Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

You can see the following graphic:

What is presented on it?

A.

Properties of personal. p12 certificate file issued for user John.

B.

Shared secret properties of John’s password.

C.

VPN certificate properties of the John’s gateway.

D.

Expired. p12 certificate properties for user John.

Full Access
Question # 5

Check Point licenses come in two forms. What are those forms?

A.

Security Gateway and Security Management.

B.

On-premise and Public Cloud

C.

Central and Local.

D.

Access Control and Threat Prevention.

Full Access
Question # 6

Which of the following is NOT a role of the SmartCenter:

A.

Status monitoring

B.

Policy configuration

C.

Certificate authority

D.

Address translation

Full Access
Question # 7

Which application is used for the central management and deployment of licenses and packages?

A.

SmartProvisioning

B.

SmartLicense

C.

SmartUpdate

D.

Deployment Agent

Full Access
Question # 8

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

A.

SmartManager

B.

SmartConsole

C.

Security Gateway

D.

Security Management Server

Full Access
Question # 9

When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, what does that indicate?

A.

The gateway is not powered on.

B.

Incorrect routing to reach the gateway.

C.

The Admin would need to login to Read-Only mode

D.

Another Admin has made an edit to that object and has yet to publish the change.

Full Access
Question # 10

At what point is the Internal Certificate Authority (ICA) created?

A.

During the primary Security Management Server installation process.

B.

Upon creation of a certificate

C.

When an administrator decides to create one

D.

When an administrator initially logs into SmartConsole.

Full Access
Question # 11

Fill in the blanks: A Security Policy is created in_____, stored in the_____ and Distributed to the various

A.

Rule base. Security Management Server Security Gateways

B.

The Check Point database. SmartConsole, Security Gateways

C.

SmartConsole, Security Gateway, Security Management Servers

D.

SmartConsole, Security Management Server, Security Gateways

Full Access
Question # 12

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

A.

Captive Portal and Transparent Kerberos Authentication

B.

UserCheck

C.

User Directory

D.

Captive Portal

Full Access
Question # 13

What are two basic rules Check Point recommending for building an effective security policy?

A.

Accept Rule and Drop Rule

B.

Cleanup Rule and Stealth Rule

C.

Explicit Rule and Implied Rule

D.

NAT Rule and Reject Rule

Full Access
Question # 14

Which statement describes what Identity Sharing is in Identity Awareness?

A.

Management servers can acquire and share identities with Security Gateways

B.

Users can share identities with other users

C.

Security Gateways can acquire and share identities with other Security Gateways

D.

Administrators can share identifies with other administrators

Full Access
Question # 15

Which of the following is used to extract state related information from packets and store that information in state tables?

A.

STATE Engine

B.

TRACK Engine

C.

RECORD Engine

D.

INSPECT Engine

Full Access
Question # 16

What are the two types of NAT supported by the Security Gateway?

A.

Destination and Hide

B.

Hide and Static

C.

Static and Source

D.

Source and Destination

Full Access
Question # 17

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

A.

None, Security Management Server would be installed by itself.

B.

SmartConsole

C.

SecureClient

D.

SmartEvent

Full Access
Question # 18

What are the three types of UserCheck messages?

A.

inform, ask, and block

B.

block, action, and warn

C.

action, inform, and ask

D.

ask, block, and notify

Full Access
Question # 19

Which back up method uses the command line to create an image of the OS?

A.

System backup

B.

Save Configuration

C.

Migrate

D.

snapshot

Full Access
Question # 20

Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

A.

Down

B.

No Response

C.

Inactive

D.

Failed

Full Access
Question # 21

Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.

What is the most likely reason?

A.

Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole. Check that the correct key details are used.

B.

Check Point Management software authentication details are not automatically the same as the Operating System authentication details. Check that she is using the correct details.

C.

SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions.

D.

Authentication failed because Vanessa’s username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia.

Full Access
Question # 22

Fill in the blank: The_____is used to obtain identification and security information about network users.

A.

User index

B.

UserCheck

C.

User Directory

D.

User server

Full Access
Question # 23

Choose what BEST describes the reason why querying logs now are very fast.

A.

The amount of logs being stored is less than previous versions.

B.

New Smart-1 appliances double the physical memory install.

C.

Indexing Engine indexes logs for faster search results.

D.

SmartConsole now queries results directly from the Security Gateway.

