Independence Day Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

Check Point Certified Security Administrator R81.20 Question and Answers

Check Point Certified Security Administrator R81.20

Last Update Jul 15, 2024
Total Questions : 400

We are offering FREE 156-215.81 Checkpoint exam questions. All you do is to just go and sign up. Give your details, prepare 156-215.81 free exam questions and then go for complete pool of Check Point Certified Security Administrator R81.20 test questions that will help you more.

156-215.81 pdf

156-215.81 PDF

$35  $99.99
156-215.81 Engine

156-215.81 Testing Engine

$42  $119.99
156-215.81 PDF + Engine

156-215.81 PDF + Testing Engine

$56  $159.99
Questions 1

Which encryption algorithm is the least secured?

Options:

A.  

3DES

B.  

AES-128

C.  

DES

D.  

AES-256

Discussion 0
Questions 2

You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Options:

A.  

fw ctl multik dynamic_dispatching on

B.  

fw ctl multik dynamic_dispatching set_mode 9

C.  

fw ctl multik set_mode 9

D.  

fw ctl miltik pq enable

Discussion 0
Questions 3

By default, which port does the WebUI listen on?

Options:

A.  

8080

B.  

80

C.  

4434

D.  

443

Discussion 0
Questions 4

Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

Options:

A.  

IPS blade

B.  

IPSEC VPN Blade

C.  

Identity Awareness Blade

D.  

Firewall Blade

Discussion 0
Questions 5

An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

Options:

A.  

AD Query

B.  

Browser-Based Authentication

C.  

Identity Agents

D.  

Terminal Servers Agent

Discussion 0
Questions 6

Identity Awareness allows easy configuration for network access and auditing based on what three items?

Options:

A.  

Client machine IP address.

B.  

Network location, the identity of a user and the identity of a machine.

C.  

Log server IP address.

D.  

Gateway proxy IP address.

Discussion 0
Questions 7

What are the three deployment considerations for a secure network?

Options:

A.  

Distributed, Bridge Mode, and Remote

B.  

Bridge Mode, Remote, and Standalone

C.  

Remote, Standalone, and Distributed

D.  

Standalone, Distributed, and Bridge Mode

Discussion 0
Questions 8

Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway?

Options:

A.  

Data Loss Prevention

B.  

Antivirus

C.  

Application Control

D.  

NAT

Discussion 0
Questions 9

How is communication between different Check Point components secured in R80? As with all questions, select the best answer.

Options:

A.  

By using IPSEC

B.  

By using SIC

C.  

By using ICA

D.  

By using 3DES

Discussion 0
Questions 10

Check Point ClusterXL Active/Active deployment is used when:

Options:

A.  

Only when there is Multicast solution set up

B.  

There is Load Sharing solution set up

C.  

Only when there is Unicast solution set up

D.  

There is High Availability solution set up

Discussion 0
Questions 11

What is the RFC number that act as a best practice guide for NAT?

Options:

A.  

RFC 1939

B.  

RFC 1950

C.  

RFC 1918

D.  

RFC 793

Discussion 0
Questions 12

Under which file is the proxy arp configuration stored?

Options:

A.  

$FWDIR/state/proxy_arp.conf on the management server

B.  

$FWDIR/conf/local.arp on the management server

C.  

$FWDIR/state/_tmp/proxy.arp on the security gateway

D.  

$FWDIR/conf/local.arp on the gateway

Discussion 0
Questions 13

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

Options:

A.  

AD Query

B.  

Terminal Servers Endpoint Identity Agent

C.  

Endpoint Identity Agent and Browser-Based Authentication

D.  

RADIUS and Account Logon

Discussion 0
Questions 14

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?

Options:

A.  

No, it will not work independently. Hit Count will be shown only for rules with Track options set as Log or alert

B.  

Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway

C.  

No, it will not work independently because hit count requires all rules to be logged

D.  

Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways

Discussion 0
Questions 15

Core Protections are installed as part of what Policy?

Options:

A.  

Access Control Policy.

B.  

Desktop Firewall Policy

C.  

Mobile Access Policy.

D.  

Threat Prevention Policy.

Discussion 0
Questions 16

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Options:

A.  

Distributed

B.  

Standalone

C.  

Bridge

Discussion 0
Questions 17

Fill in the blank: Each cluster, at a minimum, should have at least ___________ interfaces.

