Checkpoint 156-215.77 : Practice Test

Question No : 1 - (Topic 1)

John is the Security Administrator in his company. He installs a new R77 Security
Management Server and a new R77 Gateway. He now wants to establish SIC between
them. After entering the activation key, he gets the following message in SmartDashboard -
"Trust established"
SIC still does not seem to work because the policy won't install and interface fetching does
not work. What might be a reason for this?

A. It always works when the trust is established
B. This must be a human error.
C. SIC does not function over the network.
D. The Gateway's time is several days or weeks in the future and the SIC certificate is not
yet valid.

Answer: D

Question No : 2 - (Topic 1)

Spoofing is a method of:
A. Disguising an illegal IP address behind an authorized IP address through Port Address
Translation.
B. Making packets appear as if they come from an authorized IP address.
C. Detecting people using false or wrong authentication logins.
D. Hiding your firewall from unauthorized users.
Answer: B

Question No : 3 - (Topic 1)

When you hide a rule in a Rule Base, how can you then disable the rule?
A. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and
select Disable Rule(s); re-hide the rule.
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Use the search utility in SmartDashboard to view all hidden rules. Select the relevant
rule and click Disable Rule(s).
D. Hidden rules are already effectively disabled from Security Gateway enforcement.
Answer: A

Question No : 4 - (Topic 1)

When you change an implicit rule's order from Last to First in Global Properties, how do
you make the change take effect?
A. Run fw fetch from the Security Gateway.
B. Select Install Database from the Policy menu.
C. Reinstall the Security Policy.
D. Select Save from the File menu.
Answer: C

Question No : 5 - (Topic 1)

Certificates for Security Gateways are created during a simple initialization from
_____________.
A. The ICA management tool
B. SmartUpdate
C. sysconfig
D. SmartDashboard
Answer: D

Question No : 6 - (Topic 1)

Which component functions as the Internal Certificate Authority for R77?
A. Security Gateway
B. Management Server
C. Policy Server
D. SmartLSM
Answer: B

Question No : 7 - (Topic 1)

Message digests use which of the following?
A. SHA-1 and MD5
B. IDEA and RC4
C. SSL and MD4
D. DES and RC4
Answer: A

Question No : 8 - (Topic 1)

You manage a global network extending from your base in Chicago to Tokyo, Calcutta and
Dallas. Management wants a report detailing the current software level of each Enterprise
class Security Gateway. You plan to take the opportunity to create a proposal outline,
listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole
applications will you use to create this report and outline?
A. SmartLSM and SmartUpdate
B. SmartView Tracker and SmartView Monitor
C. SmartView Monitor and SmartUpdate
D. SmartDashboard and SmartView Tracker
Answer: D

Question No : 9 - (Topic 1)

Which command displays the installed Security Gateway version?
A. fw ver
B. fw stat
C. fw printver
D. cpstat -gw
Answer: A

Question No : 10 - (Topic 1)

The SIC certificate is stored in the directory _______________.
A. $CPDIR/conf
B. $FWDIR/database
C. $CPDIR/registry
D. $FWDIR/conf
Answer: A