New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Checkpoint 156-215.81 Dumps Questions Answers

Page: 1 / 29
Total 400 questions

Check Point Certified Security Administrator R81.20 Questions and Answers

Question 1

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?

Options:

A.

Enterprise Network Security Appliances

B.

Rugged Appliances

C.

Scalable Platforms

D.

Small Business and Branch Office Appliances

Buy Now
Question 2

The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands?

Options:

A.

Execute the command 'enable' in the cli.sh shell

B.

Execute the 'conf t' command in the cli.sh shell

C.

Execute the command 'expert' in the cli.sh shell

D.

Execute the 'exit' command in the cli.sh shell

Question 3

Which of the following is NOT a role of the SmartCenter:

Options:

A.

Status monitoring

B.

Policy configuration

C.

Certificate authority

D.

Address translation

Question 4

Which method below is NOT one of the ways to communicate using the Management API’s?

Options:

A.

Typing API commands using the “mgmt_cli” command

B.

Typing API commands from a dialog box inside the SmartConsole GUI application

C.

Typing API commands using Gaia’s secure shell (clash)19+

D.

Sending API commands over an http connection using web-services

Question 5

Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?

Options:

A.

file attributes

B.

application information

C.

destination port

D.

data type information

Question 6

Security Gateway software blades must be attached to what?

Options:

A.

Security Gateway

B.

Security Gateway container

C.

Management server

D.

Management container

Question 7

What is the SOLR database for?

Options:

A.

Used for full text search and enables powerful matching capabilities

B.

Writes data to the database and full text search

C.

Serves GUI responsible to transfer request to the DLE server

D.

Enables powerful matching capabilities and writes data to the database

Question 8

Which command shows the installed licenses in Expert mode?

Options:

A.

print cplic

B.

show licenses

C.

fwlic print

D.

cplic print

Question 9

The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways. Which statement best describes this Secure Internal

Communication (SIC)?

Options:

A.

After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA.

B.

Secure Internal Communications authenticates the security gateway to the SMS before http communications are allowed.

C.

A SIC certificate is automatically generated on the gateway because the gateway hosts a subordinate CA to the SMS ICA.

D.

New firewalls can easily establish the trust by using the expert password defined on the SMS and the SMS IP address.

Question 10

From the Gaia web interface, which of the following operations CANNOT be performed on a Security Management Server?

Options:

A.

Verify a Security Policy

B.

Open a terminal shell

C.

Add a static route

D.

View Security Management GUI Clients

Question 11

What command would show the API server status?

Options:

A.

cpm status

B.

api restart

C.

api status

D.

show api status

Question 12

Which part of SmartConsole allows administrators to add, edit delete, and clone objects?

Options:

A.

Object Browser

B.

Object Editor

C.

Object Navigator

D.

Object Explorer

Question 13

What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

Options:

A.

Server, Username, Password, Path, Version

B.

Username, Password, Path, Version

C.

Server, Protocol, Username, Password, Destination Path

D.

Server, Protocol, Username, Password, Path

Question 14

Fill in the blank: SmartConsole, SmartEvent GUI client, and ___________ allow viewing of billions of consolidated logs and shows them as prioritized security events.

Options:

A.

SmartView Web Application

B.

SmartTracker

C.

SmartMonitor

D.

SmartReporter

Question 15

What is the purpose of a Stealth Rule?

Options:

A.

A rule used to hide a server's IP address from the outside world.

B.

A rule that allows administrators to access SmartDashboard from any device.

C.

To drop any traffic destined for the firewall that is not otherwise explicitly allowed.

D.

A rule at the end of your policy to drop any traffic that is not explicitly allowed.

Question 16

Fill in the blanks: In _____ NAT, Only the ________ is translated.

Options:

A.

Static; source

B.

Simple; source

C.

Hide; destination

D.

Hide; source

Question 17

Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Options:

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Question 18

Choose what BEST describes the reason why querying logs now are very fast.

Options:

A.

The amount of logs being stored is less than previous versions.

B.

New Smart-1 appliances double the physical memory install.

C.

Indexing Engine indexes logs for faster search results.

D.

SmartConsole now queries results directly from the Security Gateway.

Question 19

From SecureXL perspective, what are the tree paths of traffic flow:

Options:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Question 20

Which command shows the installed licenses?

