11.11 Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

156-315.81 Questions and Answers

Question # 6

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

Full Access
Question # 7

Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enabled which path is handling the traffic?

A.

Slow Path

B.

Medium Path

C.

Fast Path

D.

Accelerated Path

Full Access
Question # 8

Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

A.

enable DLP and select.exe and .bat file type

B.

enable .exe & .bat protection in IPS Policy

C.

create FW rule for particular protocol

D.

tecli advanced attributes set prohibited_file_types exe.bat

Full Access
Question # 9

Which of the following links will take you to the SmartView web application?

A.

https:// /smartviewweb/

B.

https:// /smartview/

C.

https:// smartviewweb

D.

https:// /smartview

Full Access
Question # 10

Which GUI client is supported in R81?

A.

SmartProvisioning

B.

SmartView Tracker

C.

SmartView Monitor

D.

SmartLog

Full Access
Question # 11

What is the benefit of “tw monitor” over “tcpdump”?

A.

“fw monitor” reveals Layer 2 information, while “tcpdump” acts at Layer 3.

B.

“fw monitor” is also available for 64-Bit operating systems.

C.

With “fw monitor”, you can see the inspection points, which cannot be seen in “tcpdump”

D.

“fw monitor” can be used from the CLI of the Management Server to collect information from multiple gateways.

Full Access
Question # 12

You have existing dbedit scripts from R77. Can you use them with R81.20?

A.

dbedit is not supported in R81.20

B.

dbedit is fully supported in R81.20

C.

You can use dbedit to modify threat prevention or access policies, but not create or modify layers

D.

dbedit scripts are being replaced by mgmt_cli in R81.20

Full Access
Question # 13

John is using Management HA. Which Smartcenter should be connected to for making changes?

A.

secondary Smartcenter

B.

active Smartenter

C.

connect virtual IP of Smartcenter HA

D.

primary Smartcenter

Full Access
Question # 14

Which directory below contains log files?

A.

/opt/CPSmartlog-R81/log

B.

/opt/CPshrd-R81/log

C.

/opt/CPsuite-R81/fw1/log

D.

/opt/CPsuite-R81/log

Full Access
Question # 15

What is mandatory for ClusterXL to work properly?

A.

The number of cores must be the same on every participating cluster node

B.

The Magic MAC number must be unique per cluster node

C.

The Sync interface must not have an IP address configured

D.

If you have “Non-monitored Private” interfaces, the number of those interfaces must be the same on all cluster members

Full Access
Question # 16

Security Checkup Summary can be easily conducted within:

A.

Summary

B.

Views

C.

Reports

D.

Checkups

Full Access
Question # 17

Which one of the following is true about Threat Extraction?

A.

Always delivers a file to user

B.

Works on all MS Office, Executables, and PDF files

C.

Can take up to 3 minutes to complete

D.

Delivers file only if no threats found

Full Access
Question # 18

How do Capsule Connect and Capsule Workspace differ?

A.

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications.

B.

Capsule Workspace can provide access to any application.

C.

Capsule Connect provides Business data isolation.

D.

Capsule Connect does not require an installed application at client.

Full Access
Question # 19

Can multiple administrators connect to a Security Management Server at the same time?

A.

No, only one can be connected

B.

Yes, all administrators can modify a network object at the same time

C.

Yes, every administrator has their own username, and works in a session that is independent of other administrators.

D.

Yes, but only one has the right to write.

Full Access
Question # 20

SandBlast appliances can be deployed in the following modes:

A.

using a SPAN port to receive a copy of the traffic only

B.

detect only

C.

inline/prevent or detect

D.

as a Mail Transfer Agent and as part of the traffic flow only

Full Access
Question # 21

SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.

A.

This statement is true because SecureXL does improve all traffic.

B.

This statement is false because SecureXL does not improve this traffic but CoreXL does.

C.

This statement is true because SecureXL does improve this traffic.

D.

This statement is false because encrypted traffic cannot be inspected.

Full Access
Question # 22

As an administrator, you may be required to add the company logo to reports. To do this, you would save the logo as a PNG file with the name ‘cover-company-logo.png’ and then copy that image file to which directory on the SmartEvent server?

A.

SFWDIR/smartevent/conf

B.

$RTDIR/smartevent/conf

C.

$RTDIR/smartview/conf

D.

$FWDIR/smartview/conf

Full Access
Question # 23

What are the blades of Threat Prevention?

A.

IPS, DLP, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

B.

DLP, AntiVirus, QoS, AntiBot, Sandblast Threat Emulation/Extraction

C.

IPS, AntiVirus, AntiBot

D.

IPS, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

Full Access
Question # 24

Both ClusterXL and VRRP are fully supported by Gaia R81.20 and available to all Check Point appliances. Which the following command is NOT related to redundancy and functions?

A.

cphaprob stat

B.

cphaprob –a if

C.

cphaprob –l list

D.

cphaprob all show stat

Full Access
Question # 25

You are investigating issues with to gateway cluster members are not able to establish the first initial cluster synchronization. What service is used by the FWD daemon to do a Full Synchronization?

A.

TCP port 443

B.

TCP port 257

C.

TCP port 256

D.

UDP port 8116

Full Access
Question # 26

When gathering information about a gateway using CPINFO, what information is included or excluded when using the “-x” parameter?

A.

Includes the registry

B.

Gets information about the specified Virtual System

C.

Does not resolve network addresses

D.

Output excludes connection table

Full Access
Question # 27

The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?

A.

Secure Internal Communication (SIC)

B.

Restart Daemons if they fail

C.

Transfers messages between Firewall processes

D.

