156-215-65 Check Point Security Administration I NGX

Page 1   
Question 1

Which of the following NGX SmartView Tracker views will display a popup warning
regarding performance implications on the Security Gateway caused by using this log

  • A. Account Query
  • B. Active Tab
  • C. Audit Tab
  • D. All Records Query

Answer : B

Question 2

Which R65 SmartConsole tool would you use to verify the current installed Security Policy
name on a Security Gateway?

  • A. SmartView Status
  • B. SmartUpdate
  • C. SmartView Monitor
  • D. None, SmartConsole applications only communicate with the SmartCenter Server.

Answer : C

Question 3

The Check Point Security Gateway's virtual machine (kernel) exists between which two
layers of the OSI model?

  • A. Network and Data Link layers
  • B. Session and Network layers
  • C. Application and Presentation layers
  • D. Physical and Data Link layers

Answer : A

Question 4

You are trying to save a custom log query in the R65 SmartView Tracker, but you are
getting an error "Could not save 'query-name' (Error: Database is Read Only)". Which of
the following is an explanation for this error?

  • A. You do not have OS write permissions on the local SmartView Tracker PC in order to save the custom query locally.
  • B. You do not have the explicit right to save a custom query in your administrator permission profile under SmartConsole customization.
  • C. Another administrator is currently connected to the SmartCenter Server with read/write permissions which impacts your ability to save custom log queries to the SmartCenter server.
  • D. You have read-only rights to the SmartCenter database.

Answer : D

Question 5

You are working in a large hospital, together with three other Security Administrators. How
do you use SmartConsole to check changes to rules or object properties other
administrators made?

  • A. Eventia Monitor
  • B. SmartView Tracker
  • C. Eventia Tracker
  • D. SmartView Monitor

Answer : B

Question 6

Your current security scenario gives you the option to choose between a stand-alone
installation and a distributed installation. Which of the following factors would cause you to
decide in favor of the distributed installation?

  • A. You are forced to use Windows as operating system.
  • B. You cannot upgrade software packages on a stand-alone Security Gateway via SmartUpdate.
  • C. Clientless VPN would not work in a stand-alone installation.
  • D. The SmartCenter Server must be a secondary server. You are forced to install a separate primary server.

Answer : B

Question 7

You are working with multiple Security Gateways that enforce a common set of rules. To
minimize the number of policy packages, which one of the following would you choose to

  • A. Run separate SmartDashboard instances to login and configure each Security Gateway directly
  • B. Create a single Security Policy Package with "Install on?Target" defined whenever a unique rule is required for a specific gateway
  • C. Install a separate local SmartCenter Server and SmartConsole for each remote Security Gateway
  • D. Create a separate Security Policy Package for each remote Security Gateway and specify "Install On?Gateways"

Answer : B

Question 8

When troubleshooting the behavior of Check Point Stateful Inspection, it is important to
consider "inbound" vs "outbound" packet inspection from the point of view of the

  • A. Logical Topology
  • B. Administrator
  • C. Security Gateway
  • D. Internet

Answer : C

Question 9

What does it indicate when a Check Point product name includes the word "SMART"?

  • A. Stateful Management of all Routed Traffic
  • B. Security Management Architecture
  • C. The Check Point product includes Artificial Intelligence
  • D. This Check Point product is a GUI Client

Answer : B

Question 10

UDP packets are delivered if they are ___________.

  • A. bypassing the kernel by the "forwarding layer" of ClusterXL
  • B. a legal response to an allowed request on the inverse UDP ports and IP
  • C. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
  • D. referenced in the SAM related dynamic tables

Answer : B

Question 11

In SmartDashboard, you configure 45 MB as the required free hard-disk space to
accommodate logs.What can you do to keep old log files, when free space falls below 45

  • A. Do nothing. Old logs are deleted, until free space is restored.
  • B. Do nothing. The SmartCenter Server automatically copies old logs to a backup server before purging.
  • C. Use the fwm logexport command to export the old log files to other location.
  • D. Configure a script to run fw logswitch and SCP the output file to a separate file server.

Answer : D

Question 12

In a "Stand-Alone Installation" the functionality of the SmartCenter Server would be
installed together with which other Check Point architecture component?

  • A. SecureClient
  • B. SmartConsole
  • C. Security Gateway
  • D. None, SmartCenter Server would be installed by itself

Answer : C

Question 13

Of the three mechanisms Check Point uses for controlling traffic, which enables firewalls to
incorporate layer 4 awareness in packet inspection?

  • A. Stateful Inspection
  • B. SmartDefense
  • C. Application Intelligence
  • D. Packet filtering

Answer : A

Question 14

Which R65 SmartConsole tool would you use to verify the installed Security Policy name
on a Security Gateway?

  • A. SmartUpdate
  • B. None, SmartConsole applications only communicate with the SmartCenter Server.
  • C. SmartView Server
  • D. SmartView Tracker

Answer : D

Question 15

Which SmartConsole tool would you use to see the last policy pushed in the audit log?

  • A. SmartView Status
  • B. SmartView Server
  • C. SmartView Monitor
  • D. SmartView Tracker

Answer : D

Page 1