Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Which policy type has its own Exceptions section?

A.

Thread Prevention

B.

Access Control

C.

Threat Emulation

D.

Desktop Security

Full Access
Question # 5

Which feature is NOT provided by all Check Point Mobile Access solutions?

A.

Support for IPv6

B.

Granular access control

C.

Strong user authentication

D.

Secure connectivity

Full Access
Question # 6

CPU-level of your Security gateway is peaking to 100% causing problems with traffic. You suspect that the problem might be the Threat Prevention settings.

The following Threat Prevention Profile has been created.

How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

A.

Set High Confidence to Low and Low Confidence to Inactive.

B.

Set the Performance Impact to Medium or lower.

C.

The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.

D.

Set the Performance Impact to Very Low Confidence to Prevent.

Full Access
Question # 7

What two ordered layers make up the Access Control Policy Layer?

A.

URL Filtering and Network

B.

Network and Threat Prevention

C.

Application Control and URL Filtering

D.

Network and Application Control

Full Access
Question # 8

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

A.

Open SmartLog and connect remotely to the IP of the wireless controller

B.

Open SmartView Tracker and filter the logs for the IP address of the tablet

C.

Open SmartView Tracker and check all the IP logs for the tablet

D.

Open SmartLog and query for the IP address of the Manager’s tablet

Full Access
Question # 9

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

A.

Application Control

B.

Data Awareness

C.

Identity Awareness

D.

Threat Emulation

Full Access
Question # 10

In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT ________.

A.

Upgrade the software version

B.

Open WebUI

C.

Open SSH

D.

Open service request with Check Point Technical Support

Full Access
Question # 11

Which of the following is the most secure means of authentication?

A.

Password

B.

Certificate

C.

Token

D.

Pre-shared secret

Full Access
Question # 12

Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

A.

Slow Path

B.

Medium Path

C.

Fast Path

D.

Accelerated Path

Full Access
Question # 13

Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Full Access
Question # 14

Which command shows the installed licenses?

A.

cplic print

B.

print cplic

C.

fwlic print

D.

show licenses

Full Access
Question # 15

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

A.

AD Query

B.

Terminal Servers Endpoint Identity Agent

C.

Endpoint Identity Agent and Browser-Based Authentication

D.

RADIUS and Account Logon

Full Access
Question # 16

Which of the following commands is used to verify license installation?

A.

Cplic verify license

B.

Cplic print

C.

Cplic show

D.

Cplic license

Full Access
Question # 17

Fill in the blanks: There are ________ types of software containers ________.

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Full Access
Question # 18

Which firewall daemon is responsible for the FW CLI commands?

A.

fwd

B.

fwm

C.

cpm

D.

cpd

Full Access
Question # 19

Identity Awareness allows the Security Administrator to configure network access based on which of the following?

A.

Name of the application, identity of the user, and identity of the machine

B.

Identity of the machine, username, and certificate

C.

Network location, identity of a user, and identity of a machine

D.

Browser-Based Authentication, identity of a user, and network location

Full Access
Question # 20

Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

A.

Main

B.

Authentication

C.

Quick

D.

High Alert

Full Access
Question # 21

Fill in the blank: ____________ is the Gaia command that turns the server off.

A.

sysdown

B.

exit

C.

halt

D.

shut-down

Full Access
Question # 22

Which SmartConsole tab is used to monitor network and security performance?

A.

Manage & Settings

B.

Security Policies

C.

Gateway & Servers

D.

Logs & Monitor

Full Access
Question # 23

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

A.

Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.

B.

Windows registry is available for future Security Management Server authentications.

C.

There is no memory used for saving a fingerprint anyway.

D.

SmartConsole cache is available for future Security Management Server authentications.

Full Access
Question # 24

What command would show the API server status?

A.

cpm status

B.

api restart

C.

api status

D.

show api status

Full Access
Question # 25

Which method below is NOT one of the ways to communicate using the Management API’s?

A.

Typing API commands using the “mgmt_cli” command

B.

Typing API commands from a dialog box inside the SmartConsole GUI application

C.

Typing API commands using Gaia’s secure shell (clash)19+

D.

Sending API commands over an http connection using web-services

Full Access
Question # 26

Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

A.

mgmt_cli add-host “Server_1” ip_address “10.15.123.10” --format txt

B.

mgmt_cli add host name “Server_1” ip_address “10.15.123.10” --format json

C.

mgmt_cli add object-host “Server_1” ip_address “10.15.123.10” --format json

D.

mgmt_cli add object “Server_1” ip_address “10.15.123.10” --format json

Full Access
Question # 27

Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list.

