and vice versa. Your Security Policy encrypts only FTP and HTTP traffic through a VPN tunnel. All other traffic among your internal and partner networks is sent in clear text. How do you configure the VPN community?
ген. 0.066
Форум
Главный бреиндамп