Options:

A.

cplic print

B.

print cplic

C.

fwlic print

D.

show licenses

Question 21

An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

Options:

A.

AD Query

B.

Browser-Based Authentication

C.

Identity Agents

D.

Terminal Servers Agent

Question 22

Where can alerts be viewed?

Options:

A.

Alerts can be seen in SmartView Monitor

B.

Alerts can be seen in the Threat Prevention policy.

C.

Alerts can be seen in SmartUpdate.

D.

Alerts can be seen from the CLI of the gateway.

Question 23

DLP and Geo Policy are examples of what type of Policy?

Options:

A.

Inspection Policies

B.

Shared Policies

C.

Unified Policies

D.

Standard Policies

Question 24

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

Options:

A.

Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.

B.

Windows registry is available for future Security Management Server authentications.

C.

There is no memory used for saving a fingerprint anyway.

D.

SmartConsole cache is available for future Security Management Server authentications.

Question 25

Which one of the following is TRUE?

Options:

A.

Ordered policy is a sub-policy within another policy

B.

One policy can be either inline or ordered, but not both

C.

Inline layer can be defined as a rule action

D.

Pre-R80 Gateways do not support ordered layers

Question 26

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

Options:

A.

Application Control

B.

Data Awareness

C.

Identity Awareness

D.

Threat Emulation

Question 27

Choose what BEST describes users on Gaia Platform.

Options:

A.

There are two default users and neither can be deleted.

B.

There are two default users and one cannot be deleted.

C.

There is one default user that can be deleted.

D.

There is one default user that cannot be deleted.

Question 28

What is the purpose of Captive Portal?

Options:

A.

It manages user permission in SmartConsole

B.

It provides remote access to SmartConsole

C.

It authenticates users, allowing them access to the Internet and corporate resources

D.

It authenticates users, allowing them access to the Gaia OS

Question 29

Which tool allows you to monitor the top bandwidth on smart console?

Options:

A.

Logs & Monitoring

B.

Smart Event

C.

Gateways & Severs Tab

D.

SmartView Monitor

Question 30

What is the order of NAT priorities?

Options:

A.

IP pool NAT static NAT. hide NAT

B.

Static NAT hide NAT, IP pool NAT

C.

Static NAT, IP pool NAT hide NAT

D.

Static NAT automatic NAT hide NAT

Question 31

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

Options:

A.

Next Generation Threat Prevention

B.

Next Generation Threat Emulation

C.

Next Generation Threat Extraction

D.

Next Generation Firewall

Question 32

True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

Options:

A.

False, this feature has to be enabled in the Global Properties.

B.

True, every administrator works in a session that is independent of the other administrators.

C.

True, every administrator works on a different database that is independent of the other administrators.

D.

False, only one administrator can login with write permission.

Question 33

The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?

Options:

A.

Add tcpdump to CLISH using add command.Create a new access role.Add tcpdump to the role.Create new user with any UID and assign role to the user.

B.

Add tcpdump to CLISH using add command.Create a new access role.Add tcpdump to the role.Create new user with UID 0 and assign role to the user.

C.

Create a new access role.Add expert-mode access to the role.Create new user with UID 0 and assign role to the user.

D.

Create a new access role.Add expert-mode access to the role.Create new user with any UID and assign role to the user.

Question 34

What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

Options:

A.

Shared Secret Passwords

B.

Unique Passwords

C.

Shared User Certificates

D.

Mutually Trusted Certificate Authorities

Question 35

What is the purpose of a Clean-up Rule?

Options:

A.

Clean-up Rules do not server any purpose.

B.

Provide a metric for determining unnecessary rules.

C.

To drop any traffic that is not explicitly allowed.

D.

Used to better optimize a policy.

Question 36

From SecureXL perspective, what are the tree paths of traffic flow:

Options:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Question 37

Fill in the blank: An identity server uses a ___________ for user authentication.

Options:

A.

Shared secret

B.

Certificate

C.

One-time password

D.

Token

Question 38

Which of the following describes how Threat Extraction functions?

Options:

A.

Detect threats and provides a detailed report of discovered threats

B.

Proactively detects threats

C.

Delivers file with original content

D.

Delivers PDF versions of original files with active content removed

Question 39

Which type of attack can a firewall NOT prevent?

Options:

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Question 40

Which firewall daemon is responsible for the FW CLI commands?

Options:

A.

fwd

B.

fwm

C.

cpm

D.

cpd

Question 41

To view the policy installation history for each gateway, which tool would an administrator use?

Options:

A.

Revisions

B.

Gateway installations

C.

Installation history

D.

Gateway history

Question 42

Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

Options:

A.

The firewall topologies

B.

NAT Rules

C.

The Rule Base

D.

The VPN Domains

Question 43

Traffic from source 192.168.1.1 is going to The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

Options:

A.

Slow Path

B.

Medium Path

C.

Fast Path

D.

Accelerated Path

Question 44

In which deployment is the security management server and Security Gateway installed on the same appliance?

Options:

A.

Standalone

B.

Remote

C.

Distributed

D.

Bridge Mode

Question 45

Which message indicates IKE Phase 2 has completed successfully?

Options:

A.

Quick Mode Complete

B.

Aggressive Mode Complete

C.

Main Mode Complete

D.

IKE Mode Complete

Question 46

Which software blade does NOT accompany the Threat Prevention policy?

Options:

A.

IPS

B.

Application Control and URL Filtering

C.

Threat Emulation

D.

Anti-virus

Question 47

Which of the following is a valid deployment option?

Options:

A.

CloudSec deployment

B.

Disliked deployment

C.

Router only deployment

D.

Standalone deployment

Question 48

R80.10 management server can manage gateways with which versions installed?

Options:

A.

Versions R77 and higher

B.

Versions R76 and higher

C.

Versions R75.20 and higher

D.

Version R75 and higher

Question 49

When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?

Options:

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Question 50

: 370

What technologies are used to deny or permit network traffic?

Options:

A.

Stateful Inspection. Firewall Blade, and URL'Application Blade

B.

Packet Filtenng. Stateful Inspection, and Application Layer Firewall

C.

Firewall Blade. URL/Application Blade and IPS

D.

Stateful Inspection. URL/Application Blade, and Threat Prevention

Question 51

Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

Options:

A.

Save Policy

B.

Install Database

C.

Save session

D.

Install Policy

Question 52

What is the difference between SSL VPN and IPSec VPN?

Options:

A.

IPSec VPN does not require installation of a resident VPN client

B.

SSL VPN requires installation of a resident VPN client

C.

SSL VPN and IPSec VPN are the same

D.

IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

Question 53

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

Options:

A.

Detects and blocks malware by correlating multiple detection engines before users are affected.

B.

Configure rules to limit the available network bandwidth for specified users or groups.

C.

Use UserCheck to help users understand that certain websites are against the company’s security policy.

D.

Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Question 54

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

Options:

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20 GB

D.

At least 20GB

Question 55

Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

Options:

A.

Kerberos Ticket Renewed

B.

Kerberos Ticket Requested

C.

Account Logon

D.

Kerberos Ticket Timed Out

Question 56

John is using Management HA. Which Smartcenter should be connected to for making changes?

Options:

A.

secondary Smartcenter

B.

active Smartcenter

C.

connect virtual IP of Smartcenter HA

D.

primary Smartcenter

Question 57

Which of the completed statements is NOT true? The WebUI can be used to manage Operating System user accounts and

Options:

A.

add users to your Gaia system.

B.

assign privileges to users.

C.

assign user rights to their home directory in the Security Management Server.

D.

edit the home directory of the user.

Question 58

What is true about the IPS-Blade?

Options:

A.

in R80, IPS is managed by the Threat Prevention Policy

B.

in R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict

C.

in R80, IPS Exceptions cannot be attached to “all rules”

D.

in R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Question 59

Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

Options:

A.

hostname myHost12 ip-address 10.50.23.90

B.

mgmt add host name ip-address 10.50.23.90

C.

add host name emailserver1 ip-address 10.50.23.90

D.

mgmt add host name emailserver1 ip-address 10.50.23.90

Question 60

Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware?

Options:

A.

Anti-Bot

B.

None - both Anti-Virus and Anti-Bot are required for this

C.

Anti-Virus

D.

None - both URL Filtering and Anti-Virus are required for this.

Question 61

Which policy type is used to enforce bandwidth and traffic control rules?

Options:

A.

Access Control

B.

Threat Emulation

C.

Threat Prevention

D.

