Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Which Check Point Software Wade provides visibility of users, groups and machines while also providing access control through identity-based policies?

A.

Firewall

B.

Identity Awareness

C.

Application Control

D.

URL Filtering

Full Access
Question # 5

Which of these is NOT a feature or benefit of Application Control?

A.

Eliminate unknown and unwanted applications in your network to reduce IT complexity and application risk.

B.

Identify and control which applications are in your IT environment and which to add to the IT environment.

C.

Scans the content of files being downloaded by users in order to make policy decisions.

D.

Automatically identify trusted software that has authorization to run

Full Access
Question # 6

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

A.

SND is a feature to accelerate multiple SSL VPN connections

B.

SND is an alternative to IPSec Main Mode, using only 3 packets

C.

SND is used to distribute packets among Firewall instances

D.

SND is a feature of fw monitor to capture accelerated packets

Full Access
Question # 7

What is the BEST method to deploy Identity Awareness for roaming users?

A.

Use Office Mode

B.

Use identity agents

C.

Share user identities between gateways

D.

Use captive portal

Full Access
Question # 8

The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?

A.

The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.

B.

No action is required if the firewall has internet access and a DNS server to resolve domain names.

C.

Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.

D.

The cpinfo command must be run on the firewall with the switch -online-license-activation.

Full Access
Question # 9

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

A.

All Site-to-Site VPN Communities

B.

Accept all encrypted traffic

C.

All Connections (Clear or Encrypted)

D.

Specific VPN Communities

Full Access
Question # 10

SmartEvent does NOT use which of the following procedures to identity events:

A.

Matching a log against each event definition

B.

Create an event candidate

C.

Matching a log against local exclusions

D.

Matching a log against global exclusions

Full Access
Question # 11

From SecureXL perspective, what are the tree paths of traffic flow:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Full Access
Question # 12

The SmartEvent R80 Web application for real-time event monitoring is called:

A.

SmartView Monitor

B.

SmartEventWeb

C.

There is no Web application for SmartEvent

D.

SmartView

Full Access
Question # 13

You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?

A.

backup

B.

logswitch

C.

Database Revision

D.

snapshot

Full Access
Question # 14

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

A.

Full

B.

Custom

C.

Complete

D.

Light

Full Access
Question # 15

Which back up method uses the command line to create an image of the OS?

A.

System backup

B.

Save Configuration

C.

Migrate

D.

snapshot

Full Access
Question # 16

What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?

A.

S

B.

W

C.

C

D.

Space bar

Full Access
Question # 17

If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

A.

Log Implied Rule was not set correctly on the track column on the rules base.

B.

Track log column is set to Log instead of Full Log.

C.

Track log column is set to none.

D.

Log Implied Rule was not selected on Global Properties.

Full Access
Question # 18

Where can alerts be viewed?

A.

Alerts can be seen in SmartView Monitor

B.

Alerts can be seen in the Threat Prevention policy.

C.

Alerts can be seen in SmartUpdate.

D.

Alerts can be seen from the CLI of the gateway.

Full Access
Question # 19

Which of the following is a valid deployment option?

A.

CloudSec deployment

B.

Disliked deployment

C.

Router only deployment

D.

Standalone deployment

Full Access
Question # 20

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

A.

SmartDashboard

B.

SmartEvent

C.

SmartView Monitor

D.

SmartUpdate

Full Access
Question # 21

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?

A.

Enterprise Network Security Appliances

B.

Rugged Appliances

C.

Scalable Platforms

D.

Small Business and Branch Office Appliances

Full Access
Question # 22

Fill in the blanks: There are ________ types of software containers ________.

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Full Access
Question # 23

Which of the following is NOT an option to calculate the traffic direction?

A.

Incoming

B.

Internal

C.

External

D.

Outgoing

Full Access
Question # 24

Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway. Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?

A.

1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway’s external IP.3. Publish and install the policy.

B.

1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish the policy.

C.

1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish and install the policy.

D.

1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway’s external IP.3. Publish the policy.

Full Access
Question # 25

Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?

A.

Export R80 configuration, clean install R80.10 and import the configuration

B.

CPUSE online upgrade

C.

CPUSE offline upgrade

D.

SmartUpdate upgrade

Full Access
Question # 26

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Full Access
Question # 27

Which is a main component of the Check Point security management architecture?

A.

Identity Collector

B.

Endpoint VPN client

C.

SmartConsole

D.

Proxy Server

Full Access
Question # 28

Which statement is TRUE of anti-spoofing?

A.

Anti-spoofing is not needed when IPS software blade is enabled

B.

It is more secure to create anti-spoofing groups manually

C.

It is BEST Practice to have anti-spoofing groups in sync with the routing table

D.

With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change

Full Access
Question # 29

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?

A.

Application Control

B.

Threat Emulation

C.

Logging and Status

D.

Monitoring

Full Access
Question # 30

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Full Access
Question # 31

Under which file is the proxy arp configuration stored?

A.

$FWDIR/state/proxy_arp.conf on the management server

B.

$FWDIR/conf/local.arp on the management server

C.

$FWDIR/state/_tmp/proxy.arp on the security gateway

D.

$FWDIR/conf/local.arp on the gateway

Full Access
Question # 32

What is the order of NAT priorities?

A.

IP pool NAT static NAT. hide NAT

B.

Static NAT hide NAT, IP pool NAT

C.

Static NAT, IP pool NAT hide NAT

D.

Static NAT automatic NAT hide NAT

Full Access
Question # 33

Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

A.

IPS blade

B.

IPSEC VPN Blade

C.

Identity Awareness Blade

D.

Firewall Blade

Full Access
Question # 34

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

A.

Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.

B.

Windows registry is available for future Security Management Server authentications.

C.

There is no memory used for saving a fingerprint anyway.

D.

SmartConsole cache is available for future Security Management Server authentications.

Full Access
Question # 35

Fill in the blanks: The _______ collects logs and sends them to the _______.

A.

Log server; Security Gateway

B.

Log server; security management server

C.

Security management server; Security Gateway

D.

Security Gateways; log server

Full Access
Question # 36

Why is a Central License the preferred and recommended method of licensing?

A.

Central Licensing is actually not supported with Gaia.

B.

Central Licensing is the only option when deploying Gaia

C.

Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed.

D.

Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes.

Full Access
Question # 37

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Full Access
Question # 38

Fill in the blank: The _____ feature allows administrators to share a policy with other policy packages.

A.

Concurrent policy packages

B.

Concurrent policies

C.

Global Policies

D.

Shared policies

Full Access
Question # 39

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

A.

Formal

B.

Central

C.

Corporate

D.

Local

Full Access
Question # 40

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Full Access
Question # 41

By default, which port does the WebUI listen on?

A.

8080

B.

80

C.

4434

D.

443

Full Access
Question # 42

Fill in the blanks: A Check Point software license consists of a__________ and _______.

A.

Software blade; software container

B.

Software package: signature

C.

Signature; software blade

D.

Software container software package

Full Access
Question # 43

Which command shows detailed information about VPN tunnels?

A.

cat $FWDlR/conf/vpn.conf

B.

vpn tu tlist

C.

vpn tu

D.

cpview

Full Access
Question # 44

What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

A.

ifconfig -a

B.

show interfaces

C.

show interfaces detail

D.

show configuration interface

Full Access
Question # 45

To enforce the Security Policy correctly, a Security Gateway requires:

A.

a routing table

B.

awareness of the network topology

C.

a Demilitarized Zone

D.

a Security Policy install

Full Access
Question # 46

Choose what BEST describes the reason why querying logs now is very fast.

A.

New Smart-1 appliances double the physical memory install

B.

Indexing Engine indexes logs for faster search results

C.

SmartConsole now queries results directly from the Security Gateway

D.

The amount of logs been store is less than the usual in older versions

Full Access
Question # 47

What is the SOLR database for?

A.

Used for full text search and enables powerful matching capabilities

B.

Writes data to the database and full text search

C.

Serves GUI responsible to transfer request to the DLE server

D.

Enables powerful matching capabilities and writes data to the database

Full Access
Question # 48

You want to store the GAiA configuration in a file for later reference. What command should you use?

A.

write mem

B.

show config -f

C.

save config -o

D.

save configuration

Full Access
Question # 49

What kind of NAT enables Source Port Address Translation by default?

A.

Automatic Static NAT

B.

Manual Hide NAT

C.

Automatic Hide NAT

D.

Manual Static NAT

Full Access
Question # 50

Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?

A.

Manual NAT can offer more flexibility than Automatic NAT.

B.

Dynamic Network Address Translation (NAT) Overloading can offer more flexibility than Port Address Translation.

C.

Dynamic NAT with Port Address Translation can offer more flexibility than Network Address Translation (NAT) Overloading.

D.

Automatic NAT can offer more flexibility than Manual NAT.

Full Access
Question # 51

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int fwha vmac global param enabled; result of command should return value 1

C.

cphaprob –a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Full Access
Question # 52

SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

A.

Smart Cloud Services

B.

Load Sharing Mode Services

C.

Threat Agent Solution

D.

Public Cloud Services

Full Access
Question # 53

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?

A.

The zone is based on the network topology and determined according to where the interface leads to.

B.

Security Zones are not supported by Check Point firewalls.

C.

The firewall rule can be configured to include one or more subnets in a zone.

D.

The local directly connected subnet defined by the subnet IP and subnet mask.

Full Access
Question # 54

Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?

A.

Windows Management Instrumentation (WMI)

B.

Hypertext Transfer Protocol Secure (HTTPS)

C.

Lightweight Directory Access Protocol (LDAP)

D.

Remote Desktop Protocol (RDP)

Full Access
Question # 55

Which statement describes what Identity Sharing is in Identity Awareness?

A.

Management servers can acquire and share identities with Security Gateways

B.

Users can share identities with other users

C.

Security Gateways can acquire and share identities with other Security Gateways

D.

Administrators can share identifies with other administrators

Full Access
Question # 56

What command would show the API server status?

A.

cpm status

B.

api restart

C.

api status

D.

show api status

Full Access
Question # 57

Which tool is used to enable ClusterXL?

A.

SmartUpdate

B.

cpconfig

C.

SmartConsole

D.

sysconfig

Full Access
Question # 58

An administrator wishes to use Application objects in a rule in their policy but there are no Application objects listed as options to add when clicking the"+" to add new items to the "Services & Applications" column of a rule. What should be done to fix this?

A.

The administrator should drag-and-drop the needed Application objects from the Object Explorer into the new rule

B.

The "Application Control" blade should be enabled on a gateway

C.

"Applications & URL Filtering" should first be enabled on the policy layer where the rule is being created.

D.

The administrator should first create some applications to add to the rule.

Full Access
Question # 59

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

A.

Symmetric routing

B.

Failovers

C.

Asymmetric routing

D.

Anti-Spoofing

Full Access
Question # 60

Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

A.

The firewall topologies

B.

NAT Rules

C.

The Rule Base

D.

The VPN Domains

Full Access
Question # 61

What is the purpose of a Clean-up Rule?

A.

Clean-up Rules do not server any purpose.

B.

Provide a metric for determining unnecessary rules.

C.

To drop any traffic that is not explicitly allowed.

D.

Used to better optimize a policy.

Full Access
Question # 62

Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Full Access
Question # 63

What protocol is specifically used for clustered environments?

A.

Clustered Protocol

B.

Synchronized Cluster Protocol

C.

Control Cluster Protocol

D.

Cluster Control Protocol

Full Access
Question # 64

A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?

A.

Anti-Bot protection

B.

Anti-Malware protection

C.

Policy-based routing

D.

Suspicious Activity Monitoring (SAM) rules

Full Access
Question # 65

Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________.

A.

On all satellite gateway to satellite gateway tunnels

B.

On specific tunnels for specific gateways

C.

On specific tunnels in the community

D.

On specific satellite gateway to central gateway tunnels

Full Access
Question # 66

Stateful Inspection compiles and registers connections where?

A.

Connection Cache

B.

State Cache

C.

State Table

D.

Network Table

Full Access
Question # 67

To increase security, the administrator has modified the Core protection ‘Host Port Scan’ from ‘Medium’ to ‘High’ Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes?

A.

The Access Control and Threat Prevention Policies.

B.

The Access Control Policy.

C.

The Access Control & HTTPS Inspection Policy.

D.

The Threat Prevention Policy.

Full Access
Question # 68

A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

A.

In the system SMEM memory pool.

B.

In State tables.

C.

In the Sessions table.

D.

In a CSV file on the firewall hard drive located in $FWDIR/conf/.

Full Access
Question # 69

DLP and Geo Policy are examples of what type of Policy?

A.

Inspection Policies

B.

Shared Policies

C.

Unified Policies

D.

Standard Policies

Full Access
Question # 70

R80 is supported by which of the following operating systems:

A.

Windows only

B.

Gaia only

C.

Gaia, SecurePlatform, and Windows

D.

SecurePlatform only

Full Access
Question # 71

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

A.

UDP port 265

B.

TCP port 265

C.

UDP port 256

D.

TCP port 256

Full Access
Question # 72

When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?

A.

SmartConsole installed device

B.

Check Point user center

C.

Security Management Server

D.

Security Gateway

Full Access
Question # 73

Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway?

A.

Data Loss Prevention

B.

Antivirus

C.

Application Control

D.

NAT

Full Access
Question # 74

How many users can have read/write access in Gaia Operating System at one time?

A.

One

B.

Three

C.

Two

D.

Infinite

Full Access
Question # 75

Which two Identity Awareness daemons are used to support identity sharing?

A.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

B.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

C.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

D.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Full Access
Question # 76

Which two Identity Awareness commands are used to support identity sharing?

A.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

B.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

C.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

D.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

Full Access
Question # 77

Which method below is NOT one of the ways to communicate using the Management API’s?

A.

Typing API commands using the “mgmt_cli” command

B.

Typing API commands from a dialog box inside the SmartConsole GUI application

C.

Typing API commands using Gaia’s secure shell (clash)19+

D.

Sending API commands over an http connection using web-services

Full Access
Question # 78

What is the main difference between Threat Extraction and Threat Emulation?

A.

Threat Emulation never delivers a file and takes more than 3 minutes to complete

B.

Threat Extraction always delivers a file and takes less than a second to complete

C.

Threat Emulation never delivers a file that takes less than a second to complete

D.

Threat Extraction never delivers a file and takes more than 3 minutes to complete

Full Access
Question # 79

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

A.

Go to clash-Run cpstop | Run cpstart

B.

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway

C.

Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores

D.

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

Full Access
Question # 80

What are the three deployment considerations for a secure network?

A.

Distributed, Bridge Mode, and Remote

B.

Bridge Mode, Remote, and Standalone

C.

Remote, Standalone, and Distributed

D.

Standalone, Distributed, and Bridge Mode

Full Access
Question # 81

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

A.

Distributed

B.

Standalone

C.

Bridge Mode

D.

Targeted

Full Access
Question # 82

The CDT utility supports which of the following?

A.

Major version upgrades to R77.30

B.

Only Jumbo HFA’s and hotfixes

C.

Only major version upgrades to R80.10

D.

All upgrades

Full Access
Question # 83

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

A.

Go to clash-Run cpstop | Run cpstart

B.

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway

C.

Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores

D.

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

Full Access
Question # 84

Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

A.

Down

B.

No Response

C.

Inactive

D.

Failed

Full Access
Question # 85

When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take?

A.

SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required.

B.

The policy type SAM must be added to the Policy Package and a new SAM rule must be applied. Simply Publishing the changes applies the SAM rule on the firewall.

C.

The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters.

D.

The administrator should open the LOGS & MONITOR view and find the relevant log. Right clicking on the log entry will show the Create New SAM rule option.

Full Access
Question # 86

Which of the following situations would not require a new license to be generated and installed?

A.

The Security Gateway is upgraded.

B.

The existing license expires.

C.

The license is upgraded.

D.

The IP address of the Security Management or Security Gateway has changed.

Full Access
Question # 87

You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

A.

fw ctl multik dynamic_dispatching on

B.

fw ctl multik dynamic_dispatching set_mode 9

C.

fw ctl multik set_mode 9

D.

fw ctl miltik pq enable

Full Access
Question # 88

To view the policy installation history for each gateway, which tool would an administrator use?

A.

Revisions

B.

Gateway installations

C.

Installation history

D.

Gateway history

Full Access
Question # 89

Which message indicates IKE Phase 2 has completed successfully?

A.

Quick Mode Complete

B.

Aggressive Mode Complete

C.

Main Mode Complete

D.

IKE Mode Complete

Full Access
Question # 90

You want to store the GAiA configuration in a file for later reference. What command should you use?

A.

write mem

B.

show config -f

C.

save config -o

D.

save configuration

Full Access
Question # 91

Which type of attack can a firewall NOT prevent?

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Full Access
Question # 92

A SAM rule Is implemented to provide what function or benefit?

A.

Allow security audits.

B.

Handle traffic as defined in the policy.

C.

Monitor sequence activity.

D.

Block suspicious activity.

Full Access
Question # 93

When using Automatic Hide NAT, what is enabled by default?

A.

Source Port Address Translation (PAT)

B.

Static NAT

C.

Static Route

D.

HTTPS Inspection

Full Access
Question # 94

Which of the following is NOT supported by Bridge Mode Check Point Security Gateway

A.

Antivirus

B.

Data Loss Prevention

C.

NAT

D.

Application Control

Full Access
Question # 95

What default layers are included when creating a new policy layer?

A.

Application Control, URL Filtering and Threat Prevention

B.

Access Control, Threat Prevention and HTTPS Inspection

C.

Firewall, Application Control and IPSec VPN

D.

Firewall, Application Control and IPS

Full Access
Question # 96

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

A.

I have changed this rule

B.

Someone else has changed this rule

C.

This rule is managed by check point’s SOC

D.

This rule can’t be changed as it’s an implied rule

Full Access
Question # 97

Fill in the blank: Back up and restores can be accomplished through_________.

A.

SmartConsole, WebUI, or CLI

B.

WebUI, CLI, or SmartUpdate

C.

CLI, SmartUpdate, or SmartBackup

D.

SmartUpdate, SmartBackup, or SmartConsole

Full Access
Question # 98

When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

A.

Log, send snmp trap, email

B.

Drop packet, alert, none

C.

Log, alert, none

D.

Log, allow packets, email

Full Access
Question # 99

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

A.

Captive Portal and Transparent Kerberos Authentication

B.

UserCheck

C.

User Directory

D.

Captive Portal

Full Access
Question # 100

From SecureXL perspective, what are the tree paths of traffic flow:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Full Access
Question # 101

Which of the following is NOT a component of Check Point Capsule?

A.

Capsule Docs

B.

Capsule Cloud

C.

Capsule Enterprise

D.

Capsule Workspace

Full Access
Question # 102

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

A.

INSPECT Engine

B.

Next-Generation Firewall

C.

Packet Filtering

D.

Application Layer Firewall

Full Access
Question # 103

Which of the following is NOT an advantage to using multiple LDAP servers?

A.

You achieve a faster access time by placing LDAP servers containing the database at remote sites

B.

You achieve compartmentalization by allowing a large number of users to be distributed across several servers

C.

Information on a user is hidden, yet distributed across several servers.

D.

You gain High Availability by replicating the same information on several servers

Full Access
Question # 104

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

A.

SmartManager

B.

SmartConsole

C.

Security Gateway

D.

Security Management Server

Full Access
Question # 105

Fill in the blanks: The Application Layer Firewalls inspect traffic through the ______ layer(s) of the TCP/IP model and up to and including the ______ layer.

A.

Upper; Application

B.

First two; Internet

C.

Lower; Application

D.

First two; Transport

Full Access
Question # 106

To view statistics on detected threats, which Threat Tool would an administrator use?

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Full Access
Question # 107

Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

A.

DLP shared policy

B.

Geo policy shared policy

C.

Mobile Access software blade

D.

HTTPS inspection

Full Access
Question # 108

Log query results can be exported to what file format?

A.

Word Document (docx)

B.

Comma Separated Value (csv)

C.

Portable Document Format (pdf)

D.

Text (txt)

Full Access
Question # 109

Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?

A.

file attributes

B.

application information

C.

destination port

D.

data type information

Full Access
Question # 110

Which of the following is NOT a role of the SmartCenter:

A.

Status monitoring

B.

Policy configuration

C.

Certificate authority

D.

Address translation

Full Access
Question # 111

Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.

What is the most likely reason?

A.

Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole. Check that the correct key details are used.

B.

Check Point Management software authentication details are not automatically the same as the Operating System authentication details. Check that she is using the correct details.

C.

SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions.

D.

Authentication failed because Vanessa’s username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia.

Full Access
Question # 112

Which backup utility captures the most information and tends to create the largest archives?

A.

backup

B.

snapshot

C.

Database Revision

D.

migrate export

Full Access
Question # 113

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

Full Access
Question # 114

: 370

What technologies are used to deny or permit network traffic?

A.

Stateful Inspection. Firewall Blade, and URL'Application Blade

B.

Packet Filtenng. Stateful Inspection, and Application Layer Firewall

C.

Firewall Blade. URL/Application Blade and IPS

D.

Stateful Inspection. URL/Application Blade, and Threat Prevention

Full Access
Question # 115

Which Check Point software blade provides Application Security and identity control?

A.

Identity Awareness

B.

Data Loss Prevention

C.

URL Filtering

D.

Application Control

Full Access
Question # 116

Which encryption algorithm is the least secured?

A.

3DES

B.

AES-128

C.

DES

D.

AES-256

Full Access
Question # 117

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

A.

fwd

B.

fwm

C.

cpd

D.

cpwd

Full Access