لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
You are the administrator for Alpha Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it. What does this mean?
A. The rule No
B. The rule No
C. The rule No
D. The rule No
عرض الإجابة
اجابة صحيحة: C
السؤال #2
One of major features in R80 SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?
A. A lock icon shows that a rule or an object is locked and will be available
B. AdminA and AdminB are editing the same rule at the same time
C. A lock icon next to a rule informs that any Administrator is working on this particular rule
D. AdminA, AdminB and AdminC are editing three different rules at the same time
عرض الإجابة
اجابة صحيحة: B
السؤال #3
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.
A. NT domain
B. SMTP
C. LDAP
D. SecurID
عرض الإجابة
اجابة صحيحة: C
السؤال #4
Web Control Layer has been set up using the settings in the following dialogue: Consider the following policy and select the BEST answer.
A. Traffic that does not match any rule in the subpolicy is dropped
B. All employees can access only Youtube and Vimeo
C. Access to Youtube and Vimeo is allowed only once a day
D. Anyone from internal network can access the internet, expect the traffic defined in drop rules 5
عرض الإجابة
اجابة صحيحة: D
السؤال #5
When should you generate new licenses?
A. Before installing contract files
B. After an RMA procedure when the MAC address or serial number of the appliance changes
C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes
D. Only when the license is upgraded
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address.
A. High Availability
B. Load Sharing Multicast
C. Load Sharing Pivot
D. Master/Backup
عرض الإجابة
اجابة صحيحة: B
السؤال #7
What Check Point tool is used to automatically update Check Point products for the Gaia OS?
A. Check Point INSPECT Engine
B. Check Point Upgrade Service Engine
C. Check Point Update Engine
D. Check Point Upgrade Installation Service
عرض الإجابة
اجابة صحيحة: A
السؤال #8
What is the purpose of a Clean-up Rule?
A. Clean-up Rules do not server any purpose
B. Provide a metric for determining unnecessary rules
C. To drop any traffic that is not explicitly allowed
D. Used to better optimize a policy
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________.
A. On all satellite gateway to satellite gateway tunnels
B. On specific tunnels for specific gateways
C. On specific tunnels in the community
D. On specific satellite gateway to central gateway tunnels
عرض الإجابة
اجابة صحيحة: D
السؤال #10
Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .
A. The license is attached to the wrong Security Gateway
B. The existing license expires
C. The license is upgraded
D. The IP address of the Security Management or Security Gateway has changed
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Fill in the blank: To build an effective Security Policy, use a ________ and _______ rule.
A. Cleanup; stealth
B. Stealth; implicit
C. Cleanup; default
D. Implicit; explicit
عرض الإجابة
اجابة صحيحة: A
السؤال #12
What is the purpose of the CPCA process?
A. Monitoring the status of processes
B. Sending and receiving logs
C. Communication between GUI clients and the SmartCenter server
D. Generating and modifying certificates
عرض الإجابة
اجابة صحيحة: A
السؤال #13
Which of the following are types of VPN communicates?
A. Pentagon, star, and combination
B. Star, octagon, and combination
C. Combined and star
D. Meshed, star, and combination
عرض الإجابة
اجابة صحيحة: D
السؤال #14
After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.
A. set interface Mgmt ipv4-address 192
B. add interface Mgmt ipv4-address 192
C. set interface Mgmt ipv4-address 192
D. add interface Mgmt ipv4-address 192
عرض الإجابة
اجابة صحيحة: A
السؤال #15
What is the most complete definition of the difference between the Install Policy button on the SmartConsole’s tab, and the Install Policy within a specific policy?
A. The Global one also saves and published the session before installation
B. The Global one can install multiple selected policies at the same time
C. The local one does not install the Anti-Malware policy along with the Network policy
D. The second one pre-select the installation for only the current policy and for the applicable gateways
عرض الإجابة
اجابة صحيحة: B
السؤال #16
What is the default method for destination NAT?
A. Destination side
B. Source side
C. Server side
D. Client side
عرض الإجابة
اجابة صحيحة: D
السؤال #17
Administrator wishes to update IPS from SmartConsole by clicking on the option “update now” under the IPS tab. Which device requires internet access for the update to work?
A. Security Gateway
B. Device where SmartConsole is installed
C. SMS
D. SmartEvent
عرض الإجابة
اجابة صحيحة: B
السؤال #18
In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT
A. Upgrade the software version
B. Open WebUI
C. Open SSH
D. Open service request with Check Point Technical Support
عرض الإجابة
اجابة صحيحة: C
السؤال #19
How is communication between different Check Point components secured in R80? As with all questions, select the best answer.
A. By using IPSEC
B. By using SIC
C. By using ICA
D. By using 3DES
عرض الإجابة
اجابة صحيحة: A
السؤال #20
The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?
A. Add tcpdump to CLISH using add command
B. Add tcpdump to CLISH using add command
C. Create a new access role
D. Create a new access role
عرض الإجابة
اجابة صحيحة: D
السؤال #21
What are the three deployment considerations for a secure network?
A. Distributed, Bridge Mode, and Remote
B. Bridge Mode, Remote, and Standalone
C. Remote, Standalone, and Distributed
D. Standalone, Distributed, and Bridge Mode
عرض الإجابة
اجابة صحيحة: C
السؤال #22
View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.