Pulls application monitoring status

Full Access
Question # 28

What are the main stages of a policy installations?

A.

Verification & Compilation, Transfer and Commit

B.

Verification & Compilation, Transfer and Installation

C.

Verification, Commit, Installation

D.

Verification, Compilation & Transfer, Installation

Full Access
Question # 29

What is the purpose of a SmartEvent Correlation Unit?

A.

The SmartEvent Correlation Unit is designed to check the connection reliability from SmartConsole to the SmartEvent Server.

B.

The SmartEvent Correlation Unit’s task it to assign severity levels to the identified events.

C.

The Correlation unit role is to evaluate logs from the log server component to identify patterns/threats and convert them to events.

D.

The SmartEvent Correlation Unit is designed to check the availability of the SmartReporter Server.

Full Access
Question # 30

You want to store the GAIA configuration in a file for later reference. What command should you use?

A.

write mem

B.

show config –f

C.

save config –o

D.

save configuration

Full Access
Question # 31

How often does Threat Emulation download packages by default?

A.

Once a week

B.

Once an hour

C.

Twice per day

D.

Once per day

Full Access
Question # 32

SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

A.

Smart Cloud Services

B.

Load Sharing Mode Services

C.

Threat Agent Solution

D.

Public Cloud Services

Full Access
Question # 33

How do you enable virtual mac (VMAC) on-the-fly on a cluster member?

A.

cphaprob set int fwha_vmac_global_param_enabled 1

B.

clusterXL set int fwha_vmac_global_param_enabled 1

C.

fw ctl set int fwha_vmac_global_param_enabled 1

D.

cphaconf set int fwha_vmac_global_param_enabled 1

Full Access
Question # 34

Which Remote Access Client does not provide an Office-Mode Address?

A.

SecuRemote

B.

Endpoint Security Suite

C.

Endpoint Security VPN

D.

Check Point Mobile

Full Access
Question # 35

When using CPSTAT, what is the default port used by the AMON server?

A.

18191

B.

18192

C.

18194

D.

18190

Full Access
Question # 36

SmartConsole R81 requires the following ports to be open for SmartEvent R81 management:

A.

19090,22

B.

19190,22

C.

18190,80

D.

19009,443

Full Access
Question # 37

In ClusterXL Load Sharing Multicast Mode:

A.

only the primary member received packets sent to the cluster IP address

B.

only the secondary member receives packets sent to the cluster IP address

C.

packets sent to the cluster IP address are distributed equally between all members of the cluster

D.

every member of the cluster received all of the packets sent to the cluster IP address

Full Access
Question # 38

What is the order of NAT priorities?

A.

Static NAT, IP pool NAT, hide NAT

B.

IP pool NAT, static NAT, hide NAT

C.

Static NAT, automatic NAT, hide NAT

D.

Static NAT, hide NAT, IP pool NAT

Full Access
Question # 39

What is not a purpose of the deployment of Check Point API?

A.

Execute an automated script to perform common tasks

B.

Create a customized GUI Client for manipulating the objects database

C.

Create products that use and enhance the Check Point solution

D.

Integrate Check Point products with 3rd party solution

Full Access
Question # 40

What command lists all interfaces using Multi-Queue?

A.

cpmq get

B.

show interface all

C.

cpmq set

D.

show multiqueue all

Full Access
Question # 41

What is the command to show SecureXL status?

A.

fwaccel status

B.

fwaccel stats -m

C.

fwaccel -s

D.

fwaccel stat

Full Access
Question # 42

One of major features in R81 SmartConsole is concurrent administration.

Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?

A.

A lock icon shows that a rule or an object is locked and will be available.

B.

AdminA and AdminB are editing the same rule at the same time.

C.

A lock icon next to a rule informs that any Administrator is working on this particular rule.

D.

AdminA, AdminB and AdminC are editing three different rules at the same time.

Full Access
Question # 43

How many layers make up the TCP/IP model?

A.

2

B.

7

C.

6

D.

4

Full Access
Question # 44

Fill in the blank. Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is ________ .

A.

Sent to the Internal Certificate Authority.

B.

Sent to the Security Administrator.

C.

Stored on the Security Management Server.

D.

Stored on the Certificate Revocation List.

Full Access
Question # 45

The ____ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

A.

Next Generation Threat Prevention

B.

Next Generation Threat Emulation

C.

Next Generation Threat Extraction

D.

Next Generation Firewall

Full Access
Question # 46

SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:

A.

ping, traceroute, netstat, and route

B.

ping, nslookup, Telnet, and route

C.

ping, whois, nslookup, and Telnet

D.

ping, traceroute, netstat, and nslookup

Full Access
Question # 47

What does it mean if Deyra sees the gateway status? (Choose the BEST answer.)

A.

SmartCenter Server cannot reach this Security Gateway.

B.

There is a blade reporting a problem.

C.

VPN software blade is reporting a malfunction.

D.

Security Gateway’s MGNT NIC card is disconnected.

Full Access
Question # 48

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

A.

SND is a feature to accelerate multiple SSL VPN connections

B.

SND is an alternative to IPSec Main Mode, using only 3 packets

C.

SND is used to distribute packets among Firewall instances

D.

SND is a feature of fw monitor to capture accelerated packets

Full Access
Question # 49

With MTA (Mail Transfer Agent) enabled the gateways manages SMTP traffic and holds external email with potentially malicious attachments. What is required in order to enable MTA (Mail Transfer Agent) functionality in the Security Gateway?

A.

Threat Cloud Intelligence

B.

Threat Prevention Software Blade Package

C.

Endpoint Total Protection

D.

Traffic on port 25

Full Access
Question # 50

Which tool is used to enable ClusterXL?