QoS

Question 62

A layer can support different combinations of blades What are the supported blades:

Options:

A.

Firewall. URLF, Content Awareness and Mobile Access

B.

Firewall (Network Access Control). Application & URL Filtering. Content Awareness and Mobile Access

C.

Firewall. NAT, Content Awareness and Mobile Access

D.

Firewall (Network Access Control). Application & URL Filtering and Content Awareness

Question 63

When a gateway requires user information for authentication, what order does it query servers for user information?

Options:

A.

First - Internal user database, then LDAP servers in order of priority, finally the generic external user profile

B.

First the Internal user database, then generic external user profile, finally LDAP servers in order of priority.

C.

First the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile

D.

The external generic profile, then the internal user database finally the LDAP servers in order of priority.

Question 64

What type of NAT is a one-to-one relationship where each host is translated to a unique address?

Options:

A.

Source

B.

Static

C.

Hide

D.

Destination

Question 65

Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

Options:

A.

DLP shared policy

B.

Geo policy shared policy

C.

Mobile Access software blade

D.

HTTPS inspection

Question 66

Name one limitation of using Security Zones in the network?

Options:

A.

Security zones will not work in Automatic NAT rules

B.

Security zone will not work in Manual NAT rules

C.

Security zones will not work in firewall policy layer

D.

Security zones cannot be used in network topology

Question 67

After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?

Options:

A.

The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.

B.

Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server.

C.

The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server.

D.

Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server.

Question 68

What is NOT an advantage of Stateful Inspection?

Options:

A.

High Performance

B.

Good Security

C.

No Screening above Network layer

D.

Transparency

Question 69

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

Options:

A.

Symmetric routing

B.

Failovers

C.

Asymmetric routing

D.

Anti-Spoofing

Question 70

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?

Options:

A.

Open SmartLog and connect remotely to the wireless controller

B.

Open SmartEvent to see why they are being blocked

C.

Open SmartDashboard and review the logs tab

D.

From SmartConsole, go to the Log & Monitor and filter for the IP address of the tablet.

Question 71

To view statistics on detected threats, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Question 72

Fill in the blank: An LDAP server holds one or more ______________.

Options:

A.

Server Units

B.

Administrator Units

C.

Account Units

D.

Account Servers

Question 73

SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following

Options:

A.

Security Policy Management and Log Analysis

B.

Security Policy Management. Log Analysis. System Health Monitoring. Multi-Domain Security Management.

C.

Security Policy Management Log Analysis and System Health Monitoring

D.

Security Policy Management. Threat Prevention rules. System Health Monitoring and Multi-Domain Security Management.

Question 74

Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

Options:

A.

CPASE - Check Point Automatic Service Engine

B.

CPAUE - Check Point Automatic Update Engine

C.

CPDAS - Check Point Deployment Agent Service

D.

CPUSE - Check Point Upgrade Service Engine

Question 75

Which of the following is NOT a component of Check Point Capsule?

Options:

A.

Capsule Docs

B.

Capsule Cloud

C.

Capsule Enterprise

D.

Capsule Workspace

Question 76

Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.

Options:

A.

Explicit Drop

B.

Implied Drop

C.

Explicit Cleanup

D.

Implicit Drop

Question 77

Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway. Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?

Options:

A.

1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway’s external IP.3. Publish and install the policy.

B.

1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish the policy.

C.

1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish and install the policy.

D.

1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway’s external IP.3. Publish the policy.

Question 78

Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?

Options:

A.

Manual NAT can offer more flexibility than Automatic NAT.

B.

Dynamic Network Address Translation (NAT) Overloading can offer more flexibility than Port Address Translation.

C.

Dynamic NAT with Port Address Translation can offer more flexibility than Network Address Translation (NAT) Overloading.

D.

Automatic NAT can offer more flexibility than Manual NAT.

Question 79

What are the software components used by Autonomous Threat Prevention Profiles in R8I.20 and higher?

Options:

A.

Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, JPS, File and URL Reputation

B.

IPS, Threat Emulation and Threat Extraction

C.

Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS

D.

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

Question 80

Core Protections are installed as part of what Policy?

Options:

A.

Access Control Policy.

B.

Desktop Firewall Policy

C.

Mobile Access Policy.

D.

Threat Prevention Policy.

Question 81

Identity Awareness lets an administrator easily configure network access and auditing based on three items Choose the correct statement.