Full Access
Question # 24

Which of the following is NOT a type of Endpoint Identity Agent?

A.

Custom

B.

Terminal

C.

Full

D.

Light

Full Access
Question # 25

R80.10 management server can manage gateways with which versions installed?

A.

Versions R77 and higher

B.

Versions R76 and higher

C.

Versions R75.20 and higher

D.

Version R75 and higher

Full Access
Question # 26

What Identity Agent allows packet tagging and computer authentication?

A.

Endpoint Security Client

B.

Full Agent

C.

Light Agent

D.

System Agent

Full Access
Question # 27

Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

A.

Both License (.lic) and Contract (.xml) files

B.

cp.macro

C.

Contract file (.xml)

D.

license File (.lie)

Full Access
Question # 28

Which message indicates IKE Phase 2 has completed successfully?

A.

Quick Mode Complete

B.

Aggressive Mode Complete

C.

Main Mode Complete

D.

IKE Mode Complete

Full Access
Question # 29

What is the user ID of a user that have all the privileges of a root user?

A.

User ID 1

B.

User ID 2

C.

User ID 0

D.

User ID 99

Full Access
Question # 30

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

A.

Symmetric routing

B.

Failovers

C.

Asymmetric routing

D.

Anti-Spoofing

Full Access
Question # 31

When using Monitored circuit VRRP, what is a priority delta?

A.

When an interface fails the priority changes to the priority delta

B.

When an interface fails the delta claims the priority

C.

When an interface fails the priority delta is subtracted from the priority

D.

When an interface fails the priority delta decides if the other interfaces takes over

Full Access
Question # 32

In the Check Point Security Management Architecture, which component(s) can store logs?

A.

SmartConsole

B.

Security Management Server and Security Gateway

C.

Security Management Server

D.

SmartConsole and Security Management Server

Full Access
Question # 33

Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

A.

AES-128

B.

AES-256

C.

DES

D.

3DES

Full Access
Question # 34

What kind of NAT enables Source Port Address Translation by default?

A.

Automatic Static NAT

B.

Manual Hide NAT

C.

Automatic Hide NAT

D.

Manual Static NAT

Full Access
Question # 35

Secure Internal Communication (SIC) is handled by what process?

A.

CPM

B.

HTTPS

C.

FWD

D.

CPD

Full Access
Question # 36

Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

A.

DLP shared policy

B.

Geo policy shared policy

C.

Mobile Access software blade

D.

HTTPS inspection

Full Access
Question # 37

Name one limitation of using Security Zones in the network?

A.

Security zones will not work in Automatic NAT rules

B.

Security zone will not work in Manual NAT rules

C.

Security zones will not work in firewall policy layer

D.

Security zones cannot be used in network topology

Full Access
Question # 38

What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

A.

A host route to route to the destination IP

B.

Use the file local.arp to add the ARP entries for NAT to work

C.

Nothing, the Gateway takes care of all details necessary

D.

Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Full Access
Question # 39

Fill in the blank: Each cluster, at a minimum, should have at least ___________ interfaces.

A.

Five

B.

Two

C.

Three

D.

Four

Full Access
Question # 40

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Full Access
Question # 41

Which of the following is NOT a valid application navigation tab in the R80 SmartConsole?

A.

Manage and Command Line

B.

Logs and Monitor

C.

Security Policies

D.

Gateway and Servers

Full Access
Question # 42

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

A.

RADIUS

B.

Check Point password

C.

Security questions

D.

SecurID

Full Access
Question # 43

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?

A.

Application Control

B.

Threat Emulation

C.

Logging and Status

D.

Monitoring

Full Access
Question # 44

Which option in tracking allows you to see the amount of data passed in the connection?

A.

Data

B.

Accounting

C.

Logs

D.

Advanced

Full Access
Question # 45

Which part of SmartConsole allows administrators to add, edit delete, and clone objects?

A.

Object Browser

B.

Object Editor

C.

Object Navigator

D.

Object Explorer

Full Access
Question # 46

Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in:

A.

Since they both are logged in on different interfaces, they will both be able to make changes.

B.

When Joe logs in. Bob will be logged out automatically.

C.

The database will be locked by Bob and Joe will not be able to make any changes.

D.

Bob will receive a prompt that Joe has logged in.

Full Access
Question # 47

When dealing with rule base layers, what two layer types can be utilized?

A.

Ordered Layers and Inline Layers

B.

Inbound Layers and Outbound Layers

C.

