New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Checkpoint > CCSA R81 > 156-215.81

156-215.81 Check Point Certified Security Administrator R81.20 Question and Answers

Question # 4

When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?

A.

SmartConsole installed device

B.

Check Point user center

C.

Security Management Server

D.

Security Gateway

Full Access
Question # 5

DLP and Geo Policy are examples of what type of Policy?

A.

Inspection Policies

B.

Shared Policies

C.

Unified Policies

D.

Standard Policies

Full Access
Question # 6

Under which file is the proxy arp configuration stored?

A.

$FWDIR/state/proxy_arp.conf on the management server

B.

$FWDIR/conf/local.arp on the management server

C.

$FWDIR/state/_tmp/proxy.arp on the security gateway

D.

$FWDIR/conf/local.arp on the gateway

Full Access
Question # 7

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int fwha vmac global param enabled; result of command should return value 1

C.

cphaprob –a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Full Access
Question # 8

Fill in the blank Backup and restores can be accomplished through

A.

SmartUpdate, SmartBackup. or SmartConsole

B.

WebUI. CLI. or SmartUpdate

C.

CLI. SmartUpdate, or SmartBackup

D.

SmartConsole, WebUI. or CLI

Full Access
Question # 9

Fill in the blank RADIUS protocol uses_____to communicate with the gateway

A.

UDP

B.

CCP

C.

TDP

D.

HTTP

Full Access
Question # 10

You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

A.

Identity Awareness is not enabled.

B.

Log Trimming is enabled.

C.

Logging has disk space issues

D.

Content Awareness is not enabled.

Full Access
Question # 11

What Check Point technologies deny or permit network traffic?

A.

Application Control, DLP

B.

Packet Filtering, Stateful Inspection, Application Layer Firewall.

C.

ACL, SandBlast, MPT

D.

IPS, Mobile Threat Protection

Full Access
Question # 12

Which type of Check Point license ties the package license to the IP address of the Security Management Server?

A.

Central

B.

Corporate

C.

Local

D.

Formal

Full Access
Question # 13

Which command shows detailed information about VPN tunnels?

A.

cat $FWDlR/conf/vpn.conf

B.

vpn tu tlist

C.

vpn tu

D.

cpview

Full Access
Question # 14

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?

A.

Display policies and logs on the administrator's workstation.

B.

Processing and sending alerts such as SNMP traps and email notifications.

C.

Verify and compile Security Policies.

D.

Store firewall logs to hard drive storage.

Full Access
Question # 15

Name the utility that is used to block activities that appear to be suspicious.

A.

Penalty Box

B.

Drop Rule in the rulebase

C.

Suspicious Activity Monitoring (SAM)

D.

Stealth rule

Full Access
Question # 16

Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway. Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?

A.

1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway’s external IP.3. Publish and install the policy.

B.

1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish the policy.

C.

1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish and install the policy.

D.

1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway’s external IP.3. Publish the policy.

Full Access
Question # 17

Which encryption algorithm is the least secured?

A.

3DES

B.

AES-128

C.

DES

D.

AES-256

Full Access
Question # 18

What default layers are included when creating a new policy layer?

A.

Application Control, URL Filtering and Threat Prevention

B.

Access Control, Threat Prevention and HTTPS Inspection

C.

Firewall, Application Control and IPSec VPN

D.

Firewall, Application Control and IPS

Full Access
Question # 19

John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John’s changes available to other administrators, and to save the database before installing a policy, what must John do?

A.

Logout of the session

B.

File > Save

C.

Install database

D.

Publish the session

Full Access
Question # 20

Identity Awareness allows the Security Administrator to configure network access based on which of the following?

A.

Name of the application, identity of the user, and identity of the machine

B.

Identity of the machine, username, and certificate

C.

Network location, identity of a user, and identity of a machine

D.

Browser-Based Authentication, identity of a user, and network location

Full Access
Question # 21

How Capsule Connect and Capsule Workspace differ?

A.

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications

B.

Capsule Workspace can provide access to any application

C.

Capsule Connect provides Business data isolation

D.

