لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
A. Go to clash-Run cpstop | Run cpstart
B. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
C. Administrator does not need to perform any tas
D. Check Point will make use of the newly installed CPU and Cores
E. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Where can you trigger a failover of the cluster members? Log in to Security Gateway CLI and run command clusterXL_admin down. In SmartView Monitor right-click the Security Gateway member and select Cluster member stop. Log into Security Gateway CLI and run command cphaprob down.
A. 1, 2, and 3
B. 2 and 3
C. 1 and 2
D. 1 and 3
عرض الإجابة
اجابة صحيحة: D
السؤال #3
You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the “Select additional profile that will be able edit this layer” you do not see anything. What is the most likely cause of this problem? Select the BEST answer.
A. “Edit layers by Software Blades” is unselected in the Permission Profile
B. There are no permission profiles available and you need to create one first
C. All permission profiles are in use
D. “Edit layers by selected profiles in a layer editor” is unselected in the Permission profile
عرض الإجابة
اجابة صحيحة: C
السؤال #4
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the traffic is automatically dropped
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the gateway moves onto the next rule
D. If the user credentials do not match an Access Role, the system displays the Captive Portal
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Which of the following statements is TRUE about R80 management plug-ins?
A. The plug-in is a package installed on the Security Gateway
B. Installing a management plug-in requires a Snapshot, just like any upgrade process
C. A management plug-in interacts with a Security Management Server to provide new features and support for new products
D. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in
عرض الإجابة
اجابة صحيحة: C
السؤال #6
What is the purpose of the Clean-up Rule?
A. To log all traffic that is not explicitly allowed or denied in the Rule Base
B. To clean up policies found inconsistent with the compliance blade reports
C. To remove all rules that could have a conflict with other rules in the database
D. To eliminate duplicate log entries in the Security Gateway
عرض الإجابة
اجابة صحيحة: A
السؤال #7
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
B. Create a separate Security Policy package for each remote Security Gateway
C. Create network object that restrict all applicable rules to only certain networks
D. Run separate SmartConsole instances to login and configure each Security Gateway directly
عرض الإجابة
اجابة صحيحة: B
السؤال #8
Which of the following is NOT an option to calculate the traffic direction?
A. Incoming
B. Internal
C. External
D. Outgoing
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ______ Server.
A. NT domain
B. SMTP
C. LDAP
D. SecurID
عرض الإجابة
اجابة صحيحة: D
السؤال #10
Which type of the Check Point license ties the package license to the IP address of the Security Management Server?
A. Local
B. Central
C. Corporate
D. Formal
عرض الإجابة
اجابة صحيحة: B
السؤال #11
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
A. Smart Cloud Services
B. Load Sharing Mode Services
C. Threat Agent Solution
D. Public Cloud Services
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.
A. remove database lock
B. The database feature has one command lock database override
C. override database lock
D. The database feature has two commands: lock database override and unlock databas
E. Both will work
عرض الإجابة
اجابة صحيحة: B
السؤال #13
Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?
A. ThreatWiki
B. Whitelist Files
C. AppWiki
D. IPS Protections
عرض الإجابة
اجابة صحيحة: A
السؤال #14
True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.
A. False, this feature has to be enabled in the Global Properties
B. True, every administrator works in a session that is independent of the other administrators
C. True, every administrator works on a different database that is independent of the other administrators
D. False, only one administrator can login with write permission
عرض الإجابة
اجابة صحيحة: B
السؤال #15
Which one of the following is the preferred licensing model? Select the Best answer.
A. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server
B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway
C. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency
D. Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway
عرض الإجابة
اجابة صحيحة: B
السؤال #16
What is the default method for destination NAT?
A. Destination side
B. Source side
C. Server side
D. Client side
عرض الإجابة
اجابة صحيحة: C
السؤال #17
In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?
A. Accounting
B. Suppression
C. Accounting/Suppression
D. Accounting/Extended
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Which of the following is NOT a SecureXL traffic flow?
A. Medium Path
B. Accelerated Path
C. Fast Path
D. Slow Path
عرض الإجابة
اجابة صحيحة: C
السؤال #19
Identify the API that is not supported by Check Point currently.
A. R80 Management API-
B. Identity Awareness Web Services API
C. Open REST API
D. OPSEC SDK
عرض الإجابة
اجابة صحيحة: A
السؤال #20
The Captive Portal tool:
A. Acquires identities from unidentified users
B. Is only used for guest user authentication
C. Allows access to users already identified
D. Is deployed from the Identity Awareness page in the Global Properties settings
عرض الإجابة
اجابة صحيحة: D
السؤال #21
Fill in the blanks: A _____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.