Options:

A.

Network location, the identity of a user and the active directory membership.

B.

Network location, the identity of a user and the identity of a machine.

C.

Network location, the telephone number of a user and the UID of a machine

D.

Geographical location, the identity of a user and the identity of a machine

Question 82

True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Options:

A.

True, CLI is the prefer method for Licensing

B.

False, Central License are handled via Security Management Server

C.

False, Central License are installed via Gaia on Security Gateways

D.

True, Central License can be installed with CPLIC command on a Security Gateway

Question 83

You have discovered suspicious activity in your network. What is the BEST immediate action to take?

Options:

A.

Create a policy rule to block the traffic.

B.

Create a suspicious action rule to block that traffic.

C.

Wait until traffic has been identified before making any changes.

D.

Contact ISP to block the traffic.

Question 84

Which of the following cannot be configured in an Access Role Object?

Options:

A.

Networks

B.

Users

C.

Time

D.

Machines

Question 85

What is the Transport layer of the TCP/IP model responsible for?

Options:

A.

It transports packets as datagrams along different routes to reach their destination.

B.

It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.

C.

It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.

D.

It deals with all aspects of the physical components of network connectivity and connects with different network types.

Question 86

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Options:

A.

Distributed

B.

Standalone

C.

Bridge

Question 87

One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?

Options:

A.

AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.

B.

AdminA and AdminB are editing the same rule at the same time.

C.

AdminB sees a pencil icon next the rule that AdminB is currently editing.

D.

AdminA, AdminB and AdminC are editing three different rules at the same time.

Question 88

Which backup utility captures the most information and tends to create the largest archives?

Options:

A.

backup

B.

snapshot

C.

Database Revision

D.

migrate export

Question 89

Choose what BEST describes the reason why querying logs now is very fast.

Options:

A.

New Smart-1 appliances double the physical memory install

B.

Indexing Engine indexes logs for faster search results

C.

SmartConsole now queries results directly from the Security Gateway

D.

The amount of logs been store is less than the usual in older versions

Question 90

In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.)

Options:

A.

SmartConsole and WebUI on the Security Management Server.

B.

SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.

C.

Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.

D.

mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.

Question 91

Which encryption algorithm is the least secured?

Options:

A.

3DES

B.

AES-128

C.

DES

D.

AES-256

Question 92

Which of the following is NOT a type of Endpoint Identity Agent?

Options:

A.

Custom

B.

Terminal

C.

Full

D.

Light

Question 93

In which scenario is it a valid option to transfer a license from one hardware device to another?

Options:

A.

From a 4400 Appliance to a 2200 Appliance

B.

From a 4400 Appliance to an HP Open Server

C.

From an IBM Open Server to an HP Open Server

D.

From an IBM Open Server to a 2200 Appliance

Question 94

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

Options:

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int fwha vmac global param enabled; result of command should return value 1

C.

cphaprob –a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Question 95

What kind of NAT enables Source Port Address Translation by default?

Options:

A.

Automatic Static NAT

B.

Manual Hide NAT

C.

Automatic Hide NAT

D.

Manual Static NAT

Question 96

You had setup the VPN Community NPN-Stores' with 3 gateways. There are some issues with one remote gateway(l .1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways.

Options:

A.

action:”Key Install" AND 1.1.1.1 AND Quick Mode

B.

Blade:”VPN”AND VPN-Stores AND Main Mode

C.

action:”Key Install” AND 1.1.1.1 AND Main Mode

D.

Blade:”VPN”AND VPN-Stores AND Quick Mode

Question 97

When enabling tracking on a rule, what is the default option?

Options:

A.

Accounting Log

B.

Extended Log

C.

Log

D.

Detailed Log

Question 98

URL Filtering cannot be used to:

Options:

A.

Control Bandwidth issues

B.

Control Data Security

C.

Improve organizational security

D.

Decrease legal liability

Question 99

Which of the following is considered to be the more secure and preferred VPN authentication method?

Options:

A.

Password

B.

Certificate

C.

MD5

D.

Pre-shared secret

Question 100

What is the purpose of the Stealth Rule?

Options:

A.

To prevent users from directly connecting to a Security Gateway.

B.

To reduce the number of rules in the database.

C.

To reduce the amount of logs for performance issues.