Capsule Connect does not require an installed application at client

Full Access
Question # 22

To enforce the Security Policy correctly, a Security Gateway requires:

A.

a routing table

B.

awareness of the network topology

C.

a Demilitarized Zone

D.

a Security Policy install

Full Access
Question # 23

What are two basic rules Check Point recommending for building an effective security policy?

A.

Accept Rule and Drop Rule

B.

Cleanup Rule and Stealth Rule

C.

Explicit Rule and Implied Rule

D.

NAT Rule and Reject Rule

Full Access
Question # 24

What is UserCheck?

A.

Messaging tool user to verify a user’s credentials

B.

Communication tool used to inform a user about a website or application they are trying to access

C.

Administrator tool used to monitor users on their network

D.

Communication tool used to notify an administrator when a new user is created

Full Access
Question # 25

Fill in the blank: The position of an implied rule is manipulated in the __________________ window.

A.

NAT

B.

Firewall

C.

Global Properties

D.

Object Explorer

Full Access
Question # 26

Which of the following is NOT a valid deployment option for R80?

A.

All-in-one (stand-alone)

B.

Log server

C.

SmartEvent

D.

Multi-domain management server

Full Access
Question # 27

Fill in the bank: In Office mode, a Security Gateway assigns a remote client to an IP address once___________.

A.

the user connects and authenticates

B.

office mode is initiated

C.

the user requests a connection

D.

the user connects

Full Access
Question # 28

Which message indicates IKE Phase 2 has completed successfully?

A.

Quick Mode Complete

B.

Aggressive Mode Complete

C.

Main Mode Complete

D.

IKE Mode Complete

Full Access
Question # 29

CPU-level of your Security gateway is peaking to 100% causing problems with traffic. You suspect that the problem might be the Threat Prevention settings.

The following Threat Prevention Profile has been created.

How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

A.

Set High Confidence to Low and Low Confidence to Inactive.

B.

Set the Performance Impact to Medium or lower.

C.

The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.

D.

Set the Performance Impact to Very Low Confidence to Prevent.

Full Access
Question # 30

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?

A.

The zone is based on the network topology and determined according to where the interface leads to.

B.

Security Zones are not supported by Check Point firewalls.

C.

The firewall rule can be configured to include one or more subnets in a zone.

D.

The local directly connected subnet defined by the subnet IP and subnet mask.

Full Access
Question # 31

Fill in the blank: Each cluster, at a minimum, should have at least ___________ interfaces.

A.

Five

B.

Two

C.

Three

D.

Four

Full Access
Question # 32

In R80 Management, apart from using SmartConsole, objects or rules can also be modified using:

A.

3rd Party integration of CLI and API for Gateways prior to R80.

B.

A complete CLI and API interface using SSH and custom CPCode integration.

C.

3rd Party integration of CLI and API for Management prior to R80.

D.

A complete CLI and API interface for Management with 3rd Party integration.

Full Access
Question # 33

For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

A.

Source Port Address Translation (PAT) is enabled by default

B.

Automate NAT rules are supported for Network objects only.

C.

Automatic NAT rules are supported for Host objects only.

D.

Source Port Address Translation (PAT) is disabled by default

Full Access
Question # 34

With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis?

A.

The complete communication is sent for inspection.

B.

The IP address of the source machine.

C.

The end user credentials.

D.

The host portion of the URL.

Full Access
Question # 35

Which of the following are types of VPN communities?

A.

Pentagon, star, and combination

B.

Star, octagon, and combination

C.

Combined and star

D.

Meshed, star, and combination

Full Access
Question # 36

When a gateway requires user information for authentication, what order does it query servers for user information?

A.

First - Internal user database, then LDAP servers in order of priority, finally the generic external user profile

B.

First the Internal user database, then generic external user profile, finally LDAP servers in order of priority.

C.

First the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile

D.

The external generic profile, then the internal user database finally the LDAP servers in order of priority.

Full Access
Question # 37

What is the main objective when using Application Control?

A.

To filter out specific content.

B.

To assist the firewall blade with handling traffic.

C.

To see what users are doing.

D.

Ensure security and privacy of information.

Full Access
Question # 38

When an encrypted packet is decrypted, where does this happen?

A.

Security policy

B.

Inbound chain

C.

Outbound chain

D.

Decryption is not supported

Full Access
Question # 39

Which of the following is TRUE regarding Gaia command line?

A.

