A.  

Publish Session Changes

B.  

Configure Identity Sources

C.  

Enable Identity Awareness

D.  

Install Security Policy

A.  

Provides software-based solution for Security Gateway performance

B.  

Encrypts and decrypts traffic to and from Security Gateways

C.  

Protect sensitive data from being lost, stolen, or accessed by unauthorized users

D.  

Identifies and controls sensitive data within network

A.  

Per Session is only available for URL Filtering, whereas the Connection could be applied to URL Filtering as well as Application Control.

B.  

Per connection means that a log is generated for each connection in the session while per session means that only one log per session is generated.

C.  

Per Session means that you will get the name of application in Application Control, although the applications were not specified in the rule base. Per Connections means that you will get the whole list of content in the Content Awareness blade.

D.  

Per session means that a log is collected for each session in a connection while per connection means that only one log is collected per session.

A.  

Automatically by AI

B.  

Automatically downloaded from the Threat Cloud Repository.

C.  

Manually downloaded from the Threat Cloud

D.  

Automatically, but the date and time of the updates must be added to a cron job.

A.  

Domain Object

B.  

Network Group Object

C.  

Service Object

D.  

Host Object

A.  

The syntax consists of Boolean operators, wildcards, fields and ranges.

B.  

The syntax is referred to as PCRE which stands for Perl compatible Regular Expression.

C.  

The syntax has to be converted into BASE64 format to randomize some security-relevant parameters.

D.  

The syntax is the same as used in fw monitor or tcpdump.

A.  

It disables editing of custom objects

B.  

It limits access to only default objects

C.  

It only supports network objects

D.  

It allows exporting objects to a CSV file

A.  

Use identity awareness objects in source or destination columns.

B.  

Use the AD Query Object in source or destination column.

C.  

Use a user or a user group object in source or destination column.

D.  

Use Access Role Objects in source or destination columns.

A.  

The Positive Control Model allows is what routers use and simply route traffic with no security rules. The Negative Control Model is what firewalls use and they require explicit rules to allow and route traffic.

B.  

The Positive Control Model allows specific, approved actions or traffic and blocks everything else. The Negative Control Model begins by blocking specific, known threats, or unwanted actions and allows everything else.

C.  

The Positive Control Model begins by blocking specific, known threats, or unwanted actions and allows everything else. The Negative Control Model allows specific, approved actions or traffic and blocks everything else.

D.  

The Positive Control Model aims to keep administrators in a positive mind set. The Negative Control Model results in administrators having a negative mind set.

A.  

Provides software-based solution Security Management Performance.

B.  

The gateway accesses the central ThreatCloud information to get the verdict of specific files prior to sending it to the intended destination.

C.  

This is a solution to offer SSL Offloading to minimize the performance impact of the servers located in the Web Server farm.

D.  

Provides software-based solution for Security Gateway Performance.

A.  

Read Only All, Read Write All, and Super User

B.  

Read Only, Read & Write, and Super User

C.  

Access Control All, Threat Prevention All, and Super User

D.  

RO, RW, and Universal admin

A.  

Hardened

B.  

Monitor

C.  

Recommended

D.  

Optimized

A.  

These are trusted administrators allowed to connect to the Security Management Server using SmartConsole

B.  

These are specific devices or IP addresses allowed to connect to the Security Management Server using SmartConsole

C.  

These are Security Gateways allowed to connect to the Security Management Server using SmartConsole

D.  

These are trusted users allowed to connect to the Security Management Server using SmartConsole

A.  

URL Filtering blade

B.  

DNS Resolver

C.  

Certificate Authority (CA) certificate

D.  

Static NAT rule

A.  

Ordered Layers - Inline Layers

B.  

Static Policy Layers - Updateable Policy Layers

C.  

Global Access Layers - Exception Layers

D.  

Firewall Layers - Application Layers - Content Layers

A.  

SCP

B.  

SSH

C.  

SNMP

D.  

FTP

A.  

A collection of rules and settings that control network traffic and enforce the organization guidelines for data protection.

B.  

This is stored on the Security Gateway and enforced by the Security Management Server.

C.  

This is a written policy which has to conform with the Regulatory Compliance standards.