A. Format; corporate
B. Local; formal
C. Local; central
D. Central; local
عرض الإجابة
اجابة صحيحة: D
السؤال #22
Fill the blank. IT is Best Practice to have a _____ rule at the end of each policy layer.
A. Explicit Drop
B. Implied Drop
C. Explicit Cleanup
D. Implicit Drop
عرض الإجابة
اجابة صحيحة: D
السؤال #23
VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?
A. 3DES and MD5
B. Certificates and IPsec
C. Certificates and pre-shared secret
D. IPsec and VPN Domains
عرض الإجابة
اجابة صحيحة: B
السؤال #24
Fill in the blank: In order to install a license, it must first be added to the ______ .
A. User Center
B. Package repository
C. Download Center Web site
D. License and Contract repository
عرض الإجابة
اجابة صحيحة: C
السؤال #25
A Cleanup rule:
A. logs connections that would otherwise be dropped without logging by default
B. drops packets without logging connections that would otherwise be dropped and logged by default
C. logs connections that would otherwise be accepted without logging by default
D. drops packets without logging connections that would otherwise be accepted and logged by default
عرض الإجابة
اجابة صحيحة: C
السؤال #26
View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.
A. The current administrator has read-only permissions to Threat Prevention Policy
B. Another user has locked the rule for editing
C. Configuration lock is presen
D. Click the lock symbol to gain read-write access
E. The current administrator is logged in as read-only because someone else is editing the policy
عرض الإجابة
اجابة صحيحة: A
السؤال #27
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?
A. IPsec VPN blade should be enabled on both Security Gateway
B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS
D. The Security Gateways are pre-R75
عرض الإجابة
اجابة صحيحة: B
السؤال #28
Which of the following is NOT a valid deployment option for R80?
A. All-in-one (stand-alone)
B. Log Server
C. SmartEvent
D. Multi-domain management server
عرض الإجابة
اجابة صحيحة: C
السؤال #29
How do you configure an alert in SmartView Monitor?
A. An alert cannot be configured in SmartView Monitor
B. By choosing the Gateway, and Configure Thresholds
C. By right-clicking on the Gateway, and selecting Properties
D. By right-clicking on the Gateway, and selecting System Information
عرض الإجابة
اجابة صحيحة: D
السؤال #30
When attempting to start a VPN tunnel, in the logs the error 'no proposal chosen' is seen numerous times. No other VPN-related log entries are present. Which phase of the VPN negotiations has failed?
A. IKE Phase 1
B. IPSEC Phase 2
C. IPSEC Phase 1
D. IKE Phase 2
عرض الإجابة
اجابة صحيحة: A
السؤال #31
Fill in the blank: Each cluster has _____ interfaces.
A. Five
B. Two
C. Three
D. Four
عرض الإجابة
اجابة صحيحة: C
السؤال #32
Using ClusterXL, what statement is true about the Sticky Decision Function?
A. Can only be changed for Load Sharing implementations
B. All connections are processed and synchronized by the pivot
C. Is configured using cpconfig
D. Is only relevant when using SecureXL
عرض الإجابة
اجابة صحيحة: A
السؤال #33
Which path below is available only when CoreXL is enabled?
A. Slow path
B. Firewall path
C. Medium path
D. Accelerated path
عرض الإجابة
اجابة صحيحة: B
السؤال #34
On the following graphic, you will find layers of policies. What is a precedence of traffic inspection for the defined polices?
A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer
D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer
عرض الإجابة
اجابة صحيحة: A
السؤال #35
What will be the effect of running the following command on the Security Management Server?
A. Remove the installed Security Policy
B. Remove the local ACL lists
C. No effect
D. Reset SIC on all gateways
عرض الإجابة
اجابة صحيحة: B
السؤال #36
Which of the following is NOT an attribute of packer acceleration?
A. Source address
B. Protocol
C. Destination port
D. Application Awareness
عرض الإجابة
اجابة صحيحة: D
السؤال #37
Fill in the blank: A ____ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.
A. Clientless remote access
B. Clientless direct access
C. Client-based remote access
D. Direct access
عرض الإجابة
اجابة صحيحة: B
السؤال #38
AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.
A. Rule is locked by AdminA, because the save bottom has not been press
B. Rule is locked by AdminA, because an object on that rule is been edited
C. Rule is locked by AdminA, and will make it available if session is published
D. Rule is locked by AdminA, and if the session is saved, rule will be available
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.