Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

156-215.81 Questions and Answers

Question # 6

What is the SOLR database for?

A.

Used for full text search and enables powerful matching capabilities

B.

Writes data to the database and full text search

C.

Serves GUI responsible to transfer request to the DLE server

D.

Enables powerful matching capabilities and writes data to the database

Full Access
Question # 7

Which option in tracking allows you to see the amount of data passed in the connection?

A.

Data

B.

Accounting

C.

Logs

D.

Advanced

Full Access
Question # 8

You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

A.

restore_backup

B.

import backup

C.

cp_merge

D.

migrate import

Full Access
Question # 9

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Full Access
Question # 10

Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

A.

Gateway and Servers

B.

Logs and Monitor

C.

Manage Seeting

D.

Security Policies

Full Access
Question # 11

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain Why does it not detect the windows domain?

A.

SmartConsole machine is not part of the domain

B.

Security Gateway is not part of the Domain

C.

Identity Awareness is not enabled on Global properties

D.

Security Management Server is not part of the domain

Full Access
Question # 12

When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?

A.

SmartConsole installed device

B.

Check Point user center

C.

Security Management Server

D.

Security Gateway

Full Access
Question # 13

Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?

A.

Manual NAT can offer more flexibility than Automatic NAT.

B.

Dynamic Network Address Translation (NAT) Overloading can offer more flexibility than Port Address Translation.

C.

Dynamic NAT with Port Address Translation can offer more flexibility than Network Address Translation (NAT) Overloading.

D.

Automatic NAT can offer more flexibility than Manual NAT.

Full Access
Question # 14

Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

A.

IPS blade

B.

IPSEC VPN Blade

C.

Identity Awareness Blade

D.

Firewall Blade

Full Access
Question # 15

Which of the following commands is used to verify license installation?

A.

Cplic verify license

B.

Cplic print

C.

Cplic show

D.

Cplic license

Full Access
Question # 16

What is the RFC number that act as a best practice guide for NAT?

A.

RFC 1939

B.

RFC 1950

C.

RFC 1918

D.

RFC 793

Full Access
Question # 17

SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following

A.

Security Policy Management and Log Analysis

B.

Security Policy Management. Log Analysis. System Health Monitoring. Multi-Domain Security Management.

C.

Security Policy Management Log Analysis and System Health Monitoring

D.

Security Policy Management. Threat Prevention rules. System Health Monitoring and Multi-Domain Security Management.

Full Access
Question # 18

Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

A.

AES-128

B.

AES-256

C.

DES

D.

3DES

Full Access
Question # 19

Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

A.

The firewall topologies

B.

NAT Rules

C.

The Rule Base

D.

The VPN Domains

Full Access
Question # 20

Stateful Inspection compiles and registers connections where?

A.

Connection Cache

B.

State Cache

C.

State Table

D.

Network Table

Full Access
Question # 21

Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?

A.

Microsoft Publisher

B.

JSON

C.

Microsoft Word

D.

RC4 Encryption

Full Access
Question # 22

Which of the following commands is used to monitor cluster members?

A.

cphaprob state

B.

cphaprob status

C.

cphaprob

D.

cluster state

Full Access
Question # 23

Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

A.

User and objects databases

B.

Network databases

C.

SmartConsole databases

D.

User databases

Full Access
Question # 24

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Full Access
Question # 25

Which tool allows you to monitor the top bandwidth on smart console?

A.

Logs & Monitoring

B.

Smart Event

C.

Gateways & Severs Tab

D.

SmartView Monitor

Full Access
Question # 26

Which message indicates IKE Phase 2 has completed successfully?

A.

Quick Mode Complete

B.

Aggressive Mode Complete

C.

Main Mode Complete

D.

IKE Mode Complete

Full Access
Question # 27

When using Monitored circuit VRRP, what is a priority delta?

A.

When an interface fails the priority changes to the priority delta

B.

When an interface fails the delta claims the priority

C.