Configuration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks

B.

Configuration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.

C.

Configuration changes should be done in expert-mode and CLISH is used for monitoring

D.

All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Full Access
Question # 40

When configuring Anti-Spoofing, which tracking options can an Administrator select?

A.

Log, Alert, None

B.

Log, Allow Packets, Email

C.

Drop Packet, Alert, None

D.

Log, Send SNMP Trap, Email

Full Access
Question # 41

In which deployment is the security management server and Security Gateway installed on the same appliance?

A.

Standalone

B.

Remote

C.

Distributed

D.

Bridge Mode

Full Access
Question # 42

Which of the following is NOT a tracking option? (Select three)

A.

Partial log

B.

Log

C.

Network log

D.

Full log

Full Access
Question # 43

How many users can have read/write access in Gaia Operating System at one time?

A.

One

B.

Three

C.

Two

D.

Infinite

Full Access
Question # 44

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

A.

SmartDashboard

B.

SmartEvent

C.

SmartView Monitor

D.

SmartUpdate

Full Access
Question # 45

What object type would you use to grant network access to an LDAP user group?

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Full Access
Question # 46

Core Protections are installed as part of what Policy?

A.

Access Control Policy.

B.

Desktop Firewall Policy

C.

Mobile Access Policy.

D.

Threat Prevention Policy.

Full Access
Question # 47

Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

A.

No errors or Warnings

B.

Verification Error. Empty Source-List in Rule 5 (Mail Inbound)

C.

Verification Error. Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)

D.

Verification Error. Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule

Full Access
Question # 48

SmartEvent does NOT use which of the following procedures to identity events:

A.

Matching a log against each event definition

B.

Create an event candidate

C.

Matching a log against local exclusions

D.

Matching a log against global exclusions

Full Access
Question # 49

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

A.

Captive Portal and Transparent Kerberos Authentication

B.

UserCheck

C.

User Directory

D.

Captive Portal

Full Access
Question # 50

Which policy type is used to enforce bandwidth and traffic control rules?

A.

Access Control

B.

Threat Emulation

C.

Threat Prevention

D.

QoS

Full Access
Question # 51

Which statement is TRUE of anti-spoofing?

A.

Anti-spoofing is not needed when IPS software blade is enabled

B.

It is more secure to create anti-spoofing groups manually

C.

It is BEST Practice to have anti-spoofing groups in sync with the routing table

D.

With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change

Full Access
Question # 52

Fill in the blank: In order to install a license, it must first be added to the ____________.

A.

User Center

B.

Package repository

C.

Download Center Web site

D.

License and Contract repository

Full Access
Question # 53

What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

A.

Shared Secret Passwords

B.

Unique Passwords

C.

Shared User Certificates

D.

Mutually Trusted Certificate Authorities

Full Access
Question # 54

Which option will match a connection regardless of its association with a VPN community?

A.

All Site-to-Site VPN Communities

B.

Accept all encrypted traffic

C.

All Connections (Clear or Encrypted)

D.

Specific VPN Communities

Full Access
Question # 55

What are the Threat Prevention software components available on the Check Point Security Gateway?

A.

IPS, Threat Emulation and Threat Extraction

B.

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

C.

IPS, Anti-Bot, Anti-Virus, Threat Emulation and Threat Extraction

D.

IDS, Forensics, Anti-Virus, Sandboxing

Full Access
Question # 56

Which Threat Prevention Profile is not included by default in R80 Management?

A.

Basic – Provides reliable protection on a range of non-HTTP protocols for servers, with minimal impact on network performance

B.

Optimized – Provides excellent protection for common network products and protocols against recent or popular attacks

C.

Strict – Provides a wide coverage for all products and protocols, with impact on network performance

D.

Recommended – Provides all protection for all common network products and servers, with impact on network performance

Full Access
Question # 57

Secure Internal Communication (SIC) is handled by what process?

A.

CPM

B.

HTTPS

C.

FWD

D.

CPD

Full Access
Question # 58

The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?

A.

The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.

B.

No action is required if the firewall has internet access and a DNS server to resolve domain names.

C.

Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.

D.

The cpinfo command must be run on the firewall with the switch -online-license-activation.

Full Access
Question # 59

If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

A.

