Which SmartConsole tab is used to monitor network and security performance?
What is the default shell of Gaia CLI?
Choose what BEST describes users on Gaia Platform.
These users are created by default and cannot be deleted:
Has full read/write capabilities for all Gaia features, from the Gaia Portal and the Gaia Clish.
This user has a User ID of 0, and therefore has all of the privileges of a root user.
Has read-only capabilities for all features in the Gaia Portal and the Gaia Clish, and can change its own password.
You must give a password for this user before the account can be used.
Which SmartConsole application shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns?
Which type of Check Point license ties the package license to the IP address of the Security Management Server?
Name the utility that is used to block activities that appear to be suspicious.
Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
Local licensing is associated with the IP address of the Security Gateway, to which the license will be applied. Each time the IP address of the Security Gateway changes, a new license must be generated and installed. https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails= &solutionid=sk62685
Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?
With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis?
"A local cache that gives answers to 99% of URL categorization requests. When the cache does not have an answer, only the host name is sent to the Check Point Online Web Service for categorization. " https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/24853/FILE/CP_R77_ApplicationControlURLFiltering_AdminGuide.pdf
Which of the following is used to initially create trust between a Gateway and Security Management Server?
To establish the initial trust, a gateway and a Security Management Server use a one-time password. After the initial trust is established, further communication is based on security certificates.
Which method below is NOT one of the ways to communicate using the Management API’s?
In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?
Which two Identity Awareness commands are used to support identity sharing?
What are the three main components of Check Point security management architecture?
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
Which type of attack can a firewall NOT prevent?
Which icon in the WebUI indicates that read/write access is enabled?
What is the purpose of Captive Portal?
Captive Portal is a simple method that authenticates users with a web interface. When users try to access a protected web resource, they enter authentication information in a form that shows in their web browser. https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_IdentityAwareness_AdminGuide/html_frameset.htm?topic=documents/R80.30/WebAdminGuides/EN/CP_R80.30_IdentityAwareness_AdminGuide/148468
Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.
Which of the following is considered to be the more secure and preferred VPN authentication method?
After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.
When should you generate new licenses?
When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?
Which of the following is NOT a valid deployment option for R80?
URL Filtering cannot be used to:
Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?
The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?
Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.
When using Automatic Hide NAT, what is enabled by default?
Hiding multiple IP addresses behind one, gateway, IP address requires PAT to differentiate between traffic.
Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.
User Directory lets you configure:
High Availability, to duplicate user data across multiple servers for backup. See Account Units and High Availability.
Multiple Account Units, for distributed databases.
Define LDAP Account Units, for encrypted User Directory connections. See Modifying the LDAP Server.
Profiles, to support multiple LDAP vendors. See User Directory Profiles.
What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?
Application Control/URL filtering database library is known as:
What is the Transport layer of the TCP/IP model responsible for?
What are the steps to configure the HTTPS Inspection Policy?
Secure Internal Communication (SIC) is handled by what process?
Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?
In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?
A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?
The Interface window opens. The Topology area of the General pane shows the Security Zone to which the interface is already bound. By default, the Security Zone is calculated according to where the interface Leads To. https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Security-Zones.htm
Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.
You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
How is communication between different Check Point components secured in R80? As with all questions, select the best answer.
Which of the following situations would not require a new license to be generated and installed?
Which two Identity Awareness daemons are used to support identity sharing?
After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?
Which key is created during Phase 2 of a site-to-site VPN?
Which path below is available only when CoreXL is enabled?
Which is a main component of the Check Point security management architecture?
Security Gateway (SG) is usually deployed on the perimeter to control and secure traffic with Firewall and Threat Prevention capabilities.
Security Management Server (SMS) defines and controls security policies on the Gateways. It can also be used to as a log server with built-in system of log indexing (SmartLog) and event correlation (SmartEvent – a SIEM-like solution for Check Point products). Usually, SMS is the main element of central management with multiple Security Gateways in operation. Nevertheless, you need an SMS even if your security system has a single gateway only.
SmartConsole is a GUI administration tool to connect to SMS. Through this tool, a security administrator is able to prepare and apply security policies to the Security Gateways.
Using ClusterXL, what statement is true about the Sticky Decision Function?