R81.10 does not support Layers

D.

Structured Layers and Overlap Layers

Full Access
Question # 48

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

A.

Distributed

B.

Standalone

C.

Bridge

Full Access
Question # 49

A Check Point Software license consists of two components, the Software Blade and the Software Container. There are ______ types of Software Containers: ________.

A.

Two; Security Management and Endpoint Security

B.

Two; Endpoint Security and Security Gateway

C.

Three; Security Management, Security Gateway, and Endpoint Security

D.

Three; Security Gateway, Endpoint Security, and Gateway Management

Full Access
Question # 50

What is NOT an advantage of Stateful Inspection?

A.

High Performance

B.

Good Security

C.

No Screening above Network layer

D.

Transparency

Full Access
Question # 51

Identity Awareness lets an administrator easily configure network access and auditing based on three items Choose the correct statement.

A.

Network location, the identity of a user and the active directory membership.

B.

Network location, the identity of a user and the identity of a machine.

C.

Network location, the telephone number of a user and the UID of a machine

D.

Geographical location, the identity of a user and the identity of a machine

Full Access
Question # 52

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

A.

Open SmartLog and connect remotely to the IP of the wireless controller

B.

Open SmartView Tracker and filter the logs for the IP address of the tablet

C.

Open SmartView Tracker and check all the IP logs for the tablet

D.

Open SmartLog and query for the IP address of the Manager’s tablet

Full Access
Question # 53

URL Filtering cannot be used to:

A.

Control Bandwidth issues

B.

Control Data Security

C.

Improve organizational security

D.

Decrease legal liability

Full Access
Question # 54

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

A.

Formal

B.

Central

C.

Corporate

D.

Local

Full Access
Question # 55

Which of the following is a valid deployment option?

A.

CloudSec deployment

B.

Disliked deployment

C.

Router only deployment

D.

Standalone deployment

Full Access
Question # 56

What is the most complete definition of the difference between the Install Policy button on the SmartConsole’s tab, and the Install Policy within a specific policy?

A.

The Global one also saves and published the session before installation.

B.

The Global one can install multiple selected policies at the same time.

C.

The local one does not install the Anti-Malware policy along with the Network policy.

D.

The second one pre-select the installation for only the current policy and for the applicable gateways.

Full Access
Question # 57

A layer can support different combinations of blades What are the supported blades:

A.

Firewall. URLF, Content Awareness and Mobile Access

B.

Firewall (Network Access Control). Application & URL Filtering. Content Awareness and Mobile Access

C.

Firewall. NAT, Content Awareness and Mobile Access

D.

Firewall (Network Access Control). Application & URL Filtering and Content Awareness

Full Access
Question # 58

Fill in the blank: SmartConsole, SmartEvent GUI client, and ___________ allow viewing of billions of consolidated logs and shows them as prioritized security events.

A.

SmartView Web Application

B.

SmartTracker

C.

SmartMonitor

D.

SmartReporter

Full Access
Question # 59

What Check Point tool is used to automatically update Check Point products for the Gaia OS?

A.

Check Point INSPECT Engine

B.

Check Point Upgrade Service Engine

C.

Check Point Update Engine

D.

Check Point Upgrade Installation Service

Full Access
Question # 60

AdminA and AdminB are both logged into SmartConsole. What does it mean if AdminB sees a lock icon on a rule? Choose the BEST answer.

A.

Rule is locked by AdminA and will be made available if the session is published.

B.

Rule is locked by AdminA and if the session is saved, the rule will be made available.

C.

Rule is locked by AdminB because the save button has not been pressed.

D.

Rule is locked by AdminB because the rule is currently being edited.

Full Access
Question # 61

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible explanation for this?

A.

DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.

B.

Another administrator is logged into the Management and currently editing the DNS Rule.

C.

DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.

D.

This is normal behavior in R80 when there are duplicate rules in the Rule Base.

Full Access
Question # 62

Which of the completed statements is NOT true? The WebUI can be used to manage Operating System user accounts and

A.

add users to your Gaia system.

B.

assign privileges to users.

C.

assign user rights to their home directory in the Security Management Server.

D.

edit the home directory of the user.

Full Access
Question # 63

The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways. Which statement best describes this Secure Internal

Communication (SIC)?

A.

After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA.

B.

Secure Internal Communications authenticates the security gateway to the SMS before http communications are allowed.

C.