A.

SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status

B.

SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor

C.

SmartView Tracker, CPINFO, SmartUpdate

D.

Security Policy Editor, Log Viewer, Real Time Monitor GUI

Full Access
Question # 28

You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor.

Unfortunately, you get the message:

“There are no machines that contain Firewall Blade and SmartView Monitor”.

What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.

A.

Purchase the SmartView Monitor license for your Security Management Server.

B.

Enable Monitoring on your Security Management Server.

C.

Purchase the SmartView Monitor license for your Security Gateway.

D.

Enable Monitoring on your Security Gateway.

Full Access
Question # 29

Which R77 GUI would you use to see number of packets accepted since the last policy install?

A.

SmartView Monitor

B.

SmartView Tracker

C.

SmartDashboard

D.

SmartView Status

Full Access
Question # 30

A Cleanup rule:

A.

logs connections that would otherwise be dropped without logging by default.

B.

drops packets without logging connections that would otherwise be dropped and logged by default.

C.

logs connections that would otherwise be accepted without logging by default.

D.

drops packets without logging connections that would otherwise be accepted and logged by default.

Full Access
Question # 31

You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

A.

XlateDst

B.

XlateSPort

C.

XlateDPort

D.

XlateSrc

Full Access
Question # 32

VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?

A.

3DES and MD5

B.

Certificates and IPsec

C.

Certificates and pre-shared secret

D.

IPsec and VPN Domains

Full Access
Question # 33

How do you configure an alert in SmartView Monitor?

A.

An alert cannot be configured in SmartView Monitor.

B.

By choosing the Gateway, and Configure Thresholds.

C.

By right-clicking on the Gateway, and selecting Properties.

D.

By right-clicking on the Gateway, and selecting System Information.

Full Access
Question # 34

What is the mechanism behind Threat Extraction?

A.

This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender

B.

This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient

C.

This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring).

D.

Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast

Full Access
Question # 35

When launching SmartDashboard, what information is required to log into R77?

A.

User Name, Management Server IP, certificate fingerprint file

B.

User Name, Password, Management Server IP

C.

Password, Management Server IP

D.

Password, Management Server IP, LDAP Server IP

Full Access
Question # 36

What is the command to see cluster status in cli expert mode?

A.

fw ctl stat

B.

clusterXL stat

C.

clusterXL status

D.

cphaprob stat

Full Access
Question # 37

When defining QoS global properties, which option below is not valid?

A.

Weight

B.

Authenticated timeout

C.

Schedule

D.

Rate

Full Access
Question # 38

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.

To make this scenario work, the IT administrator must:

1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.

2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.

3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.

4) Install policy.

Ms McHanry tries to access the resource but is unable. What should she do?

A.

Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”.

B.

Have the security administrator reboot the firewall.

C.

Have the security administrator select Any for the Machines tab in the appropriate Access Role.

D.

Install the Identity Awareness agent on her iPad.

Full Access
Question # 39

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

A.

You checked the cache password on desktop option in Global Properties.

B.

Another rule that accepts HTTP without authentication exists in the Rule Base.

C.

You have forgotten to place the User Authentication Rule before the Stealth Rule.

D.

Users must use the SecuRemote Client, to use the User Authentication Rule.

Full Access
Question # 40

How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

A.

Change the gateway settings to allow Captive Portal access via an external interface.

B.

No action is necessary. This access is available by default.

C.

Change the Identity Awareness settings under Global Properties to allow Captive Policy access on all interfaces.

D.

Change the Identity Awareness settings under Global Properties to allow Captive Policy access for an external interface.

Full Access
Question # 41

A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?

A.

Secure Internal Communications (SIC) not configured for the object.

B.

A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.

C.

Anti-spoofing not configured on the interfaces on the Gateway object.

D.

A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Full Access
Question # 42

Choose the SmartLog property that is TRUE.

A.

SmartLog has been an option since release R71.10.

B.

SmartLog is not a Check Point product.

C.

SmartLog and SmartView Tracker are mutually exclusive.

D.

SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.

Full Access
Question # 43

How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

A.

Install appliance TE250X on SpanPort on LAN switch in MTA mode

B.

Install appliance TE250X in standalone mode and setup MTA

C.

