Problems sometimes occur when distributing IPSec packets to a few machines in a Load Sharing
Multicast mode cluster, even though the machines have the same source and destination IP
addresses. What is the best Load Sharing method for preventing this type of problem?

Jacob is using a mesh VPN Community to create a sitE. to-site VPN. The VPN properties in this mesh
Community display in this graphic: Which of the following statements is TRUE?

Rachel is the Security Administrator for a university. The university’s FTP servers have old hardware
and software. Certain FTP commands cause the FTP servers to malfunction. Upgrading the FTP
servers is not an option at this time. Which of the following options will allow Rachel to control
which FTP commands pass through the Security Gateway protecting the FTP servers?

You are reviewing Smart View Tracker entries, and see a Connection Rejection on a Check Point QoS
rule. What causes the Connection Rejection?

Wayne configures an HTTP Security Server to work with the content vectoring protocol to screen
forbidden sites. He has created a URI resource object using CVP with the following settings:
Use CVP Allow CVP server to modify content
Return data after content is approved
He adds two rules to his Rule Base: one to inspect HTTP traffic going to known forbidden sites, the
other to allow all other HTTP traffic.
Wayne sees HTTP traffic going to those problematic sites is not prohibited.
What could cause this behavior?

You want to block corporate internal-net and local net from accessing Web sites containing
inappropriate content. You are using Web Trends for URL filtering. You have disabled VPN-1 Control
connections in the Global properties. Review the diagram and the Security Policies for GW_A and
GW_B in the exhibit provided.

Corporate users and localnet users receive message “Web cannot be displayed”. In Smart View
Tracker, you see the connections are dropped with message “content security is not reachable”.
What is the problem, and how do you fix it?

VPN-1 NGX includes a resource mechanism for working with the Common Internet File System
(CIFS). However, this service only provides a limited level of actions for CIFS security. Which of the
following services is NOT provided by a CIFS resource?

Your organization has many VPN-1 Edge gateways at various branch offices, to allow VPN-1 Secure
Client users to access company resources. For security reasons, your organization’s Security Policy
requires all Internet traffic initiated behind the VPN-1 Edge gateways first be inspected by your
headquarters’ VPN-1 Pro Security Gateway. How do you configure VPN routing in this star VPN
Community?

Robert has configured a Common Internet File System (CIFS) resource to allow access to the public
partition of his company’s file server, on \\erisco\goldenapple\files\public. Robert receives reports
that users are unable to access the shared partition, unless they use the file server’s IP address.
Which of the following is a possible cause?

You want to create an IKE VPN between two VPN-1 NGX Security Gateways, to protect two
networks. The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind
the peer’s Gateway. Which type of address translation should you use, to ensure the two networks
access each other through the VPN tunnel?