In ____________ NAT, the ____________ is translated.
Correct Answer: A
Question 157
Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.
Correct Answer: A
A policy package is a collection of different types of policies. After installation, the Security Gateway enforces all the policies in the package. A policy package can have one or more of these policy types: * Access Control - consists of these types of rules: - Firewall - NAT - Application Control and URL Filtering - Data Awareness * QoS * Desktop Security - the Firewall policy for endpoint computers that have the Endpoint Security VPN remote access client installed as a standalone client. * Threat Prevention - consists of: - IPS - IPS protections continually updated by IPS Services - Anti-Bot - Detects bot-infected machines, prevents bot damage by blocking bot commands and Control (C&C) communications - Anti-Virus - Includes heuristic analysis, stops viruses, worms, and other malware at the gateway - Threat Emulation - detects zero-day and advanced polymorphic attacks by opening suspicious files in a sandbox The installation process: * Runs a heuristic verification on rules to make sure they are consistent and that there are no redundant rules. If there are verification errors, the policy is not installed. If there are verification warnings (for example, if anti- spoofing is not enabled for a Security Gateway with multiple interfaces), the policy package is installed with a warning. * Makes sure that each of the Security Gateways enforces at least one of the rules. If none of the rules are enforced, the default drop rule is enforced. * Distributes the user database and object database to the selected installation targets. Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/ CP_R80_SecMGMT/119225
Question 158
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
Correct Answer: B
AD Query extracts user and computer identity information from the Active Directory Security Event Logs. The system generates a Security Event log entry when a user or computer accesses a network resource. For example, this occurs when a user logs in, unlocks a screen, or accesses a network drive. Reference : https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/6240 2.htm
Question 159
The Firewall kernel is replicated multiple times, therefore:
Correct Answer: D
Explanation
Question 160
Which of the following technologies extracts detailed information from packets and stores that information in state tables?
