Your customer wishes to install the SmartConsole on a Windows system. What are the minimum hardware requirements for R75? Give the BEST answer.
A. 500 MB Free disk space and 512 MB RAM
B. 1 GB Free disk space and 512 MB RAM
C. 1 GB Free disk space and 1 GB RAM
D. 512 MB Free disk space and 1 GB RAM
A Clean-up rule is used to:
A. Drop without logging connections that would otherwise be dropped and logged fry default
B. Log connections that would otherwise be accepted without logging by default.
C. Log connections that would otherwise be dropped without logging by default.
D. Drop without logging connections that would otherwise be accepted and logged by default
Which of the following is NOT a valid selection for tracking and controlling packets in R75?
A. Reject
B. Accept
C. Hold
D. Session Auth
One of your remote Security Gateway's suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the Security Management Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic Gateway object you receive an error message. What is the problem?
A. There is no connection between the Security Management Server and the remote Gateway. Rules or routing may block the connection.
B. The remote Gateway's IP address has changed, which invalidates the SIC Certificate.
C. The time on the Security Management Server's clock has changed, which invalidates the remote Gateway's Certificate.
D. The Internal Certificate Authority for the Security Management Server object has been removed from objects_5_0.C.
How are cached usernames and passwords cleared from the memory of a R75 Security Gateway?
A. By retrieving LDAP user information using the command fw fetchldap
B. By using the Clear User Cache button in Smart Dashboard
C. Usernames and password only clear from memory after they time out
D. By installing a Security Policy
The third-shift Administrator was updating Security Management Server Access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?
A. Delete the file sdmin.lock in the Security Management Server directory $PWDIR/tmp/
B. The fwn lock_admin u
C. Type fwn unlock_admin u from the Security Gateway command line
D. Type fwn unlock_admin from the Security Management Server Command line
Which of the following items should be configured for the Security Management Server to authenticate via LDAP?
A. Windows logon password
B. Active Directory Server object
C. WMI object
D. Check Point Password
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a
set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the
gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
He has received a new laptop and wants to access the HR Web Server from anywhere in the organization.
The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk.
The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop
with a static IP (10.0.0.19).
He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs
the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server
from any machine and from any location and installs policy.
John plugged in his laptop to the network on a different network segment and was not able to connect to
the HR Web server. What is the next troubleshooting step?
A. John should install the Identity Awareness Agent
B. Investigate this as a network connectivity issue
C. After enabling Identity Awareness, reboot the gateway
D. He should lock and unlock the computer
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
A. TACAS
B. Check Point Password
C. Windows password
D. LDAP
R75's INSPECT engine inserts itself into the kernel between which two OSI model layers?
A. Physical and Data
B. Session and Transport
C. Data and Network
D. Presentation and Application