Options:

A.  

Five

B.  

Two

C.  

Three

D.  

Four

Discussion 0
Questions 18

Which Check Point supported authentication scheme typically requires a user to possess a token?

Options:

A.  

RADIUS

B.  

Check Point password

C.  

TACACS

D.  

SecurlD

Discussion 0
Questions 19

How Capsule Connect and Capsule Workspace differ?

Options:

A.  

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications

B.  

Capsule Workspace can provide access to any application

C.  

Capsule Connect provides Business data isolation

D.  

Capsule Connect does not require an installed application at client

Discussion 0
Questions 20

When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

Options:

A.  

Log, send snmp trap, email

B.  

Drop packet, alert, none

C.  

Log, alert, none

D.  

Log, allow packets, email

Discussion 0
Questions 21

Fill in the blank RADIUS Accounting gets_____data from requests generated by the accounting client

Options:

A.  

Location

B.  

Payload

C.  

Destination

D.  

Identity

Discussion 0
Questions 22

John is using Management HA. Which Smartcenter should be connected to for making changes?

Options:

A.  

secondary Smartcenter

B.  

active Smartcenter

C.  

connect virtual IP of Smartcenter HA

D.  

primary Smartcenter

Discussion 0
Questions 23

What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

Options:

A.  

ifconfig -a

B.  

show interfaces

C.  

show interfaces detail

D.  

show configuration interface

Discussion 0
Questions 24

In SmartConsole, on which tab are Permissions and Administrators defined?

Options:

A.  

Manage and Settings

B.  

Logs and Monitor

C.  

Security Policies

D.  

Gateways and Servers

Discussion 0
Questions 25

You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?

Options:

A.  

backup

B.  

logswitch

C.  

Database Revision

D.  

snapshot

Discussion 0
Questions 26

Can you use the same layer in multiple policies or rulebases?

Options:

A.  

Yes - a layer can be shared with multiple policies and rules.

B.  

No - each layer must be unique.

C.  

No - layers cannot be shared or reused, but an identical one can be created.

D.  

Yes - but it must be copied and pasted with a different name.

Discussion 0
Questions 27

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain Why does it not detect the windows domain?

Options:

A.  

SmartConsole machine is not part of the domain

B.  

Security Gateway is not part of the Domain

C.  

Identity Awareness is not enabled on Global properties

D.  

Security Management Server is not part of the domain

Discussion 0
Questions 28

Fill in the blanks: A Check Point software license consists of a__________ and _______.

Options:

A.  

Software blade; software container

B.  

Software package: signature

C.  

Signature; software blade

D.  

Software container software package

Discussion 0
Questions 29

When dealing with rule base layers, what two layer types can be utilized?

Options:

A.  

Ordered Layers and Inline Layers

B.  

Inbound Layers and Outbound Layers

C.  

R81.10 does not support Layers

D.  

Structured Layers and Overlap Layers

Discussion 0
Questions 30

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?

Options:

A.  

Enterprise Network Security Appliances

B.  

Rugged Appliances

C.  

Scalable Platforms

D.  

Small Business and Branch Office Appliances

Discussion 0
Questions 31

When using Automatic Hide NAT, what is enabled by default?

Options:

A.  

Source Port Address Translation (PAT)

B.  

Static NAT

C.  

Static Route

D.  

HTTPS Inspection

Discussion 0
Questions 32

What protocol is specifically used for clustered environments?

Options:

A.  

Clustered Protocol

B.  

Synchronized Cluster Protocol

C.  

Control Cluster Protocol

D.  

Cluster Control Protocol

Discussion 0
Questions 33

What are the software components used by Autonomous Threat Prevention Profiles in R8I.20 and higher?

Options:

A.  

Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, JPS, File and URL Reputation

B.  

IPS, Threat Emulation and Threat Extraction

C.  

Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS

D.  

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

Discussion 0
Questions 34

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

Options:

A.  

All Site-to-Site VPN Communities

B.  

Accept all encrypted traffic

C.  

All Connections (Clear or Encrypted)

D.  

Specific VPN Communities

Discussion 0
Questions 35

When configuring LDAP with User Directory integration, changes applied to a User Directory template are:

Options:

A.  

Not reflected for any users unless the local user template is changed.

B.  

