156-915.77 Online Practice Questions and Answers

Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?

A. On a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.

B. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object's Logs and Masters window, enable Schedule log switch, and select the Time object.

C. Create a time object, and add 48 hours as the interval. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.

D. Create a time object, and add 48 hours as the interval. Select that time object's Global Properties > Logs and Masters window, to schedule a logswitch.

You have three servers located in a DMZ, using private IP addresses. You want internal users from

10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway's external interface.

What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers' public IP addresses?

A. When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface.

B. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.

C. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers.

D. When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ's interface.

Review the rules.

Assume domain UDP is enabled in the impled rules.

What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

A. can connect to the Internet successfully after being authenticated.

B. is prompted three times before connecting to the Internet successfully.

C. can go to the Internet after Telnetting to the client authentication daemon port 259.

D. can go to the Internet, without being prompted for authentication.

To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?

A. Action

B. Source

C. User

D. Track

Which of the following items should be configured for the Security Management Server to authenticate using LDAP?

A. Login Distinguished Name and password

B. Windows logon password

C. Check Point Password

D. WMI object

Fill in the blank. To verify SecureXL statistics, you would use the command ________ .

A. fwaccel stats

When migrating the SmartEvent data base from one server to another, the last step is to save the files on the new server. Which of the following commands should you run to save the SmartEvent data base files on the new server?

A. cp

B. restore

C. migrate import

D. eva_db_restore

Control connections between the Security Management Server and the Gateway are not encrypted by the VPN Community. How are these connections secured?

A. They are encrypted and authenticated using SIC.

B. They are not encrypted, but are authenticated by the Gateway

C. They are secured by PPTP

D. They are not secured.

If Bob wanted to create a Management High Availability configuration, what is the minimum number of Security Management servers required in order to achieve his goal?

A. Three

B. Two

C. Four

D. One

Which of the following statements accurately describes the upgrade export command?

A. Used primarily when upgrading the Security Management Server, upgrade export stores all object databases and the conf directories for importing to a newer version of the Security Gateway.

B. Used when upgrading the Security Gateway, upgrade export includes modified files, such as in the directories /lib and /conf.

C. upgrade export is used when upgrading the Security Gateway, and allows certain files to be included or excluded before exporting.

D. upgrade export stores network-configuration data, objects, global properties, and the database revisions prior to upgrading the Security Management Server.