A SIC certificate is automatically generated on the gateway because the gateway hosts a subordinate CA to the SMS ICA.

D.

New firewalls can easily establish the trust by using the expert password defined on the SMS and the SMS IP address.

Full Access
Question # 64

Gaia has two default user accounts that cannot be deleted. What are those user accounts?

A.

Admin and Default

B.

Expert and Clish

C.

Control and Monitor

D.

Admin and Monitor

Full Access
Question # 65

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Full Access
Question # 66

What is a reason for manual creation of a NAT rule?

A.

In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.

B.

Network Address Translation of RFC1918-compliant networks is needed to access the Internet.

C.

Network Address Translation is desired for some services, but not for others.

D.

The public IP-address is different from the gateway’s external IP

Full Access
Question # 67

In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?

A.

Different computers or appliances.

B.

The same computer or appliance.

C.

Both on virtual machines or both on appliances but not mixed.

D.

In Azure and AWS cloud environments.

Full Access
Question # 68

What is NOT an advantage of Packet Filtering?

A.

Application Independence

B.

High Performance

C.

Scalability

D.

Low Security and No Screening above Network Layer

Full Access
Question # 69

What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?

A.

S

B.

W

C.

C

D.

Space bar

Full Access
Question # 70

Fill in the blank: Authentication rules are defined for ____________.

A.

User groups

B.

Users using UserCheck

C.

Individual users

D.

All users in the database

Full Access
Question # 71

What is a role of Publishing?

A.

The Publish operation sends the modifications made via SmartConsole in the private session and makes them public

B.

The Security Management Server installs the updated policy and the entire database on Security Gateways

C.

The Security Management Server installs the updated session and the entire Rule Base on Security Gateways

D.

Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base

Full Access
Question # 72

When configuring LDAP with User Directory integration, changes applied to a User Directory template are:

A.

Not reflected for any users unless the local user template is changed.

B.

Not reflected for any users who are using that template.

C.

Reflected for ail users who are using that template and if the local user template is changed as well.

D.

Reflected immediately for all users who are using that template.

Full Access
Question # 73

How would you determine the software version from the CLI?

A.

fw ver

B.

fw stat

C.

fw monitor

D.

cpinfo

Full Access
Question # 74

Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware?

A.

Anti-Bot

B.

None - both Anti-Virus and Anti-Bot are required for this

C.

Anti-Virus

D.

None - both URL Filtering and Anti-Virus are required for this.

Full Access
Question # 75

In which scenario is it a valid option to transfer a license from one hardware device to another?

A.

From a 4400 Appliance to a 2200 Appliance

B.

From a 4400 Appliance to an HP Open Server

C.

From an IBM Open Server to an HP Open Server

D.

From an IBM Open Server to a 2200 Appliance

Full Access
Question # 76

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

A.

fwd

B.

fwm

C.

cpd

D.

cpwd

Full Access
Question # 77

Fill in the blank: Service blades must be attached to a ______________.

A.

Security Gateway

B.

Management container

C.

Management server

D.

Security Gateway container

Full Access
Question # 78

When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

A.

Reflected immediately for all users who are using template.

B.

Not reflected for any users unless the local user template is changed.

C.

Reflected for all users who are using that template and if the local user template is changed as well.

D.

Not reflected for any users who are using that template.

Full Access
Question # 79

Which of the following statements about Site-to-Site VPN Domain-based is NOT true?

    Route-based— The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. The Routing Table can have routes to forward traffic to these VTls. Any traffic routed through a VTI is automatically identified as VPN Traffic and is passed through the VPN Tunnel associated with the VTI.

A.

Domain-based— VPN domains are pre-defined for all VPN Gateways. A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway.

B.

Domain-based— VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway.

C.

Domain-based— VPN domains are pre-defined for all VPN Gateways. When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways.

Full Access
Question # 80

Which key is created during Phase 2 of a site-to-site VPN?

A.

Pre-shared secret

B.

Diffie-Hellman Public Key

C.

Symmetrical IPSec key

D.

Diffie-Hellman Private Key

Full Access
Question # 81

You want to store the GAiA configuration in a file for later reference. What command should you use?

A.

write mem

B.

show config -f

C.

save config -o

D.

save configuration

Full Access
Question # 82

What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

A.

Server, Username, Password, Path, Version

B.

Username, Password, Path, Version

C.

Server, Protocol, Username, Password, Destination Path

D.