When an interface fails the priority delta is subtracted from the priority

D.

When an interface fails the priority delta decides if the other interfaces takes over

Full Access
Question # 28

In which deployment is the security management server and Security Gateway installed on the same appliance?

A.

Standalone

B.

Remote

C.

Distributed

D.

Bridge Mode

Full Access
Question # 29

Fill in the bank: In Office mode, a Security Gateway assigns a remote client to an IP address once___________.

A.

the user connects and authenticates

B.

office mode is initiated

C.

the user requests a connection

D.

the user connects

Full Access
Question # 30

What are valid authentication methods for mutual authenticating the VPN gateways?

A.

Pre-shared Secret and PKI Certificates

B.

PKI Certificates and Kerberos Tickets

C.

Pre-Shared Secrets and Kerberos Ticket

D.

PKI Certificates and DynamiciD OTP

Full Access
Question # 31

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

A.

ThreatWiki

B.

Whitelist Files

C.

AppWiki

D.

IPS Protections

Full Access
Question # 32

An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE?

A.

Section titles are not sent to the gateway side.

B.

These sections are simple visual divisions of the Rule Base and do not hinder the order of rule enforcement.

C.

A Sectional Title can be used to disable multiple rules by disabling only the sectional title.

D.

Sectional Titles do not need to be created in the SmartConsole.

Full Access
Question # 33

A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

A.

In the system SMEM memory pool.

B.

In State tables.

C.

In the Sessions table.

D.

In a CSV file on the firewall hard drive located in $FWDIR/conf/.

Full Access
Question # 34

R80 is supported by which of the following operating systems:

A.

Windows only

B.

Gaia only

C.

Gaia, SecurePlatform, and Windows

D.

SecurePlatform only

Full Access
Question # 35

Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Full Access
Question # 36

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?

A.

No, it will not work independently. Hit Count will be shown only for rules with Track options set as Log or alert

B.

Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway

C.

No, it will not work independently because hit count requires all rules to be logged

D.

Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways

Full Access
Question # 37

To provide updated malicious data signatures to all Threat Prevention blades, the Threat Prevention gateway does what with the data?

A.

Cache the data to speed up its own function.

B.

Share the data to the ThreatCloud for use by other Threat Prevention blades.

C.

Log the traffic for Administrator viewing.

D.

Delete the data to ensure an analysis of the data is done each time.

Full Access
Question # 38

Which of the following is used to enforce changes made to a Rule Base?

A.

Publish database

B.

Save changes

C.

Install policy

D.

Activate policy

Full Access
Question # 39

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

A.

SmartManager

B.

SmartConsole

C.

Security Gateway

D.

Security Management Server

Full Access
Question # 40

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Full Access
Question # 41

After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

A.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default nexthop gateway address 192.168.80.1 onsave config

B.

add interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

C.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

D.

add interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default nexthop gateway address 192.168.80.1 onsave config

Full Access
Question # 42

True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.

A.

True, every administrator works on a different database that Is independent of the other administrators

B.

False, this feature has to be enabled in the Global Properties.

C.

True, every administrator works in a session that is independent of the other administrators

D.

False, only one administrator can login with write permission

Full Access
Question # 43

Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.

A.

SecurID

B.

LDAP

C.

NT domain

D.

SMTP

Full Access
Question # 44

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

A.

None, Security Management Server would be installed by itself.

B.

SmartConsole

C.

SecureClient

D.

SmartEvent

Full Access
Question # 45

What Check Point tool is used to automatically update Check Point products for the Gaia OS?

A.

Check Point INSPECT Engine

B.

Check Point Upgrade Service Engine

C.

Check Point Update Engine

D.

Check Point Upgrade Installation Service

Full Access
Question # 46

What are the types of Software Containers?

A.

Smart Console, Security Management, and Security Gateway

B.

Security Management, Security Gateway, and Endpoint Security

C.

Security Management, Log & Monitoring, and Security Policy

D.

