Check Point Security Administration NGX III
Hi to all and thanks to www.exams.ws and www.4exam.com
But there’s no need to have it from both of them,
only questions from only one are sufficient I think. Here
is my contribution.
QUESTION NO: 1
Which of the following explanations best describes the
command fw Islogs?
A. Display a remote machine's log-file list.
B. Create a new log file. The old log has moved.
C. Control kernel.
D. Send signal to a daemon.
E. Display protected hosts.
QUESTION NO: 2
Which of the following Iw monitor commands only captures
traffic between IP addresses 192.168.11.1 and 10.10.10.1?
A. Iw monitor-e accept src=192.168.11.1 or dst=192.168.11.1
or src=10.10.10.1 or dst=10.10.10.1;"
B. Iw monitor-e accept src=192.168.11.1 or dst=192.168.11.1;
src=10.10.10.1 or dst=10.10.10.1;"
C. fw monitor-e accept src=192.168.111 and dst=192.168.11.1;
src=10.10.10.1 and dst=10.10.10.1;"
D. tw monitor-e accept src=192.168.11.1 or dst=192.168.11.1;
and src=10.10.10.1 or dst=10.10.10.1;"
E. Iw monitor-e accept (src=192.168.11.1 and dst=10.10.10.1)
or (src=10.10.10.1 and dst=192.168.11.1);"
QUESTION NO: 3
How do you run fw ctl debug, to see all information
about a cluster?
A. tw ct debug cluster all tw ct debug > output twct
B. tw ct pstat
tw ct debug all
tw ct debug > out
C. twct debug uf1024 Iw ct debug cluster all tw ct kdebug
D. Iw ct debug on
Iw ct debug cluster all
Iw ct kdebug > output
E. Iw ct debug on fwct debug uf1024 tw ct debug cluster
all tw ct kdebug > output
QUESTION NO: 4
Gus is troubleshooting a problem with SMTP. He has enabled
debugging on his Security Gateway and needs to copy
the * elg files into an archive to send to Check Point
Support. Which of the following files does Gus NOT need
QUESTION NO: 5
To stop the sr_service debug process, you must first
stop VPN-1 SecureClient, delete which of the following
files, and restart SecureClient?
E. sr users.all
QUESTION NO: 6
Which files should be acquired from a Windows 2003 Server
system crash with a Dr. Watson error?
E. info, log
QUESTION NO: 7
You modified the *def file on your Security Gateway,
but the changes were not applied. Why?
A. There is more than one *. def file on the Gateway.
B. You did not have the proper authority.
C. * def files must be modified on the SmartCenter Server.
D. The *. def file on the Gateway is read-only.
QUESTION NO: 8
Which of the following commands would you run to debug
a VPN connection?
A. debug vpn ike
B. debug vpn ikeon
C. vpn debug ike
D. debug vpn ike on
E. vpn debug ikeon
QUESTION NO: 9
Which of the following processes controls Secure Internal
Communications, Policy installation, and shared-management
capabilities between Check Point products and OPSEC-partner
D. fw monitor
QUESTION NO: 10
How do you disable all fw debug logging?
A. fw ctl debug
B. fw ctl debug uf
C. fw ctl debug
QUESTION NO: 11
The virtual machine inspects each packet at the following
-Before the virtual machine, in the inbound direction
(i or PREIN) -After the virtual machine, in the inbound
direction (I or POSTIN) -Before the virtual machine,
in the outbound direction (o or PREOUT) -After the virtual
machine, in the outbound direction (0 or POSTOUT)
If Ethereal displays a packet with i, I, o, and 0 entries,
what does that likely indicate?
A. The packet was rejected by the Rule Base.
B. The packet was destined for the Gateway.
C. Nothing unusual; the o and 0 entries only appear
if there is a kernel-level error.
D. The packet was rerouted by the Gateway's OS.
E. The packet arrived at the kernel and left the Security