156-215.77 Free Practice Test

Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours.
How do you create this schedule?

1. A. On a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.
2. B. Create a time object, and add 48 hours as the interva
3. C. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
4. D. Create a time object, and add 48 hours as the interva
5. E. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.
6. F. Create a time object, and add 48 hours as the interva
7. G. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.

Correct Answer: B

Study the Rule base and Client Authentication Action properties screen -

After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user?

1. A. user is prompted for authentication by the Security Gateway again.
2. B. FTP data connection is dropped after the user is authenticated successfully.
3. C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication.
4. D. FTP connection is dropped by Rule 2.

Correct Answer: C
Manual Users must use either telnet to port 259 on the firewall, or use a Web browser to connect to port 900 on the firewall to authenticate before being granted access.
# Partially Automatic If user authentication is configured for the service the user is attempting to access and they pass this authentication, then no further client authentication is required. For example, if HTTP is permitted on a client authentication rule, the user will be able to transparently authenticate since FireWall-1 has a security server for HTTP.Then, if
this setting is chosen, users will not have to manually authenticate for this connection. Note that this applies to all services for which FireWall-1 has built-in security servers (HTTP, FTP, telnet, and rlogin).
# Fully Automatic If the client has the session authentication agent installed, then no further client authentication is required (see session
authentication below). For HTTP, FTP, telnet, or rlogin, the firewall will authenticate via user authentication, and then session authentication will be used to authenticate all other services.
http://www.syngress.com
Figure 6.19 Client Authentication Action Properties 278 Chapter 6 • Authenticating Users
# Agent Automatic Sign On Uses session authentication agent to provide transparent authentication (see session authentication below).
# Single Sign-On System Used in conjunction with UserAuthority servers to provide enhanced application level security. Discussion of UserAuthority is beyond the scope of this book.

Review the rules.

Assume domain UDP is enabled in the impled rules.
What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

1. A. can connect to the Internet successfully after being authenticated.
2. B. is prompted three times before connecting to the Internet successfully.
3. C. can go to the Internet after Telnetting to the client authentication daemon port 259.
4. D. can go to the Internet, without being prompted for authentication.

Correct Answer: D

Which of the following items should be configured for the Security Management Server to authenticate via LDAP?

1. A. Check Point Password
2. B. Active Directory Server object
3. C. Windows logon password
4. D. WMI object

Correct Answer: B

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?

1. A. Create a new logical-server object to represent your partner’s CA.
2. B. Exchange exported CA keys and use them to create a new server object to represent your partner’s Certificate Authority (CA).
3. C. Manually import your partner’s Certificate Revocation List.
4. D. Manually import your partner’s Access Control List.

Correct Answer: B