Which Check Point Software Wade provides visibility of users, groups and machines while also providing access control through identity-based policies?
In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?
The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?
Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?
SmartEvent does NOT use which of the following procedures to identity events:
The SmartEvent R80 Web application for real-time event monitoring is called:
You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?
Which type of Endpoint Identity Agent includes packet tagging and computer authentication?
What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?
If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?
Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?
Fill in the blanks: There are ________ types of software containers ________.
Which of the following is NOT an option to calculate the traffic direction?
Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway. Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?
Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?
Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?
Which is a main component of the Check Point security management architecture?
Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?
In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?
Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?
When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:
Fill in the blanks: The _______ collects logs and sends them to the _______.
Why is a Central License the preferred and recommended method of licensing?
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
Fill in the blank: The _____ feature allows administrators to share a policy with other policy packages.
Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
Fill in the blanks: A Check Point software license consists of a__________ and _______.
What is the BEST command to view configuration details of all interfaces in Gaia CLISH?
You want to store the GAiA configuration in a file for later reference. What command should you use?
Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?
To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?
Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?
An administrator wishes to use Application objects in a rule in their policy but there are no Application objects listed as options to add when clicking the"+" to add new items to the "Services & Applications" column of a rule. What should be done to fix this?
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.
Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?
Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.
A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?
Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________.
To increase security, the administrator has modified the Core protection ‘Host Port Scan’ from ‘Medium’ to ‘High’ Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes?
A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?
Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway?
How many users can have read/write access in Gaia Operating System at one time?
Which two Identity Awareness daemons are used to support identity sharing?
Which two Identity Awareness commands are used to support identity sharing?
Which method below is NOT one of the ways to communicate using the Management API’s?
What is the main difference between Threat Extraction and Threat Emulation?
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.
When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take?
Which of the following situations would not require a new license to be generated and installed?
You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?
To view the policy installation history for each gateway, which tool would an administrator use?
You want to store the GAiA configuration in a file for later reference. What command should you use?
Which of the following is NOT supported by Bridge Mode Check Point Security Gateway
Fill in the blank: Back up and restores can be accomplished through_________.
When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.
Which of the following technologies extracts detailed information from packets and stores that information in state tables?
Which of the following is NOT an advantage to using multiple LDAP servers?
Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?
Fill in the blanks: The Application Layer Firewalls inspect traffic through the ______ layer(s) of the TCP/IP model and up to and including the ______ layer.
To view statistics on detected threats, which Threat Tool would an administrator use?
Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.
Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?
Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.
What is the most likely reason?
Which backup utility captures the most information and tends to create the largest archives?
Using ClusterXL, what statement is true about the Sticky Decision Function?
Which Check Point software blade provides Application Security and identity control?
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?