156-915.77 Exam Questions

- (Topic 4) After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is...

- (Topic 4) In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:

- (Topic 4) Your internal network is configured to be 10.1.1.0/24. This network is behind your perimeter R77 Gateway, which connects to your ISP provider. How do you configure the...

- (Topic 4) Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

- (Topic 4) Your perimeter Security Gateway's external IP is 200.200.200.3. Your network diagram shows: Required: Allow only network 192.168.10.0 and 192.168.20.0 to go out to the...

- (Topic 4) Because of pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rule...

- (Topic 4) You are responsible for the configuration of MegaCorp's Check Point Firewall. You need to

- (Topic 4) You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming...

- (Topic 4) An internal host initiates a session to the Google.com website and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of __________.

- (Topic 4) You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows: Source: Any || Destination: web...

- (Topic 4) You have created a Rule Base for firewall, websydney. Now you are going to create a new policy package with security and address translation rules for a second Gateway....

- (Topic 4) A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating...

- (Topic 4) Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You...

- (Topic 5) The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following sho...

- (Topic 5) Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST compl...

- (Topic 5) You cannot use SmartDashboard's User Directory features to connect to the LDAP server. What should you investigate? 1) Verify you have read-only permissions as administ...

- (Topic 5) Which Security Gateway R77 configuration setting forces the Client Authentication authorization time-out to refresh, each time a new user is authenticated? The:

- (Topic 5) Charles requests a Website while using a computer not in the net_singapore network. What is TRUE about his location restriction?

- (Topic 5) Security Gateway R77 supports User Authentication for which of the following services? Select the response below that contains the MOST correct list of supported servic...

- (Topic 5) Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication...

- (Topic 5) All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?

- (Topic 5) As a Security Administrator, you must refresh the Client Authentication authorization time- out every time a new user connection is authorized. How do you do this? Enab...

- (Topic 5) Your company's Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow the Telnet service t...

- (Topic 6) Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to users from Mkting_net to Finance_net. But in the user's properties, connec...

- (Topic 6) Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in th...

- (Topic 6) Study the Rule base and Client Authentication Action properties screen - After being authenticated by the Security Gateway, when a user starts an HTTP connection to a W...

- (Topic 6) How are cached usernames and passwords cleared from the memory of a R77 Security Gateway?

- (Topic 6) You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose th...

- (Topic 6) Review the rules. Assume domain UDP is enabled in the impled rules. HTTP? The user:

- (Topic 7) John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthori...

- (Topic 7) Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user's credentials?

- (Topic 7) What happens if the identity of a user is known?

- (Topic 7) John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthori...

- (Topic 7) What happens if the identity of a user is known?

- (Topic 8) What type of traffic can be re-directed to the Captive Portal?

- (Topic 8) Complete this statement from the options provided. Using Captive Portal, unidentified users may be either; blocked, allowed to enter required credentials, or required t...

- (Topic 8) Captive Portal is a __________ that allows the gateway to request login information from the user.

- (Topic 8) Sign-On (SSO). What is not a recommended usage of this method?

- (Topic 8) When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommend...

- (Topic 8) Users with Identity Awareness Agent installed on their machines login with __________, so that when the user logs into the domain, that information is also used to meet...

- (Topic 9) Where do you verify that UserDirectory is enabled?

- (Topic 9) How granular may an administrator filter an Access Role with identity awareness? Per:

- (Topic 9) Access Role objects define users, machines, and network locations as:

- (Topic 9) Which of the following is NOT defined by an Access Role object?

- (Topic 10) Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

- (Topic 10) Which of the following items should be configured for the Security Management Server to authenticate using LDAP?

- (Topic 10) What mechanism does a gateway configured with Identity Awareness and LDAP initially use to communicate with a Windows 2003 or 2008 server?

- (Topic 10) Where does the security administrator activate Identity Awareness within SmartDashboard?

- (Topic 10) What command syntax would you use to turn on PDP logging in a distributed environment?

- (Topic 10) What gives administrators more flexibility when configuring Captive Portal instead of LDAP query for Identity Awareness authentication?