Q1. What is the command for installing a Security Policy from a *.W file?
A. Fw gen and then the name of the .W file.
B. Fw regen and then the name of the .W file
C. Fw load and then the name of .W file.
D. Fw reload and then the directory location of the .W file.
E. Fw import and then the name of the .W file.
Ans. C
Q2. Hybrid Authentication allows VPN-1/Firewall-1 NG to authenticate SecuRemote/SecureClient, using
which of the following?
A. RADIUS
B. 3DES
C. Any authentication method supported by VPN-1/Firewall-1
D. TACACS
Ans. C
Q3. As a firewall administrator if you want to log packets dropped by "implicit drop anything not
covered" rules, you must explicitly define a Clean-up rule. This must be the last rule in the rule base.
A. True
B. False
Answer: A
Q4. How does VPN-1/Firewall-1 NG implement Transparent authentication?
A. Unknown user receive error messages indicating that the firewalled gateway does not know the user
names on the gateway.
B. VPN-1/Firewall-1 NG prompts for user names even through the authentication data may not be
recognized by the firewall's user database.
C. VPN-1/Firewall-1 NG allows connections, but hides the firewall from authenticated users.
D. Unknown users error messages indicating that the host does not know the users names on the server.
E. VPN-1/Firewall-1 NG does not allow connections from users who do not know the name of the
firewall.
Answer: C
Q5. When you make a rule, the rule is not enforces as part of your Security Policy.
A. True
B. False
Answer: B
Q6. As an administrator, you want to force your users to authenticate. You have selected Client
Authentication as your authentication scheme. Users will be using a Web browser to authenticate. On
which TCP port will authentication be performed?
A. 23
B. 900
C. 800
D. 255
Answer: B
Q7. The following rule base tells you any automatically created NAT rules have simply hidden but have
not been deleted from the Rule Base.
A. True
B. False
Answer: B
Q8. Employees in your building want to be able to get access to files on an ftp server on the DMZ (there is a
diagram in the exam). The employees move around PC's in the building, what is the best authentication
scheme to use so they can access the FTP server?
A. Session
B. User
C. Reverse
D. Client
E. IKE
Answer: B
Q9. User Authentication can be used to authenticate which services? (Select all that apply.)
A. HTTP
B. HTTPS
C. RLOGIN
D. FTP
E. TELNET
Answer: A, C, D, E
Q10. What Implicit Rules are allowed by default in the Global Properties?
A. Accept RIP
B. Accept Firewall Control Connections
C. Accept Domain Name over UDP (Queries)
D. Accept ICMP Requests
E. Accept CPRID connections (SecureUpdate)
Answer: B, E
Q11. If the security policy is enforced by more than two firewalls how many rule bases would you need?
A. Two rule bases.
B. Only one rule base.
C. One rule base each for each number of network objects there
D. Three rule bases.
E. No rule base is needed to implement your security policy.
Answer: B
Q12. The rules that you define in the Rule Base are known as ______ rules.
A. Implicit
B. Explicit
C. Properties setup
D. Stealth
E. Cleanup
Answer: B
Q13. Which of these is NOT a component of SecureUpdate?
A. Installation Server
B. Installation Manager
C. License Manager
D. None of the above
Answer: A
Q14. Currently, the Accounting Department is FTP-ing a file in the bank. Which Log Viewer Module
would show you the activity occurring at the present time?
A. Security Log.
B. Active Connections Log.
C. Accounting Log-
D. Administrative Log.
E. None of the above.
Answer: B
Q15. The VPN-1/Firewall-1 NG User Interface consists of which of the following elements?
A. Security Policy Editor, Visual Policy Editor and Object tree view.
B. Management Server and VPN-1/FireWall-1 Module.
C. Visual Policy Editor, Object Tree view and inspection Module.
D. Security Policy Server, System GUI and Module Log Viewer.
E. VPN-1/FireWall-1 Module, Inspection Module and Security Server.
Answer: A
Q16. How do recover communications between your management module and enforcement module if you
lock yourself out via a rule policy that is configured incorrectly?
A. Cp delete all all.
B. Cp pause all all.
C. Cp stop all all.
D. Cp unload all all.
E. Cp push all all.
Answer: D
Q17. As a firewall administrator you encounter the following you error message:
Authentication for command failed.
What is the most logical reasoning for thus type of error message?
A. The Rule Base has been corrupted.
B. The kernel cannot communicate with the management module.
C. The administrator does not have the ability to push the policy.
D. Remote encryption keys cannot be fetched.
E. Client authentication has failed.
Answer: B
Q18. Your customer has created a rule so that every time a user wants to go to the Internet, that user must
be authenticated. Firewall load is a concern for the customer. Which authentication method does not
result in any additional connections to the firewall?
A. Session
B. User
C. Client
D. Connection
E. None of the above.
Answer: A
Q19. You are following the procedure to setup user authentication for TELNET to prompt for a distinct
destination. This allows the firewall to simulate a TELNET Proxy. After you defined the user on the
Firewall and use VPN-1/FireWall-1 Authentication, you would:
A. Stop the Firewall.
B. Restart the Firewall.
C. Start the Policy Editor and go to Manage service, and edit TELNET service.
D. Ensure that the Authentication method is enabled in the firewall object.
E. Ensure that there are no existing rules already allowing TELNET.
Answer: D
Q20. What is the software package through which all Check Point products use infrastructure services?
A. Cpstart/cpstop.
B. Check Point Registry.
C. CPD
D. Watch Dog for critical services.
E. SVN Foundation.
Answer: E
