Check Point Certified Security Expert R81.20 Questions and Answers
Question 141
What is not a purpose of the deployment of Check Point API?
Options:
A.
Execute an automated script to perform common tasks
B.
Create a customized GUI Client for manipulating the objects database
C.
Create products that use and enhance the Check Point solution
D.
Integrate Check Point products with 3rd party solution
Answer:
B
Explanation:
Explanation:
The deployment of Check Point API does not have the purpose of creating a customized GUI Client for manipulating the objects database. The Check Point API is a web service that allows external applications to interact with the Check Point management server using standard methods such as HTTP(S) requests and JSON objects. The Check Point API can be used to execute an automated script to perform common tasks, create products that use and enhance the Check Point solution, and integrate Check Point products with 3rd party solutions. However, creating a customized GUI Client for manipulating the objects database is not a supported or intended use case of the Check Point API.
Question 142
What is the benefit of Manual NAT over Automatic NAT?
Options:
A.
If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy.
B.
There is no benefit since Automatic NAT has in any case higher priority over Manual NAT
C.
You have the full control about the priority of the NAT rules
D.
On IPSO and GAIA Gateways, it is handled in a stateful manner
Answer:
C
Explanation:
Explanation:
The benefit of Manual NAT over Automatic NAT is that you have full control over the priority of the NAT rules. Manual NAT allows you to create NAT rules that are independent of the security policy and specify the order in which they are applied. Automatic NAT creates NAT rules based on the objects’ NAT properties and places them according to predefined criteria. The other options are not benefits of Manual NAT over Automatic NAT. References: : Check Point Software, Getting Started, NAT Rule Base.
Question 143
SmartEvent uses it's event policy to identify events. How can this be customized?
Options:
A.
By modifying the firewall rulebase
B.
By creating event candidates
C.
By matching logs against exclusions
D.
By matching logs against event rules
Answer:
D
Explanation:
Explanation:
SmartEvent uses its event policy to identify events. The event policy can be customized by matching logs against event rules. Event rules define the conditions and actions for generating events. You can create, edit, delete, enable, or disable event rules in the SmartEvent Policy tab of the SmartConsole. References: [SmartEvent Administration Guide]
Question 144
How can you see historical data with cpview?
Options:
A.
cpview -f
B.
cpview -e
C.
cpview -t
D.
cpview -d
Answer:
C
Explanation:
Explanation:
To see historical data with cpview, you can use the cpview -t command, where is the date and time you want to view. For example, cpview -t Jan 01 2023 12:00:00 will show you the cpview data for January 1st, 2023 at noon. You can also enter a partial date, such as Jan 02, to see the data for the whole day. This feature is available in R77.10 and higher versions of Check Point software1. You can also access the historical data by pressing the “t” key while running cpview in live mode and entering the desired date and time1. The historical data is stored in the CPViewDB.dat file in the /var/log/CPView_history directory on your gateway2. You can export this file and import it into other tools for visualization, such as Grafana3.