You can utilize only Check Point Cloud Services for this scenario

D.

It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance

Full Access
Question # 44

What is the difference between an event and a log?

A.

Events are generated at gateway according to Event Policy

B.

A log entry becomes an event when it matches any rule defined in Event Policy

C.

Events are collected with SmartWorkflow from Trouble Ticket systems

D.

Logs and Events are synonyms

Full Access
Question # 45

According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):

A.

Gateway

B.

Interoperable Device

C.

Externally managed gateway

D.

Network Node

Full Access
Question # 46

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

A.

Mail, Block Source, Block Event Activity, External Script, SNMP Trap

B.

Mail, Block Source, Block Destination, Block Services, SNMP Trap

C.

Mail, Block Source, Block Destination, External Script, SNMP Trap

D.

Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

Full Access
Question # 47

Look at the following screenshot and select the BEST answer.

A.

Clients external to the Security Gateway can download archive files from FTP_Ext server using FTP.

B.

Internal clients can upload and download any-files to FTP_Ext-server using FTP.

C.

Internal clients can upload and download archive-files to FTP_Ext server using FTP.

D.

Clients external to the Security Gateway can upload any files to the FTP_Ext-server using FTP.

Full Access
Question # 48

Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

A.

Firewall

B.

Application Control

C.

Anti-spam and Email Security

D.

Antivirus

Full Access
Question # 49

Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment. Which details she need to fill in System Restore window before she can click OK button and test the backup?

A.

Server, SCP, Username, Password, Path, Comment, Member

B.

Server, TFTP, Username, Password, Path, Comment, All Members

C.

Server, Protocol, Username, Password, Path, Comment, All Members

D.

Server, Protocol, Username, Password, Path, Comment, Member

Full Access
Question # 50

Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.

A.

Standby/standby; active/active

B.

Active/active; standby/standby

C.

Active/active; active/standby;

D.

Active/standby; active/active

Full Access
Question # 51

On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

A.

Kerberos SSO which will be working for Active Directory integration

B.

Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user

C.

Obligatory usage of Captive Portal

D.

The ports 443 or 80 what will be used by Browser-Based and configured Authentication

Full Access
Question # 52

Which of the following is TRUE about the Check Point Host object?

A.

Check Point Host has no routing ability even if it has more than one interface installed.

B.

When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.

C.

Check Point Host is capable of having an IP forwarding mechanism.

D.

Check Point Host can act as a firewall.

Full Access
Question # 53

Which of the following is NOT a VPN routing option available in a star community?

A.

To satellites through center only

B.

To center, or through the center to other satellites, to Internet and other VPN targets

C.

To center and to other satellites through center

D.

To center only

Full Access
Question # 54

Choose what BEST describes users on Gaia Platform.

A.

There is one default user that cannot be deleted.

B.

There are two default users and one cannot be deleted.

C.

There is one default user that can be deleted.

D.

There are two default users that cannot be deleted and one SmartConsole Administrator.

Full Access
Question # 55

Fill in the blanks: A security Policy is created in _________ , stored in the _________ , and Distributed to the various __________ .

A.

Rule base, Security Management Server, Security Gateways

B.

SmartConsole, Security Gateway, Security Management Servers

C.

SmartConsole, Security Management Server, Security Gateways

D.

The Check Point database, SmartConsole, Security Gateways

Full Access
Question # 56

The organization's security manager wishes to back up just the Gaia operating system parameters. Which command can be used to back up only Gaia operating system parameters like interface details, Static routes and Proxy ARP entries?

A.

show configuration

B.

backup

C.

migrate export

D.

upgrade export

Full Access
Question # 57

Study the Rule base and Client Authentication Action properties screen.

After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:

A.

user is prompted for authentication by the Security Gateways again.

B.

FTP data connection is dropped after the user is authenticated successfully.

C.

user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication

D.

FTP connection is dropped by Rule 2.

Full Access
Question # 58

What is the potential downside or drawback to choosing the Standalone deployment option instead of the Distributed deployment option?

A.

degrades performance as the Security Policy grows in size

B.

requires additional Check Point appliances

C.

requires additional software subscription

D.

increases cost

Full Access
Question # 59

When using LDAP as an authentication method for Identity Awareness, the query:

A.

Requires client and server side software.

B.

Prompts the user to enter credentials.

C.

Requires administrators to specifically allow LDAP traffic to and from the LDAP Server and the Security Gateway.

D.

