156-215.77 Exam Dumps | Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also

<< Prev Question Next Question >>

Question 159/350

Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?

A. Configure Automatic Static NAT on network 10.10.20.0/24.

B. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24.

C. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule.

D. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service.

Question List (350q): Question 1: You are working with multiple Security Gateways that enforce...; Question 2: What is one potential downside or drawback to choosing the S...; Question 3: You have a diskless appliance platform. How do you keep swap...; Question 4: You are the Security Administrator for MegaCorp. In order to...; Question 5: In SmartView Tracker, which rule shows when a packet is drop...; Question 6: Katie has been asked to setup a rule to allow the new webser...; Question 7: Why are certificates preferred over pre-shared keys in an IP...; Question 8: Which SmartView Tracker selection would most effectively sho...; Question 9: Select the TRUE statements about the Rule Base shown? Exhibi...; Question 10: Which Client Authentication sign-on method requires the user...; Question 11: You are reviewing the Security Administrator activity for a ...; Question 12: You are a Security Administrator using one Security Manageme...; Question 13: Which NAT option applicable for Automatic NAT applies to Man...; Question 14: A Web server behind the Security Gateway is set to Automatic...; Question 15: Which of these components does NOT require a Security Gatewa...; Question 16: As a Security Administrator, you must refresh the Client Aut...; Question 17: Which command allows Security Policy name and install date v...; Question 18: When doing a Stand-Alone Installation, you would install the...; Question 19: When using vpn tu, which option must you choose if you want ...; Question 20: Which of the following is an authentication method used by I...; Question 21: SmartView Tracker logs the following Security Administrator ...; Question 22: Which of the following are authentication methods that Secur...; Question 23: What is the appropriate default Gaia Portal address?...; Question 24: What information is found in the SmartView Tracker Managemen...; Question 25: Where does the security administrator activate Identity Awar...; Question 26: Which of the following is NOT useful to verify whether or no...; Question 27: You are responsible for the configuration of MegaCorp's Chec...; Question 28: Jack has been asked do enable Identify Awareness. What are t...; Question 29: Your company has two headquarters, one in London, one in New...; Question 30: Static NAT connections, by default, translate on which firew...; Question 31: When using an encryption algorithm, which is generally consi...; Question 32: An Administrator without access to SmartDashboard installed ...; Question 33: Which Security Gateway R77 configuration setting forces the ...; Question 34: What is the default setting when you use NAT?...; Question 35: What command with appropriate switches would you use to test...; Question 36: Your R77 primary Security Management Server is installed on ...; Question 37: SmartUpdate is mainly for which kind of work - 1. Monitoring...; Question 38: For remote user authentication, which authentication scheme ...; Question 39: Which of the following methods will provide the most complet...; Question 40: Your company has two headquarters, one in London, and one in...; Question 41: You have two rules, ten users, and two user groups in a Secu...; Question 42: ALL of the following options are provided by the GAiA syscon...; Question 43: Which utility allows you to configure the DHCP service on GA...; Question 44: When you change an implicit rule's order from Last to First ...; Question 45: Several Security Policies can be used for different installa...; Question 46: Which operating systems are supported by a Check Point Secur...; Question 47: A Cleanup rule:; Question 48: To check the Rule Base, some rules can be hidden so they do ...; Question 49: Which component functions as the Internal Certificate Author...; Question 50: An internal router is sending UDP keep-alive packets that ar...; Question 51: Your company's Security Policy forces users to authenticate ...; Question 52: The fw monitor utility is used to troubleshoot which of the ...; Question 53: Before upgrading SecurePlatform to GAiA, you should create a...; Question 54: Which of the following is true of Hit Count?...; Question 55: Which of the following tools is used to generate a Security ...; Question 56: What gives administrators more flexibility when configuring ...; Question 57: You receive a notification that long-lasting Telnet connecti...; Question 58: If a SmartUpdate upgrade or distribution operation fails on ...; Question 59: The Security Gateway is installed on GAiA R77 The default po...; Question 60: Your perimeter Security Gateway's external IP is 200.200.200...; Question 61: A _______ rule is used to prevent all traffic going to the R...; Question 62: How are cached usernames and passwords cleared from the memo...; Question 63: Your organization's disaster recovery plan needs an update t...; Question 64: You have configured Automatic Static NAT on an internal host...; Question 65: A client has created a new Gateway object that will be manag...; Question 66: Which rules are not applied on a first-match basis?...; Question 67: Which R77 GUI would you use to see the number of packets acc...; Question 68: Your manager requires you to setup a VPN to a new business p...; Question 69: True or FalsE. SmartView Monitor can be used to create alert...; Question 70: You have installed a R77 Security Gateway on GAiA. To manage...; Question 71: Choose the BEST sequence for configuring user management in ...; Question 72: Which authentication type requires specifying a contact agen...; Question 73: You are about to integrate RSA SecurID users into the Check ...; Question 74: What happens when you select File > Export from the Smart...; Question 75: Which of the following is NOT defined by an Access Role obje...; Question 76: Many companies have defined more than one administrator. To ...; Question 77: Jennifer McHanry is CEO of ACME. She recently bought her own...; Question 78: What must a Security Administrator do to comply with a manag...; Question 79: An advantage of using central instead of local licensing is:...; Question 80: John is the Security Administrator in his company. He instal...; Question 81: Charles requests a Website while using a computer not in the...; Question 82: You are troubleshooting NAT entries in SmartView Tracker. Wh...; Question 83: You are the Security Administrator for MegaCorp. A Check Poi...; Question 84: You are using SmartView Tracker to troubleshoot NAT entries....; Question 85: Is it possible to track the number of connections each rule ...; Question 86: Why should the upgrade_export configuration file (.tgz) be d...; Question 87: The R77 fw monitor utility is used to troubleshoot which of ...; Question 88: Which SmartView Tracker mode allows you to read the SMTP e-m...; Question 89: What information is found in the SmartView Tracker Managemen...; Question 90: Where do we need to reset the SIC on a gateway object?...; Question 91: Which port must be allowed to pass through enforcement point...; Question 92: How do you configure the Security Policy to provide user acc...; Question 93: Which statement below describes the most correct strategy fo...; Question 94: When configuring anti-spoofing on the Security Gateway objec...; Question 95: Central license management allows a Security Administrator t...; Question 96: Identify the ports to which the Client Authentication daemon...; Question 97: What is the syntax for uninstalling a package using newpkg?...; Question 98: If you are experiencing LDAP issues, which of the following ...; Question 99: Complete this statement. The block Intruder option in the Ac...; Question 100: You find a suspicious connection from a problematic host. Yo...; Question 101: Which answers are TRUE? Automatic Static NAT CANNOT be used ...; Question 102: An internal host initiates a session to the Google.com websi...; Question 103: When using AD Query to authenticate users for Identity Aware...; Question 104: You need to completely reboot the Operating System after mak...; Question 105: Over the weekend, an Administrator without access to SmartDa...; Question 106: In SmartDashboard, you configure 45 MB as the required free ...; Question 107: All R77 Security Servers can perform authentication with the...; Question 108: You are the Security Administrator for MegaCorp and would li...; Question 109: The third-shift Administrator was updating Security Manageme...; Question 110: How can you check whether IP forwarding is enabled on an IP ...; Question 111: Which of the following is a CLI command for Security Gateway...; Question 112: The customer has a small Check Point installation which incl...; Question 113: Which of the following is NOT true for Clientless VPN?...; Question 114: Your company is running Security Management Server R77 on GA...; Question 115: All of the following are Security Gateway control connection...; Question 116: You want to generate a cpinfo file via CLI on a system runni...; Question 117: What physical machine must have access to the User Center pu...; Question 118: How can you reset the Security Administrator password that w...; Question 119: Which of the following uses the same key to decrypt as it do...; Question 120: How many packets does the IKE exchange use for Phase 1 Aggre...; Question 121: Which R77 feature or command allows Security Administrators ...; Question 122: Match the following commands to their correct function. Each...; Question 123: You have a mesh VPN Community configured to create a site-to...; Question 124: What are you required to do before running the command upgra...; Question 125: Which of the following is NOT a valid option when configurin...; Question 126: Which of these attributes would be critical for a site-to-si...; Question 127: When using GAiA, it might be necessary to temporarily change...; Question 128: Which authentication type permits five different sign-on met...; Question 129: Which of these Security Policy changes optimize Security Gat...; Question 130: Which statement is TRUE about implicit rules?...; Question 131: Identify the correct step performed by SmartUpdate to upgrad...; Question 132: If you were NOT using IKE aggressive mode for your IPsec tun...; Question 133: What is the difference between Standard and Specific Sign On...; Question 134: You have configured SNX on the Security Gateway. The client ...; Question 135: An Administrator without access to SmartDashboard installed ...; Question 136: Looking at the SYN packets in the Wireshark output, select t...; Question 