Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked. What can be done to unlock
Peters account? Give the BEST answer.
A. You can unlock Peters account by using the command fwm lock_admin -u Peter on the
Security Management Server.
B. You can unlock Peters account by using the command fwm unlock_admin -u Peter on the Security Management Server
C. It is not possible to unlock Peters account. You have to install the firewall once again or abstain from Peters help.
D. You can unlock Peters account by using the command fwm unlock_admin -u Peter on the Security Gateway.
Answer : A Topic 3, Deployment Platforms Obj 3
Which command allows you to view the contents of an R77 table?
Answer : B
How do you recover communications between your Security Management Server and
Security Gateway if you lock yourself out through a rule or policy mis-configuration?
Answer : B
Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC
Certificates:
Answer : D
How can you check whether IP forwarding is enabled on an IP Security Appliance?
Answer : D
Which of the following statements accurately describes the command snapshot?
Answer : A
Which command would provide the most comprehensive diagnostic information to Check
Point Technical Support?
Answer : B
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in
Answer : B
Which of the following tools is used to generate a Security Gateway R77 configuration report?
Answer : C
ALL of the following options are provided by the GAiA sysconfig utility, EXCEPT:
Answer : D
Which of the following options is available with the GAiA cpconfig utility on a Management
Server?
Answer : C
Which of the following is a CLI command for Security Gateway R77?
A. fw tab -u -
B. fw shutdown -
C. fw merge -
D. fwm policy_print <policyname>
Answer : A Topic 4, Network Address Translation
You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global
Properties / NAT.)
When you run fw monitor on the R77 Security Gateway and then start a new HTTP connection from host 10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into
10.10.10.5?
Answer : B
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the
Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
Answer : C
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateways external interface. You browse to the Google Website from host, 10.1.1.10 successfully.
You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
Answer : B
Have any questions or issues ? Please dont hesitate to contact us