Winter Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: av54zq84

Exact2Pass Menu

Question # 4

Which SmartConsole tab is used to monitor network and security performance?

A.

Manage & Settings

B.

Security Policies

C.

Gateway & Servers

D.

Logs & Monitor

Full Access
Question # 5

What is the default shell of Gaia CLI?

A.

clish

B.

Monitor

C.

Read-only

D.

Bash

Full Access
Question # 6

Choose what BEST describes users on Gaia Platform.

A.

There are two default users and neither can be deleted.

B.

There are two default users and one cannot be deleted.

C.

There is one default user that can be deleted.

D.

There is one default user that cannot be deleted.

Full Access
Question # 7

Which SmartConsole application shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns?

A.

SmartEvent

B.

SmartView Tracker

C.

SmartLog

D.

SmartView Monitor

Full Access
Question # 8

Which type of Check Point license ties the package license to the IP address of the Security Management Server?

A.

Central

B.

Corporate

C.

Local

D.

Formal

Full Access
Question # 9

Name the utility that is used to block activities that appear to be suspicious.

A.

Penalty Box

B.

Drop Rule in the rulebase

C.

Suspicious Activity Monitoring (SAM)

D.

Stealth rule

Full Access
Question # 10

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

A.

Formal

B.

Central

C.

Corporate

D.

Local

Full Access
Question # 11

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?

A.

Enterprise Network Security Appliances

B.

Rugged Appliances

C.

Scalable Platforms

D.

Small Business and Branch Office Appliances

Full Access
Question # 12

With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis?

A.

The complete communication is sent for inspection.

B.

The IP address of the source machine.

C.

The end user credentials.

D.

The host portion of the URL.

Full Access
Question # 13

Which of the following is used to initially create trust between a Gateway and Security Management Server?

A.

Internal Certificate Authority

B.

Token

C.

One-time Password

D.

Certificate

Full Access
Question # 14

Which method below is NOT one of the ways to communicate using the Management API’s?

A.

Typing API commands using the “mgmt_cli” command

B.

Typing API commands from a dialog box inside the SmartConsole GUI application

C.

Typing API commands using Gaia’s secure shell (clash)19+

D.

Sending API commands over an http connection using web-services

Full Access
Question # 15

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Full Access
Question # 16

Which two Identity Awareness commands are used to support identity sharing?

A.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

B.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

C.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

D.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

Full Access
Question # 17

What are the three main components of Check Point security management architecture?

A.

SmartConsole, Security Management, and Security Gateway

B.

Smart Console, Standalone, and Security Management

C.

SmartConsole, Security policy, and Logs & Monitoring

D.

GUI-Client, Security Management, and Security Gateway

Full Access
Question # 18

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

A.

UDP port 265

B.

TCP port 265

C.

UDP port 256

D.

TCP port 256

Full Access
Question # 19

Which type of attack can a firewall NOT prevent?

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Full Access
Question # 20

Which icon in the WebUI indicates that read/write access is enabled?

A.

Pencil

B.

Padlock

C.

Book

D.

Eyeglasses

Full Access
Question # 21

What is the purpose of Captive Portal?

A.

It manages user permission in SmartConsole

B.

It provides remote access to SmartConsole

C.

It authenticates users, allowing them access to the Internet and corporate resources

D.

It authenticates users, allowing them access to the Gaia OS

Full Access
Question # 22

Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

A.

AES-128

B.

AES-256

C.

DES

D.

3DES

Full Access
Question # 23

Which of the following is considered to be the more secure and preferred VPN authentication method?

A.

Password

B.

Certificate

C.

MD5

D.

Pre-shared secret

Full Access
Question # 24

After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

A.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default nexthop gateway address 192.168.80.1 onsave config

B.

add interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

C.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

D.

add interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default nexthop gateway address 192.168.80.1 onsave config

Full Access
Question # 25

When should you generate new licenses?

A.

Before installing contract files.

B.

After an RMA procedure when the MAC address or serial number of the appliance changes.

C.

When the existing license expires, license is upgraded or the IP-address where the license is tied changes.

D.

Only when the license is upgraded.

Full Access
Question # 26

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20 GB

D.

At least 20GB

Full Access
Question # 27

Which of the following is NOT a valid deployment option for R80?

A.

All-in-one (stand-alone)

B.

CloudGuard

C.

Distributed

D.