Security Management, Standalone, and Security Gateway

Full Access
Question # 47

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

A.

Captive Portal and Transparent Kerberos Authentication

B.

UserCheck

C.

User Directory

D.

Captive Portal

Full Access
Question # 48

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

A.

Distributed

B.

Standalone

C.

Bridge Mode

D.

Targeted

Full Access
Question # 49

What is the difference between SSL VPN and IPSec VPN?

A.

IPSec VPN does not require installation of a resident VPN client

B.

SSL VPN requires installation of a resident VPN client

C.

SSL VPN and IPSec VPN are the same

D.

IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

Full Access
Question # 50

What is the purpose of a Clean-up Rule?

A.

Clean-up Rules do not server any purpose.

B.

Provide a metric for determining unnecessary rules.

C.

To drop any traffic that is not explicitly allowed.

D.

Used to better optimize a policy.

Full Access
Question # 51

What are the three main components of Check Point security management architecture?

A.

SmartConsole, Security Management, and Security Gateway

B.

Smart Console, Standalone, and Security Management

C.

SmartConsole, Security policy, and Logs & Monitoring

D.

GUI-Client, Security Management, and Security Gateway

Full Access
Question # 52

What does it mean if Deyra sees the gateway status:

Choose the BEST answer.

A.

SmartCenter Server cannot reach this Security Gateway

B.

There is a blade reporting a problem

C.

VPN software blade is reporting a malfunction

D.

Security Gateway’s MGNT NIC card is disconnected.

Full Access
Question # 53

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

A.

Security Gateway IP-address cannot be changed without re-establishing the trust

B.

The Security Gateway name cannot be changed in command line without re-establishing trust

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust

Full Access
Question # 54

When using Automatic Hide NAT, what is enabled by default?

A.

Source Port Address Translation (PAT)

B.

Static NAT

C.

Static Route

D.

HTTPS Inspection

Full Access
Question # 55

For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

A.

Source Port Address Translation (PAT) is enabled by default

B.

Automate NAT rules are supported for Network objects only.

C.

Automatic NAT rules are supported for Host objects only.

D.

Source Port Address Translation (PAT) is disabled by default

Full Access
Question # 56

Which Threat Prevention profile uses sanitization technology?

A.

Cloud/data Center

B.

perimeter

C.

Sandbox

D.

Guest Network

Full Access
Question # 57

What command would show the API server status?

A.

cpm status

B.

api restart

C.

api status

D.

show api status

Full Access
Question # 58

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?

A.

Display policies and logs on the administrator's workstation.

B.

Processing and sending alerts such as SNMP traps and email notifications.

C.

Verify and compile Security Policies.

D.

Store firewall logs to hard drive storage.

Full Access
Question # 59

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20 GB

D.

At least 20GB

Full Access
Question # 60

Is it possible to have more than one administrator connected to a Security Management Server at once?

A.

Yes, but only if all connected administrators connect with read-only permissions.

B.

Yes, but objects edited by one administrator will be locked for editing by others until the session is published.

C.

No, only one administrator at a time can connect to a Security Management Server

D.

Yes, but only one of those administrators will have write-permissions. All others will have read-only permission.

Full Access
Question # 61

Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

A.

Down

B.

No Response

C.

Inactive

D.

Failed

Full Access
Question # 62

You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

A.

Right click Accept in the rule, select “More”, and then check “Enable Identity Captive Portal”

B.

On the firewall object, Legacy Authentication screen, check “Enable Identity Captive Portal”

C.

In the Captive Portal screen of Global Properties, check “Enable Identity Captive Portal”

D.

On the Security Management Server object, check the box “Identity Logging”

Full Access
Question # 63

Which command shows the installed licenses in Expert mode?

A.

print cplic

B.

show licenses

C.

fwlic print

D.

cplic print

Full Access
Question # 64

What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

A.

Verification tool

B.

Verification licensing

C.

Automatic licensing

D.