A.

SmartUpdate

B.

cpconfig

C.

SmartConsole

D.

sysconfig

Full Access
Question # 51

In which formats can Threat Emulation forensics reports be viewed in?

A.

TXT, XML and CSV

B.

PDF and TXT

C.

PDF, HTML, and XML

D.

PDF and HTML

Full Access
Question # 52

When deploying SandBlast, how would a Threat Emulation appliance benefit from the integration of ThreatCloud?

A.

ThreatCloud is a database-related application which is located on-premise to preserve privacy of company-related data

B.

ThreatCloud is a collaboration platform for all the CheckPoint customers to form a virtual cloud consisting of a combination of all on-premise private cloud environments

C.

ThreatCloud is a collaboration platform for Check Point customers to benefit from VMWare ESXi infrastructure which supports the Threat Emulation Appliances as virtual machines in the EMC Cloud

D.

ThreatCloud is a collaboration platform for all the Check Point customers to share information about malicious and benign files that all of the customers can benefit from as it makes emulation of known files unnecessary

Full Access
Question # 53

What is the most ideal Synchronization Status for Security Management Server High Availability deployment?

A.

Lagging

B.

Synchronized

C.

Never been synchronized

D.

Collision

Full Access
Question # 54

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

A.

ThreatWiki

B.

Whitelist Files

C.

AppWiki

D.

IPS Protections

Full Access
Question # 55

On what port does the CPM process run?

A.

TCP 857

B.

TCP 18192

C.

TCP 900

D.

TCP 19009

Full Access
Question # 56

What is the minimum amount of RAM needed for a Threat Prevention Appliance?

A.

6 GB

B.

8GB with Gaia in 64-bit mode

C.

4 GB

D.

It depends on the number of software blades enabled

Full Access
Question # 57

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

A.

Security Gateway IP-address cannot be changed without re-establishing the trust.

B.

The Security Gateway name cannot be changed in command line without re-establishing trust.

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust.

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust.

Full Access
Question # 58

What is the responsibility of SOLR process on R81.20 management server?

A.

Validating all data before it’s written into the database

B.

It generates indexes of data written to the database

C.

Communication between SmartConsole applications and the Security Management Server

D.

Writing all information into the database

Full Access
Question # 59

You have a Geo-Protection policy blocking Australia and a number of other countries. Your network now requires a Check Point Firewall to be installed in Sydney, Australia.

What must you do to get SIC to work?

A.

Remove Geo-Protection, as the IP-to-country database is updated externally, and you have no control of this.

B.

Create a rule at the top in the Sydney firewall to allow control traffic from your network

C.

Nothing - Check Point control connections function regardless of Geo-Protection policy

D.

Create a rule at the top in your Check Point firewall to bypass the Geo-Protection

Full Access
Question # 60

You want to verify if your management server is ready to upgrade to R81.20. What tool could you use in this process?

A.

migrate export

B.

upgrade_tools verify

C.

pre_upgrade_verifier

D.

migrate import

Full Access
Question # 61

What command would show the API server status?

A.

cpm status

B.

api restart

C.

api status

D.

show api status

Full Access
Question # 62

GAiA Software update packages can be imported and installed offline in situation where:

A.

Security Gateway with GAiA does NOT have SFTP access to Internet

B.

Security Gateway with GAiA does NOT have access to Internet.

C.

Security Gateway with GAiA does NOT have SSH access to Internet.

D.

The desired CPUSE package is ONLY available in the Check Point CLOUD.

Full Access
Question # 63

Please choose the path to monitor the compliance status of the Check Point R81.20 based management.

A.

Gateways & Servers --> Compliance View

B.

Compliance blade not available under R81.20

C.

Logs & Monitor --> New Tab --> Open compliance View

D.

Security & Policies --> New Tab --> Compliance View

Full Access
Question # 64

NAT rules are prioritized in which order?

1. Automatic Static NAT

2. Automatic Hide NAT

3. Manual/Pre-Automatic NAT

4. Post-Automatic/Manual NAT rules

A.

1, 2, 3, 4

B.

1, 4, 2, 3

C.

3, 1, 2, 4

D.

4, 3, 1, 2

Full Access
Question # 65

What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

A.

Anti-Bot is the only countermeasure against unknown malware

B.

Anti-Bot is the only protection mechanism which starts a counter-attack against known Command & Control Centers

C.

Anti-Bot is the only signature-based method of malware protection.

D.

Anti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command & Control Center.

Full Access
Question # 66

When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or ________.

A.

SecureID

B.

SecurID

C.

Complexity

D.

TacAcs

Full Access
Question # 67

What has to be taken into consideration when configuring Management HA?

A.

The Database revisions will not be synchronized between the management servers

B.

SmartConsole must be closed prior to synchronized changes in the objects database

C.

If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections.

D.

For Management Server synchronization, only External Virtual Switches are supported. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.

Full Access
Question # 68

In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

A.

Accounting

B.

Suppression

C.

Accounting/Suppression

D.

Accounting/Extended

Full Access
Question # 69

You have a Gateway is running with 2 cores. You plan to add a second gateway to build a cluster and used a device with 4 cores.

How many cores can be used in a Cluster for Firewall-kernel on the new device?

A.

3

B.

2

C.

1

D.

4

Full Access
Question # 70

What is correct statement about Security Gateway and Security Management Server failover in Check Point R81.X in terms of Check Point Redundancy driven solution?

A.

Security Gateway failover is an automatic procedure but Security Management Server failover is a manual procedure.

B.

Security Gateway failover as well as Security Management Server failover is a manual procedure.

C.