Not reflected for any users who are using that template.

C.  

Reflected for ail users who are using that template and if the local user template is changed as well.

D.  

Reflected immediately for all users who are using that template.

Discussion 0
Questions 36

The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands?

Options:

A.  

Execute the command 'enable' in the cli.sh shell

B.  

Execute the 'conf t' command in the cli.sh shell

C.  

Execute the command 'expert' in the cli.sh shell

D.  

Execute the 'exit' command in the cli.sh shell

Discussion 0
Questions 37

Aggressive Mode in IKEv1 uses how many packages for negotiation?

Options:

A.  

6

B.  

3

C.  

depends on the make of the peer gateway

D.  

5

Discussion 0
Questions 38

Which of the following is used to enforce changes made to a Rule Base?

Options:

A.  

Publish database

B.  

Save changes

C.  

Install policy

D.  

Activate policy

Discussion 0
Questions 39

If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

Options:

A.  

Log Implied Rule was not set correctly on the track column on the rules base.

B.  

Track log column is set to Log instead of Full Log.

C.  

Track log column is set to none.

D.  

Log Implied Rule was not selected on Global Properties.

Discussion 0
Questions 40

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Options:

A.  

Full

B.  

Custom

C.  

Complete

D.  

Light

Discussion 0
Questions 41

Which of the following is used to extract state related information from packets and store that information in state tables?

Options:

A.  

STATE Engine

B.  

TRACK Engine

C.  

RECORD Engine

D.  

INSPECT Engine

Discussion 0
Questions 42

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

Options:

A.  

Next Generation Threat Prevention

B.  

Next Generation Threat Emulation

C.  

Next Generation Threat Extraction

D.  

Next Generation Firewall

Discussion 0
Questions 43

How are the backups stored in Check Point appliances?

Options:

A.  

Saved as*.tar under /var/log/CPbackup/backups

B.  

Saved as*tgz under /var/CPbackup

C.  

Saved as*tar under /var/CPbackup

D.  

Saved as*tgz under /var/log/CPbackup/backups

Discussion 0
Questions 44

What are valid authentication methods for mutual authenticating the VPN gateways?

Options:

A.  

Pre-shared Secret and PKI Certificates

B.  

PKI Certificates and Kerberos Tickets

C.  

Pre-Shared Secrets and Kerberos Ticket

D.  

PKI Certificates and DynamiciD OTP

Discussion 0
Questions 45

Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.

Options:

A.  

SecurID

B.  

LDAP

C.  

NT domain

D.  

SMTP

Discussion 0
Questions 46

True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Options:

A.  

True, CLI is the prefer method for Licensing

B.  

False, Central License are handled via Security Management Server

C.  

False, Central License are installed via Gaia on Security Gateways

D.  

True, Central License can be installed with CPLIC command on a Security Gateway

Discussion 0
Questions 47

URL Filtering cannot be used to:

Options:

A.  

Control Bandwidth issues

B.  

Control Data Security

C.  

Improve organizational security

D.  

Decrease legal liability

Discussion 0
Questions 48

Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.

What is the most likely reason?

Options:

A.  

Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole. Check that the correct key details are used.

B.  

Check Point Management software authentication details are not automatically the same as the Operating System authentication details. Check that she is using the correct details.

C.  

SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions.

D.  

Authentication failed because Vanessa’s username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia.

Discussion 0
Questions 49

What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?

Options:

A.  

S

B.  

W

C.  

C

D.  

Space bar

Discussion 0
Questions 50

Name one limitation of using Security Zones in the network?

Options:

A.  

Security zones will not work in Automatic NAT rules

B.  

Security zone will not work in Manual NAT rules

C.  

Security zones will not work in firewall policy layer

D.  

Security zones cannot be used in network topology

Discussion 0
Questions 51

Which icon in the WebUI indicates that read/write access is enabled?

Options:

A.  

Pencil

B.  

Padlock

C.  

Book

D.  

Eyeglasses

Discussion 0
Questions 52

Security Zones do no work with what type of defined rule?

Options:

A.  

Application Control rule

B.  

Manual NAT rule

C.  

IPS bypass rule

D.  