Automatic licensing and Verification tool

Full Access
Question # 65

A SAM rule Is implemented to provide what function or benefit?

A.

Allow security audits.

B.

Handle traffic as defined in the policy.

C.

Monitor sequence activity.

D.

Block suspicious activity.

Full Access
Question # 66

Which of the following is NOT a type of Endpoint Identity Agent?

A.

Custom

B.

Terminal

C.

Full

D.

Light

Full Access
Question # 67

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

A.

Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.

B.

Windows registry is available for future Security Management Server authentications.

C.

There is no memory used for saving a fingerprint anyway.

D.

SmartConsole cache is available for future Security Management Server authentications.

Full Access
Question # 68

You want to verify if there are unsaved changes in GAiA that will be lost with a reboot. What command can be used?

A.

show unsaved

B.

show save-state

C.

show configuration diff

D.

show config-state

Full Access
Question # 69

When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service?

A.

The URL and server certificate are sent to the Check Point Online Web Service

B.

The full URL, including page data, is sent to the Check Point Online Web Service

C.

The host part of the URL is sent to the Check Point Online Web Service

D.

The URL and IP address are sent to the Check Point Online Web Service

Full Access
Question # 70

When changes are made to a Rule base, it is important to _______________ to enforce changes.

A.

Publish database

B.

Activate policy

C.

Install policy

D.

Save changes

Full Access
Question # 71

Fill in the blank: The_____is used to obtain identification and security information about network users.

A.

User index

B.

UserCheck

C.

User Directory

D.

User server

Full Access
Question # 72

What is the best sync method in the ClusterXL deployment?

A.

Use 1 cluster + 1st sync

B.

Use 1 dedicated sync interface

C.

Use 3 clusters + 1st sync + 2nd sync + 3rd sync

D.

Use 2 clusters + 1st sync + 2nd sync

Full Access
Question # 73

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

A.

Full

B.

Custom

C.

Complete

D.

Light

Full Access
Question # 74

Which backup utility captures the most information and tends to create the largest archives?

A.

backup

B.

snapshot

C.

Database Revision

D.

migrate export

Full Access
Question # 75

Fill in the blank: SmartConsole, SmartEvent GUI client, and ___________ allow viewing of billions of consolidated logs and shows them as prioritized security events.

A.

SmartView Web Application

B.

SmartTracker

C.

SmartMonitor

D.

SmartReporter

Full Access
Question # 76

Which of these is NOT a feature or benefit of Application Control?

A.

Eliminate unknown and unwanted applications in your network to reduce IT complexity and application risk.

B.

Identify and control which applications are in your IT environment and which to add to the IT environment.

C.

Scans the content of files being downloaded by users in order to make policy decisions.

D.

Automatically identify trusted software that has authorization to run

Full Access
Question # 77

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

A.

INSPECT Engine

B.

Next-Generation Firewall

C.

Packet Filtering

D.

Application Layer Firewall

Full Access
Question # 78

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

A.

Next Generation Threat Prevention

B.

Next Generation Threat Emulation

C.

Next Generation Threat Extraction

D.

Next Generation Firewall

Full Access
Question # 79

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

A.

RADIUS

B.

Check Point password

C.

Security questions

D.

SecurID

Full Access
Question # 80

What is the most recommended installation method for Check Point appliances?

A.

SmartUpdate installation

B.

DVD media created with Check Point ISOMorphic

C.

USB media created with Check Point ISOMorphic

D.

Cloud based installation

Full Access
Question # 81

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

A.

I have changed this rule

B.

Someone else has changed this rule

C.

This rule is managed by check point’s SOC

D.

This rule can’t be changed as it’s an implied rule

Full Access
Question # 82

What are the steps to configure the HTTPS Inspection Policy?

A.

Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard

B.

Go to Application&url filtering blade > Advanced > Https Inspection > Policy

C.

Go to Manage&Settings > Blades > HTTPS Inspection > Policy

D.

Go to Application&url filtering blade > Https Inspection > Policy

Full Access
Question # 83

Which is a main component of the Check Point security management architecture?