Security Gateway failover is a manual procedure but Security Management Server failover is an automatic procedure.

D.

Security Gateway failover as well as Security Management Server failover is an automatic procedure.

Full Access
Question # 71

What are the types of Software Containers?

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security Gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Full Access
Question # 72

In what way are SSL VPN and IPSec VPN different?

A.

SSL VPN is using HTTPS in addition to IKE, whereas IPSec VPN is clientless

B.

SSL VPN adds an extra VPN header to the packet, IPSec VPN does not

C.

IPSec VPN does not support two factor authentication, SSL VPN does support this

D.

IPSec VPN uses an additional virtual adapter; SSL VPN uses the client network adapter only.

Full Access
Question # 73

Which Check Point software blade provides Application Security and identity control?

A.

Identity Awareness

B.

Data Loss Prevention

C.

URL Filtering

D.

Application Control

Full Access
Question # 74

Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.

Which of the following statements correctly identify each product's capabilities?

A.

Workspace supports ios operating system, Android, and WP8, whereas Connect supports ios operating system and Android only

B.

For compliance/host checking, Workspace offers the MDM cooperative enforcement, whereas Connect offers both jailbreak/root detection and MDM cooperative enforcement.

C.

For credential protection, Connect uses One-time Password login support and has no SSO support, whereas Workspace offers both One-Time Password and certain SSO login support.

D.

Workspace can support any application, whereas Connect has a limited number of application types which it will support.

Full Access
Question # 75

Vanessa is firewall administrator in her company. Her company is using Check Point firewall on a central and several remote locations which are managed centrally by R77.30 Security Management Server. On central location is installed R77.30 Gateway on Open server. Remote locations are using Check Point UTM-1570 series appliances with R75.30 and some of them are using a UTM-1-Edge-X or Edge-W with latest available firmware. She is in process of migrating to R81.

What can cause Vanessa unnecessary problems, if she didn’t check all requirements for migration to R81?

A.

Missing an installed R77.20 Add-on on Security Management Server

B.

Unsupported firmware on UTM-1 Edge-W appliance

C.

Unsupported version on UTM-1 570 series appliance

D.

Unsupported appliances on remote locations

Full Access
Question # 76

Which application should you use to install a contract file?

A.

SmartView Monitor

B.

WebUI

C.

SmartUpdate

D.

SmartProvisioning

Full Access
Question # 77

What will SmartEvent automatically define as events?

A.

Firewall

B.

VPN

C.

IPS

D.

HTTPS

Full Access
Question # 78

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________ .

A.

User Directory

B.

Captive Portal and Transparent Kerberos Authentication

C.

Captive Portal

D.

UserCheck

Full Access
Question # 79

Which of the following is NOT an option to calculate the traffic direction?

A.

Incoming

B.

Internal

C.

External

D.

Outgoing

Full Access
Question # 80

Which of the following commands shows the status of processes?

A.

cpwd_admin -l

B.

cpwd -l

C.

cpwd admin_list

D.

cpwd_admin list

Full Access
Question # 81

Which of the following is NOT an alert option?

A.

SNMP

B.

High alert

C.

Mail

D.

User defined alert

Full Access
Question # 82

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated.

What is the most likely reason that the traffic is not accelerated?

A.

There is a virus found. Traffic is still allowed but not accelerated.

B.

The connection required a Security server.

C.

Acceleration is not enabled.

D.

The traffic is originating from the gateway itself.

Full Access
Question # 83

Joey wants to upgrade from R75.40 to R81 version of Security management. He will use Advanced Upgrade with Database Migration method to achieve this.

What is one of the requirements for his success?

A.

Size of the /var/log folder of the source machine must be at least 25% of the size of the /var/log directory on the target machine

B.

Size of the /var/log folder of the target machine must be at least 25% of the size of the /var/log directory on the source machine

C.

Size of the $FWDIR/log folder of the target machine must be at least 30% of the size of the $FWDIR/log directory on the source machine

D.

Size of the /var/log folder of the target machine must be at least 25GB or more

Full Access
Question # 84

Check Point security components are divided into the following components:

A.

GUI Client, Security Gateway, WebUI Interface

B.

GUI Client, Security Management, Security Gateway

C.

Security Gateway, WebUI Interface, Consolidated Security Logs

D.

Security Management, Security Gateway, Consolidate Security Logs

Full Access
Question # 85

You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?

A.

edit fwaffinity.conf; reboot required

B.

cpconfig; reboot required

C.

edit fwaffinity.conf; reboot not required

D.

cpconfig; reboot not required

Full Access
Question # 86

What state is the Management HA in when both members have different policies/databases?

A.

Synchronized

B.

Never been synchronized

C.

Lagging

D.

Collision

Full Access
Question # 87

NO: 219

What cloud-based SandBlast Mobile application is used to register new devices and users?

A.

Check Point Protect Application

B.

Management Dashboard

C.

Behavior Risk Engine

D.

Check Point Gateway

Full Access
Question # 88

What a valid SecureXL paths in R81.20?

A.

F2F (Slow path). Templated Path. PQX and F2V

B.

F2F (Slow path). PXL, QXL and F2V

C.

F2F (Slow path), Accelerated Path, PQX and F2V

D.

F2F (Slow path), Accelerated Path, Medium Path and F2V

Full Access
Question # 89

If SecureXL is disabled which path is used to process traffic?

A.

Passive path

B.

Medium path

C.

Firewall path

D.

Accelerated path

Full Access
Question # 90

Joey want to configure NTP on R81 Security Management Server. He decided to do this via WebUI. What is the correct address to access the Web UI for Gaia platform via browser?

