How Many Questions Of 156-215.77 Study Guide

NEW QUESTION 1
What happens if the identity of a user is known?

• A. If the user credentials do not match an Access Role, the system displays the Captive Portal.
• B. If the user credentials do not match an Access Role, the system displays a sandbox.
• C. If the user credentials do not match an Access Role, the traffic is automatically dropped.
• D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.

Answer: D

NEW QUESTION 2
Where can an administrator specify the notification action to be taken by the firewall in the event that available disk space drops below 15%?

• A. SmartView Monitor > Gateway Status > Threshold Settings
• B. SmartView Tracker > Audit Tab > Gateway Counters
• C. SmartView Monitor > Gateway Status > System Information > Thresholds
• D. This can only be monitored by a user-defined script.

Answer: C

NEW QUESTION 3
You are troubleshooting NAT entries in SmartView Tracker. Which column do you check to view the new source IP?
Exhibit:

• A. XlateDPort
• B. XlateDst
• C. XlateSPort
• D. XlateSrc

Answer: D

NEW QUESTION 4
Where are SmartEvent licenses installed?

• A. SmartEvent server
• B. Log Server
• C. Security Management Server
• D. Security Gateway

Answer: A

NEW QUESTION 5
You are reviewing the Security Administrator activity for a bank and comparing it to the change log. How do you view Security Administrator activity?

• A. SmartView Tracker cannot display Security Administrator activity; instead, view the system logs on the Security Management Server’s Operating System.
• B. SmartView Tracker in Network and Endpoint Mode
• C. SmartView Tracker in Active Mode
• D. SmartView Tracker in Management Mode

Answer: D

NEW QUESTION 6
Which command gives an overview of your installed licenses?

• A. cplicense
• B. showlic
• C. fw lic print
• D. cplic print

Answer: D

NEW QUESTION 7
While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block?
1) Select Active Mode tab in SmartView Tracker.
2) Select Tools > Block Intruder.
3) Select Log Viewing tab in SmartView Tracker.
4) Set Blocking Timeout value to 60 minutes.
5) Highlight connection that should be blocked.

• A. 1, 2, 5, 4
• B. 3, 2, 5, 4
• C. 1, 5, 2, 4
• D. 3, 5, 2, 4

Answer: C

NEW QUESTION 8
How many packets does the IKE exchange use for Phase 1 Main Mode?

• A. 12
• B. 1
• C. 3
• D. 6

Answer: D

NEW QUESTION 9
Katie has been asked to setup a rule to allow the new webserver in the DMZ to be accessible from the internet on port 443. The IP address of the Web Server, Apothos, is 192.168.126.3 and the external address should be 10.4.2.3. This needs to be the only server associated with this External IP address.
Which answer below will accomplish the steps needed to complete this task?

• A. Katie will create a host node object with an IP address of 10.4.2.3 and will configure a static NAT of 192.168.126.3. She will add a new rule in the DMZ section of the policy for the Apothos serve
• B. The rule will have an “Any Source, Destination of Apothos Host Object andservice of HTTPS”.
• C. Katie will create a host node object with an IP address of 192.168.126.3 and will configure a static NAT of 10.4.2.3. She will add a new rule in the DMZ section of the policy for the Apothos serve
• D. The rule will have an “Any Source, Destination of Apothos Host Object and service of HTTPS”.
• E. Katie will create a Network object with an IP address of 192.168.126.3 and will configure a Hide NAT of 10.4.2.3. She will add a new rule in the DMZ section of the policy for the Apothos serve
• F. The rule will have an “Any Source, Destination of Apothos Host Object and service of HTTPS”.
• G. Katie will create a host node object with an IP address of 192.168.126.3 and willconfigure a static NAT of 10.4.2.3. She will add a new rule in the DMZ section of the policy for the Apothos serve
• H. The rule will have an “Apothos Host Object Source, Destination of Any andservice of HTTPS”.

Answer: A

NEW QUESTION 10
UDP packets are delivered if they are .

• A. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
• B. a valid response to an allowed request on the inverse UDP ports and IP
• C. bypassing the kernel by the forwarding layer of ClusterXL
• D. referenced in the SAM related dynamic tables

Answer: B

NEW QUESTION 11
What is also referred to as Dynamic NAT?

• A. Automatic NAT
• B. Static NAT
• C. Manual NAT
• D. Hide NAT

Answer: D

NEW QUESTION 12
You have detected a possible intruder listed in SmartView Tracker’s active pane. What is the fastest method to block this intruder from accessing your network indefinitely?

• A. Modify the Rule Base to drop these connections from the network.
• B. In SmartView Tracker, select Tools > Block Intruder.
• C. In SmartView Monitor, select Tools > Suspicious Activity Rules.
• D. In SmartDashboard, select IPS > Network Security > Denial of Service.

Answer: B

NEW QUESTION 13
What port is used for communication to the User Center with SmartUpdate?

• A. CPMI 200
• B. TCP 8080
• C. HTTP 80
• D. HTTPS 443

Answer: D

NEW QUESTION 14
Which tool CANNOT be launched from SmartUpdate R77?

• A. IP Appliance Voyager
• B. snapshot
• C. GAiA WebUI
• D. cpinfo

Answer: B

NEW QUESTION 15
You are the Security Administrator for MegaCorp and would like to view network activity using SmartReporter. You select a standard predefined report. As you can see here, you can select the london Gateway.

When you attempt to configure the Express Report, you are unable to select this Gateway.

What is the reason for this behavior? Give the BEST answer.

• A. You must enable the Eventia Express Mode on the london Gateway.
• B. You have the license for Eventia Reporter in Standard mode only.
• C. You must enable the Express Mode inside Eventia Reporter.
• D. You must enable Monitoring in the london Gateway object’s General Properties.

Answer: D

NEW QUESTION 16
Which of the following is NOT useful to verify whether or not a Security Policy is active on a Gateway?

• A. fw ctl get string active_secpol
• B. fw stat
• C. cpstat fw -f policy
• D. Check the Security Policy name of the appropriate Gateway in SmartView Monitor.

Answer: A

NEW QUESTION 17
Which rule is responsible for the client authentication failure? Exhibit:

• A. Rule 4
• B. Rule 6
• C. Rule 3
• D. Rule 5

Answer: C

NEW QUESTION 18
You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

• A. You checked the cache password on desktop option in Global Properties.
• B. Another rule that accepts HTTP without authentication exists in the Rule Base.
• C. You have forgotten to place the User Authentication Rule before the Stealth Rule.
• D. Users must use the SecuRemote Client, to use the User Authentication Rule.

Answer: B

NEW QUESTION 19
When translation occurs using automatic Hide NAT, what also happens?

• A. Nothing happens.
• B. The destination is modified.
• C. The destination port is modified.
• D. The source port is modified.

Answer: D

NEW QUESTION 20
......