Firewall rule

Discussion 0
Questions 53

To enforce the Security Policy correctly, a Security Gateway requires:

Options:

A.  

a routing table

B.  

awareness of the network topology

C.  

a Demilitarized Zone

D.  

a Security Policy install

Discussion 0
Questions 54

What are the Threat Prevention software components available on the Check Point Security Gateway?

Options:

A.  

IPS, Threat Emulation and Threat Extraction

B.  

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

C.  

IPS, Anti-Bot, Anti-Virus, Threat Emulation and Threat Extraction

D.  

IDS, Forensics, Anti-Virus, Sandboxing

Discussion 0
Questions 55

Identify the ports to which the Client Authentication daemon listens on by default?

Options:

A.  

259, 900

B.  

256, 257

C.  

8080, 529

D.  

80, 256

Discussion 0
Questions 56

What is the most recommended installation method for Check Point appliances?

Options:

A.  

SmartUpdate installation

B.  

DVD media created with Check Point ISOMorphic

C.  

USB media created with Check Point ISOMorphic

D.  

Cloud based installation

Discussion 0
Questions 57

Fill in the blanks: Default port numbers for an LDAP server is ______ for standard connections and _______ SSL connections.

Options:

A.  

675, 389

B.  

389, 636

C.  

636, 290

D.  

290, 675

Discussion 0
Questions 58

What are the three deployment options available for a security gateway?

Options:

A.  

Standalone, Distributed, and Bridge Mode

B.  

Bridge Mode, Remote, and Standalone

C.  

Remote, Standalone, and Distributed

D.  

Distributed, Bridge Mode, and Remote

Discussion 0
Questions 59

When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take?

Options:

A.  

SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required.

B.  

The policy type SAM must be added to the Policy Package and a new SAM rule must be applied. Simply Publishing the changes applies the SAM rule on the firewall.

C.  

The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters.

D.  

The administrator should open the LOGS & MONITOR view and find the relevant log. Right clicking on the log entry will show the Create New SAM rule option.

Discussion 0
Questions 60

Which of the following is NOT a tracking log option in R80.x?

Options:

A.  

Log

B.  

Full Log

C.  

Detailed Log

D.  

Extended Log

Discussion 0
Questions 61

Which statement is NOT TRUE about Delta synchronization?

Options:

A.  

Using UDP Multicast or Broadcast on port 8161

B.  

Using UDP Multicast or Broadcast on port 8116

C.  

Quicker than Full sync

D.  

Transfers changes in the Kernel tables between cluster members

Discussion 0
Questions 62

For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

Options:

A.  

Source Port Address Translation (PAT) is enabled by default

B.  

Automate NAT rules are supported for Network objects only.

C.  

Automatic NAT rules are supported for Host objects only.

D.  

Source Port Address Translation (PAT) is disabled by default

Discussion 0
Questions 63

Which SmartConsole application shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns?

Options:

A.  

SmartEvent

B.  

SmartView Tracker

C.  

SmartLog

D.  

SmartView Monitor

Discussion 0
Questions 64

What Identity Agent allows packet tagging and computer authentication?

Options:

A.  

Endpoint Security Client

B.  

Full Agent

C.  

Light Agent

D.  

System Agent

Discussion 0
Questions 65

Which option will match a connection regardless of its association with a VPN community?

Options:

A.  

All Site-to-Site VPN Communities

B.  

Accept all encrypted traffic

C.  

All Connections (Clear or Encrypted)

D.  

Specific VPN Communities

Discussion 0
Questions 66

Secure Internal Communication (SIC) is handled by what process?

Options:

A.  

CPM

B.  

HTTPS

C.  

FWD

D.  

CPD

Discussion 0
Questions 67

What is the purpose of the Stealth Rule?

Options:

A.  

To prevent users from directly connecting to a Security Gateway.

B.  

To reduce the number of rules in the database.

C.  

To reduce the amount of logs for performance issues.

D.  

To hide the gateway from the Internet.

Discussion 0
Questions 68

Gaia has two default user accounts that cannot be deleted. What are those user accounts?

Options:

A.  

Admin and Default

B.  

Expert and Clish

C.  

Control and Monitor

D.  

Admin and Monitor

Discussion 0
Questions 69

Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?

Options:

A.  

src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop

B.  

src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop

C.  

192.168.1.1 AND 172.26.1.1 AND drop

D.  