A.

https://

B.

http:// :443

C.

https:// :10000

D.

https:// :4434

Full Access
Question # 91

How to can you make sure that the old logs will be available after updating the Management to version R81.20 using the Advanced Upgrade Method?

A.

Use the WebUI -> Maintenance > System Backup and store the backup on a remote FTP server

B.

The logs will be included running SFWDIR/scripts/migrate_server export -v R81.20

C.

Use the WebUI to save a snapshot before updating the Management -> Maintenance > Snapshot Management

D.

Use the migrate_server tool with the option '-I' for the logs and '-x' for the index

Full Access
Question # 92

In R81, where do you manage your Mobile Access Policy?

A.

Access Control Policy

B.

Through the Mobile Console

C.

Shared Gateways Policy

D.

From the Dedicated Mobility Tab

Full Access
Question # 93

Bob has finished io setup provisioning a secondary security management server. Now he wants to check if the provisioning has been correct. Which of the following Check Point command can be used to check if the security management server has been installed as a primary or a secondary security management server?

A.

cpprod_util MgmtlsPrimary

B.

cpprod_util FwlsSecondary

C.

cpprod_util MgmtlsSecondary

D.

cpprod_util FwlsPrimary

Full Access
Question # 94

By default how often updates are checked when the CPUSE Software Updates Policy is set to Automatic?

A.

Six times per day

B.

Seven times per day

C.

Every two hours

D.

Every three hours

Full Access
Question # 95

Which member of a high-availability cluster should be upgraded first in a Zero downtime upgrade?

A.

The Standby Member

B.

The Active Member

C.

The Primary Member

D.

The Secondary Member

Full Access
Question # 96

Which two Identity Awareness daemons are used to support identity sharing?

A.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

B.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

C.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

D.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Full Access
Question # 97

The back-end database for Check Point R81 Management uses:

A.

DBMS

B.

MongoDB

C.

PostgreSQL

D.

MySQL

Full Access
Question # 98

What is the benefit of Manual NAT over Automatic NAT?

A.

If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy.

B.

There is no benefit since Automatic NAT has in any case higher priority over Manual NAT

C.

You have the full control about the priority of the NAT rules

D.

On IPSO and GAIA Gateways, it is handled in a stateful manner

Full Access
Question # 99

Firewall polices must be configured to accept VRRP packets on the GAiA platform if it Firewall software. The Multicast destination assigned by the internet Assigned Number Authority (IANA) for VRRP is:

A.

224.0.0.18

B.

224 00 5

C.

224.0.0.102

D.

224.0.0.22

Full Access
Question # 100

DLP and Geo Policy are examples of what type of Policy?

A.

Standard Policies

B.

Shared Policies

C.

Inspection Policies

D.

Unified Policies

Full Access
Question # 101

On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

A.

Kerberos SSO which will be working for Active Directory integration

B.

Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user.

C.

Obligatory usage of Captive Portal.

D.

The ports 443 or 80 what will be used by Browser-Based and configured Authentication.

Full Access
Question # 102

What object type would you use to grant network access to an LDAP user group?

A.

Access Role

B.

Group Template

C.

SmartDirectory Group

D.

User Group

Full Access
Question # 103

Which TCP port does the CPM process listen on?

A.

18191

B.

18190

C.

8983

D.

19009

Full Access
Question # 104

Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?

A.

set web ssl-port

B.

set Gaia-portal port

C.

set Gaia-portal https-port

D.

set web https-port

Full Access
Question # 105

What is Dynamic Balancing?

A.

It is a ClusterXL feature that switches an HA cluster into an LS cluster if required to maximize throughput

B.

It is a feature that uses a daemon to balance the required number of firewall instances and SNDs based on the current load

C.

It is a new feature that is capable of dynamically reserve the amount of Hash kernel memory to reflect the resource usage necessary for maximizing the session rate.

D.

It is a CoreXL feature that assigns the SND to network interfaces to balance the RX Cache of the interfaces

Full Access
Question # 106

UserCheck objects in the Application Control and URL Filtering rules allow the gateway to communicate with the users. Which action is not supported in UserCheck objects?

A.

Ask

B.

Drop

C.

Inform

D.

Reject

Full Access
Question # 107

Which of the following is NOT an internal/native Check Point command?

A.

fwaccel on

B.

fw ct1 debug

C.

tcpdump

D.

cphaprob

Full Access
Question # 108

A user complains that some Internet resources are not available. The Administrator is having issues seeing it packets are being dropped at the firewall (not seeing drops in logs). What is the solution to troubleshoot the issue?

A.

run fw unloadlocal" on the relevant gateway and check the ping again

B.

run "cpstop" on the relevant gateway and check the ping again

C.

run ‘’fw log" on the relevant gateway

D.

run ‘’fw ctl zdebug drop" on the relevant gateway

Full Access
Question # 109

The Check Point installation history feature in provides the following:

A.

View install changes and install specific version

B.

Policy Installation Date only

C.

Policy Installation Date, view install changes and install specific version

D.

View install changes

Full Access
Question # 110

Which of the following processes pulls the application monitoring status from gateways?

A.

cpd

B.

cpwd

C.

cpm

D.

fwm

Full Access
Question # 111

What mechanism can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources?

A.

The corresponding feature is new to R81.20 and is called "Management Data Plane Separation"

B.

The corresponding feature is called "Dynamic Dispatching"

C.

There is a feature for ensuring stable connectivity to the management server and is done via Priority Queuing.

D.

The corresponding feature is called "Dynamic Split"

Full Access
Question # 112

What is the default shell of Gaia CLI?

A.

Monitor

B.

CLI.sh

C.

Read-only

D.

Bash

Full Access
Question # 113

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?

