Q301. You are working with three other Security Administrators. Which SmartConsole component can be used to monitor changes to rules or object properties made by the other administrators? 

A. Eventia Monitor 

B. SmartView Monitor 

C. SmartView Tracker 

D. Eventia Tracker 

Answer: C 

Q302. Whitfield Diffie and martin Hellman gave their names to what standard? 

A. An encryption scheme that makes pre-shared keys obsolete 

B. An algorithm that is used in IPsec QuickMode and as an additional option in IPsec QuickMode (PFS) 

C. A Key Exchange Protocol for the advanced Encryption Standard 

D. A Key Agreement / Derivation Protocol that constructs secure keys over an insecure channel. 

Answer: D 

Q303. The fw monitor utility would be best to troubleshoot which of the following problems? 

A. An error occurs when editing a network object in SmartDashboard 

B. A statically NATed Web server behind a Security Gateway cannot be reached from the Internet. 

C. You get an invalid ID error in SmartView Tracker for phase 2 IKE key negotiations. 

D. A user in the user database is corrupt. 

Answer: B 

Q304. What command syntax would you use to see accounts the gateway suspects are service accounts? 

A. pdp check_log 

B. adlog check__acoounts 

C. pdp show service 

D. adlog service_accounts 

Answer: D 

Q305. How do you define a service object for a TCP port range? 

A. Manage Services / New TCP, provide name and define port: x-y 

B. Manage Services / New Group, provide name and add all service ports for range individually to the group object 

C. Manage Services / New Other, provide name and define protocol: 17, Range: x-y 

D. Manage Services / New Other, provide name and define protocol: x-y 

Answer: A 

Q306. In previous versions, the full TCP three-way handshake was sent to the firewall kernel for inspection. How is this improved in the current version of IPSO Flows/SecureXL? 

A. Only the initial SYN packet is inspected. The rest are handled by IPSO. 

B. Packets are offloaded to a third-party hardware card for near-line inspection. 

C. Packets are virtualized to a RAM drive-based FW VM. 

D. Resources are proactively assigned using predictive algorithmic techniques. 

Answer: A 

Q307. You are creating an output file with the following command: 

fw monitor -e "accept (src= or dst=;" -o ~/output Which tool do you use to analyze this file? 

A. You can analyze it with Wireshark or Ethereal. 

B. You can analyze the output file with any ASCI editor. 

C. The output file format is CSV, so you can use MS Excel to analyze it. 

D. You cannot analyze it with any tool as the syntax should be:fw monitor -e accept ([12,b]= or [16,b]=; -o ~/output. 

Answer: A 

Q308. Which command gives an overview of your installed licenses? 

A. cplic print 

B. showlic 

C. cplicense 

D. lic print 

Answer: A 

Q309. What is the bit size of a DES key? 

A. 112 

B. 168 

C. 56 

D. 64 

Answer: C 

Q310. Your company has two headquarters, one in London, and one in New York. Each office includes several branch offices. The branch offices need to communicate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of: 

A. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the center of the Community and its branches as satellites. The mesh Community includes only New York and London Gateways. 

B. One star Community with the option to "mesh" the center of the star: New York and London Gateways added to the center of the star with the mesh canter Gateways option checked, all London branch offices defined m one satellite window, but all New York branch offices defined m another satellite window. 

C. Two mesh and one star Community One mesh Community is set up for each of the headquarters and its branch offices The star Community is configured with London as the center of the Community and New York is the satellite. 

D. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one f;or London and New York headquarters. 

Answer: A 