Rename the hostname of the Standby member to match exactly the hostname of the Active member.

B.

Change the Standby Security Management Server to Active.

C.

Change the Active Security Management Server to Standby.

D.

Manually synchronize the Active and Standby Security Management Servers.

Full Access
Question # 60

You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

A.

Right click Accept in the rule, select “More”, and then check “Enable Identity Captive Portal”

B.

On the firewall object, Legacy Authentication screen, check “Enable Identity Captive Portal”

C.

In the Captive Portal screen of Global Properties, check “Enable Identity Captive Portal”

D.

On the Security Management Server object, check the box “Identity Logging”

Full Access
Question # 61

Which Threat Prevention profile uses sanitization technology?

A.

Cloud/data Center

B.

perimeter

C.

Sandbox

D.

Guest Network

Full Access
Question # 62

Which tool is used to enable cluster membership on a Gateway?

A.

SmartUpdate

B.

cpconfig

C.

SmartConsole

D.

sysconfig

Full Access
Question # 63

Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?

A.

Windows Management Instrumentation (WMI)

B.

Hypertext Transfer Protocol Secure (HTTPS)

C.

Lightweight Directory Access Protocol (LDAP)

D.

Remote Desktop Protocol (RDP)

Full Access
Question # 64

Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

A.

Slow Path

B.

Medium Path

C.

Fast Path

D.

Accelerated Path

Full Access
Question # 65

Which of the following situations would not require a new license to be generated and installed?

A.

The Security Gateway is upgraded.

B.

The existing license expires.

C.

The license is upgraded.

D.

The IP address of the Security Management or Security Gateway has changed.

Full Access
Question # 66

Name one limitation of using Security Zones in the network?

A.

Security zones will not work in Automatic NAT rules

B.

Security zone will not work in Manual NAT rules

C.

Security zones will not work in firewall policy layer

D.

Security zones cannot be used in network topology

Full Access
Question # 67

Which part of SmartConsole allows administrators to add, edit delete, and clone objects?

A.

Object Browser

B.

Object Editor

C.

Object Navigator

D.

Object Explorer

Full Access
Question # 68

Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Full Access
Question # 69

You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?

A.

backup

B.

logswitch

C.

Database Revision

D.

snapshot

Full Access
Question # 70

What is the default tracking option of a rule?

A.

Tracking

B.

Log

C.

None

D.

Alert

Full Access
Question # 71

After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

A.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default nexthop gateway address 192.168.80.1 onsave config

B.

add interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

C.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

D.

add interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default nexthop gateway address 192.168.80.1 onsave config

Full Access
Question # 72

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

A.

SND is a feature to accelerate multiple SSL VPN connections

B.

SND is an alternative to IPSec Main Mode, using only 3 packets

C.

SND is used to distribute packets among Firewall instances

D.

SND is a feature of fw monitor to capture accelerated packets

Full Access
Question # 73

Which of the following commands is used to monitor cluster members in CLI?

A.

show cluster state

B.

show active cluster

C.

show clusters

D.

show running cluster

Full Access
Question # 74

Fill in the blank: Service blades must be attached to a ______________.

A.

Security Gateway

B.

Management container

C.

Management server

D.

Security Gateway container

Full Access
Question # 75

What command would show the API server status?

A.

cpm status

B.

api restart

C.

api status

D.

show api status

Full Access
Question # 76

When using Monitored circuit VRRP, what is a priority delta?

A.

When an interface fails the priority changes to the priority delta

B.

When an interface fails the delta claims the priority

C.

When an interface fails the priority delta is subtracted from the priority

D.

When an interface fails the priority delta decides if the other interfaces takes over

Full Access
Question # 77

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

A.

Full

B.

Custom

C.

Complete

D.

Light

Full Access
Question # 78

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Full Access
Question # 79

What command from the CLI would be used to view current licensing?

A.

license view

B.

fw ctl tab -t license -s

C.

show license -s

D.

cplic print

Full Access
Question # 80

What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

A.

A host route to route to the destination IP

B.

Use the file local.arp to add the ARP entries for NAT to work

C.

Nothing, the Gateway takes care of all details necessary

D.

Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Full Access
Question # 81

Choose what BEST describes users on Gaia Platform.

A.