A.

Identity Collector

B.

Endpoint VPN client

C.

SmartConsole

D.

Proxy Server

Full Access
Question # 84

Which Check Point supported authentication scheme typically requires a user to possess a token?

A.

RADIUS

B.

Check Point password

C.

TACACS

D.

SecurlD

Full Access
Question # 85

Which software blade does NOT accompany the Threat Prevention policy?

A.

IPS

B.

Application Control and URL Filtering

C.

Threat Emulation

D.

Anti-virus

Full Access
Question # 86

Which of the following is used to extract state related information from packets and store that information in state tables?

A.

STATE Engine

B.

TRACK Engine

C.

RECORD Engine

D.

INSPECT Engine

Full Access
Question # 87

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

A.

fwd

B.

fwm

C.

cpd

D.

cpwd

Full Access
Question # 88

Log query results can be exported to what file format?

A.

Word Document (docx)

B.

Comma Separated Value (csv)

C.

Portable Document Format (pdf)

D.

Text (txt)

Full Access
Question # 89

Which option will match a connection regardless of its association with a VPN community?

A.

All Site-to-Site VPN Communities

B.

Accept all encrypted traffic

C.

All Connections (Clear or Encrypted)

D.

Specific VPN Communities

Full Access
Question # 90

From SecureXL perspective, what are the tree paths of traffic flow:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Full Access
Question # 91

One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?

A.

AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.

B.

AdminA and AdminB are editing the same rule at the same time.

C.

AdminB sees a pencil icon next the rule that AdminB is currently editing.

D.

AdminA, AdminB and AdminC are editing three different rules at the same time.

Full Access
Question # 92

Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Full Access
Question # 93

Which of the following is NOT a tracking option? (Select three)

A.

Partial log

B.

Log

C.

Network log

D.

Full log

Full Access
Question # 94

Which of the following commands is used to monitor cluster members in CLI?

A.

show cluster state

B.

show active cluster

C.

show clusters

D.

show running cluster

Full Access
Question # 95

What are the software components used by Autonomous Threat Prevention Profiles in R8I.20 and higher?

A.

Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, JPS, File and URL Reputation

B.

IPS, Threat Emulation and Threat Extraction

C.

Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS

D.

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

Full Access
Question # 96

The Gateway Status view in SmartConsole shows the overall status of Security Gateways and Software Blades. What does the Status Attention mean?

A.

Cannot reach the Security Gateway.

B.

The gateway and all its Software Blades are working properly.

C.

At least one Software Blade has a minor issue, but the gateway works.

D.

Cannot make SIC between the Security Management Server and the Security Gateway

Full Access
Question # 97

When should you generate new licenses?

A.

Before installing contract files.

B.

After an RMA procedure when the MAC address or serial number of the appliance changes.

C.

When the existing license expires, license is upgraded or the IP-address where the license is tied changes.

D.

Only when the license is upgraded.

Full Access
Question # 98

Secure Internal Communication (SIC) is handled by what process?

A.

CPM

B.

HTTPS

C.

FWD

D.

CPD

Full Access
Question # 99

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.

A.

False, log servers are configured on the Log Server General Properties

B.

True, all Security Gateways will only forward logs with a SmartCenter Server configuration

C.

True, all Security Gateways forward logs automatically to the Security Management Server

D.

False, log servers are enabled on the Security Gateway General Properties

Full Access
Question # 100

What is NOT an advantage of Stateful Inspection?

A.

High Performance

B.

Good Security

C.

No Screening above Network layer

D.

Transparency

Full Access
Question # 101

Fill in the blanks: A ____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.

A.

Formal; corporate

B.

Local; formal

C.

Local; central

D.

Central; local

Full Access
Question # 102

What is the BEST method to deploy Identity Awareness for roaming users?

A.

Use Office Mode

B.

Use identity agents

C.

Share user identities between gateways

D.