137: Where do you verify that UserDirectory is enabled?...; Question 138: Where can you find the Check Point's SNMP MIB file?...; Question 139: UDP packets are delivered if they are ___________....; Question 140: Identity Awareness is implemented to manage access to protec...; Question 141: Match the terms with their definitions: Exhibit: (Exhibit)...; Question 142: The third-shift Administrator was updating Security Manageme...; Question 143: You manage a global network extending from your base in Chic...; Question 144: Where can an administrator configure the notification action...; Question 145: How granular may an administrator filter an Access Role with...; Question 146: The INSPECT engine inserts itself into the kernel between wh...; Question 147: You are working with three other Security Administrators. Wh...; Question 148: Which of the following actions take place in IKE Phase 2 wit...; Question 149: Access Role objects define users, machines, and network loca...; Question 150: When restoring R77 using the command upgrade_import, which o...; Question 151: Which of the following authentication methods can be configu...; Question 152: You need to back up the routing, interface, and DNS configur...; Question 153: Which of the following is a hash algorithm?...; Question 154: You can include External commands in SmartView Tracker by th...; Question 155: Exhibit: (Exhibit) Of the following, what parameters will no...; Question 156: Which of the following items should be configured for the Se...; Question 157: Which SmartConsole tool would you use to see the last policy...; Question 158: What is also referred to as Dynamic NAT?...; Question 159: Your main internal network 10.10.10.0/24 allows all traffic ...; Question 160: You have created a Rule Base for firewall, websydney. Now yo...; Question 161: VPN gateways must authenticate to each other prior to exchan...; Question 162: Study the Rule base and Client Authentication Action propert...; Question 163: You would use the Hide Rule feature to:...; Question 164: Where can an administrator specify the notification action t...; Question 165: A digital signature:; Question 166: Which R77 SmartConsole tool would you use to verify the inst...; Question 167: You are conducting a security audit. While reviewing configu...; Question 168: When translation occurs using automatic Hide NAT, what also ...; Question 169: Is it possible to see user activity in SmartView Tracker?...; Question 170: Users with Identity Awareness Agent installed on their machi...; Question 171: After filtering a fw monitor trace by port and IP, a packet ...; Question 172: Which directory holds the SmartLog index files by default?...; Question 173: Which command line interface utility allows the administrato...; Question 174: Which command would provide the most comprehensive diagnosti...; Question 175: You have just installed your Gateway and want to analyze the...; Question 176: How do you configure an alert in SmartView Monitor?...; Question 177: Katie has been asked to do a backup on the Blue Security Gat...; Question 178: Which R77 SmartConsole tool would you use to verify the inst...; Question 179: You have detected a possible intruder listed in SmartView Tr...; Question 180: The User Directory Software Blade is used to integrate which...; Question 181: What CANNOT be configured for existing connections during a ...; Question 182: Which NAT option is available for Manual NAT as well as Auto...; Question 183: NAT can NOT be configured on which of the following objects?...; Question 184: Which command displays the installed Security Gateway versio...; Question 185: Which of the following is a viable consideration when determ...; Question 186: A marketing firm's networking team is trying to troubleshoot...; Question 187: Which of the following methods is NOT used by Identity Aware...; Question 188: With the User Directory Software Blade, you can create R77 u...; Question 189: Your internal network is configured to be 10.1.1.0/24. This ...; Question 190: ______________ is an R77 component that displays the number ...; Question 191: Which of the following options is available with the GAiA cp...; Question 192: To qualify as an Identity Awareness enabled rule, which colu...; Question 193: For which service is it NOT possible to configure user authe...; Question 194: A company has disabled logging for some of the most commonly...; Question 195: Which tool CANNOT be launched from SmartUpdate R77?...; Question 196: The SIC certificate is stored in the directory _____________...; Question 197: When using LDAP as an authentication method for Identity Awa...; Question 198: With deployment of SecureClient, you have defined in the pol...; Question 199: Which of the following statements accurately describes the c...; Question 200: Which of the following firewall modes DOES NOT allow for Ide...; Question 201: Installing a policy usually has no impact on currently exist...; Question 202: Which command displays the installed Security Gateway kernel...; Question 203: Which of the following objects is a valid source in an authe...; Question 204: How can you activate the SNMP daemon on a Check Point Securi...; Question 205: Choose the SmartLog property that is TRUE....; Question 206: What port is used for communication to the User Center with ...; Question 207: Which Check Point address translation method is necessary if...; Question 208: Which set of objects have an Authentication