A Review Of Practical 156-915.80 class

Q1. MegaCorp is using SmartCenter Server with several gateways. Their requirements result in a heavy log load. Would it be feasible to add the SmartEvent Correlation Unit and SmartEvent Server to their SmartCenter Server?

A. No. SmartCenter SIC will interfere with the function of SmartEvent.

B. No. If SmartCenter is already under stress, the use of a separate server for SmartEvent is recommended.

C. No, SmartEvent and Smartcenter cannot be installed on the same machine at the same time.

D. Yes. SmartEvent must be installed on your SmartCenter Server.

Q2. Type the command and syntax you would use to verify that your Check Point cluster is functioning correctly.

Q3. You want to store the GAiA configuration in a file for later reference. What command should you use?

A. write mem <filename>

B. show config u2013f <filename>

C. save config u2013o <filename>

D. save configuration <filename>

Q4. The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

A. When accuracy in detecting identity is crucial

B. Leveraging identity for Data Center protection

C. Protecting highly sensitive servers

D. Identity based enforcement for non-AD users (non-Windows and guest users)

Q5. You have a diskless appliance platform. How do you keep swap file wear to a minimum?

A. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.

B. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.

C. Use PRAM flash devices, eliminating the longevity.

D. A RAM drive reduces the swap file thrashing which causes fast wear on the device.

Q6. Which two processes are responsible on handling Identity Awareness?

A. pdp and lad

B. pdp and pdp-11

C. pep and lad

D. pdp and pep

Q7. Which of the following is a CLI command for Security Gateway R80?

A. fw tab -u

B. fw shutdown

C. fw merge

D. fwm policy_print <policyname>

Q8. Your primary Security Gateway runs on GAiA. What is the easiest way to back up your Security Gateway R80 configuration, including routing and network configuration files?

A. Copying the directories $FWDIR/conf and $FWDIR/lib to another location.

B. Using the native GAiA backup utility from command line or in the Web based user interface.

C. Using the command upgrade_export.

D. Run the pre_upgrade_verifier and save the .tgz file to the directory /temp.

Q9. Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?

A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.

B. Put the one administrator in an Administrator group and configure this group in the specific Firewall

object in Advanced > Permission to Install.

C. In the object General Properties representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.

D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.

Q10. To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?

A. Source

B. Track

C. User

D. Action