Is transparent, requiring no client or server side software, or client intervention.

Full Access
Question # 60

Where can administrator edit a list of trusted SmartConsole clients in R80?

A.

cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server.

B.

Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients.

C.

In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients.

D.

WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients, via cpconfig on a Security Gateway.

Full Access
Question # 61

Where do we need to reset the SIC on a gateway object?

A.

SmartDashboard > Edit Gateway Object > General Properties > Communication

B.

SmartUpdate > Edit Security Management Server Object > SIC

C.

SmartUpdate > Edit Gateway Object > Communication

D.

SmartDashboard > Edit Security Management Server Object > SIC

Full Access
Question # 62

Your bank's distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?

A.

SmartView Tracker

B.

SmartPortal

C.

SmartUpdate

D.

SmartDashboard

Full Access
Question # 63

In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

A.

Security Policies

B.

Logs and Monitor

C.

Manage and Settings

D.

Gateway and Servers

Full Access
Question # 64

Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time. What is the BEST way to do this with R80 security management?

A.

Create a text-file with mgmt_cli script that creates all objects and policies. Open the file in SmartConsole Command Line to run it.

B.

Create a text-file with Gaia CLI -commands in order to create all objects and policies. Run the file in CLISH with command load configuration.

C.

Create a text-file with DBEDIT script that creates all objects and policies. Run the file in the command line of the management server using command dbedit -f.

D.

Use Object Explorer in SmartConsole to create the objects and Manage Policies from the menu to create the policies.

Full Access
Question # 65

Fill in the blank: A _______ is used by a VPN gateway to send traffic as if it were a physical interface.

A.

VPN Tunnel Interface

B.

VPN community

C.

VPN router

D.

VPN interface

Full Access
Question # 66

When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored

A.

Security Gateway

B.

Check Point user center

C.

Security Management Server

D.

SmartConsole installed device

Full Access
Question # 67

Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.

A.

NT domain

B.

SMTP

C.

LDAP

D.

SecurID

Full Access
Question # 68

Fill in the blanks: VPN gateways authenticate using ___________ and ___________ .

A.

Passwords; tokens

B.

Certificates; pre-shared secrets

C.

Certificates; passwords

D.

Tokens; pre-shared secrets

Full Access
Question # 69

Which one of the following is the preferred licensing model? Select the Best answer.

A.

Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.

B.

Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway.

C.

Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.

D.

Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway.

Full Access
Question # 70

Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?

A.

set web ssl-port

B.

set Gaia-portal

C.

set Gaia-portal https-port

D.

set web https-port

Full Access
Question # 71

Choose what BEST describes the Policy Layer Traffic Inspection.

A.

If a packet does not match any of the inline layers, the matching continues to the next Layer.

B.

If a packet matches an inline layer, it will continue matching the next layer.

C.

If a packet does not match any of the inline layers, the packet will be matched against the Implicit Clean-up Rule.

D.

If a packet does not match a Network Policy Layer, the matching continues to its inline layer.

Full Access
Question # 72

You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

A.

Logging has disk space issues. Change logging storage options on the logging server or Security Management Server properties and install database.

B.

Data Awareness is not enabled.

C.

Identity Awareness is not enabled.

D.

Logs are arriving from Pre-R80 gateways.

Full Access
Question # 73

What will be the effect of running the following command on the Security Management Server?

A.

Remove the installed Security Policy.

B.

Remove the local ACL lists.

C.

No effect.

D.

Reset SIC on all gateways.

Full Access
Question # 74

Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

A.

UserCheck

B.

Active Directory Query

C.

Account Unit Query

D.

User Directory Query

Full Access
Question # 75

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

A.

None, Security Management Server would be installed by itself.

B.

SmartConsole

C.

SecureClient

D.

Security Gateway

Full Access
Question # 76

Which of the following statements is TRUE about R80 management plug-ins?

A.

The plug-in is a package installed on the Security Gateway.

B.

Installing a management plug-in requires a Snapshot, just like any upgrade process.

C.

A management plug-in interacts with a Security Management Server to provide new features and support for new products.

D.

Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.

Full Access
Question # 77

Which command is used to add users to or from existing roles?

A.

Add rba user roles

B.

Add rba user

C.

Add user roles

D.

Add user

Full Access
Question # 78

Which application should you use to install a contract file?

A.

SmartView Monitor

B.

WebUI

C.

SmartUpdate

D.

SmartProvisioning

Full Access