192.168.1.1 OR 172.26.1.1 AND action:Drop

Discussion 0
Questions 70

Which of the following commands is used to monitor cluster members in CLI?

Options:

A.  

show cluster state

B.  

show active cluster

C.  

show clusters

D.  

show running cluster

Discussion 0
Questions 71

Which deployment adds a Security Gateway to an existing environment without changing IP routing?

Options:

A.  

Distributed

B.  

Bridge Mode

C.  

Remote

D.  

Standalone

Discussion 0
Questions 72

Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

Options:

A.  

Main

B.  

Authentication

C.  

Quick

D.  

High Alert

Discussion 0
Questions 73

Which of the following is a valid deployment option?

Options:

A.  

CloudSec deployment

B.  

Disliked deployment

C.  

Router only deployment

D.  

Standalone deployment

Discussion 0
Questions 74

At what point is the Internal Certificate Authority (ICA) created?

Options:

A.  

During the primary Security Management Server installation process.

B.  

Upon creation of a certificate

C.  

When an administrator decides to create one

D.  

When an administrator initially logs into SmartConsole.

Discussion 0
Questions 75

A SAM rule Is implemented to provide what function or benefit?

Options:

A.  

Allow security audits.

B.  

Handle traffic as defined in the policy.

C.  

Monitor sequence activity.

D.  

Block suspicious activity.

Discussion 0
Questions 76

When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

Options:

A.  

Reflected immediately for all users who are using template.

B.  

Not reflected for any users unless the local user template is changed.

C.  

Reflected for all users who are using that template and if the local user template is changed as well.

D.  

Not reflected for any users who are using that template.

Discussion 0
Questions 77

Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

Options:

A.  

DLP shared policy

B.  

Geo policy shared policy

C.  

Mobile Access software blade

D.  

HTTPS inspection

Discussion 0
Questions 78

View the rule below. What does the pen-symbol in the left column mean?

Options:

A.  

Those rules have been published in the current session.

B.  

Rules have been edited by the logged in administrator, but the policy has not been published yet.

C.  

Another user has currently locked the rules for editing.

D.  

The configuration lock is present. Click the pen symbol in order to gain the lock.

Discussion 0
Questions 79

What command from the CLI would be used to view current licensing?

Options:

A.  

license view

B.  

fw ctl tab -t license -s

C.  

show license -s

D.  

cplic print

Discussion 0
Questions 80

In the Check Point Security Management Architecture, which component(s) can store logs?

Options:

A.  

SmartConsole

B.  

Security Management Server and Security Gateway

C.  

Security Management Server

D.  

SmartConsole and Security Management Server

Discussion 0
Questions 81

Which of the following is used to initially create trust between a Gateway and Security Management Server?

Options:

A.  

Internal Certificate Authority

B.  

Token

C.  

One-time Password

D.  

Certificate

Discussion 0
Questions 82

There are four policy types available for each policy package. What are those policy types?

Options:

A.  

Access Control, Threat Prevention, Mobile Access and HTTPS Inspection

B.  

Access Control, Custom Threat Prevention, Autonomous Threat Prevention and HTTPS Inspection

C.  

There are only three policy types: Access Control, Threat Prevention and NAT.

D.  

Access Control, Threat Prevention, NAT and HTTPS Inspection

Discussion 0
Questions 83

What is NOT an advantage of Stateful Inspection?

Options:

A.  

High Performance

B.  

Good Security

C.  

No Screening above Network layer

D.  

Transparency

Discussion 0
Questions 84

Which of the following is NOT an advantage to using multiple LDAP servers?

Options:

A.  

You achieve a faster access time by placing LDAP servers containing the database at remote sites

B.  

You achieve compartmentalization by allowing a large number of users to be distributed across several servers

C.  

Information on a user is hidden, yet distributed across several servers.

D.  

You gain High Availability by replicating the same information on several servers

Discussion 0
Questions 85

Which of the following is NOT a role of the SmartCenter:

Options:

A.  

Status monitoring

B.  

Policy configuration

C.  

Certificate authority

D.  

Address translation

Discussion 0
Questions 86

How can the changes made by an administrator before publishing the session be seen by a superuser administrator?

Options:

A.  

By impersonating the administrator with the ‘Login as…’ option

B.  

They cannot be seen

C.  

From the SmartView Tracker audit log

D.  

