VPN-1/FireWall-1 Management I
Exam Questions, Answers,
Thanx to www.examcheets.com
for providing questions to me
In order to use Authentication Rules, you must define
What daemon is responsible for sending alerts to the
A. Inspection Daemon
B. Firewall-1 Daemon
C. Security Daemon
D. Encryption Daemon
E. Alerts Daemon
What three products are in the Firewall-1 product
A. Management module
B. Inspection module
C. NAT module
D. Routing module
E. Firewall module
Answer: A, B, E
What are external authentication schemes?
C. Firewall-1 Password
Answer: A, B, D, E
What log viewer mode can show you the content of a
user's HTTP connection?
Why would you want to mask a rule?
A. Useful for viewing a few rules, without being distracted
by other rules.
B. To prevent conflicts between rules and to test
C. To negate a rule.
D. To block an intruder.
In what column can you view the Source Port of a packet
in the log viewer?
Rule Base order is not important.
If you modify a user template, the change will affect
all future users created from the template.
In what log viewer mode would you see that a connection,
which was supposed to been TELNET, was actually used
to transfer file?
A. Security Log
B. Active connection Log
C. Accounting Log
D. Administrative Log
E. None of the above.
What encryption schemes are supported under Firewall-1?
A. FWZ, Manual IPSec, SKIP, IKE
B. FWZ, S/KEY, Manual IPSEC, PIKE
C. TACACS, S/KEY, FWZ, IKE
D. RADIUS, TACACS, S/KEY, Shared Secret
External users need to access an internal web server
behind a firewall installed on a Windows NT Server.
What must you configure?
A. Configure static destination NAT and edit local.arp
on the firewall.
B. Configure static source NAT and edit local.arp
on the firewall.
C. Configure static destination NAT and configure
the policy properties.
D. Configure static source NAT and configure the policy
What is true regarding Static Source mode address
A. Hides one or more invalid/reserved IP addresses
behind one legal address.
B. Translates legal internal IP addresses to invalid/reserved
IP addresses when packets enter an internal network.
C. Translated invalid/reserved internal IP address
to legal IP addresses when packets exit an internal
D. Translated public/valid IP addresses when packets
exit an internal network.
When you log on to the Policy Editor GUI, what three
options must you enter?
A. Username, Password, Firewall name or IP address.
B. Username, Password, Management station name or
C. Username, Password, Client Workstation name or
D. Username, Password, Management station or Firewall
name or IP address.
You must define a FW-1 Administrator during setup.
If Inbound is selected from the policy properties,
apply rules to interface direction tab, no packets
will be checked from the internal network.
Where can you see the packets dropped since the last
A. Active connection log
B. Accounting entries log
C. Security log
D. System status
Which GUI can see the length of a packet?
A. Policy Editor
B. System Status
C. Log Viewer
D. Encryption Module