Exam A
You can tell if CPMAD is enabled because you see the message “FireWall-1: Starting cpmad (Malicious Activity Detection)” whenyou perform a fwstart. True of false?
A. False
B. True

Correct Answer: A QUESTION 2
When installing FW-1 on a Windows NT platform, what state should IP forwarding be in for correct FW-1 operation?
A. Enabled
B. Disabled

Correct Answer: A QUESTION 3
What is true about detecting “blocked connection port scanning”?
A. It requires less memory than general port scanning
B. It is less secure than general port scanning
C. It is more secure than general port scanning
D. It requires more memory than general port scanning

Correct Answer: AB QUESTION 4
In a load sharing MEP environment accessed by secuRemote.What is true about gateway selection?
A. SecuRemote will choose the gateway closest to the server
B. SecuRemote will use the first gateway to respond
C. SecuRemote will chose the gateway randomly
D. SecuRemote will prefer its primary gateway if both respond

Correct Answer: C QUESTION 5
Which two types of overlapping encryption domains are supported by FW-1?
A. Partial overlap
B. Full overlap
C. Proper subset
D. Partial subset

Correct Answer: BC QUESTION 6
What does LDAP stand for?
A. Link level Direct Access Process
B. Layered Directory Administration Protocol
C. Layer Dependent Administration process
D. Lightweight Directory Access Protocol

Correct Answer: D QUESTION 7
By default a Windows NT platform enables both TCP/IP and IPX. What does FW-1 do with any IPX traffic?
A. Logs it, then drops it
B. Allows it through without being inspected
C. Drops all traffic regardless
D. Inspects the traffic and decide whether to allow it through

Correct Answer: B QUESTION 8
When using IP pools for MEP VPN access, where would you specify the pool to be used for a particular gateway?
A. The NAT screen of the gateway’s properties configuration
B. The ADVANCED screen of the gateway’s properties configuration
C. The VPN screen of the gateway’s properties screen
D. The TOPOLOGY screen of the gateway’s properties configuration

Correct Answer: A QUESTION 9
What is the maximum limit to the number of secondary management modules allowed?
A. No limit
B. 4
C. 2
D. 1
E. 8

Correct Answer: A QUESTION 10
What is a land attack?
A. It causes incomplete TCP connections
B. It involves gaining access by imitating an authorized IP address
C. It involves scanning for ports on an IP address that will allow access
D. It causes a server to send packets to itself