Bridge Mode

Full Access
Question # 28

URL Filtering cannot be used to:

A.

Control Bandwidth issues

B.

Control Data Security

C.

Improve organizational security

D.

Decrease legal liability

Full Access
Question # 29

Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

A.

IPS blade

B.

IPSEC VPN Blade

C.

Identity Awareness Blade

D.

Firewall Blade

Full Access
Question # 30

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?

A.

No, it will not work independently. Hit Count will be shown only for rules with Track options set as Log or alert

B.

Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway

C.

No, it will not work independently because hit count requires all rules to be logged

D.

Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways

Full Access
Question # 31

Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

A.

Down

B.

No Response

C.

Inactive

D.

Failed

Full Access
Question # 32

When using Automatic Hide NAT, what is enabled by default?

A.

Source Port Address Translation (PAT)

B.

Static NAT

C.

Static Route

D.

HTTPS Inspection

Full Access
Question # 33

Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Full Access
Question # 34

What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

A.

A host route to route to the destination IP

B.

Use the file local.arp to add the ARP entries for NAT to work

C.

Nothing, the Gateway takes care of all details necessary

D.

Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Full Access
Question # 35

Application Control/URL filtering database library is known as:

A.

Application database

B.

AppWiki

C.

Application-Forensic Database

D.

Application Library

Full Access
Question # 36

What is the Transport layer of the TCP/IP model responsible for?

A.

It transports packets as datagrams along different routes to reach their destination.

B.

It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.

C.

It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.

D.

It deals with all aspects of the physical components of network connectivity and connects with different network types.

Full Access
Question # 37

What are the steps to configure the HTTPS Inspection Policy?

A.

Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard

B.

Go to Application&url filtering blade > Advanced > Https Inspection > Policy

C.

Go to Manage&Settings > Blades > HTTPS Inspection > Policy

D.

Go to Application&url filtering blade > Https Inspection > Policy

Full Access
Question # 38

Secure Internal Communication (SIC) is handled by what process?

A.

CPM

B.

HTTPS

C.

FWD

D.

CPD

Full Access
Question # 39

Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

A.

Save Policy

B.

Install Database

C.

Save session

D.

Install Policy

Full Access
Question # 40

In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?

A.

Logging & Monitoring

B.

None - the data is available by default

C.

Monitoring Blade

D.

SNMP

Full Access
Question # 41

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?

A.

The zone is based on the network topology and determined according to where the interface leads to.

B.

Security Zones are not supported by Check Point firewalls.

C.

The firewall rule can be configured to include one or more subnets in a zone.

D.

The local directly connected subnet defined by the subnet IP and subnet mask.

Full Access
Question # 42

Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.

A.

Sent to the Internal Certificate Authority.

B.

Sent to the Security Administrator.

C.

Stored on the Security Management Server.

D.

Stored on the Certificate Revocation List.

Full Access
Question # 43

You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

A.

Identity Awareness is not enabled.

B.

Log Trimming is enabled.

C.

Logging has disk space issues

D.

Content Awareness is not enabled.

Full Access
Question # 44

How is communication between different Check Point components secured in R80? As with all questions, select the best answer.

A.

By using IPSEC

B.

By using SIC

C.

By using ICA

D.

By using 3DES

Full Access
Question # 45

Which of the following situations would not require a new license to be generated and installed?

A.

The Security Gateway is upgraded.

B.

The existing license expires.

C.

The license is upgraded.

D.

The IP address of the Security Management or Security Gateway has changed.

Full Access
Question # 46

Which two Identity Awareness daemons are used to support identity sharing?

A.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

B.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

C.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

D.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Full Access
Question # 47

After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?

A.

The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.

B.

Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server.

C.

The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server.

D.

Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server.

Full Access
Question # 48

Which key is created during Phase 2 of a site-to-site VPN?

A.

Pre-shared secret

B.

Diffie-Hellman Public Key

C.

Symmetrical IPSec key

D.

Diffie-Hellman Private Key

Full Access
Question # 49

Which path below is available only when CoreXL is enabled?

A.

Slow path

B.

Firewall path

C.

Medium path

D.

Accelerated path

Full Access
Question # 50

Which is a main component of the Check Point security management architecture?

A.

Identity Collector

B.

Endpoint VPN client

C.

SmartConsole

D.

Proxy Server

Full Access
Question # 51

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

Full Access