tab?...; Question 209: Your users are defined in a Windows 2008 R2 Active Directory...; Question 210: Which of the following actions do NOT take place in IKE Phas...; Question 211: Your primary Security Gateway runs on GAiA. What is the easi...; Question 212: What information is found in the SmartView Tracker Managemen...; Question 213: Your boss wants you to closely monitor an employee suspected...; Question 214: In the Rule Base displayed for fwsingapore, user authenticat...; Question 215: Packages and licenses are loaded into the SmartUpdate reposi...; Question 216: A Security Policy installed by another Security Administrato...; Question 217: The customer has a small Check Point installation which incl...; Question 218: In a distributed management environment, the administrator h...; Question 219: You are the Security Administrator for ABC-Corp. A Check Poi...; Question 220: You review this Security Policy because Rule 4 is inhibited....; Question 221: Captive Portal is a __________ that allows the gateway to re...; Question 222: How can you recreate the Security Administrator account, whi...; Question 223: Spoofing is a method of:; Question 224: Your Security Management Server fails and does not reboot. O...; Question 225: Because of pre-existing design constraints, you set up manua...; Question 226: Review the rules. (Exhibit) Assume domain UDP is enabled in ...; Question 227: What is a possible reason for the IKE failure shown in this ...; Question 228: Which item below in a Security Policy would be enforced firs...; Question 229: How can you most quickly reset Secure Internal Communication...; Question 230: You just installed a new Web server in the DMZ that must be ...; Question 231: Which of the following items should be configured for the Se...; Question 232: Your Security Gateways are running near performance capacity...; Question 233: Where are SmartEvent licenses installed?...; Question 234: While in SmartView Tracker, Brady has noticed some very odd ...; Question 235: Where would an administrator enable Implied Rules logging?...; Question 236: Lily has completed the initial setup of her Management Serve...; Question 237: Certificates for Security Gateways are created during a simp...; Question 238: How can you activate the SNMP daemon on a Check Point Securi...; Question 239: In which Rule Base can you implement an Access Role?...; Question 240: Where do you configure Anti-spoofing?...; Question 241: The Captive Portal tool:; Question 242: Which Check Point address translation method allows an admin...; Question 243: What is the officially accepted diagnostic tool for IP Appli...; Question 244: What happens when you open the Gateway object window Trusted...; Question 245: What type of traffic can be re-directed to the Captive Porta...; Question 246: SmartView Tracker R77 consists of three different modes. The...; Question 247: Exhibit: (Exhibit) You plan to create a backup of the rules,...; Question 248: You cannot use SmartDashboard's User Directory features to c...; Question 249: You are running a R77 Security Gateway on GAiA. In case of a...; Question 250: A Security Policy has several database versions. What config...; Question 251: Which of the following allows administrators to allow or den...; Question 252: Which of the below is the MOST correct process to reset SIC ...; Question 253: Identify the correct step performed by SmartUpdate to upgrad...; Question 254: Which command allows you to view the contents of an R77 tabl...; Question 255: How many packets does the IKE exchange use for Phase 1 Main ...; Question 256: You believe Phase 2 negotiations are failing while you are a...; Question 257: Which feature in R77 permits blocking specific IP addresses ...; Question 258: You run cpconfig to reset SIC on the Security Gateway. After...; Question 259: How do you recover communications between your Security Mana...; Question 260: MegaCorp's security infrastructure separates Security Gatewa...; Question 261: Jack has locked himself out of the Kirk Security Gateway wit...; Question 262: You find a suspicious FTP site trying to connect to one of y...; Question 263: When you hide a rule in a Rule Base, how can you then disabl...; Question 264: You want to implement Static Destination NAT in order to pro...; Question 265: Which of the following commands can be used to remove site-t...; Question 266: How many packets are required for IKE Phase 2?...; Question 267: Where is the fingerprint generated, based on the output disp...; Question 268: Which command enables IP forwarding on IPSO?...; Question 269: How do you view a Security Administrator's activities with S...; Question 270: Which of the following statements accurately describes the c...; Question 271: What happens if you select Web Server in the dialog box? Exh...; Question 272: If a Security Gateway enforces three protections, LDAP Injec...; Question 273: How does the button Get Address, found on the Host Node Obje...; Question 274: What happens if the identity of a user is known?...; Question 275: Your company enforces a strict change control policy. Which ...; Question 276: You have included the Cleanup Rule in your Rule Base. Where ...; Question 277: When launching SmartDashboard, what information is required ...; Question 278: Where is the easiest and BEST place to find information abou...; Question 279: What action can be performed from SmartUpdate R77?...; Question 280: You enable Hide NAT on the network