How can you completely tear down a specific VPN tunnel in an intranet IKE VPN deployment?
How can you completely tear down a specific VPN tunnel in an intranet IKE VPN deployment?
What is the correct order of steps?
Your VPN Community includes three Security Gateways. Each Gateway has its own internal network defined as a VPN Domain. You must test the VPN-1 NGX route-based VPN feature, without stopping the VPN. What is the correct order of steps?
Which of the following configurations is MOST appropriate for Jerry?
Jerry is concerned that a denial-of-service (DoS) attack may affect his VPN Communities. He decides to implement IKE DoS protection. Jerry needs to minimize the performance impact of implementing this new protection. Which of the following configurations is MOST appropriate for Jerry?
Which component functions as the Internal Certificate Authority for VPN-1 NGX?
Which component functions as the Internal Certificate Authority for VPN-1 NGX?
How do you configure VPN routing in this star VPN Community?
Your organization has many VPN-1 Edge gateways at various branch offices, to allow VPN-1 SecureClient users to access company resources. For security reasons, your organization’s Security Policy requires all Internet traffic initiated behind the VPN-1 Edge gateways first be inspected by your headquarters’ VPN-1 Pro Security Gateway. How do you configure VPN routing in this star VPN Community?
Which Check Point software package do you install?
You plan to install a VPN-1 Pro Gateway for VPN-1 NGX at your company’s headquarters. You have a single Sun SPARC Solaris 9 machine for VPN-1 Pro enterprise implementation. You need this machine to inspect traffic and keep configuration files. Which Check Point software package do you install?
where is the Internal Certificate Authority (ICA) installed?
In a distributed VPN-1 Pro NGX environment, where is the Internal Certificate Authority (ICA) installed?
Which of the following services is NOT provided by a CIFS resource?
VPN-1 NGX includes a resource mechanism for working with the Common Internet File System (CIFS). However, this service only provides a limited level of actions for CIFS security. Which of the following services is NOT provided by a CIFS resource?
What is the correct procedure?
You have a production implementation of Management High Availability, at version VPN-1 NG with Application Intelligence R55. You must upgrade your two SmartCenter Servers to VPN-1 NGX. What is the correct procedure?
How do you configure the FTP resource object and the action column in the rule to achieve this goal?
You have an internal FTP server, and you allow downloading, but not uploading. Assume Network Address Translation is set up correctly, and you want to add an inbound rule with: Source: Any Destination: FTP server Service: an FTP resource object.
How do you configure the FTP resource object and the action column in the rule to achieve this goal?