A.

Security Gateway is not part of the Domain

B.

SmartConsole machine is not part of the domain

C.

Identity Awareness is not enabled on Global properties

D.

Security Management Server is not part of the domain

Full Access
Question # 114

View the rule below. What does the lock-symbol in the left column mean? (Choose the BEST answer.)

A.

The current administrator has read-only permissions to Threat Prevention Policy.

B.

Another user has locked the rule for editing.

C.

Configuration lock is present. Click the lock symbol to gain read-write access.

D.

The current administrator is logged in as read-only because someone else is editing the policy.

Full Access
Question # 115

Alice & Bob are concurrently logged In via SSH on the same Check Point Security Gateway as user "admin* however Bob was first logged in and acquired the lock Alice Is not aware that Bob is also togged in to the same Security Management Server as she is but she needs to perform very urgent configuration changes - which of the following GAlAclish command is true for overriding Bobs configuration database lock:

A.

lock database override

B.

unlock override database

C.

unlock database override

D.

database unlock override

Full Access
Question # 116

Which upgrade method you should use upgrading from R80.40 to R81.20 to avoid any downtime?

A.

Zero Downtime Upgrade (ZDU)

B.

Connectivity Upgrade (CU)

C.

Minimal Effort Upgrade (ME)

D.

Multi-Version Cluster Upgrade (MVC)

Full Access
Question # 117

Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ____ all traffic. However, in the Application Control policy layer, the default action is ______ all traffic.

A.

Accept; redirect

B.

Accept; drop

C.

Redirect; drop

D.

Drop; accept

Full Access
Question # 118

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Full Access
Question # 119

You pushed a policy to your gateway and you cannot access the gateway remotely any more. What command should you use to remove the policy from the gateway by logging in through console access?

A.

"fw cpstop"

B.

"fw unloadlocal"

C.

"fwundo"

D.

"fw unloadpolicy''

Full Access
Question # 120

Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n)_____________ Server.

A.

SecurID

B.

NT domain

C.

LDAP

D.

SMTP

Full Access
Question # 121

There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A’s interface issues were resolved and it became operational.

When it re-joins the cluster, will it become active automatically?

A.

No, since ‘maintain’ current active cluster member’ option on the cluster object properties is enabled by default.

B.

No, since ‘maintain’ current active cluster member’ option is enabled by default on the Global Properties.

C.

Yes, since ‘Switch to higher priority cluster member’ option on the cluster object properties is enabled by default.

D.

Yes, since ‘Switch to higher priority cluster member’ option is enabled by default on the Global Properties.

Full Access
Question # 122

What are the two types of tests when using the Compliance blade?

A.

Policy-based tests and Global properties

B.

Global tests and Object-based tests

C.

Access Control policy analysis and Threat Prevention policy analysis

D.

Tests conducted based on the loC XMfcfile and analysis of SOLR documents

Full Access
Question # 123

What are the available options for downloading Check Point hotfixes in Gala WebUI (CPUSE)?

A.

Manually, Scheduled, Automatic

B.

Manually, Automatic, Disabled

C.

Manually, Scheduled, Disabled

D.

Manually, Scheduled, Enabled

Full Access
Question # 124

Bob is going to prepare the import of the exported R81.20 management database. Now he wants to verify that the installed tools on the new target security management machine are able to handle the R81.20 release. Which of the following Check Point command is true?

A.

$FWDIR/scripts/migrate_server print_installed_tools -v R77.30

B.

$CPDIR/scripts/migrate_server print_installed_tools -v R81.20

C.

$FWDIR/scripts/migrate_server print_installed_tools -v R81.20

D.

$FWDIR/scripts/migrate_server print_uninstalled_tools -v R81.20

Full Access
Question # 125

What is the default size of NAT table fwx_alloc?

A.

20000

B.

35000

C.

25000

D.

10000

Full Access
Question # 126

How can you see historical data with cpview?

A.

cpview -f

B.

cpview -e

C.

cpview -t

D.

cpview -d

Full Access
Question # 127

Which of the following statements about SecureXL NAT Templates is true?

A.

NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new

connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are enabled by default and work only if Accept Templates are enabled.

B.

DROP Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new

connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if NAT Templates are disabled.

C.

NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new

connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if Accept Templates are disabled.

D.

ACCEPT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if NAT Templates are disabled.

Full Access
Question # 128

Which is the command to identify the NIC driver before considering about the employment of the Multi-Queue feature?

A.

ip show int eth0

B.

show interface eth0 mq

C.

ifconfig -i eth0 verbose

D.

ethtool -i eth0

Full Access
Question # 129

By default, which port does the WebUI listen on?

A.

80

B.

4434

C.

443

D.

8080

Full Access
Question # 130

Fill in the blanks: A _______ license requires an administrator to designate a gateway for attachment whereas a ________ license is automatically attached to a Security Gateway.

A.

Formal; corporate

B.

Local; formal

C.

Local; central

D.

Central; local

Full Access
Question # 131

What is the base level encryption key used by Capsule Docs?

A.

RSA 2048

B.

RSA 1024

C.

SHA-256

D.

AES

Full Access
Question # 132

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to “None”?

A.

No, it will work independently. Hit Count will be shown only for rules Track option set as Log or alert.

B.

Yes it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway.

C.

No, it will not work independently because hit count requires all rules to be logged.

D.

Yes it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways.

Full Access
Question # 133

By default, the R81 web API uses which content-type in its response?

A.

Java Script

B.

XML

C.

Text

D.

JSON

Full Access
Question # 134

Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?

A.

Dynamic ID

B.

RADIUS

C.

Username and Password

D.