A. The current administrator has read-only permissions to Threat Prevention Policy
B. Another user has locked the rule for editing
C. Configuration lock is present
D. The current administrator is logged in as read-only because someone else is editing the policy
عرض الإجابة
اجابة صحيحة: B
السؤال #23
What is the default shell of Gaia CLI?
A. Monitor
B. CLI
C. Read-only
D. Bash
عرض الإجابة
اجابة صحيحة: B
السؤال #24
In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server (Security Management Server)?
A. Display policies and logs on the administrator's workstation
B. Verify and compile Security Policies
C. Processing and sending alerts such as SNMP traps and email notifications
D. Store firewall logs to hard drive storage
عرض الإجابة
اجابة صحيحة: A
السؤال #25
Office mode means that:
A. SecureID client assigns a routable MAC address
B. Users authenticate with an Internet browser and use secure HTTPS connection
C. Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user
D. Allows a security gateway to assign a remote client an IP address
عرض الإجابة
اجابة صحيحة: D
السؤال #26
Which of the following is NOT an advantage to using multiple LDAP servers?
A. You achieve a faster access time by placing LDAP servers containing the database at remote sites
B. Information on a user is hidden, yet distributed across several servers
C. You achieve compartmentalization by allowing a large number of users to be distributed across several servers
D. You gain High Availability by replicating the same information on several servers
عرض الإجابة
اجابة صحيحة: B
السؤال #27
Examine the following Rule Base. What can we infer about the recent changes made to the Rule Base?
A. Rule 7 was created by the 'admin' administrator in the current session
B. 8 changes have been made by administrators since the last policy installation
C. Te rules 1, 5 and 6 cannot be edited by the 'admin' administrator
D. Rule 1 and object webserver are locked by another administrator
عرض الإجابة
اجابة صحيحة: D
السؤال #28
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
A. All Connections (Clear or Encrypted)
B. Accept all encrypted traffic
C. Specific VPN Communities
D. All Site-to-Site VPN Communities
عرض الإجابة
اجابة صحيحة: A
السؤال #29
Which icon indicates that read/write access is enabled?
A. Pencil
B. Padlock
C. Book
D. Eyeglasses
عرض الإجابة
اجابة صحيحة: C
السؤال #30
What does ExternalZone represent in the presented rule?
A. The Internet
B. Interfaces that administrator has defined to be part of External Security Zone
C. External interfaces on all security gateways
D. External interfaces of specific gateways
عرض الإجابة
اجابة صحيحة: B
السؤال #31
You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the right protections in place. Check Point has been selected for the security vendor. Which Check Point products protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users
A. IPS and Application Control
B. IPS, anti-virus and anti-bot
C. IPS, anti-virus and e-mail security
D. SandBlast
عرض الإجابة
اجابة صحيحة: D
السؤال #32
Identify the ports to which the Client Authentication daemon listens on by default?
A. 259, 900
B. 256, 257
C. 8080, 529
D. 80, 256
عرض الإجابة
اجابة صحيحة: B
السؤال #33
The security Gateway is installed on GAiA R80 The default port for the WEB User Interface is _______ .
A. TCP 18211
B. TCP 257
C. TCP 4433
D. TCP 443
عرض الإجابة
اجابة صحيحة: D
السؤال #34
To view statistics on detected threats, which Threat Tool would an administrator use?
A. Protections
B. IPS Protections
C. Profiles
D. ThreatWiki
عرض الإجابة
اجابة صحيحة: C
السؤال #35
What are the three authentication methods for SIC?
A. Passwords, Users, and standards-based SSL for the creation of security channels
B. Certificates, standards-based SSL for the creation of secure channels, and 3DES or AES128 for encryption
C. Packet Filtering, certificates, and 3DES or AES128 for encryption
D. Certificates, Passwords, and Tokens
عرض الإجابة
اجابة صحيحة: B
السؤال #36
Consider the Global Properties following settings: The selected option “Accept Domain Name over UDP (Queries)” means:
A. UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy
B. All UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy
C. No UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy
D. All UDP Queries will be accepted by the traffic allowed by first explicit rule written by Administrator in a Security Policy
عرض الإجابة
اجابة صحيحة: B
السؤال #37
Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?
A. Kerberos Ticket Renewed
B. Kerberos Ticket Requested
C. Account Logon
D. Kerberos Ticket Timed Out
عرض الإجابة
اجابة صحيحة: A
السؤال #38
If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer.
A. Publish or discard the session
B. Revert the session
C. Save and install the Policy
D. Delete older versions of database
عرض الإجابة
اجابة صحيحة: A
السؤال #39
What is the purpose of Captive Portal?
A. It provides remote access to SmartConsole
B. It manages user permission in SmartConsole
C. It authenticates users, allowing them access to the Internet and corporate resources
D. It authenticates users, allowing them access to the Gaia OS
عرض الإجابة
اجابة صحيحة: C
السؤال #40
Which of the following is used to initially create trust between a Gateway and Security Management Server?
A. Internal Certificate Authority
B. Token
C. One-time Password
D. Certificate
عرض الإجابة
اجابة صحيحة: D
السؤال #41
You are unable to login to SmartDashboard. You log into the management server and run #cpwd_admin list with the following output: What reason could possibly BEST explain why you are unable to connect to SmartDashboard?
A. CDP is down
B. SVR is down
C. FWM is down
D. CPSM is down
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.