There are two default users and neither can be deleted.

B.

There are two default users and one cannot be deleted.

C.

There is one default user that can be deleted.

D.

There is one default user that cannot be deleted.

Full Access
Question # 82

Which of the completed statements is NOT true? The WebUI can be used to manage Operating System user accounts and

A.

add users to your Gaia system.

B.

assign privileges to users.

C.

assign user rights to their home directory in the Security Management Server.

D.

edit the home directory of the user.

Full Access
Question # 83

Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

A.

All options stop Check Point processes

B.

backup

C.

migrate export

D.

snapshot

Full Access
Question # 84

Identity Awareness allows easy configuration for network access and auditing based on what three items?

A.

Client machine IP address.

B.

Network location, the identity of a user and the identity of a machine.

C.

Log server IP address.

D.

Gateway proxy IP address.

Full Access
Question # 85

You want to set up a VPN tunnel to a external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.

A.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FWI file subnet_for_range_and_peer = { );

B.

In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to 'User defined' and put in the local network.

C.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDlR/cont/user.def.FW1 file subnet_for_range_and_peer = { };

D.

In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies / Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column.

Full Access
Question # 86

If an administrator wants to restrict access to a network resource only allowing certain users to access it, and only when they are on a specific network what is the best way to accomplish this?

A.

Create an inline layer where the destination is the target network resource Define sub-rules allowing only specific sources to access the target resource

B.

Use a "New Legacy User at Location", specifying the LDAP user group that the users belong to, at the desired location

C.

Create a rule allowing only specific source IP addresses access to the target network resource.

D.

Create an Access Role object, with specific users or user groups specified, and specific networks defined Use this access role as the "Source" of an Access Control rule

Full Access
Question # 87

Where can administrator edit a list of trusted SmartConsole clients?

A.

cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server.

B.

In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients.

C.

WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients, via cpconfig on a Security Gateway.

D.

Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients.

Full Access
Question # 88

Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

A.

User and objects databases

B.

Network databases

C.

SmartConsole databases

D.

User databases

Full Access
Question # 89

Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

A.

Main

B.

Authentication

C.

Quick

D.

High Alert

Full Access
Question # 90

Fill in the blank When LDAP is integrated with Check Point Security Management it is then referred to as_____

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Full Access
Question # 91

Which default Gaia user has full read/write access?

A.

admin

B.

superuser

C.

monitor

D.

altuser

Full Access
Question # 92

How is communication between different Check Point components secured in R80? As with all questions, select the best answer.

A.

By using IPSEC

B.

By using SIC

C.

By using ICA

D.

By using 3DES

Full Access
Question # 93

Log query results can be exported to what file format?

A.

Word Document (docx)

B.

Comma Separated Value (csv)

C.

Portable Document Format (pdf)

D.

Text (txt)

Full Access
Question # 94

What is the Transport layer of the TCP/IP model responsible for?

A.

It transports packets as datagrams along different routes to reach their destination.

B.

It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.

C.

It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.

D.

It deals with all aspects of the physical components of network connectivity and connects with different network types.

Full Access
Question # 95

In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT ________.

A.

Upgrade the software version

B.

Open WebUI

C.

Open SSH

D.

Open service request with Check Point Technical Support

Full Access
Question # 96

To provide updated malicious data signatures to all Threat Prevention blades, the Threat Prevention gateway does what with the data?

A.

Cache the data to speed up its own function.

B.

Share the data to the ThreatCloud for use by other Threat Prevention blades.

C.

Log the traffic for Administrator viewing.

D.

Delete the data to ensure an analysis of the data is done each time.

Full Access
Question # 97

What is the main difference between Threat Extraction and Threat Emulation?

A.

Threat Emulation never delivers a file and takes more than 3 minutes to complete

B.

Threat Extraction always delivers a file and takes less than a second to complete

C.

Threat Emulation never delivers a file that takes less than a second to complete

D.

Threat Extraction never delivers a file and takes more than 3 minutes to complete

Full Access
Question # 98

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Full Access
Question # 99

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

A.

Security Gateway IP-address cannot be changed without re-establishing the trust

B.

The Security Gateway name cannot be changed in command line without re-establishing trust

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust

Full Access
Question # 100

What is the main difference between Static NAT and Hide NAT?