D.  

This is stored on the Security Management Server and enforced by the log server.

A.  

Expert

B.  

AdvancedCLI

C.  

Supermode

D.  

Clish

A.  

Log

B.  

Reject

C.  

Drop

D.  

Accept

A.  

Automatic translation of foreign web sites into your preferred language.

B.  

Specify the application which should be blocked during business hours, such as Facebook-Game, Indeed-Chat, among others.

C.  

Synchronizing verdicts on URL Categories for better hit rates.

D.  

Use URL Categories to block access to malicious or non-work-related websites.

A.  

Security Gateway

B.  

Gaia Portal

C.  

Firewall Router

D.  

CloudGuard Controller

A.  

To provide out-of-the-box threat prevention

B.  

To manage network traffic

C.  

To simplify and enhance cybersecurity management

D.  

To monitor user activity

A.  

Access Logs and Audit Logs

B.  

Security Logs and compliance Logs

C.  

Security Logs and Audit Logs

D.  

Security Logs and Threat Prevention Logs

A.  

Allow unlimited concurrent sessions

B.  

Limit the use of Super User accounts

C.  

Use simple passwords

D.  

Assign roles based on maximum privilege

A.  

5

B.  

4

C.  

3

D.  

6

A.  

To act as the first line of defense against cyberattacks

B.  

To manage objects and policies

C.  

To inspect inbound and outbound traffic

D.  

To provide a web-based interface

A.  

Block Applications and Inform Users

B.  

To create and manage security policies

C.  

To install policies

D.  

Monitor Applications

A.  

They are essential for defining security policies, network topologies, and other network configurations.

B.  

The objects represent potential targets of a DoS attack.

C.  

The objects serve as a target of an Access Control Policy.

D.  

The objects are items which has to be placed in the Track column of a security policy.

A.  

Administration Logs

B.  

Audit Logs

C.  

Security Event Logs

D.  

Compliance Detailed Logs

A.  

To manage network traffic

B.  

To provide out-of-the-box threat prevention

C.  

To enforce access and audit data based on identity

D.  

To monitor user activity

A.  

Primary Security Management Server admin account

B.  

Gaia admin account

C.  

API admin account

D.  

SmartConsole admin account

A.  

It is configured using SmartDashboard and is enabled on the Security Gateway.

B.  

It is configured using SmartConsole and is enabled on the Security Gateway.

C.  

Is configured using SmartDashboard and is enabled on the Security Management Server

D.  

Is configure using SmartConsole and is enabled on the SmartEvent Correlation Unit.

A.  

Permissive Control Model (also known as Whitelist Model)

B.  

Restrictive Control Model (also known as Blacklist Model)

C.  

Positive Control Model (also known as Whitelist Model)

D.  

Negative Control Model (also known as Blacklist Model)

A.  

Open a console session on SmartUpdate

B.  

Open an SSH connection to the Management

C.  

Open an SSH connection to the Gateway

D.  

Open API session on Management Server

A.  

To manage objects and policies

B.  

To inspect inbound and outbound traffic

C.  

To provide a graphical interface

D.  

For initial system configuration and ongoing management

A.  

To accept all unmatched traffic

B.  

To log all security events

C.  

To block all known malicious traffic

D.  

To drop or reject all traffic that does not match any rule in the rulebase

A.  

Acquires identities using Identity Agents installed on user endpoint computer

B.  

Acquires identities using Identity Agents installed on Active Directory Domain Controllers, Cisco Identity Services Engine Servers or NetlQ eDirectory Servers

C.  

Acquire identities from Identity Agents installed on a Windows-based application server that hosts Terminal Servers, Citrix XenApp. and Citrix XenDesktop services

D.  

Acquires identities seamlessly from Microsoft Active Directory

A.  

All ordered layers are analyzed in parallel. If there is a matched drop rule in any layer then the traffic is allowed.

B.  

After checking each layer the firewall engages the relevant blades and starts to evaluate again one at a time while working with the other access control blades.

C.  

Each layer is evaluated independently.

D.  

All ordered layers are analyzed in parallel. If there is a matched accept rule in any layer then the traffic is allowed.