D.

To hide the gateway from the Internet.

Question 101

Session unique identifiers are passed to the web api using which http header option?

Options:

A.

X-chkp-sid

B.

Accept-Charset

C.

Proxy-Authorization

D.

Application

Question 102

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

Options:

A.

Open SmartLog and connect remotely to the IP of the wireless controller

B.

Open SmartView Tracker and filter the logs for the IP address of the tablet

C.

Open SmartView Tracker and check all the IP logs for the tablet

D.

Open SmartLog and query for the IP address of the Manager’s tablet

Question 103

In which scenario will an administrator need to manually define Proxy ARP?

Options:

A.

When they configure an "Automatic Static NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.

B.

When they configure an "Automatic Hide NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.

C.

When they configure a "Manual Static NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.

D.

When they configure a "Manual Hide NAT" which translates to an IP address that belongs to one of the firewall's interfaces.

Question 104

Fill in the blank: In order to install a license, it must first be added to the ____________.

Options:

A.

User Center

B.

Package repository

C.

Download Center Web site

D.

License and Contract repository

Question 105

What are the three types of UserCheck messages?

Options:

A.

inform, ask, and block

B.

block, action, and warn

C.

action, inform, and ask

D.

ask, block, and notify

Question 106

Which of the following commands is used to monitor cluster members?

Options:

A.

cphaprob state

B.

cphaprob status

C.

cphaprob

D.

cluster state

Question 107

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible explanation for this?

Options:

A.

DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.

B.

Another administrator is logged into the Management and currently editing the DNS Rule.

C.

DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.

D.

This is normal behavior in R80 when there are duplicate rules in the Rule Base.

Question 108

Name the pre-defined Roles included in Gaia OS.

Options:

A.

AdminRole, and MonitorRole

B.

ReadWriteRole, and ReadyOnly Role

C.

AdminRole, cloningAdminRole, and Monitor Role

D.

AdminRole

Question 109

An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?

Options:

A.

The Gateway is an SMB device

B.

The checkbox “Use only Shared Secret for all external members” is not checked

C.

Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS

D.

Pre-shared secret is already configured in Global Properties

Question 110

Gaia has two default user accounts that cannot be deleted. What are those user accounts?

Options:

A.

Admin and Default

B.

Expert and Clish

C.

Control and Monitor

D.

Admin and Monitor

Question 111

Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

Options:

A.

hostname myHost12 ip-address 10.50.23.90

B.

mgmt add host name ip-address 10.50.23.90

C.

add host name emailserver1 ip-address 10.50.23.90

D.

mgmt add host name emailserver1 ip-address 10.50.23.90

Question 112

For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

Options:

A.

Source Port Address Translation (PAT) is enabled by default

B.

Automate NAT rules are supported for Network objects only.

C.

Automatic NAT rules are supported for Host objects only.

D.

Source Port Address Translation (PAT) is disabled by default

Question 113

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

Options:

A.

Captive Portal and Transparent Kerberos Authentication

B.

UserCheck

C.

User Directory

D.

Captive Portal

Question 114

A Check Point Software license consists of two components, the Software Blade and the Software Container. There are ______ types of Software Containers: ________.

Options:

A.

Two; Security Management and Endpoint Security

B.

Two; Endpoint Security and Security Gateway

C.

Three; Security Management, Security Gateway, and Endpoint Security

D.

Three; Security Gateway, Endpoint Security, and Gateway Management

Question 115

What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

Options:

A.

Verification tool

B.

Verification licensing

C.

Automatic licensing

D.

Automatic licensing and Verification tool

Question 116

The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful Inspections and Proxies, which statement is correct?

Options:

A.

Stateful Inspection is limited to Layer 3 visibility, with no Layer 4 to Layer 7 visibility capabilities.

B.

When it comes to performance, proxies were significantly faster than stateful inspection firewalls.

C.

Proxies offer far more security because of being able to give visibility of the payload (the data).

D.

When it comes to performance, stateful inspection was significantly faster than proxies.

Question 117

When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

Options:

A.

Reflected immediately for all users who are using template.

B.

Not reflected for any users unless the local user template is changed.

C.

Reflected for all users who are using that template and if the local user template is changed as well.

D.

Not reflected for any users who are using that template.

Page: 1 / 29
Total 400 questions