Don't Make The Mistake I Made With CCSA NGX

[david]

dean7711, correct the change would take effect on both polices.
good luck with the exam

[pgovindg]

Hi,
Iam unable download please mail it to pgovindg@yahoo.com

Thanks in advance
http://rapidshare.de/files/28774842/...5_V14.pdf.html[/quote]

[lkinhoe]

Hi all,

I have a couple of questions regarding the testking dump, i have 3 questions that are ambiguity and not certain with the answers, can you guys help to clarify ?

Q61. Testking answer: E
My answer: D
reason: katie didnt create any explicit rules.

Q107. Testking answer: A
My answer: B
reason: need not to enter arp entry and route for security gateway os

Q109. Testking answer: Pending
My answer: C
reason: accomplished all objectives except didnt configure schedule routine backup for ngx components that enforce security policy.

Q118. Testking answer: E
My answer: B
reason: admin didnt buy new hardware and can reduce rulebase without reduce security by using object.


Thanks in advance here.

[firewalz]

Q61
Step 1 takes care of required result 1
Step 2 takes care of desired result 1
Step 3 takes care of required result 2
and by using Global properties she is not creating any explicit rules and therefore meets desired result 3. So the answer is E. IMO

I have a few myself.
Q68
they say E
I say B: I have resently installed R61 smartcenter and set up SIC during installation, although E may be a valid ans. as well

Q71
they say D
I say B: Tess wants to translate src. "only when 10.10.20.0 is using http,smtp and ftp, you would have to create a nat rule specifying these services. answer should be B.

[gejlug]

I don't think 68 answer is B, since based from Justin Menga book page 69, during installation of smart center server, an ICA (not SIC certificates) is automatically created. SIC itself as a whole uses the certificates generated by ICA for the communications between smart center server and enforcement module.

It might be a little confusing, and on page 70 point no.5 it says: Once all SVN components possess certifcates signed by ICA, each component can authenticate other SVN components by checking the ICA signature on each certificate.

So I think E is still the best answer, since each components will have this certificates and SIC will be using it as a method of authentication, what do guys think ?

[firesec]

Hi guys,

You shoudn't rely only on the TestKing for the exam. I've failed today the exam with 67% and I think at least 30 questions from the exam weren't in the current testking version. I think some of the questions from testking were also wrong. I think I was very prepaired for the exam but, you really need some experience if you want to pass the exam without problems. The most difficult questions were from NAT.
Good luck !

[firewalz]

I agree 100%, but testking can be useful for showing you the types of questions you will see on the test and the general format (especially if you have never taken a CP test), also by discussing and investigating answers you are learning the material.

[gejlug]

that's what i did, hopefully i can pass the test this saturday.

[leogoesrj]

I passed 156-215.1 with 81% of score. Now reviewing most of the questions, i think i couldnt have a better score because i relied some of my answers with TestKing.

Lets exchange some infos!!

[dickytoo]

The testking is good as a prompt. I found it a good exercise to use the testking to force me to read up my notes and the documentation to confirm the answer.


I don't think they do enough checking with regards to the answers. I gave them some feedback and they accepted my suggestions verbatim. I also noticed they updated the ccse exam with the incorrect answer although they had the correct answer in the first place!

[gejlug]

107 answer is A, arp & routing required for manual nat
B doesn't meet the requirement to make NAT only happens between webdallas and remote net.

[sail4fun]

I got a few nice tip' from you all, and scored 74% today :-)

[bronzelee]

Yes of cource I want to personally thank the forum for their help and posts for assisting me is passing my ccsa ngx yesterday with a score of 82%.

Regards,

[firesec]

Hi all,

I just saw that TestKing has updated the 156-215.1 exam. Please tell me if there are essential modification because the current version of the exam has a lot of questions not included in the version 14 of testking.
Thanks

[dean7711]

yea i have version 14 and i am interested to see if there are any changes. Please could someone identify if the same questions are included in the 121 questions from V14 or are they just updated answers?

[Xsaitanek]

I passed NGX 215.1 today with 85%. Almost every question was from the TKv14. But I advise to study hard Checkpoint documentation and have some experience with real usage of VPN-1 NGX product. Don't rely on TK answers, many are wrong. If youre in doubt, seach the topic in doc or ask on this forum.

Thanks all on this forum for advises!

[dean7711]

Yes like this one in V14.

QUESTION NO: 101
How can you reset the password of the Security Administrator, which was created
during initial installation of the SmartCenter Server on SecurePlatform?
A. Launch cpconfig and select "Administrators".
B. Launch SmartDashboard, click the admin user account, and overwrite the existing
Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security
Administrator's password.
D.
Export the user database into an ASCII file with fwm dbexport. Open this file with an
editor, and delete the "Password" portion of the file. The log in to the account without
password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator's account. Recreate the account with the
same name.


Testking says B but I believe it is E or possibly A? I ave no exepriance with a live enviroment so i do not know. Is there anyone who have bult a firewall here know the correct answer?

Thanks

[leogoesrj]

Quote:

Originally Posted by dean7711

Yes like this one in V14.

QUESTION NO: 101
How can you reset the password of the Security Administrator, which was created
during initial installation of the SmartCenter Server on SecurePlatform?
A. Launch cpconfig and select "Administrators".
B. Launch SmartDashboard, click the admin user account, and overwrite the existing
Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security
Administrator's password.
D.
Export the user database into an ASCII file with fwm dbexport. Open this file with an
editor, and delete the "Password" portion of the file. The log in to the account without
password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator's account. Recreate the account with the
same name.


Testking says B but I believe it is E or possibly A? I ave no exepriance with a live enviroment so i do not know. Is there anyone who have bult a firewall here know the correct answer?

Thanks

That question is right, you can change the administrator login in SmartDashboard or in the configuration application in Windows.

[firesec]

Hey,

This is really a tricky question because in NGX R60 you cannot change the admin password from SmartDashboard. In NGX R61 you can do that. I also put A but the right answer is B !

[dean7711]

[quote=solara;6825]

Quote:

Originally Posted by david

this is just my understanding, may be wrong ;-)

I think you're right, the answer is E

------------------------------------------

Do we have confirmation on this answer because its twice I have failed NAT now with 25% and I have read the syngress book etc and still cannot decide whether its C or E.