Certificate

Full Access
Question # 135

What SmartEvent component creates events?

A.

Consolidation Policy

B.

Correlation Unit

C.

SmartEvent Policy

D.

SmartEvent GUI

Full Access
Question # 136

The Event List within the Event tab contains:

A.

a list of options available for running a query.

B.

the top events, destinations, sources, and users of the query results, either as a chart or in a tallied list.

C.

events generated by a query.

D.

the details of a selected event.

Full Access
Question # 137

Connections to the Check Point R81 Web API use what protocol?

A.

HTTPS

B.

RPC

C.

VPN

D.

SIC

Full Access
Question # 138

Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?

A.

logd

B.

fwd

C.

fwm

D.

cpd

Full Access
Question # 139

Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

A.

50%

B.

75%

C.

80%

D.

15%

Full Access
Question # 140

What Factor preclude Secure XL Templating?

A.

Source Port Ranges/Encrypted Connections

B.

IPS

C.

ClusterXL in load sharing Mode

D.

CoreXL

Full Access
Question # 141

What is not a component of Check Point SandBlast?

A.

Threat Emulation

B.

Threat Simulator

C.

Threat Extraction

D.

Threat Cloud

Full Access
Question # 142

Which command lists all tables in Gaia?

A.

fw tab –t

B.

fw tab –list

C.

fw-tab –s

D.

fw tab -1

Full Access
Question # 143

What are the attributes that SecureXL will check after the connection is allowed by Security Policy?

A.

Source address, Destination address, Source port, Destination port, Protocol

B.

Source MAC address, Destination MAC address, Source port, Destination port, Protocol

C.

Source address, Destination address, Source port, Destination port

D.

Source address, Destination address, Destination port, Protocol

Full Access
Question # 144

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

A.

None, Security Management Server would be installed by itself.

B.

SmartConsole

C.

SecureClient

D.

Security Gateway

E.

SmartEvent

Full Access
Question # 145

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

A.

Detects and blocks malware by correlating multiple detection engines before users are affected.

B.

Configure rules to limit the available network bandwidth for specified users or groups.

C.

Use UserCheck to help users understand that certain websites are against the company’s security policy.

D.

Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Full Access
Question # 146

Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.

A.

TCP port 19009

B.

TCP Port 18190

C.

TCP Port 18191

D.

TCP Port 18209

Full Access
Question # 147

Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic. The cpm process:

A.

Allow GUI Client and management server to communicate via TCP Port 19001

B.

Allow GUI Client and management server to communicate via TCP Port 18191

C.

Performs database tasks such as creating, deleting, and modifying objects and compiling policy.

D.

Performs database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation.

Full Access
Question # 148

Which two of these Check Point Protocols are used by SmartEvent Processes?

A.

ELA and CPD

B.

FWD and LEA

C.

FWD and CPLOG

D.

ELA and CPLOG

Full Access
Question # 149

Which is NOT an example of a Check Point API?

A.

Gateway API

B.

Management API

C.

OPSC SDK

D.

Threat Prevention API

Full Access
Question # 150

From SecureXL perspective, what are the tree paths of traffic flow:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Full Access
Question # 151

How can SmartView application accessed?

A.

http:// /smartview

B.

http:// :4434/smartview/

C.

https:// /smartview/

D.

https:// :4434/smartview/

Full Access
Question # 152

Which packet info is ignored with Session Rate Acceleration?

A.

source port ranges

B.

source ip

C.

source port

D.

same info from Packet Acceleration is used

Full Access
Question # 153

Which command would disable a Cluster Member permanently?

A.

clusterXL_admin down

B.

cphaprob_admin down

C.

clusterXL_admin down-p

D.

set clusterXL down-p

Full Access
Question # 154

You want to gather and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?

A.

SmartEvent Client Info

B.

SecuRemote

C.

Check Point Protect

D.

Check Point Capsule Cloud

Full Access
Question # 155

To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:

A.

fw ctl multik set_mode 1

B.

fw ctl Dynamic_Priority_Queue on

C.

fw ctl Dynamic_Priority_Queue enable

D.

fw ctl multik set_mode 9

Full Access
Question # 156

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

A.

Symmetric routing

B.

Failovers

C.

Asymmetric routing

D.

Anti-Spoofing

Full Access
Question # 157

You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?

A.

restore_backup

B.

import backup

C.

cp_merge

D.

migrate import

Full Access
Question # 158

Fill in the blank: The tool _____ generates a R81 Security Gateway configuration report.

A.

infoCP

B.

infoview

C.

cpinfo

D.

fw cpinfo

Full Access
Question # 159

Which command shows actual allowed connections in state table?

A.

fw tab –t StateTable

B.

fw tab –t connections

C.

fw tab –t connection

D.

fw tab connections

Full Access
Question # 160

During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?

A.

Host having a Critical event found by Threat Emulation

B.

Host having a Critical event found by IPS

C.

Host having a Critical event found by Antivirus

D.

Host having a Critical event found by Anti-Bot

Full Access
Question # 161

What is the difference between an event and a log?

A.

Events are generated at gateway according to Event Policy

B.

A log entry becomes an event when it matches any rule defined in Event Policy

C.

Events are collected with SmartWorkflow form Trouble Ticket systems

D.

Log and Events are synonyms

Full Access
Question # 162

In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

A.

Big l

B.

Little o

C.

Little i

D.

Big O

Full Access
Question # 163

Which of the SecureXL templates are enabled by default on Security Gateway?

A.

Accept

B.

Drop

C.

NAT

D.

None

Full Access
Question # 164

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

A.

UDP port 265

B.

TCP port 265

C.

UDP port 256

D.

