Ii, guys my name is job
CCSA passed with 994/1000
Using checkpoint vpn-a/firewall-1 Management 1 Cp 2000.
Boson is not very very not good for this exam
Some many question in the exam is similar to this dump,
WARNING, THIS DUMP HAVE MANY MISTAKE so he can help you
1. What is the minimum requirement for installing Firewall module on Windows
NT?
a. NT 4.0, 40mb HD, 64mb RAM
b. NT 4.0, 60mb HD, 64mb RAM
c. NT 4.0, 40mb HD, 32mb RAM
d. NT 4.0, 40mb HD, 128mb RAM
Answer: A
2. What modules are included in a single gateway product?
a. Management module, inspection module, GUI
b. Management module, Firewall module, Inspection module
c. Management module, Firewall module, Inspection module, Encryption module
d. Management module, Firewall module, Encryption module, GUI
Answer: B
3. List the associated port number for TELNET, FTP and SMTP:
a. Telnet 21, FTP 23, SMTP 25
b. Telnet 23, FTP 25, SMTP 23
c. Telnet 23, FTP 21, SMTP 25
Answer: C
4. What are the choices of packet filtering on Firewall-1?
a. Internal, External and Eitherbound
b. Implicit, Explicit and External
c. Implicit, Explicit and Internal
d. Inbound, Outbound and Eitherbound
Answer: D
5. What is the default action when Firewall-1 adds the first rule base in a
security policy?
a. Allow all external traffic.
b. Allow all traffic, except those denied by the explicit rules.
c. Allow all traffic except those denied by the implicit rules.
d. Implicit drop.
Answer: D
6. If ICMP is not defined in the rule base, workstations in the internal
network can ping a server which is outside the Firewall.
a. True
b. False
Answer: B
7. What are the 3 display modes of the Log Viewer?
a. Security, traffic, active
b. Accounting, active, traffic
c. Security, accounting, active
d. Accounting, disabled, active
Answer: C
8. What 3 methods of blocking an intruder can be used, and how are they
different?
a. block all connections, block access of this source computer, block access
to this computer
b. block only this connection, block access of this source IP, block access
to this computer
c. block only this connection, block access to this network, block access
from this network
d. block only this connection, block access of this source IP, block access
to this destination
Answer: D
9. What does the cleanup rule do?
a. Cleanup rule drops all communication not described by other rules
b. Cleanup rule rejects everything not specifically allowed by other rules
c. Cleanup rule logs everything
d. Cleanup rule is same as default rule
Answer: A
10. When is a workstation seen as a Firewall object?
a. The VPN-1 and Firewall-1 is checked in modules installed
b. Not possible
c. When NAT is enabled
d. When the VPN option is selected
Answer: A
11. Regarding IPSEC, what is true:
a. The keys are fixed over the duration of connection. A password is
required for every session.
b. The keys are not fixed over the duration of connection. There is no
mechanism for exchanging keys.
c. The keys are fixed over the duration of the connection. The connection is
not transparent.
d. The keys are not fixed over the duration of the connection. There is no
mechanism for exchanging keys.
Answer: D
12. "!" shows up in System Status Viewer. What does this mean?
a. Firewall is down.
b. The Firewall has lost communication with the management server.
c. A policy is not installed on the Firewall.
d. A policy is not installed on the management station.
Answer: C
13. What mode will you use in Log Viewer to see a FTP connection in
progress?
a. Accounting
b. Active
c. Current
d. Connections
Answer: B
14. What are the 3 modes of NAT?
a. Static Source, Static Destination, Hide
b. Implicit, Explicit, Pseudo
c. Static Source, Static Destination, Pseudo
d. None of the above
Answer: A
15. When users are created in Policy Editor, where is the data stored?
a. Rule base
b. Security policy
c. User database
d. System database
Answer: C
16. You need to create groups before setting up authentication for users.
a. False
b. True
Answer: B
17. What happens when you click New Log from the log viewer?
a. Current log is deleted and a new log file is created.
b. Current log is saved with the name fwlog_old
c. Current log is saved with the date and time
d. There is no New Log option.
Answer: C
18. You can place the Stealth Rule above all rules except:
a. Cleanup
b. Implicit
c. Auth & Encrypt
d. Pseudo
Answer: C
19. When you select purge from the log viewer, you delete all entries in the
log file regardless of what entries are selected.
a. False
b. True
Answer: B
20. How many Firewalls can the management module control?
a. 100
b. 50
c. 80
d. 25
Answer: B
21. What are three types of Firewall-1 authentication?
a. User, Client, Pseudo
b. Account, Local, External
c. User, Client, Server
d. User, Client, Session
Answer: D
22. To check data sent from the Firewall itself, what policy checking should
you use?
a. Inbound
b. Eitherbound
c. Outbound
d. Inbound and Outbound
Answer: B
23. What three GUIs are available?
a. Policy Editor, Account Editor, System Status
b. Policy Editor, Log Viewer, Firewall Status
c. Policy Editor, Firewall Status, Log Viewer
d. Policy Editor System Status, Log Viewer
Answer: D
24. What do you select to unhide all rules?
a. Select Rule from View menu, select unhide all rules
b. Select Hidden from Rule menu, select unhide all rules
c. Select Mask from view menu, select Clear Mask
d. Select Mask from view menu, select unmask all
Answer: C
25. From the Log Viewer, what option could you use when the intruder's
connection ID is known?
a. Block intruder
b. Block Port
c. Block Connection ID
d. Block Request
Answer: D
26. What are three types of Firewall-1 authentication?
a. User, Client, Session
b. User, Account, Session
c. User, Computer, Session
d. User, Default, Session
Answer: A
27. Checking rules on "Inbound", check packets:
a. As they enter the Firewall
b. As they exit the Firewall
c. As they exit and enter the Firewall
d. None of the above
Answer: A
28. What protocol can you user in User Authentication?
a. FTP, HTTP, HTTPS, TELNET, RLOGIN
b. FTP, HTTP, HTTPS, TELNET, POP3
c. FTP, HTTP, HTTPS, SMTP, POP3
d. POP3, HTTP, HTTPS, POP3, SNMP
Answer: A
29. How many Administrators can access the Firewall with Read/Write access
at once?
a. 1
b. 1 per management server
c. As many as have Read/Write access
d. 2
Answer: A
30. The sole purpose of the encryption module is to allow client to Firewall
encryption.
a. True
b. False
Answer: B