لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?
A. Save Policy
B. install Database
C. Save Session
D. install Policy
عرض الإجابة
اجابة صحيحة: B
السؤال #2
What two ordered layers make up the Access Control Policy Layer?
A. URL Filtering and Network
B. Network and Threat Prevention
C. Application Control and URL Filtering
D. Network and Application Control
عرض الإجابة
اجابة صحيحة: B
السؤال #3
What is the Transport layer of the TCP/IP model responsible for?
A. It transports packets as datagrams along different routes to reach their destination
B. It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application
C. It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer
D. It deals with all aspects of the physical components of network connectivity and connects with different network types
عرض الإجابة
اجابة صحيحة: B
السؤال #4
Joey is using the computer with IP address 192.168.20.13. He wants to access web page “www.Check Point.com”, which is hosted on Web server with IP address 203.0.113.111. How many rules on Check Point Firewall are required for this connection?
A. Two rules – first one for the HTTP traffic and second one for DNS traffic
B. Only one rule, because Check Point firewall is a Packet Filtering firewall
C. Two rules – one for outgoing request and second one for incoming replay
D. Only one rule, because Check Point firewall is using Stateful Inspection technology
عرض الإجابة
اجابة صحيحة: A
السؤال #5
How would you determine the software version from the CLI?
A. fw ver
B. fw stat
C. fw monitor
D. cpinfo
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which of the following actions do NOT take place in IKE Phase 1?
A. Peers agree on encryption method
B. Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key
C. Peers agree on integrity method
D. Each side generates a session key from its private key and peer's public key
عرض الإجابة
اجابة صحيحة: D
السؤال #7
What are the two types of address translation rules?
A. Translated packet and untranslated packet
B. Untranslated packet and manipulated packet
C. Manipulated packet and original packet
D. Original packet and translated packet
عرض الإجابة
اجابة صحيحة: C
السؤال #8
Which of the following is TRUE about the Check Point Host object?
A. Check Point Host has no routing ability even if it has more than one interface installed
B. When you upgrade to R80 from R77
C. Check Point Host is capable of having an IP forwarding mechanism
D. Check Point Host can act as a firewall
عرض الإجابة
اجابة صحيحة: A
السؤال #9
What is the benefit of Manual NAT over Automatic NAT?
A. If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy
B. There is no benefit since Automatic NAT has in any case higher priority over Manual NAT
C. You have the full control about the priority of the NAT rules
D. On IPSO and GAIA Gateways, it is handled in a Stateful manner
عرض الإجابة
اجابة صحيحة: B
السؤال #10
What is the command to see cluster status in cli expert mode?
A. fw ctl stat
B. clusterXL stat
C. clusterXL status
D. cphaprob stat
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Fill in the blank: Licenses can be added to the License and Contract repository _____.
A. From the User Center, from a file, or manually
B. From a file, manually, or from SmartView Monitor
C. Manually, from SmartView Monitor, or from the User Center
D. From SmartView Monitor, from the User Center, or from a file
عرض الإجابة
اجابة صحيحة: B
السؤال #12
Fill in the blank: Service blades must be attached to a _____ .
A. Security Gateway
B. Management container
C. Management server
D. Security Gateway container
عرض الإجابة
اجابة صحيحة: B
السؤال #13
What is Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and IPS Policies
B. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database
C. The collective name of the logs generated by SmartReporter
D. A global Policy used to share a common enforcement policy for multiple Security Gateways
عرض الإجابة
اجابة صحيحة: B
السؤال #14
Study the Rule base and Client Authentication Action properties screen. After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:
A. user is prompted for authentication by the Security Gateways again
B. FTP data connection is dropped after the user is authenticated successfully
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
D. FTP connection is dropped by Rule 2
عرض الإجابة
اجابة صحيحة: B
السؤال #15
Which of the following is TRUE regarding Gaia command line?
A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks
B. Configuration changes should be done in expert-mode and CLISH is used for monitoring
C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks
D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks
عرض الإجابة
اجابة صحيحة: D
السؤال #16
Which of the following is NOT a tracking option?
A. Partial log
B. Log
C. Network log
D. Full log
عرض الإجابة
اجابة صحيحة: D
السؤال #17
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0
B. Select Block intruder from the Tools menu in SmartView Tracker
C. Create a Suspicious Activity Rule in Smart Monitor
D. Add a temporary rule using SmartDashboard and select hide rule
عرض الإجابة
اجابة صحيحة: A
السؤال #18
Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?
A. Check Point software deployed on a non-Check Point appliance
B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability
C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server andSecurity deployment model
D. A check Point Management Server software using the Open SSL
عرض الإجابة
اجابة صحيحة: D
السؤال #19
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column)
B. Use your normal log server for standard logging for troubleshooting
C. Install the View Implicit Rules package using SmartUpdate
D. Define two log servers on the R77 Gateway objec
E. Lof Implied Rules on the first log serve
F. Enable Log Rule Base on the second log serve G
عرض الإجابة
اجابة صحيحة: A
السؤال #20
What does the “unknown” SIC status shown on SmartConsole mean?
A. The SMS can contact the Security Gateway but cannot establish Secure Internal Communication
B. SIC activation key requires a reset
C. The SIC activation key is not known by any administrator
D. There is no connection between the Security Gateway and SMS
عرض الإجابة
اجابة صحيحة: D
السؤال #21
When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:
A. Only the objects being modified in the Management Database and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network
B. The entire Management Database and other administrators can connect to make changes only if the first administrator switches to Read-only
C. The entire Management Database and all sessions and other administrators can connect only as Read-only
D. Only the objects being modified in his session of the Management Database and other administrators can connect to make changes using different sessions
عرض الإجابة
اجابة صحيحة: D
السؤال #22
Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?
A. “Encrypt” action in the Rule Base
B. Permanent Tunnels
C. “VPN” column in the Rule Base
D. Configuration checkbox “Accept all encrypted traffic”
عرض الإجابة
اجابة صحيحة: A
السؤال #23
In which deployment is the security management server and Security Gateway installed on the same appliance?
A. Bridge Mode
B. Remote
C. Standalone
D. Distributed
عرض الإجابة
اجابة صحيحة: A
السؤال #24
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the system displays the Captive Portal
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the traffic is automatically dropped
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action
عرض الإجابة
اجابة صحيحة: B
السؤال #25
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
A. The rule base can be built of layers, each containing a set of the security rule
B. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence
C. Limits the upload and download throughput for streaming media in the company to 1 Gbps
D. Time object to a rule to make the rule active only during specified times
E. Sub Policies are sets of rules that can be created and attached to specific rule
F. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule
عرض الإجابة
اجابة صحيحة: C
السؤال #26
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
A. Gateway and Servers
B. Logs and Monitor
C. Manage Seeting
D. Security Policies
عرض الإجابة
اجابة صحيحة: A
السؤال #27
In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server (Security Management Server)?
A. Display policies and logs on the administrator's workstation
B. Verify and compile Security Policies
C. Processing and sending alerts such as SNMP traps and email notifications
D. Store firewall logs to hard drive storage
عرض الإجابة
اجابة صحيحة: A
السؤال #28
Which of the following is NOT an alert option?
A. SNMP
B. High alert
C. Mail
D. User defined alert
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Where can administrator edit a list of trusted SmartConsole clients in R80?
A. cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server
B. Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients
C. In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients
D. WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients, via cpconfig on a Security Gateway
عرض الإجابة
اجابة صحيحة: D
السؤال #30
Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
A. Central
B. Corporate
C. Formal
D. Local
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.