object, 10.1.1.0 behind t...; Question 281: John Adams is an HR partner in the ACME organization. ACME I...; Question 282: John Adams is an HR partner in the ACME organization. ACME I...; Question 283: Which rule position in the Rule Base should hold the Cleanup...; Question 284: What mechanism does a gateway configured with Identity Aware...; Question 285: John Adams is an HR partner in the ACME organization. ACME I...; Question 286: Which of the following describes the default behavior of an ...; Question 287: When using vpn tu, which option must you choose if you only ...; Question 288: Which command gives an overview of your installed licenses?...; Question 289: You are a Security Administrator preparing to deploy a new H...; Question 290: One of your remote Security Gateway's suddenly stops sending...; Question 291: How can you configure an application to automatically launch...; Question 292: Which of the following commands can provide the most complet...; Question 293: Exhibit: (Exhibit) Chris has lost SIC communication with his...; Question 294: Where are custom queries stored in R77 SmartView Tracker?...; Question 295: Your shipping company uses a custom application to update th...; Question 296: What command syntax would you use to turn on PDP logging in ...; Question 297: Which rule is responsible for the installation failure? Exhi...; Question 298: Can you use Captive Portal with HTTPS?...; Question 299: Sally has a Hot Fix Accumulator (HFA) she wants to install o...; Question 300: Which of the following authentication methods can be configu...; Question 301: When configuring LDAP authentication, which of the following...; Question 302: What statement is true regarding Visitor Mode?...; Question 303: You want to configure a mail alert for every time the policy...; Question 304: You want to establish a VPN, using certificates. Your VPN wi...; Question 305: Which of the following statements is TRUE about management p...; Question 306: What CLI utility allows an administrator to capture traffic ...; Question 307: Which rule is responsible for the client authentication fail...; Question 308: What command syntax would you use to see accounts the gatewa...; Question 309: Which of the following is a viable consideration when determ...; Question 310: Several Security Policies can be used for different installa...; Question 311: Secure Internal Communications (SIC) is completely NAT-toler...; Question 312: What is the purpose of an Identity Agent?...; Question 313: Your bank's distributed R77 installation has Security Gatewa...; Question 314: Which of the following can be found in cpinfo from an enforc...; Question 315: Which SmartConsole component can Administrators use to track...; Question 316: You find that Users are not prompted for authentication when...; Question 317: In a distributed management environment, the administrator h...; Question 318: What happens when you run the command. fw sam -J src [Source...; Question 319: The technical-support department has a requirement to access...; Question 320: During which step in the installation process is it necessar...; Question 321: You are about to test some rule and object changes suggested...; Question 322: Choose the correct statement regarding Stealth Rules:...; Question 323: What is the Manual Client Authentication TELNET port?...; Question 324: Your company is still using traditional mode VPN configurati...; Question 325: Although SIC was already established and running, Joe reset ...; Question 326: Peter is your new Security Administrator. On his first worki...; Question 327: One of your remote Security Gateways suddenly stops sending ...; Question 328: Which of the following statements BEST describes Check Point...; Question 329: Which answer below best describes the Administrator Auditing...; Question 330: You are running the license_upgrade tool on your GAiA Gatewa...; Question 331: You enable Automatic Static NAT on an internal host node obj...; Question 332: What is the purpose of a Stealth Rule?...; Question 333: You install and deploy GAiA with default settings. You allow...; Question 334: When configuring the Check Point Gateway network interfaces,...; Question 335: You have three servers located in a DMZ, using private IP ad...; Question 336: What happens if the identity of a user is known?...; Question 337: Which of the following is a viable consideration when determ...; Question 338: Exhibit: (Exhibit) You installed Security Management Server ...; Question 339: You want to reset SIC between smberlin and sgosaka. (Exhibit...; Question 340: Security Gateway R77 supports User Authentication for which ...; Question 341: When attempting to connect with SecureClient Mobile you get ...; Question 342: Which of the following is true of the Cleanup rule?...; Question 343: You are installing a Security Management Server. Your securi...; Question 344: Which of the following R77 SmartView Tracker views will disp...; Question 345: What is the only SmartConsole you can open without a license...; Question 346: You are a Security Administrator who has installed Security ...; Question 347: The Identity Agent is a lightweight endpoint agent that auth...; Question 348: Which of the following is true of a Stealth Rule?...; Question 349: Which feature or command provides the easiest path for Secur...; Question 350: A snapshot delivers a complete GAiA backup. The resulting fi...

Question 159/350

LEAVE A REPLY

Download PDF File