You are concerned that your company’s servers might be vulnerable to an attack where a client fools a server into sending large amounts of data, using small packets. Which SmartDefense option should you use to protect the servers?
A. Network Security > Denial of Service > Non-TCP Flooding
B. Network Security > Denial of Service > LAND
C. Network Security > IP and ICMP > Block Null Payload ICMP
D. Network Security > TCP > Small PMTU
Your organization’s disaster recovery plan needs an update to the backup and restore section to realize the benefits of the new distributed VPN-1 NGX R76 installation. You want to document a
plan to meet the following required and desired objectives?
Required Objective: The security policy repository must be backed up no less frequently than every 24 hours? Desired Objective: The NGX components that enforce the Security Policies should be backed up no less frequently than once a week? Desired Objective: Back up NGX logs no less frequently than once a week Your disaster recovery plan is as follows:? Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure the organization’s routine backup software to back up the files created by the upgrade_export command? Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night? Use the cron utility to run the upgrade_export command each Saturday night on the Log Servers. Configure an automatic, nightly logswitch. Configure the organization’s routine backup software to back up the switched logs every night. Upon evaluation, your plan:
A. Does not meet the required objective
B. Meets the required objective and only one desired objective
C. Meets the required objective but does not meet either desired objective
D. Meets the required objective and both desired objectives
Which of the following generates an Eventia Report from its SQL database?
B. SmartDashboard Log Consolidator
C. Eventia Reporter Client
D. Eventia Reporter Server
You want to establish a VPN, using Certificates. Your VPN will exchange Certificates with an external partner. Which of the following activities should you do first?
A. Exchange exported CA keys and uses them to create a new server object to represent your partner’s Certificate Authority (CA).
B. Manually import your partner’s Access Control List.
C. Manually import your partner’s Certificate Revocation List.
D. Create a new logical-server object to represent your partner’s CA.
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
A. cpinfo date.cpinfo.txt
B. cpstat> date.cpstat.txt
C. netstat > date.netstat.txt
Antivirus protection on a VPN-1 Gateway is available for all of the following protocols, EXCEPT
By default, when you click File > Switch Active File from SmartView Tracker, the SmartCenter Server:
A. Prompts you to enter a filename, then saves the log file.
B. Saves the current log file, names the log file by date and time, and starts a new log file.
C. Purges the current log file, and starts a new log file.
D. Purges the current log, and prompts you for the new log’s mode.
Choose all correct statements. SmartUpdate, located on a VPN-1 NGX SmartCenter Server, allows you to
(1) Remotely perform a first time installation of VPN-1 NGX on a new machine.
(2) Determine OS patch levels on remote machines.
(3) Update installed Check Point and any OPSEC certified software remotely.
(4) Update installed Check Point software remotely.
(5) Track installed versions of Check Point and OPSEC products.
(6) Centrally manage licenses.
B. 1 & 4
D. 2, 4, 5, & 6
Which of the following statements about the Port Scanning feature of SmartDefense is TRUE?
A. When a port scan is detected, only a log is issued? Never an alert.
B. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
C. A typical scan detection is when more than 500 open inactive ports are open for a period of 120 seconds.
D. Port Scanning does not block scanning, it detects port scans with one of three levels of detection sensitivity
What is the command in SecurePlatform Expert shell used to add routes without the use of sysconfig or the WebUI?
C. sysconfig route
D. ip route