Server, Protocol, Username, Password, Path

Full Access
Question # 83

What are the software components used by Autonomous Threat Prevention Profiles in R8I.20 and higher?

A.

Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, JPS, File and URL Reputation

B.

IPS, Threat Emulation and Threat Extraction

C.

Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS

D.

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

Full Access
Question # 84

Identify the ports to which the Client Authentication daemon listens on by default?

A.

259, 900

B.

256, 257

C.

8080, 529

D.

80, 256

Full Access
Question # 85

What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

A.

Shared Secret Passwords

B.

Unique Passwords

C.

Shared User Certificates

D.

Mutually Trusted Certificate Authorities

Full Access
Question # 86

What does it mean if Deyra sees the gateway status:

Choose the BEST answer.

A.

SmartCenter Server cannot reach this Security Gateway

B.

There is a blade reporting a problem

C.

VPN software blade is reporting a malfunction

D.

Security Gateway’s MGNT NIC card is disconnected.

Full Access
Question # 87

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Full Access
Question # 88

Which icon in the WebUI indicates that read/write access is enabled?

A.

Eyeglasses

B.

Pencil

C.

Padlock

D.

Book

Full Access
Question # 89

In which deployment is the security management server and Security Gateway installed on the same appliance?

A.

Standalone

B.

Remote

C.

Distributed

D.

Bridge Mode

Full Access
Question # 90

The SIC Status “Unknown” means

A.

There is connection between the gateway and Security Management Server but it is not trusted.

B.

The secure communication is established.

C.

There is no connection between the gateway and Security Management Server.

D.

The Security Management Server can contact the gateway, but cannot establish SIC.

Full Access
Question # 91

What are the three components for Check Point Capsule?

A.

Capsule Docs, Capsule Cloud, Capsule Connect

B.

Capsule Workspace, Capsule Cloud, Capsule Connect

C.

Capsule Workspace, Capsule Docs, Capsule Connect

D.

Capsule Workspace, Capsule Docs, Capsule Cloud

Full Access
Question # 92

For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

A.

Source Port Address Translation (PAT) is enabled by default

B.

Automate NAT rules are supported for Network objects only.

C.

Automatic NAT rules are supported for Host objects only.

D.

Source Port Address Translation (PAT) is disabled by default

Full Access
Question # 93

Which one of the following is TRUE?

A.

Ordered policy is a sub-policy within another policy

B.

One policy can be either inline or ordered, but not both

C.

Inline layer can be defined as a rule action

D.

Pre-R80 Gateways do not support ordered layers

Full Access
Question # 94

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain Why does it not detect the windows domain?

A.

SmartConsole machine is not part of the domain

B.

Security Gateway is not part of the Domain

C.

Identity Awareness is not enabled on Global properties

D.

Security Management Server is not part of the domain

Full Access
Question # 95

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

A.

SmartDashboard

B.

SmartEvent

C.

SmartView Monitor

D.

SmartUpdate

Full Access
Question # 96

What are the three deployment considerations for a secure network?

A.

Distributed, Bridge Mode, and Remote

B.

Bridge Mode, Remote, and Standalone

C.

Remote, Standalone, and Distributed

D.

Standalone, Distributed, and Bridge Mode

Full Access
Question # 97

Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

A.

Main

B.

Authentication

C.

Quick

D.

High Alert

Full Access
Question # 98

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?

A.

Enterprise Network Security Appliances

B.

Rugged Appliances

C.

Scalable Platforms

D.

Small Business and Branch Office Appliances

Full Access
Question # 99

Aggressive Mode in IKEv1 uses how many packages for negotiation?

A.

6

B.

3

C.

depends on the make of the peer gateway

D.

5

Full Access
Question # 100

Under which file is the proxy arp configuration stored?

A.

$FWDIR/state/proxy_arp.conf on the management server

B.

$FWDIR/conf/local.arp on the management server

C.

$FWDIR/state/_tmp/proxy.arp on the security gateway

D.

$FWDIR/conf/local.arp on the gateway

Full Access
Question # 101

Which deployment adds a Security Gateway to an existing environment without changing IP routing?

A.

Distributed

B.

Bridge Mode

C.

Remote

D.

Standalone

Full Access
Question # 102

What are the two elements of address translation rules?

A.

Original packet and translated packet

B.

Manipulated packet and original packet

C.

Translated packet and untranslated packet

D.