TCP port 256

Full Access
Question # 165

CPM process stores objects, policies, users, administrators, licenses and management data in a database. The database is:

A.

MySQL

B.

Postgres SQL

C.

MarisDB

D.

SOLR

Full Access
Question # 166

Which command collects diagnostic data for analyzing customer setup remotely?

A.

cpinfo

B.

migrate export

C.

sysinfo

D.

cpview

Full Access
Question # 167

SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser. What are the two modes of SNX?

A.

Application and Client Service

B.

Network and Application

C.

Network and Layers

D.

Virtual Adapter and Mobile App

Full Access
Question # 168

What is the limitation of employing Sticky Decision Function?

A.

With SDF enabled, the involved VPN Gateways only supports IKEv1

B.

Acceleration technologies, such as SecureXL and CoreXL are disabled when activating SDF

C.

With SDF enabled, only ClusterXL in legacy mode is supported

D.

With SDF enabled, you can only have three Sync interfaces at most

Full Access
Question # 169

The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?

A.

add host name ip-address

B.

add hostname ip-address

C.

set host name ip-address

D.

set hostname ip-address

Full Access
Question # 170

The Firewall kernel is replicated multiple times, therefore:

A.

The Firewall kernel only touches the packet if the connection is accelerated

B.

The Firewall can run different policies per core

C.

The Firewall kernel is replicated only with new connections and deletes itself once the connection times out

D.

The Firewall can run the same policy on all cores.

Full Access
Question # 171

What are the three components for Check Point Capsule?

A.

Capsule Docs, Capsule Cloud, Capsule Connect

B.

Capsule Workspace, Capsule Cloud, Capsule Connect

C.

Capsule Workspace, Capsule Docs, Capsule Connect

D.

Capsule Workspace, Capsule Docs, Capsule Cloud

Full Access
Question # 172

What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

A.

Stateful Mode

B.

VPN Routing Mode

C.

Wire Mode

D.

Stateless Mode

Full Access
Question # 173

In R81, how do you manage your Mobile Access Policy?

A.

Through the Unified Policy

B.

Through the Mobile Console

C.

From SmartDashboard

D.

From the Dedicated Mobility Tab

Full Access
Question # 174

What happen when IPS profile is set in Detect Only Mode for troubleshooting?

A.

It will generate Geo-Protection traffic

B.

Automatically uploads debugging logs to Check Point Support Center

C.

It will not block malicious traffic

D.

Bypass licenses requirement for Geo-Protection control

Full Access
Question # 175

The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .

A.

TCP 18211

B.

TCP 257

C.

TCP 4433

D.

TCP 443

Full Access
Question # 176

Which command shows detailed information about VPN tunnels?

A.

cat $FWDIR/conf/vpn.conf

B.

vpn tu tlist

C.

vpn tu

D.

cpview

Full Access
Question # 177

What is the purpose of extended master key extension/session hash?

A.

UDP VOIP protocol extension

B.

In case of TLS1.x it is a prevention of a Man-in-the-Middle attack/disclosure of the client-server communication

C.

Special TCP handshaking extension

D.

Supplement DLP data watermark

Full Access
Question # 178

Which one of the following is true about Capsule Connect?

A.

It is a full layer 3 VPN client

B.

It offers full enterprise mobility management

C.

It is supported only on iOS phones and Windows PCs

D.

It does not support all VPN authentication methods

Full Access
Question # 179

What is the command to check the status of the SmartEvent Correlation Unit?

A.

fw ctl get int cpsead_stat

B.

cpstat cpsead

C.

fw ctl stat cpsemd

D.

cp_conf get_stat cpsemd

Full Access
Question # 180

What is the name of the secure application for Mail/Calendar for mobile devices?

A.

Capsule Workspace

B.

Capsule Mail

C.

Capsule VPN

D.

Secure Workspace

Full Access
Question # 181

What is the purpose of Priority Delta in VRRP?

A.

When a box up, Effective Priority = Priority + Priority Delta

B.

When an Interface is up, Effective Priority = Priority + Priority Delta

C.

When an Interface fail, Effective Priority = Priority – Priority Delta

D.

When a box fail, Effective Priority = Priority – Priority Delta

Full Access
Question # 182

What component of R81 Management is used for indexing?

A.

DBSync

B.

API Server

C.

fwm

D.

SOLR

Full Access
Question # 183

Which one of the following is true about Threat Emulation?

A.

Takes less than a second to complete

B.

Works on MS Office and PDF files only

C.

Always delivers a file

D.

Takes minutes to complete (less than 3 minutes)

Full Access
Question # 184

Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?

A.

$FWDIR/database/fwauthd.conf

B.

$FWDIR/conf/fwauth.conf

C.

$FWDIR/conf/fwauthd.conf

D.

$FWDIR/state/fwauthd.conf

Full Access
Question # 185

What API command below creates a new host with the name “New Host” and IP address of “192.168.0.10”?

A.

new host name “New Host” ip-address “192.168.0.10”

B.

set host name “New Host” ip-address “192.168.0.10”

C.

create host name “New Host” ip-address “192.168.0.10”

D.

add host name “New Host” ip-address “192.168.0.10”

Full Access
Question # 186

Which web services protocol is used to communicate to the Check Point R81 Identity Awareness Web API?

A.

SOAP

B.

REST

C.

XLANG

D.

XML-RPC

Full Access
Question # 187

What is the most recommended way to install patches and hotfixes?

A.

CPUSE Check Point Update Service Engine

B.

rpm -Uv

C.

Software Update Service

D.

UnixinstallScript

Full Access
Question # 188

When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20GB

D.

At least 20GB

Full Access