لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.
A. In the SmartView Tracker, if you activate the column Matching Rate
B. In SmartReporter, in the section Firewall Blade – Activity > Network Activity with information concerning Top Matched Logged Rules
C. SmartReporter provides this information in the section Firewall Blade – Security > Rule Base Analysis with information concerning Top Matched Logged Rules
D. It is not possible to see it directly
عرض الإجابة
اجابة صحيحة: C
السؤال #2
To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster. Which type of cluster is it?
A. Full HA Cluster
B. High Availability
C. Standalone
D. Distributed
عرض الإجابة
اجابة صحيحة: B
السؤال #3
Which SmartConsole component can Administrators use to track changes to the Rule Base?
A. WebUI
B. SmartView Tracker
C. SmartView Monitor
D. SmartReporter
عرض الإجابة
اجابة صحيحة: B
السؤال #4
You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?
A. SNX modifies the routing table to forward VPN traffic to the Security Gateway
B. An office mode address must be obtained by the client
C. The SNX client application must be installed on the client
D. Active-X must be allowed on the client
عرض الإجابة
اجابة صحيحة: A
السؤال #5
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?
A. There is a virus found
B. The connection required a Security server
C. Acceleration is not enabled
D. The traffic is originating from the gateway itself
عرض الإجابة
اجابة صحيحة: D
السؤال #6
You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?
A. XlateDst
B. XlateSPort
C. XlateDPort
D. XlateSrc
عرض الإجابة
اجابة صحيحة: B
السؤال #7
What port is used for delivering logs from the gateway to the management server?
A. Port 258
B. Port 18209
C. Port 257
D. Port 981
عرض الإجابة
اجابة صحيحة: C
السؤال #8
You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities sh you do first?
A. Create a new logical-server object to represent your partner's CA
B. Exchange exported CA keys and use them to create a new server object to represent your partner's Certificate Authority (CA)
C. Manually import your partner's Certificate Revocation List
D. Manually import your partner's Access Control List
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Look at the following screenshot and select the BEST answer.
A. Clients external to the Security Gateway can download archive files from FTP_Ext server using FTP
B. Internal clients can upload and download any-files to FTP_Ext-server using FTP
C. Internal clients can upload and download archive-files to FTP_Ext server using FTP
D. Clients external to the Security Gateway can upload any files to the FTP_Ext-server using FTP
عرض الإجابة
اجابة صحيحة: A
السؤال #10
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?
A. Secure Internal Communications (SIC) not configured for the object
B. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box
C. Anti-spoofing not configured on the interfaces on the Gateway object
D. A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object
عرض الإجابة
اجابة صحيحة: B
السؤال #11
You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?
A. Manual copies of the directory $FWDIR/conf
B. upgrade_export command
C. Database Revision Control
D. GAiA backup utilities
عرض الإجابة
اجابة صحيحة: C
السؤال #12
Which authentication scheme requires a user to possess a token?
A. TACACS
B. SecurID
C. Check Point password
D. RADIUS
عرض الإجابة
اجابة صحيحة: B
السؤال #13
Look at the screenshot below. What CLISH command provides this output?
A. show configuration all
B. show confd configuration
C. show confd configuration all
D. show configuration
عرض الإجابة
اجابة صحيحة: D
السؤال #14
Which of the following is TRUE about the Check Point Host object?
A. Check Point Host has no routing ability even if it has more than one interface installed
B. When you upgrade to R80 from R77
C. Check Point Host is capable of having an IP forwarding mechanism
D. Check Point Host can act as a firewall
عرض الإجابة
اجابة صحيحة: A
السؤال #15
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled
B. POP3 is accepted in Global Properties
C. The POP3 rule is hidden
D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77
عرض الإجابة
اجابة صحيحة: C
السؤال #16
What is the Manual Client Authentication TELNET port?
A. 23
B. 264
C. 900
D. 259
عرض الإجابة
اجابة صحيحة: D
السؤال #17
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?
A. You can only use the rule for Telnet, FTP, SMPT, and rlogin services
B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server
C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out
D. You can limit the authentication attempts in the User Properties' Authentication tab
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Choose the SmartLog property that is TRUE.
A. SmartLog has been an option since release R71
B. SmartLog is not a Check Point product
C. SmartLog and SmartView Tracker are mutually exclusive
D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search
عرض الإجابة
اجابة صحيحة: D
السؤال #19
You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor. Unfortunately, you get the message: “There are no machines that contain Firewall Blade and SmartView Monitor”. What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.
A. Purchase the SmartView Monitor license for your Security Management Server
B. Enable Monitoring on your Security Management Server
C. Purchase the SmartView Monitor license for your Security Gateway
D. Enable Monitoring on your Security Gateway
عرض الإجابة
اجابة صحيحة: D
السؤال #20
Which of the following is NOT a set of Regulatory Requirements related to Information Security?
A. ISO 37001
B. Sarbanes Oxley (SOX)
C. HIPPA
D. PCI
عرض الإجابة
اجابة صحيحة: A
السؤال #21
When using LDAP as an authentication method for Identity Awareness, the query:
A. Requires client and server side software
B. Prompts the user to enter credentials
C. Requires administrators to specifically allow LDAP traffic to and from the LDAP Server and the Security Gateway
D. Is transparent, requiring no client or server side software, or client intervention
عرض الإجابة
اجابة صحيحة: D
السؤال #22
Provide very wide coverage for all products and protocols, with noticeable performance impact. How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.
A. Set High Confidence to Low and Low Confidence to Inactive
B. Set the Performance Impact to Medium or lower
C. The problem is not with the Threat Prevention Profile
D. Set the Performance Impact to Very Low Confidence to Prevent
عرض الإجابة
اجابة صحيحة: B
السؤال #23
The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?
A. R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80
B. R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80
C. R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80
D. R80 Management cannot manage earlier versions of Check Point Gateways prior to R80
عرض الإجابة
اجابة صحيحة: A
السؤال #24
You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second GAiA computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it? 1. Run cpconfig on the Gateway, select Secure Internal Communication, enter the activation key, and reconfirm. 2. Initialize Internal Certificate Authority (
A. 2, 3, 4, 1, 5
B. 2, 1, 3, 4, 5
C. 1, 3, 2, 4, 5
D. 2, 3, 4, 5, 1
عرض الإجابة
اجابة صحيحة: B
السؤال #25
Choose what BEST describes users on Gaia Platform.
A. There is one default user that cannot be deleted
B. There are two default users and one cannot be deleted
C. There is one default user that can be deleted
D. There are two default users that cannot be deleted and one SmartConsole Administrator
عرض الإجابة
اجابة صحيحة: B
السؤال #26
Your bank's distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?
A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard
عرض الإجابة
اجابة صحيحة: C
السؤال #27
Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.
A. Standby/standby; active/active
B. Active/active; standby/standby
C. Active/active; active/standby;
D. Active/standby; active/active
عرض الإجابة
اجابة صحيحة: D
السؤال #28
The most important part of a site-to-site VPN deployment is the ________ .
A. Internet
B. Remote users
C. Encrypted VPN tunnel
D. VPN gateways
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: