Summer Goodies - 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: av5rz84q

Exact2Pass Menu

Question # 4

To ensure that VMAC mode is enabled, which CLI command should you run on all cluster members?

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int vmac global param enabled; result of command should return value 1

C.

cphaprob-a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Full Access
Question # 5

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated.

What is the most likely reason that the traffic is not accelerated?

A.

There is a virus found. Traffic is still allowed but not accelerated.

B.

The connection required a Security server.

C.

Acceleration is not enabled.

D.

The traffic is originating from the gateway itself.

Full Access
Question # 6

SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:

A.

ping, traceroute, netstat, and route

B.

ping, nslookup, Telnet, and route

C.

ping, whois, nslookup, and Telnet

D.

ping, traceroute, netstat, and nslookup

Full Access
Question # 7

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

A.

Run cprestart from clish

B.

After upgrading the hardware, increase the number of kernel instances using cpconfig

C.

Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores

D.

Hyperthreading must be enabled in the bios to use CoreXL

Full Access
Question # 8

SmartEvent uses it's event policy to identify events. How can this be customized?

A.

By modifying the firewall rulebase

B.

By creating event candidates

C.

By matching logs against exclusions

D.

By matching logs against event rules

Full Access
Question # 9

Ken wants to obtain a configuration lock from other administrator on R81 Security Management Server. He can do this via WebUI or via CLI.

Which command should he use in CLI? (Choose the correct answer.)

A.

remove database lock

B.

The database feature has one command lock database override.

C.

override database lock

D.

The database feature has two commands lock database override and unlock database. Both will work.

Full Access
Question # 10

Which file gives you a list of all security servers in use, including port number?

A.

$FWDIR/conf/conf.conf

B.

$FWDIR/conf/servers.conf

C.

$FWDIR/conf/fwauthd.conf

D.

$FWDIR/conf/serversd.conf

Full Access
Question # 11

Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.

Which details she need to fill in System Restore window before she can click OK button and test the backup?

A.

Server, SCP, Username, Password, Path, Comment, Member

B.

Server, TFTP, Username, Password, Path, Comment, All Members

C.

Server, Protocol, Username, Password, Path, Comment, All Members

D.

Server, Protocol, username Password, Path, Comment, Member

Full Access
Question # 12

How would you enable VMAC Mode in ClusterXL?

A.

Cluster Object -> Edit -> ClusterXL and VRRP -> Use Virtual MAC

B.

fw ctl set int vmac_mode 1

C.

cphaconf vmac_mode set 1

D.

Cluster Object -> Edit -> Cluster Members -> Edit -> Use Virtual MAC

Full Access
Question # 13

How is communication between different Check Point components secured in R81? As with all questions, select the BEST answer.

A.

By using IPSEC

B.

By using SIC

C.

By using ICA

D.

By using 3DES

Full Access
Question # 14

What is the command to show SecureXL status?

A.

fwaccel status

B.

fwaccel stats -m

C.

fwaccel -s

D.

fwaccel stat

Full Access
Question # 15

What CLI command compiles and installs a Security Policy on the target’s Security Gateways?

A.

fwm compile

B.

fwm load

C.

fwm fetch

D.

fwm install

Full Access
Question # 16

Which view is NOT a valid CPVIEW view?

A.

IDA

B.

RAD

C.

PDP

D.

VPN

Full Access
Question # 17

In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

A.

Big l

B.

Little o

C.

Little i

D.

Big O

Full Access
Question # 18

Can multiple administrators connect to a Security Management Server at the same time?

A.

No, only one can be connected

B.

Yes, all administrators can modify a network object at the same time

C.

Yes, every administrator has their own username, and works in a session that is independent of other administrators.

D.

Yes, but only one has the right to write.

Full Access
Question # 19

What is mandatory for ClusterXL to work properly?

A.

The number of cores must be the same on every participating cluster node

B.

The Magic MAC number must be unique per cluster node

C.

The Sync interface must not have an IP address configured

D.

If you have “Non-monitored Private” interfaces, the number of those interfaces must be the same on all cluster members

Full Access
Question # 20

What are the main stages of a policy installations?

A.

Verification & Compilation, Transfer and Commit

B.

Verification & Compilation, Transfer and Installation

C.

Verification, Commit, Installation

D.

Verification, Compilation & Transfer, Installation

Full Access
Question # 21

What are types of Check Point APIs available currently as part of R81.10 code?

A.

Security Gateway API Management API, Threat Prevention API and Identity Awareness Web Services API

B.

Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API

C.

OSE API, OPSEC SDK API, Threat Extraction API and Policy Editor API

D.

CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API

Full Access
Question # 22

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

A.

ThreatWiki

B.

Whitelist Files

C.

AppWiki

D.

IPS Protections

Full Access
Question # 23

What is UserCheck?

A.

Messaging tool used to verify a user’s credentials.

B.

Communication tool used to inform a user about a website or application they are trying to access.

C.

Administrator tool used to monitor users on their network.

D.

Communication tool used to notify an administrator when a new user is created.

Full Access
Question # 24

Fill in the blanks. There are ________ types of software containers: ___________.

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security Gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Full Access
Question # 25

Bob needs to know if Alice was configuring the new virtual cluster interface correctly. Which of the following Check Point commands is true?

A.

cphaprob-aif

B.

cp hap rob state

C.

cphaprob list

D.

probcpha -a if

Full Access
Question # 26

What does the Log "Views" tab show when SmartEvent is Correlating events?

A.

A list of common reports

B.

Reports for customization

C.

Top events with charts and graphs

D.

Details of a selected logs

Full Access
Question # 27

Which of the following is NOT a type of Endpoint Identity Agent?

A.

Terminal

B.

Light

C.

Full

D.

Custom

Full Access
Question # 28

Fill in the blank: An identity server uses a __________ for user authentication.

A.

Shared secret

B.

Certificate

C.

One-time password

D.

Token

Full Access
Question # 29

When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or ________.

A.

SecureID

B.

SecurID

C.

Complexity

D.

TacAcs

Full Access
Question # 30

What must you do first if “fwm sic_reset” could not be completed?

A.

Cpstop then find keyword “certificate” in objects_5_0.C and delete the section

B.

Reinitialize SIC on the security gateway then run “fw unloadlocal”

C.

Reset SIC from Smart Dashboard

D.

Change internal CA via cpconfig

Full Access
Question # 31

Which statement is correct about the Sticky Decision Function?

A.

It is not supported with either the Performance pack of a hardware based accelerator card

B.

Does not support SPI’s when configured for Load Sharing

C.

It is automatically disabled if the Mobile Access Software Blade is enabled on the cluster

D.

It is not required L2TP traffic

Full Access
Question # 32

Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?

A.

You can assign only one profile per gateway and a profile can be assigned to one rule Only.

B.

You can assign multiple profiles per gateway and a profile can be assigned to one rule only.

C.

You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.

D.

You can assign only one profile per gateway and a profile can be assigned to one or more rules.

Full Access
Question # 33

NO: 155

You need to see which hotfixes are installed on your gateway, which command would you use?

A.

cpinfo –h all

B.

cpinfo –o hotfix

C.

cpinfo –l hotfix

D.

cpinfo –y all

Full Access
Question # 34

To add a file to the Threat Prevention Whitelist, what two items are needed?

A.

File name and Gateway

B.

Object Name and MD5 signature

C.

MD5 signature and Gateway

D.

IP address of Management Server and Gateway

Full Access
Question # 35

When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:

A.

Threat Emulation

B.

HTTPS

C.

QOS

D.

VoIP

Full Access
Question # 36

Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies ae sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Full Access
Question # 37

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

Full Access
Question # 38

What does it mean if Deyra sees the gateway status? (Choose the BEST answer.)

A.

SmartCenter Server cannot reach this Security Gateway.

B.

There is a blade reporting a problem.

C.

VPN software blade is reporting a malfunction.

D.

Security Gateway’s MGNT NIC card is disconnected.

Full Access
Question # 39

fwssd is a child process of which of the following Check Point daemons?

A.

fwd

B.

cpwd

C.

fwm

D.

cpd

Full Access
Question # 40

Which command will allow you to see the interface status?

A.

cphaprob interface

B.

cphaprob –I interface

C.

cphaprob –a if

D.

cphaprob stat

Full Access
Question # 41

Which statement is true regarding redundancy?

A.

System Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob –f if command.

B.

ClusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast.

C.

Machines in a ClusterXL High Availability configuration must be synchronized.

D.

Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments.

Full Access
Question # 42

Which packet info is ignored with Session Rate Acceleration?

A.

source port ranges

B.

source ip

C.

source port

D.

same info from Packet Acceleration is used

Full Access
Question # 43

What is the minimum amount of RAM needed for a Threat Prevention Appliance?

A.

6 GB

B.

8GB with Gaia in 64-bit mode

C.

4 GB

D.

It depends on the number of software blades enabled

Full Access
Question # 44

Connections to the Check Point R81 Web API use what protocol?

A.

HTTPS

B.

RPC

C.

VPN

D.

SIC

Full Access
Question # 45

What are the different command sources that allow you to communicate with the API server?

A.

SmartView Monitor, API_cli Tool, Gaia CLI, Web Services

B.

SmartConsole GUI Console, mgmt_cli Tool, Gaia CLI, Web Services

C.

SmartConsole GUI Console, API_cli Tool, Gaia CLI, Web Services

D.

API_cli Tool, Gaia CLI, Web Services

Full Access
Question # 46

Which of the following describes how Threat Extraction functions?

A.

Detect threats and provides a detailed report of discovered threats.

B.

Proactively detects threats.

C.

Delivers file with original content.

D.

Delivers PDF versions of original files with active content removed.

Full Access
Question # 47

In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Stateful Mode configuration, chain modules marked with __________________ will not apply.

A.

ffff

B.

1

C.

3

D.

2

Full Access
Question # 48

Where do you create and modify the Mobile Access policy in R81?

A.

SmartConsole

B.

SmartMonitor

C.

SmartEndpoint

D.

SmartDashboard

Full Access
Question # 49

What are the steps to configure the HTTPS Inspection Policy?

A.

Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard

B.

Go to Application&url filtering blade > Advanced > Https Inspection > Policy

C.

Go to Manage&Settings > Blades > HTTPS Inspection > Policy

D.

Go to Application&url filtering blade > Https Inspection > Policy

Full Access
Question # 50

John is using Management HA. Which Smartcenter should be connected to for making changes?

A.

secondary Smartcenter

B.

active Smartenter

C.

connect virtual IP of Smartcenter HA

D.

primary Smartcenter

Full Access
Question # 51

Which command shows detailed information about VPN tunnels?

A.

cat $FWDIR/conf/vpn.conf

B.

vpn tu tlist

C.

vpn tu

D.

cpview

Full Access
Question # 52

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

A.

UDP port 265

B.

TCP port 265

C.

UDP port 256

D.

TCP port 256

Full Access
Question # 53

What is the SandBlast Agent designed to do?

A.

Performs OS-level sandboxing for SandBlast Cloud architecture

B.

Ensure the Check Point SandBlast services is running on the end user’s system

C.

If malware enters an end user’s system, the SandBlast Agent prevents the malware from spreading with the network

D.

Clean up email sent with malicious attachments

Full Access
Question # 54

R81.10 management server can manage gateways with which versions installed?

A.

Versions R77 and higher

B.

Versions R76 and higher

C.

Versions R75.20 and higher

D.

Versions R75 and higher

Full Access
Question # 55

The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?

A.

add host name ip-address

B.

add hostname ip-address

C.

set host name ip-address

D.

set hostname ip-address

Full Access
Question # 56

Which of the following process pulls application monitoring status?

A.

fwd

B.

fwm

C.

cpwd

D.

cpd

Full Access
Question # 57

When an encrypted packet is decrypted, where does this happen?

A.

Security policy

B.

Inbound chain

C.

Outbound chain

D.

Decryption is not supported

Full Access
Question # 58

Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

A.

50%

B.

75%

C.

80%

D.

15%

Full Access
Question # 59

How do Capsule Connect and Capsule Workspace differ?

A.

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications.

B.

Capsule Workspace can provide access to any application.

C.

Capsule Connect provides Business data isolation.

D.

Capsule Connect does not require an installed application at client.

Full Access
Question # 60

At what point is the Internal Certificate Authority (ICA) created?

A.

Upon creation of a certificate.

B.

During the primary Security Management Server installation process.

C.

When an administrator decides to create one.

D.

When an administrator initially logs into SmartConsole.

Full Access
Question # 61

What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?

A.

Idle <20%

B.

USR <20%

C.

SYS <20%

D.

Wait <20%

Full Access
Question # 62

What traffic does the Anti-bot feature block?

A.

Command and Control traffic from hosts that have been identified as infected

B.

Command and Control traffic to servers with reputation for hosting malware

C.

Network traffic that is directed to unknown or malicious servers

D.

Network traffic to hosts that have been identified as infected

Full Access
Question # 63

Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?

A.

Severity

B.

Automatic reactions

C.

Policy

D.

Threshold

Full Access
Question # 64

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

A.

Symmetric routing

B.

Failovers

C.

Asymmetric routing

D.

Anti-Spoofing

Full Access
Question # 65

To find records in the logs that shows log records from the Application & URL Filtering Software Blade where traffic was dropped, what would be the query syntax?

A.

blada: application control AND action:drop

B.

blade."application control AND action;drop

C.

(blade: application control AND action;drop)

D.

blade;"application control AND action:drop

Full Access
Question # 66

Which component is NOT required to communicate with the Web Services API?

A.

API key

B.

session ID token

C.

content-type

D.

Request payload

Full Access
Question # 67

You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

A.

Logging has disk space issues. Change logging storage options on the logging server or Security Management Server properties and install database.

B.

Data Awareness is not enabled.

C.

Identity Awareness is not enabled.

D.

Logs are arriving from Pre-R81 gateways.

Full Access
Question # 68

How does the Anti-Virus feature of the Threat Prevention policy block traffic from infected websites?

A.

By dropping traffic from websites identified through ThreatCloud Verification and URL Caching

B.

By dropping traffic that is not proven to be from clean websites in the URL Filtering blade

C.

By allowing traffic from websites that are known to run Antivirus Software on servers regularly

D.

By matching logs against ThreatCloud information about the reputation of the website

Full Access
Question # 69

In Threat Prevention, you can create new or clone profiles but you CANNOT change the out-of-the-box profiles of:

A.

Basic, Optimized, Strict

B.

Basic, Optimized, Severe

C.

General, Escalation, Severe

D.

General, purposed, Strict

Full Access
Question # 70

If there are two administration logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available or other administrators? (Choose the BEST answer.)

A.

Publish or discard the session.

B.

Revert the session.

C.

Save and install the Policy.

D.

Delete older versions of database.

Full Access
Question # 71

The fwd process on the Security Gateway sends logs to the fwd process on the Management Server via which 2 processes?

A.

fwd via cpm

B.

fwm via fwd

C.

cpm via cpd

D.

fwd via cpd

Full Access
Question # 72

Which feature is NOT provided by all Check Point Mobile Access solutions?

A.

Support for IPv6

B.

Granular access control

C.

Strong user authentication

D.

Secure connectivity

Full Access
Question # 73

What is the protocol and port used for Health Check and State Synchronization in ClusterXL?

A.

CCP and 18190

B.

CCP and 257

C.

CCP and 8116

D.

CPC and 8116

Full Access
Question # 74

When gathering information about a gateway using CPINFO, what information is included or excluded when using the “-x” parameter?

A.

Includes the registry

B.

Gets information about the specified Virtual System

C.

Does not resolve network addresses

D.

Output excludes connection table

Full Access
Question # 75

What are the blades of Threat Prevention?

A.

IPS, DLP, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

B.

DLP, AntiVirus, QoS, AntiBot, Sandblast Threat Emulation/Extraction

C.

IPS, AntiVirus, AntiBot

D.

IPS, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

Full Access