You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateways external interface. You browse to the Google Website from host, 10.1.1.10 successfully.
You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
Answer : B
A digital signature:
Answer : A
Your perimeter Security Gateways external IP is 200.200.200.3. Your network diagram shows:
Answer : B
Which R77 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway?
Answer : A
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the
Security Gateway. With the default settings in place for NAT, the initiating packet will translate the _________.
Answer : D
Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your
DMZ?
Answer : D
How can you configure an application to automatically launch on the Security Management
Server when traffic is dropped or accepted by a rule in the Security Policy?
Answer : C
You just installed a new Web server in the DMZ that must be reachable from the Internet.
You create a manual Static NAT rule as follows:
SourcE. Any || Destination: web_public_IP || ServicE. Any || Translated SourcE. original ||
Translated Destination: web_private_IP || ServicE. Original
web_public_IP? is the node object that represents the new Web servers public IP address. web_private_IP? is the node object that represents the new Web sites private IP address. You enable all settings from Global Properties > NAT.
When you try to browse the Web server from the Internet you see the error page cannot be displayed?. Which of the following is NOT a possible reason?
Answer : A
Static NAT connections, by default, translate on which firewall kernel inspection point?
Answer : A
Which of the following can be found in cpinfo from an enforcement point?
Answer : D
The fw monitor utility is used to troubleshoot which of the following problems?
Answer : B
Which Check Point address translation method allows an administrator to use fewer ISP- assigned IP addresses than the number of internal hosts requiring Internet connectivity?
Answer : A
After implementing Static Address Translation to allow Internet traffic to an internal Web
Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?
Answer : A