From Manage and Settings > Sessions, right click on the session and click ‘View Changes…’

Discussion 0
Questions 87

You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

Options:

A.  

restore_backup

B.  

import backup

C.  

cp_merge

D.  

migrate import

Discussion 0
Questions 88

Which Threat Prevention Software Blade provides comprehensive protection against malicious and unwanted network traffic, focusing on application and server vulnerabilities?

Options:

A.  

IPS

B.  

Anti-Virus

C.  

Anti-Spam

D.  

Anti-bot

Discussion 0
Questions 89

You had setup the VPN Community NPN-Stores' with 3 gateways. There are some issues with one remote gateway(l .1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways.

Options:

A.  

action:”Key Install" AND 1.1.1.1 AND Quick Mode

B.  

Blade:”VPN”AND VPN-Stores AND Main Mode

C.  

action:”Key Install” AND 1.1.1.1 AND Main Mode

D.  

Blade:”VPN”AND VPN-Stores AND Quick Mode

Discussion 0
Questions 90

Which message indicates IKE Phase 2 has completed successfully?

Options:

A.  

Quick Mode Complete

B.  

Aggressive Mode Complete

C.  

Main Mode Complete

D.  

IKE Mode Complete

Discussion 0
Questions 91

What kind of NAT enables Source Port Address Translation by default?

Options:

A.  

Automatic Static NAT

B.  

Manual Hide NAT

C.  

Automatic Hide NAT

D.  

Manual Static NAT

Discussion 0
Questions 92

The SmartEvent R80 Web application for real-time event monitoring is called:

Options:

A.  

SmartView Monitor

B.  

SmartEventWeb

C.  

There is no Web application for SmartEvent

D.  

SmartView

Discussion 0
Questions 93

Fill in the blanks: There are ________ types of software containers ________.

Options:

A.  

Three; security management, Security Gateway, and endpoint security

B.  

Three; Security gateway, endpoint security, and gateway management

C.  

Two; security management and endpoint security

D.  

Two; endpoint security and Security Gateway

Discussion 0
Questions 94

Fill in the blank: Authentication rules are defined for ____________.

Options:

A.  

User groups

B.  

Users using UserCheck

C.  

Individual users

D.  

All users in the database

Discussion 0
Questions 95

Which back up method uses the command line to create an image of the OS?

Options:

A.  

System backup

B.  

Save Configuration

C.  

Migrate

D.  

snapshot

Discussion 0
Questions 96

Which two Identity Awareness daemons are used to support identity sharing?

Options:

A.  

Policy Activation Point (PAP) and Policy Decision Point (PDP)

B.  

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

C.  

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

D.  

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Discussion 0
Questions 97

When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service?

Options:

A.  

The URL and server certificate are sent to the Check Point Online Web Service

B.  

The full URL, including page data, is sent to the Check Point Online Web Service

C.  

The host part of the URL is sent to the Check Point Online Web Service

D.  

The URL and IP address are sent to the Check Point Online Web Service

Discussion 0
Questions 98

In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule?

Options:

A.  

"Inspect", "Bypass"

B.  

"Inspect", "Bypass", "Categorize"

C.  

"Inspect", "Bypass", "Block"

D.  

"Detect", "Bypass"

Discussion 0
Questions 99

Identity Awareness allows the Security Administrator to configure network access based on which of the following?

Options:

A.  

Name of the application, identity of the user, and identity of the machine

B.  

Identity of the machine, username, and certificate

C.  

Network location, identity of a user, and identity of a machine

D.  

Browser-Based Authentication, identity of a user, and network location

Discussion 0
Questions 100

Which GUI tool can be used to view and apply Check Point licenses?

Options:

A.  

cpconfig

B.  

Management Command Line

C.  

SmartConsole

D.  

SmartUpdate

Discussion 0
Questions 101

What is the default shell of Gaia CLI?

Options:

A.  

clish

B.  

Monitor

C.  

Read-only

D.  

Bash

Discussion 0
Questions 102

Fill in the blank: An identity server uses a ___________ for user authentication.

Options:

A.  

Shared secret

B.  

Certificate

C.  

One-time password

D.  

Token

Discussion 0
Questions 103

Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components?

Options:

A.  

The Security Gateway (SG) and Security Management Server (SMS) software and the CPUSE engine.

B.  

