|
Braindumps
of 156-205
VPN-1/FireWall-1 Management I
Exam Questions, Answers,
Braindumps (156-205)
Thanx to www.examcheets.com
for providing questions to me
QUESTION 1
In order to use Authentication Rules, you must define
User Groups.
A. True
B. False
Answer: A
QUESTION 2
What daemon is responsible for sending alerts to the
management station?
A. Inspection Daemon
B. Firewall-1 Daemon
C. Security Daemon
D. Encryption Daemon
E. Alerts Daemon
Answer: B
QUESTION 3
What three products are in the Firewall-1 product
line?
A. Management module
B. Inspection module
C. NAT module
D. Routing module
E. Firewall module
Answer: A, B, E
QUESTION 4
What are external authentication schemes?
A. SecureID
B. RADIUS
C. Firewall-1 Password
D. AXENT
E. TACACS
F. S/KEY
Answer: A, B, D, E
QUESTION 5
What log viewer mode can show you the content of a
user's HTTP connection?
A. Source
B. Origin
C. S_Port
D. Port
Answer: E
QUESTION 6
Why would you want to mask a rule?
A. Useful for viewing a few rules, without being distracted
by other rules.
B. To prevent conflicts between rules and to test
rules.
C. To negate a rule.
D. To block an intruder.
Answer: A.
QUESTION 7
In what column can you view the Source Port of a packet
in the log viewer?
A. Service
B. Proto
C. S_Port
D. Source
Answer: C
QUESTION 8
Rule Base order is not important.
A. True
B. False
Answer: B
QUESTION 9
If you modify a user template, the change will affect
all future users created from the template.
A. False
B. True
Answer: B
QUESTION10
In what log viewer mode would you see that a connection,
which was supposed to been TELNET, was actually used
to transfer file?
A. Security Log
B. Active connection Log
C. Accounting Log
D. Administrative Log
E. None of the above.
Answer: E
QUESTION 11
What encryption schemes are supported under Firewall-1?
A. FWZ, Manual IPSec, SKIP, IKE
B. FWZ, S/KEY, Manual IPSEC, PIKE
C. TACACS, S/KEY, FWZ, IKE
D. RADIUS, TACACS, S/KEY, Shared Secret
Answer: A
QUESTION 12
External users need to access an internal web server
behind a firewall installed on a Windows NT Server.
What must you configure?
A. Configure static destination NAT and edit local.arp
on the firewall.
B. Configure static source NAT and edit local.arp
on the firewall.
C. Configure static destination NAT and configure
the policy properties.
D. Configure static source NAT and configure the policy
properties.
Answer: A
QUESTION 13
What is true regarding Static Source mode address
translation?
A. Hides one or more invalid/reserved IP addresses
behind one legal address.
B. Translates legal internal IP addresses to invalid/reserved
IP addresses when packets enter an internal network.
C. Translated invalid/reserved internal IP address
to legal IP addresses when packets exit an internal
network.
D. Translated public/valid IP addresses when packets
exit an internal network.
Answer: C
QUESTION 14
When you log on to the Policy Editor GUI, what three
options must you enter?
A. Username, Password, Firewall name or IP address.
B. Username, Password, Management station name or
IP address.
C. Username, Password, Client Workstation name or
IP address.
D. Username, Password, Management station or Firewall
name or IP address.
Answer: B
QUESTION 15
You must define a FW-1 Administrator during setup.
A. True
B. False
Answer: A
QUESTION 16
If Inbound is selected from the policy properties,
apply rules to interface direction tab, no packets
will be checked from the internal network.
A. True
B. False
Answer: B
QUESTION 17
Where can you see the packets dropped since the last
reboot?
A. Active connection log
B. Accounting entries log
C. Security log
D. System status
Answer: D
QUESTION 18
Which GUI can see the length of a packet?
A. Policy Editor
B. System Status
C. Log Viewer
D. Encryption Module
Answer: C
156-205
|
