Testking Wrong answers. Identify here!!

[dean7711]

Hey all.

As you are all probably aware there are many questions in the testking (latest being V14 which are wrong.

Please use this thread to identify them and debate......

[dean7711]

I will start things off with this one.......


QUESTION NO: 106
You have blocked an IP address via the Block Intruder feature of SmartView
Tracker. How can you see the addresses you have blocked?
A. In SmartView Status click the Blocked Intruder tab.
B. Run fwm blocked_view.
C. Run fw sam -va.
D. Run fw tab -t sam_blocked_ips.
E. In SmartView Tracker, click the Active tab, and the actively blocked connections
display.
Answer: D

--------------------------

Testking Answer D fw tab is nothing to do with blocked connections and to do with the kernel table (see R60 command PDF).

C would be a good answer if "-va" actually existed which as far as I have researched does not.

I believe the answer must be E.

Please debate and submit any other doubts for any other TK questions....

[david]

i think the correct answer is D

from the syngres book,

"each time you manually block an intruder in tracker, the gateway adds an entry to its sam_blocked_ips database"

[dean7711]

Your right, I could not see that in R61. Does active mode in smartview tracker show blocked connections also? In Demo mode it appears it does??

[firesec]

Yeah, for sure the right answer is D. (Syngress book page 167,168)

[prasad]

Hi Everyone,

QUESTION 101

How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?

A. Launch cpconfig and select "Administrators".
B. Launch SmartDashboard, click the admin user account, and overwrite the existing
Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security
Administrator's password.
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an
editor, and delete the "Password" portion of the file. The log in to the account without
password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

Answer according to Testking it is B

In windows version I tried to change the admin password which was created initially. We cannot change the password by Smartdashboard as there is no option to change the password the default administrator password created initally at the time of installation.

We need to type cpconfig on the Enforcement module select administrators and then change the password. So the answer should be A

Please let me know your comments....

Thanks and Regards,

Bhaskar Prasad

[huggins]

Quote:

Originally Posted by prasad

Hi Everyone,

QUESTION 101

How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?

A. Launch cpconfig and select "Administrators".
B. Launch SmartDashboard, click the admin user account, and overwrite the existing
Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security
Administrator's password.
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an
editor, and delete the "Password" portion of the file. The log in to the account without
password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

Answer according to Testking it is B

In windows version I tried to change the admin password which was created initially. We cannot change the password by Smartdashboard as there is no option to change the password the default administrator password created initally at the time of installation.

We need to type cpconfig on the Enforcement module select administrators and then change the password. So the answer should be A

Please let me know your comments....

Thanks and Regards,

Bhaskar Prasad

I also think the correct answer should be A!!! Because I have a nokia IP260 and running checkpoint R60, I can't change the password in the smartdashboard, so I think A is right!!!

[cbrandst@gmail.com]

FYI, I sent in a correct answer to feedback@testking.com and they gave me a 3 dollar credit towards my next TestKing purchase. It's not much be at least it was something. I also sent an update to some of the wording on one of the answers. Both changes showed up in the next update which was only a few days later. Kinda cool. Of coarse this doesn't help those who haven't purchased the material and are not able to receive the updates, but if you are serious about your career, the amount you have to pay for the TestKing is not really that much. Especially if you are lucky enough to have an employer that will reimburse you for things like that. :)

[huggins]

Quote:

Originally Posted by cbrandst@gmail.com

FYI, I sent in a correct answer to feedback@testking.com and they gave me a 3 dollar credit towards my next TestKing purchase. It's not much be at least it was something. I also sent an update to some of the wording on one of the answers. Both changes showed up in the next update which was only a few days later. Kinda cool. Of coarse this doesn't help those who haven't purchased the material and are not able to receive the updates, but if you are serious about your career, the amount you have to pay for the TestKing is not really that much. Especially if you are lucky enough to have an employer that will reimburse you for things like that. :)

Could you send your correct answer to me?
THX
huggins80@msn.com

[prasad]

Hi ,

Request you to please send the correct answers to me @ bhaskar_nr@yahoo.com.