A.

Static NAT only allows incoming connections to protect your network.

B.

Static NAT allow incoming and outgoing connections. Hide NAT only allows outgoing connections.

C.

Static NAT only allows outgoing connections. Hide NAT allows incoming and outgoing connections.

D.

Hide NAT only allows incoming connections to protect your network.

Full Access
Question # 101

Which Check Point software blade provides Application Security and identity control?

A.

Identity Awareness

B.

Data Loss Prevention

C.

URL Filtering

D.

Application Control

Full Access
Question # 102

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Full Access
Question # 103

Which of the following is NOT a type of Endpoint Identity Agent?

A.

Custom

B.

Terminal

C.

Full

D.

Light

Full Access
Question # 104

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

A.

Detects and blocks malware by correlating multiple detection engines before users are affected.

B.

Configure rules to limit the available network bandwidth for specified users or groups.

C.

Use UserCheck to help users understand that certain websites are against the company’s security policy.

D.

Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Full Access
Question # 105

Which option in tracking allows you to see the amount of data passed in the connection?

A.

Data

B.

Accounting

C.

Logs

D.

Advanced

Full Access
Question # 106

What is NOT an advantage of Packet Filtering?

A.

Application Independence

B.

High Performance

C.

Scalability

D.

Low Security and No Screening above Network Layer

Full Access
Question # 107

Fill in the blank: An identity server uses a ___________ for user authentication.

A.

Shared secret

B.

Certificate

C.

One-time password

D.

Token

Full Access
Question # 108

What is the default shell of Gaia CLI?

A.

clish

B.

Monitor

C.

Read-only

D.

Bash

Full Access
Question # 109

When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Full Access
Question # 110

Why is a Central License the preferred and recommended method of licensing?

A.

Central Licensing is actually not supported with Gaia.

B.

Central Licensing is the only option when deploying Gaia

C.

Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed.

D.

Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes.

Full Access
Question # 111

Stateful Inspection compiles and registers connections where?

A.

Connection Cache

B.

State Cache

C.

State Table

D.

Network Table

Full Access
Question # 112

Check Point ClusterXL Active/Active deployment is used when:

A.

Only when there is Multicast solution set up

B.

There is Load Sharing solution set up

C.

Only when there is Unicast solution set up

D.

There is High Availability solution set up

Full Access
Question # 113

Fill in the blanks: Gaia can be configured using _______ the ________.

A.

Command line interface; WebUI

B.

Gaia Interface; GaiaUI

C.

WebUI; Gaia Interface

D.

GaiaUI; command line interface

Full Access
Question # 114

Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware?

A.

Anti-Bot

B.

None - both Anti-Virus and Anti-Bot are required for this

C.

Anti-Virus

D.

None - both URL Filtering and Anti-Virus are required for this.

Full Access
Question # 115

The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways. Which statement best describes this Secure Internal

Communication (SIC)?

A.

After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA.

B.

Secure Internal Communications authenticates the security gateway to the SMS before http communications are allowed.

C.

A SIC certificate is automatically generated on the gateway because the gateway hosts a subordinate CA to the SMS ICA.

D.

New firewalls can easily establish the trust by using the expert password defined on the SMS and the SMS IP address.

Full Access
Question # 116

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20 GB

D.

At least 20GB

Full Access
Question # 117

How do logs change when the "Accounting" tracking option is enabled on a traffic rule?

A.

Involved traffic logs will be forwarded to a log server.

B.

Provides log details view email to the Administrator.

C.

Involved traffic logs are updated every 10 minutes to show how much data has passed on the connection.

D.

Provides additional information to the connected user.

Full Access
Question # 118

What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

A.

Verification tool

B.

Verification licensing

C.

Automatic licensing

D.

Automatic licensing and Verification tool

Full Access
Question # 119

What is the purpose of Captive Portal?

A.

It manages user permission in SmartConsole

B.

It provides remote access to SmartConsole

C.

It authenticates users, allowing them access to the Internet and corporate resources

D.

It authenticates users, allowing them access to the Gaia OS

Full Access
Question # 120

In ____________ NAT, the ____________ is translated.

A.

Hide; source

B.

Static; source

C.

Simple; source

D.

Hide; destination

Full Access