Licensed Check Point products for the Gala operating system and the Gaia operating system itself.

C.  

The CPUSE engine and the Gaia operating system.

D.  

The Gaia operating system only.

Discussion 0
Questions 104

What is the purpose of the Clean-up Rule?

Options:

A.  

To log all traffic that is not explicitly allowed or denied in the Rule Base

B.  

To clean up policies found inconsistent with the compliance blade reports

C.  

To remove all rules that could have a conflict with other rules in the database

D.  

To eliminate duplicate log entries in the Security Gateway

Discussion 0
Questions 105

What is the main objective when using Application Control?

Options:

A.  

To filter out specific content.

B.  

To assist the firewall blade with handling traffic.

C.  

To see what users are doing.

D.  

Ensure security and privacy of information.

Discussion 0
Questions 106

When an encrypted packet is decrypted, where does this happen?

Options:

A.  

Security policy

B.  

Inbound chain

C.  

Outbound chain

D.  

Decryption is not supported

Discussion 0
Questions 107

When configuring Anti-Spoofing, which tracking options can an Administrator select?

Options:

A.  

Log, Alert, None

B.  

Log, Allow Packets, Email

C.  

Drop Packet, Alert, None

D.  

Log, Send SNMP Trap, Email

Discussion 0
Questions 108

What is the BEST method to deploy Identity Awareness for roaming users?

Options:

A.  

Use Office Mode

B.  

Use identity agents

C.  

Share user identities between gateways

D.  

Use captive portal

Discussion 0
Questions 109

Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

Options:

A.  

Down

B.  

No Response

C.  

Inactive

D.  

Failed

Discussion 0
Questions 110

Which Security Blade needs to be enabled in order to sanitize and remove potentially malicious content from files, before those files enter the network?

Options:

A.  

Threat Emulation

B.  

Anti-Malware

C.  

Anti-Virus

D.  

Threat Extraction

Discussion 0
Questions 111

What object type would you use to grant network access to an LDAP user group?

Options:

A.  

Access Role

B.  

User Group

C.  

SmartDirectory Group

D.  

Group Template

Discussion 0
Questions 112

Which of the following is NOT a tracking option? (Select three)

Options:

A.  

Partial log

B.  

Log

C.  

Network log

D.  

Full log

Discussion 0
Questions 113

A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?

Options:

A.  

Anti-Bot protection

B.  

Anti-Malware protection

C.  

Policy-based routing

D.  

Suspicious Activity Monitoring (SAM) rules

Discussion 0
Questions 114

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

Options:

A.  

Open SmartLog and connect remotely to the IP of the wireless controller

B.  

Open SmartView Tracker and filter the logs for the IP address of the tablet

C.  

Open SmartView Tracker and check all the IP logs for the tablet

D.  

Open SmartLog and query for the IP address of the Manager’s tablet

Discussion 0
Questions 115

What is the best sync method in the ClusterXL deployment?

Options:

A.  

Use 1 cluster + 1st sync

B.  

Use 1 dedicated sync interface

C.  

Use 3 clusters + 1st sync + 2nd sync + 3rd sync

D.  

Use 2 clusters + 1st sync + 2nd sync

Discussion 0
Questions 116

Fill in the blanks: A ____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.

Options:

A.  

Formal; corporate

B.  

Local; formal

C.  

Local; central

D.  

Central; local

Discussion 0
Questions 117

What is the purpose of a Clean-up Rule?

Options:

A.  

Clean-up Rules do not server any purpose.

B.  

Provide a metric for determining unnecessary rules.

C.  

To drop any traffic that is not explicitly allowed.

D.  

Used to better optimize a policy.

Discussion 0
Questions 118

Fill in the blanks: In _____ NAT, Only the ________ is translated.

Options:

A.  

Static; source

B.  

Simple; source

C.  

Hide; destination

D.  

Hide; source

Discussion 0
Questions 119

You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

Options:

A.  

Identity Awareness is not enabled.

B.  

Log Trimming is enabled.

C.  

Logging has disk space issues

D.  

Content Awareness is not enabled.

Discussion 0
Questions 120

Which repositories are installed on the Security Management Server by SmartUpdate?

Options:

A.  

License and Update

B.  

Package Repository and Licenses

C.  

Update and License & Contract

D.  

License & Contract and Package Repository

Discussion 0