In a distributed VPN-1 Pro NGX environment, where is the Internal Certificate Authority (ICA) installed?
You plan to install a VPN-1 Pro Gateway for VPN-1 NGX at your company’s headquarters. You have a single Sun SPARC Solaris 9 machine for VPN-1 Pro enterprise implementation. You need this machine to inspect traffic and keep configuration files. Which Check Point software package do you install?
You are reviewing SmartView Tracker entries, and see a Connection Rejection on a Check Point QoS rule. What causes the Connection Rejection?
Where can a Security Administrator adjust the unit of measurement (bps, Kbps or Bps), for Check Point QoS bandwidth?
Which of the following actions is most likely to improve the performance of Check Point QoS?
You have an internal FTP server, and you allow downloading, but not uploading. Assume Network Address Translation is set up correctly, and you want to add an inbound rule with: Source: Any Destination: FTP server Service: an FTP resource object.
How do you configure the FTP resource object and the action column in the rule to achieve this goal?
Cody is notified by blacklist.org that his site has been reported as a spam
relay, due to his SMTP Server being unprotected. Cody decides to implement an SMTP Security Server, to prevent the server from being a spam relay. Which of the following is the most efficient configuration method?
Which Check Point QoS feature marks the Type of Service (ToS) byte in the IP header?
Your company has two headquarters, one in London, one in New York.
Each headquarters includes several branch offices. The branch offices only need to communicate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for VPN Communities among the branch offices and their headquarters, and between the two headquarters? VPN Communities comprised of:
Yoav is a Security Administrator preparing to implement a VPN solution for his multi-site organization. To comply with industry regulations, Yoav’s VPN solution must meet the following requirements:
Key management: Automatic, external PKI
Session keys: Changed at configured times during a connection’s lifetime Key length: No less than 128-bit Data integrity: Secure against inversion and brute-force attacks
What is the most appropriate setting Yoav should choose?