Untranslated packet and manipulated packet

Full Access
Question # 103

Which of the following is NOT a component of Check Point Capsule?

A.

Capsule Docs

B.

Capsule Cloud

C.

Capsule Enterprise

D.

Capsule Workspace

Full Access
Question # 104

What are the types of Software Containers?

A.

Smart Console, Security Management, and Security Gateway

B.

Security Management, Security Gateway, and Endpoint Security

C.

Security Management, Log & Monitoring, and Security Policy

D.

Security Management, Standalone, and Security Gateway

Full Access
Question # 105

Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

A.

Save Policy

B.

Install Database

C.

Save session

D.

Install Policy

Full Access
Question # 106

When changes are made to a Rule base, it is important to _______________ to enforce changes.

A.

Publish database

B.

Activate policy

C.

Install policy

D.

Save changes

Full Access
Question # 107

Which of the following is NOT an advantage to using multiple LDAP servers?

A.

You achieve a faster access time by placing LDAP servers containing the database at remote sites

B.

You achieve compartmentalization by allowing a large number of users to be distributed across several servers

C.

Information on a user is hidden, yet distributed across several servers.

D.

You gain High Availability by replicating the same information on several servers

Full Access
Question # 108

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

A.

Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.

B.

Windows registry is available for future Security Management Server authentications.

C.

There is no memory used for saving a fingerprint anyway.

D.

SmartConsole cache is available for future Security Management Server authentications.

Full Access
Question # 109

Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Full Access
Question # 110

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?

A.

Open SmartLog and connect remotely to the wireless controller

B.

Open SmartEvent to see why they are being blocked

C.

Open SmartDashboard and review the logs tab

D.

From SmartConsole, go to the Log & Monitor and filter for the IP address of the tablet.

Full Access
Question # 111

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

Full Access
Question # 112

Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

A.

The firewall topologies

B.

NAT Rules

C.

The Rule Base

D.

The VPN Domains

Full Access
Question # 113

Which command shows the installed licenses?

A.

cplic print

B.

print cplic

C.

fwlic print

D.

show licenses

Full Access
Question # 114

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

A.

AD Query

B.

Terminal Servers Endpoint Identity Agent

C.

Endpoint Identity Agent and Browser-Based Authentication

D.

RADIUS and Account Logon

Full Access
Question # 115

What is the Transport layer of the TCP/IP model responsible for?

A.

It transports packets as datagrams along different routes to reach their destination.

B.

It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.

C.

It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.

D.

It deals with all aspects of the physical components of network connectivity and connects with different network types.

Full Access
Question # 116

A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

A.

In the system SMEM memory pool.

B.

In State tables.

C.

In the Sessions table.

D.

In a CSV file on the firewall hard drive located in $FWDIR/conf/.

Full Access
Question # 117

Which of these is NOT a feature or benefit of Application Control?

A.

Eliminate unknown and unwanted applications in your network to reduce IT complexity and application risk.

B.

Identify and control which applications are in your IT environment and which to add to the IT environment.

C.

Scans the content of files being downloaded by users in order to make policy decisions.

D.

Automatically identify trusted software that has authorization to run

Full Access
Question # 118

How Capsule Connect and Capsule Workspace differ?

A.

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications

B.

Capsule Workspace can provide access to any application

C.

Capsule Connect provides Business data isolation

D.

Capsule Connect does not require an installed application at client

Full Access
Question # 119

How do you manage Gaia?

A.

Through CLI and WebUI

B.

Through CLI only

C.

Through SmartDashboard only

D.

Through CLI, WebUI, and SmartDashboard

Full Access
Question # 120

What is the most recommended installation method for Check Point appliances?

A.

SmartUpdate installation

B.

DVD media created with Check Point ISOMorphic

C.

USB media created with Check Point ISOMorphic

D.

Cloud based installation

Full Access
Question # 121

By default, which port does the WebUI listen on?

A.

8080

B.

80

C.

4434

D.

443

Full Access
Question # 122

Which of the following describes how Threat Extraction functions?

A.

Detect threats and provides a detailed report of discovered threats

B.

Proactively detects threats

C.

Delivers file with original content

D.

Delivers PDF versions of original files with active content removed

Full Access
Question # 123

A SAM rule Is implemented to provide what function or benefit?

A.

Allow security audits.

B.

Handle traffic as defined in the policy.

C.

Monitor sequence activity.

D.

Block suspicious activity.

Full Access