A.  

This is a list of Check Point customers considered trustworthy (such as Microsoft, Adobe, Apple, Amazon and others).

B.  

This is a definition of Client IP addresses allowed to connect to the Security Management server using SmartConsole.

C.  

This is a list of partners of Check Point also known as OPSEC companies.

D.  

This is a group of RemoteAccess Users with User Certificates not yet expired nor revoked.

A.  

Identity Proxy API

B.  

LDAP Authentication

C.  

RADIUS Accounting

D.  

Certificate Enrolment Service (CES)

A.  

Cloud/Data Center

B.  

Guest Network

C.  

Perimeter

D.  

Strict Security

A.  

The Implicit Cleanup Rule is applied.

B.  

It depends on the Post NAT Rule.

C.  

It depends on the matching feature located after the Access Control policy.

D.  

Nothing happens as there is no matching rule.

A.  

Gaia Clish and C-Shell

B.  

Command Line and CLISH

C.  

C-Shell, Т-Shell and Bourne Shell (bsh)

D.  

Gaia Clish and Expert Mode

A.  

server, virtual, or cloud components

B.  

networks, virtual, or cloud components

C.  

physical, virtual, or logical network components

D.  

networks, virtual, or logical network components

A.  

Implied rules First Rules apply to the first Ordered Layer in the Access Control policy. Implied rules Before last and Last are applied only to the last Ordered Layer in the list.

B.  

Implied rules apply to each layer in the Access Control policy.

C.  

Implied rules apply only to the first Ordered Layer only in the Access Control policy.

D.  

Implied rules apply only to the first Ordered Layer in the Access Control policy but if there is an Inline Layer then the Implied rules are checked again if the parent rule is matched and before the Inline Layer is checked.

A.  

Used to view collected logs, monitor health, performance, and regulatory compliance of Check Point components

B.  

Used to view collected logs and query for information

C.  

Used to monitor health, performance, and regulatory compliance of Check Point components using web browser

D.  

Used to monitor health, performance, and regulatory compliance of Check Point components

A.  

Categorization is in fail close mode and the requests are not allowed until the categorization is complete.

B.  

Categorization is in hold mode and the requests are not allowed until the categorization is complete.

C.  

Categorization is in Background mode and the requests are allowed until the categorization is complete.

D.  

Categorization is in fail open mode and the requests are allowed until the categorization is complete.

A.  

To provide out-of-the-box threat prevention

B.  

To monitor user activity

C.  

To manage network traffic

D.  

To simplify and enhance cybersecurity management

A.  

Avoid sharing layers across policies

B.  

Use only one layer per policy

C.  

Disable implicit cleanup rules

D.  

Share layers with other policy packages

A.  

They store logs of user activity for auditing

B.  

They replace the need for traditional firewall rules

C.  

They allow grouping of users, computers, and networks into a single rule condition

D.  

They authenticate users before granting access

A.  

It enables inspection of encrypted traffic for threats

B.  

It replaces SSL/TLS with a proprietary protocol

C.  

It blocks all HTTPS traffic by default

D.  

It accelerates encrypted traffic

A.  

It allows you to configure security policy based on the source or destination network and user agent.

B.  

It allows you to configure security policy based user or machine identity.

C.  

It allows you to configure security policy based on password length. RADIUS group membership and the source operating system.

D.  

It allows you to configure security policy based on source network, destination network. LDAP Group membership and source operating system.

A.  

The Access Control policy is a collection of rules that control network access. The NAT rules can be used to make the gateway change IP addresses and port numbers in packets.

B.  

The Access Control policy is an enforced on the Security Gateway. The NAT rules are enforced on a separate NAT Gateway.

C.  

The Access Control policy is a collection of rules that control application and web site access. The NAT rules allow or deny connections on the gateway and can also change IP addresses and port numbers in packets.

D.  

The Access Control policy is a collection of rules that mostly blocks network access. The NAT rules are used to allow access through the gateway. A NAT rule causes the gateway to allow access to or from the IP addresses and translates the packet according to the rule.

A.  

To install security policies

B.  

To manage user sessions

C.  

To keep a record of changes made to objects

D.  

To monitor network traffic