Use captive portal

Full Access
Question # 103

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

A.

Distributed

B.

Standalone

C.

Bridge

Full Access
Question # 104

What command from the CLI would be used to view current licensing?

A.

license view

B.

fw ctl tab -t license -s

C.

show license -s

D.

cplic print

Full Access
Question # 105

Check Point licenses come in two forms. What are those forms?

A.

Central and Local.

B.

Access Control and Threat Prevention.

C.

On-premise and Public Cloud.

D.

Security Gateway and Security Management.

Full Access
Question # 106

Aggressive Mode in IKEv1 uses how many packages for negotiation?

A.

6

B.

3

C.

depends on the make of the peer gateway

D.

5

Full Access
Question # 107

What are the advantages of a “shared policy” in R80?

A.

Allows the administrator to share a policy between all the users identified by the Security Gateway

B.

Allows the administrator to share a policy between all the administrators managing the Security Management Server

C.

Allows the administrator to share a policy so that it is available to use in another Policy Package

D.

Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway

Full Access
Question # 108

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

A.

AD Query

B.

Terminal Servers Endpoint Identity Agent

C.

Endpoint Identity Agent and Browser-Based Authentication

D.

RADIUS and Account Logon

Full Access
Question # 109

What type of NAT is a one-to-one relationship where each host is translated to a unique address?

A.

Source

B.

Static

C.

Hide

D.

Destination

Full Access
Question # 110

Fill in the blanks: There are ________ types of software containers ________.

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Full Access
Question # 111

Fill in the blank When LDAP is integrated with Check Point Security Management it is then referred to as_____

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Full Access
Question # 112

Which Check Point Software Wade provides visibility of users, groups and machines while also providing access control through identity-based policies?

A.

Firewall

B.

Identity Awareness

C.

Application Control

D.

URL Filtering

Full Access
Question # 113

What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

A.

ifconfig -a

B.

show interfaces

C.

show interfaces detail

D.

show configuration interface

Full Access
Question # 114

Which Threat Prevention Profile is not included by default in R80 Management?

A.

Basic – Provides reliable protection on a range of non-HTTP protocols for servers, with minimal impact on network performance

B.

Optimized – Provides excellent protection for common network products and protocols against recent or popular attacks

C.

Strict – Provides a wide coverage for all products and protocols, with impact on network performance

D.

Recommended – Provides all protection for all common network products and servers, with impact on network performance

Full Access
Question # 115

If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

A.

Log Implied Rule was not set correctly on the track column on the rules base.

B.

Track log column is set to Log instead of Full Log.

C.

Track log column is set to none.

D.

Log Implied Rule was not selected on Global Properties.

Full Access
Question # 116

Which of the following is considered to be the more secure and preferred VPN authentication method?

A.

Password

B.

Certificate

C.

MD5

D.

Pre-shared secret

Full Access
Question # 117

Which of the following statements about Site-to-Site VPN Domain-based is NOT true?

  • Route-based— The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. The Routing Table can have routes to forward traffic to these VTls. Any traffic routed through a VTI is automatically identified as VPN Traffic and is passed through the VPN Tunnel associated with the VTI.

A.

Domain-based— VPN domains are pre-defined for all VPN Gateways. A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway.

B.

Domain-based— VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway.

C.

Domain-based— VPN domains are pre-defined for all VPN Gateways. When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways.

Full Access
Question # 118

When should you generate new licenses?

A.

Before installing contract files.

B.

After a device upgrade.

C.

When the existing license expires, license is upgraded or the IP-address associated with the license changes.

D.

Only when the license is upgraded.

Full Access
Question # 119

Which of the following is NOT a valid deployment option for R80?

A.

All-in-one (stand-alone)

B.

Log server

C.

SmartEvent

D.

Multi-domain management server

Full Access
Question # 120

Fill in the blank: Service blades must be attached to a ______________.

A.

Security Gateway

B.

Management container

C.

Management server

D.

Security Gateway container

Full Access