QUESTION 211 You want to configure a mail alert for every time the policy is installed to a specific Gateway. Where would you configure this alert? A.    In SmartView Monitor,… Read more »

QUESTION 201 The R76 fw monitor utility is used to troubleshoot which of the following problems? A.    User data base corruption B.    Traffic issues C.    Phase two key negotiation D.   … Read more »

QUESTION 191 You are the Security Administrator for MegaCorp and would like to view network activity using SmartReporter. You select a standard predefined report. As you can see here, you… Read more »

QUESTION 181 While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes,… Read more »

QUESTION 171 Which of the following can be found in cpinfo from an enforcement point? A.    Policy file information specific to this enforcement point B.    The complete file objects_5_0.c C.   … Read more »

QUESTION 161 You receive a notification that long-lasting Telnet connections to a mainframe are dropped after an hour of inactivity. Reviewing SmartView Tracker shows the packet is dropped with the… Read more »

QUESTION 151 You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users… Read more »

QUESTION 141 Which of the following is a viable consideration when determining Rule Base order? A.    Grouping IPS rules with dynamic drop rules B.    Grouping reject and drop rules after… Read more »

QUESTION 131 You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings… Read more »

QUESTION 121 Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

QUESTION 111 You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address…. Read more »

QUESTION 101 What CANNOT be configured for existing connections during a policy install? A.    Reset all connections B.    Re-match connections C.    Keep all connections D.    Keep data connections Answer: A

QUESTION 91 All of the following are Security Gateway control connections defined by default implied rules, EXCEPT: A.    Exclusion of specific services for reporting purposes. B.    Specific traffic that facilitates… Read more »

QUESTION 81 The SIC certificate is stored in the directory _______________. A.    $CPDIR/conf B.    $FWDIR/database C.    $CPDIR/registry D.    $FWDIR/conf Answer: A

QUESTION 71 How can you activate the SNMP daemon on a Check Point Security Management Server? A.    Using the command line, enter snmp_install. B.    Any of these options will work…. Read more »