919 お客様のコメント
質問 1:
Which rules are not applied on a first-match basis?
A. Client Authentication
B. User Authentication
C. Session Authentication
D. Cleanup
正解:B
質問 2:
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R71.
C. POP3 is accepted in Global Properties.
D. The POP3 rule is hidden.
正解:D
質問 3:
When troubleshooting NAT entries in SmartView Tracker, which column do we need to check to view the NAT'd source port when using source NAT?
A. XlateSPort
B. XlateDst
C. XlateSrc
D. XlateDPort
正解:A
質問 4:
Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to
users from Mkting_net to Finance_net. But in the user's properties, connections are only permitted within Mkting_net. What is the BEST way to resolve this conflict?
A. Permit access to Finance_net
B. Select ignore database in action properties window
C. Select intersect with user database in the action properties window
D. Select Intersect with user database or Ignore Database in the Action Properties window.
正解:D
質問 5:
When configuring the network interfaces of a Check Point Gateway, the direction can be defined
as Internal or External. What is the meaning of Interface leads to DMZ?
Checkpoint 156-215-71 Exam
A. Using restricted Gateways, this option automatically turns off the counting of IP Addresses originating from this interface
B. Activating this option automatically turns this interface to External
C. When selecting this option. Ann-Spoofing is configured automatically to this net.
D. It defines the DMZ Interface since this information is necessary for Content Control.
正解:D
質問 6:
To monitor all traffic between a network and the Internet on a SecurePlatform Gateway, what is the BEST utility to use?
A. cpinfo
B. tcpdump
C. infoview
D. snoop
正解:B
質問 7:
You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation?
A. As many as you want
B. Only one with full access and one with read-only access
C. Depends on the license installed on the Security Management Server
D. One
正解:D
Which rules are not applied on a first-match basis?
A. Client Authentication
B. User Authentication
C. Session Authentication
D. Cleanup
正解:B
質問 2:
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R71.
C. POP3 is accepted in Global Properties.
D. The POP3 rule is hidden.
正解:D
質問 3:
When troubleshooting NAT entries in SmartView Tracker, which column do we need to check to view the NAT'd source port when using source NAT?
A. XlateSPort
B. XlateDst
C. XlateSrc
D. XlateDPort
正解:A
質問 4:
Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to
users from Mkting_net to Finance_net. But in the user's properties, connections are only permitted within Mkting_net. What is the BEST way to resolve this conflict?
A. Permit access to Finance_net
B. Select ignore database in action properties window
C. Select intersect with user database in the action properties window
D. Select Intersect with user database or Ignore Database in the Action Properties window.
正解:D
質問 5:
When configuring the network interfaces of a Check Point Gateway, the direction can be defined
as Internal or External. What is the meaning of Interface leads to DMZ?
Checkpoint 156-215-71 Exam
A. Using restricted Gateways, this option automatically turns off the counting of IP Addresses originating from this interface
B. Activating this option automatically turns this interface to External
C. When selecting this option. Ann-Spoofing is configured automatically to this net.
D. It defines the DMZ Interface since this information is necessary for Content Control.
正解:D
質問 6:
To monitor all traffic between a network and the Internet on a SecurePlatform Gateway, what is the BEST utility to use?
A. cpinfo
B. tcpdump
C. infoview
D. snoop
正解:B
質問 7:
You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation?
A. As many as you want
B. Only one with full access and one with read-only access
C. Depends on the license installed on the Security Management Server
D. One
正解:D
Yamaguchi -
書籍を読むだけでは理解が難しい(つまずきやすい)箇所について、動画でわかりやすく解説している。これのおかげで合格いたしました。