Thanks and Regards,

Bhaskar Prasad

[Karadin]

Ok how about this question on TK
When you check "Web server" in a host-node object, what happens to the host?

A. More granular controls are added to the host, in addition to web intelligence tab settings
B. SmartDefense Web intelligence is enabled to check on the host
C. Automatic static NAT on the host
D. The web server is enabled on the host
E. You can specify allowed ports in the web server's node-object properties. You then do not need to list all allowed ports in the rule base

TK answer is A

I believe is should be B could anyone confirm this

Thanks

[huggins]

Quote:

Originally Posted by Karadin

Ok how about this question on TK
When you check "Web server" in a host-node object, what happens to the host?

A. More granular controls are added to the host, in addition to web intelligence tab settings
B. SmartDefense Web intelligence is enabled to check on the host
C. Automatic static NAT on the host
D. The web server is enabled on the host
E. You can specify allowed ports in the web server's node-object properties. You then do not need to list all allowed ports in the rule base

TK answer is A

I believe is should be B could anyone confirm this

Thanks

I can make sure that the TK is correct!!!

[david]

Quote:

Originally Posted by Karadin

Ok how about this question on TK
When you check "Web server" in a host-node object, what happens to the host?

A. More granular controls are added to the host, in addition to web intelligence tab settings
B. SmartDefense Web intelligence is enabled to check on the host
C. Automatic static NAT on the host
D. The web server is enabled on the host
E. You can specify allowed ports in the web server's node-object properties. You then do not need to list all allowed ports in the rule base

TK answer is A

I believe is should be B could anyone confirm this

Thanks

hmm, thats a strange question. i beleive A & B are both correct.

[nizome]

Quote:

Originally Posted by huggins

I also think the correct answer should be A!!! Because I have a nokia IP260 and running checkpoint R60, I can't change the password in the smartdashboard, so I think A is right!!!

I thinks the answer is E. So You're not able to change administrator's password. Only way to recreate administrator accout.

[Webcam007]

[quote=Webcam007;8186]

Quote:

Originally Posted by prasad

Hi Everyone,

QUESTION 101

How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?

A. Launch cpconfig and select "Administrators".

Well I believe its A on R60 as have recently done it.

Regards

Webcam007

[firewalz]

No. 98
What SmartConsole tool verifies the installed security policy name.
They say E. smart view tracker
Should most definatly be Smartview Monitor, which isnt even an option.

[firewalz]

No.115
When you hide a rule in the rule base, how can you disable the rule
they say A.
"Open the rule menue and select hide and view hidden rules, select the rule,right click, and select disable."

I tried this and it does not work, unless you clear hidden rules, the disable rule(s) optin is grayed out

Answer should be E. I have demonstrated that this works, on R61.

[firewalz]

No. 105
To much to type, but the answer cannot be fw tab -x -u.
The -x option deletes table entries, besides when you enter this command on the command line it errors out because you are not specifing a table.

"She needs to uninstall the policy and keep processes running so she can look at the tables"

E. cpstop, will kill the checkpoint daemons
C. cprestart will restart CP daemons and delete all tables, cannot be that
Has to be A. fw unloadlocal

Im finding that some of the explainations and reasons for answers given are weak or just plain wrong (at least as I can pratically test from an actual R61 installation)

[dean7711]

Guys for "Translate Destination on Client Side" Im having problems understanding this..

When we are talking about client side do we mean the internet facing side of the firewall or the lan side?

[firewalz]

Ill give it a shot:
If a client on the Public internet outside is connecting to a public nated address of an Internal server.

client(64.23.19.10) ==> server(pub=63.12.45.62) (private=192.168.2.1)

If nating was done on the server side, post kernel, than the OS would try to route the packet based on the servers public ip 63.12.45.62 and route it back out the external interface.
To fix this you would have to add a static route pointing the servers public address to the internal gateway. (route add 63.12.45.62 192.168.2.x)

"Translate Destination on client side" nats the destination servers ip pre kernel, so the OS makes a routing decision based upon the servers private ip which is on a directly connected interface.

I hope this make it clear?