لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?
A. AD Query
B. Terminal Servers Endpoint Identity Agent
C. Endpoint Identity Agent and Browser-Based Authentication
D. RADIUS and Account Logon
عرض الإجابة
اجابة صحيحة: C
السؤال #2
The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?
A. Add tcpdump to CLISH using add command
B. Add tcpdump to CLISH using add command
C. Create a new access role
D. Create a new access role
عرض الإجابة
اجابة صحيحة: A
السؤال #3
What is the most recommended installation method for Check Point appliances?
A. SmartUpdate installation
B. DVD media created with Check Point ISOMorphic
C. USB media created with Check Point ISOMorphic
D. Cloud based installation
عرض الإجابة
اجابة صحيحة: C
السؤال #4
Tom has connected to the R80 Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made:
A. Tom’s changes will have been stored on the Management when he reconnects and he will not lose any of this work
B. Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot
C. Tom’s changes will be lost since he lost connectivity and he will have to start again
D. Tom will have to reboot his SmartConsole computer, clear the cache and restore changes
عرض الإجابة
اجابة صحيحة: A
السؤال #5
How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?
A. Install appliance TE250X on SpanPort on LAN switch in MTA mode
B. Install appliance TE250X in standalone mode and setup MTA
C. You can utilize only Check Point Cloud Services for this scenario
D. It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance
عرض الإجابة
اجابة صحيحة: C
السؤال #6
What is the mechanism behind Threat Extraction?
A. This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender
B. This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient
C. This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring)
D. Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast
عرض الإجابة
اجابة صحيحة: D
السؤال #7
Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?
A. Application Control
B. Threat Emulation
C. Anti-Virus
D. Advanced Networking Blade
عرض الإجابة
اجابة صحيحة: B
السؤال #8
Fill in the blank: Service blades must be attached to a ______________.
A. Security Gateway
B. Management container
C. Management server
D. Security Gateway container
عرض الإجابة
اجابة صحيحة: A
السؤال #9
Which of the following is an authentication method used for Identity Awareness?
A. SSL
B. Captive Portal
C. PKI
D. RSA
عرض الإجابة
اجابة صحيحة: B
السؤال #10
Which of the following is NOT a valid application navigation tab in the R80 SmartConsole?
A. Manage and Command Line
B. Logs and Monitor
C. Security Policies
D. Gateway and Servers
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Using R80 Smart Console, what does a “pencil icon” in a rule mean?
A. I have changed this rule
B. Someone else has changed this rule
C. This rule is managed by check point’s SOC
D. This rule can’t be changed as it’s an implied rule
عرض الإجابة
اجابة صحيحة: A
السؤال #12
When defining QoS global properties, which option below is not valid?
A. Weight
B. Authenticated timeout
C. Schedule
D. Rate
عرض الإجابة
اجابة صحيحة: C
السؤال #13
Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.
A. Down
B. No Response
C. Inactive
D. Failed
عرض الإجابة
اجابة صحيحة: A
السؤال #14
The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
A. Secure Internal Communication (SIC)
B. Restart Daemons if they fail
C. Transfer messages between Firewall processes
D. Pulls application monitoring status
عرض الإجابة
اجابة صحيحة: D
السؤال #15
What is the BEST method to deploy Identity Awareness for roaming users?
A. Use Office Mode
B. Use identity agents
C. Share user identities between gateways
D. Use captive portal
عرض الإجابة
اجابة صحيحة: B
السؤال #16
The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method. How many times per day will CPUSE agent check for hotfixes and automatically download them?
A. Six times per day
B. Seven times per day
C. Every two hours
D. Every three hours
عرض الإجابة
اجابة صحيحة: D
السؤال #17
Which of these statements describes the Check Point ThreatCloud?
A. Blocks or limits usage of web applications
B. Prevents or controls access to web sites based on category
C. Prevents Cloud vulnerability exploits
D. A worldwide collaborative security network
عرض الإجابة
اجابة صحيحة: D
السؤال #18
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
A. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
B. Mail, Block Source, Block Destination, Block Services, SNMP Trap
C. Mail, Block Source, Block Destination, External Script, SNMP Trap
D. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
عرض الإجابة
اجابة صحيحة: A
السؤال #19
What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?
A. A host route to route to the destination IP
B. Use the file local
C. Nothing, the Gateway takes care of all details necessary
D. Enabling ‘Allow bi-directional NAT’ for NAT to work correctly
عرض الإجابة
اجابة صحيحة: C
السؤال #20
What is the best sync method in the ClusterXL deployment?
A. Use 1 cluster + 1st sync
B. Use 1 dedicated sync interface
C. Use 3 clusters + 1st sync + 2nd sync + 3rd sync
D. Use 2 clusters + 1st sync + 2nd sync
عرض الإجابة
اجابة صحيحة: B
السؤال #21
What does it mean if Deyra sees the gateway status: Choose the BEST answer.
A. SmartCenter Server cannot reach this Security Gateway
B. There is a blade reporting a problem
C. VPN software blade is reporting a malfunction
D. Security Gateway’s MGNT NIC card is disconnected
عرض الإجابة
اجابة صحيحة: B
السؤال #22
Fill in the blank: An LDAP server holds one or more ______________.
A. Server Units
B. Administrator Units
C. Account Units
D. Account Servers
عرض الإجابة
اجابة صحيحة: C
السؤال #23
When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:
A. Security Management Server’s /home/
B. Windows registry is available for future Security Management Server authentications
C. There is no memory used for saving a fingerprint anyway
D. SmartConsole cache is available for future Security Management Server authentications
عرض الإجابة
اجابة صحيحة: D
السؤال #24
Fill in the bank: In Office mode, a Security Gateway assigns a remote client to an IP address once___________.
A. the user connects and authenticates
B. office mode is initiated
C. the user requests a connection
D. the user connects
عرض الإجابة
اجابة صحيحة: A
السؤال #25
What is the purpose of the Clean-up Rule?
A. To log all traffic that is not explicitly allowed or denied in the Rule Base
B. To clean up policies found inconsistent with the compliance blade reports
C. To remove all rules that could have a conflict with other rules in the database
D. To eliminate duplicate log entries in the Security Gateway
عرض الإجابة
اجابة صحيحة: A
السؤال #26
Which is the correct order of a log flow processed by SmartEvent components:
A. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
B. Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client
C. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client
عرض الإجابة
اجابة صحيحة: D
السؤال #27
Which command shows the installed licenses?
A. cplic print
B. print cplic
C. fwlic print
D. show licenses
عرض الإجابة
اجابة صحيحة: A
السؤال #28
What is the most complete definition of the difference between the Install Policy button on the SmartConsole’s tab, and the Install Policy within a specific policy?
A. The Global one also saves and published the session before installation
B. The Global one can install multiple selected policies at the same time
C. The local one does not install the Anti-Malware policy along with the Network policy
D. The second one pre-select the installation for only the current policy and for the applicable gateways
عرض الإجابة
اجابة صحيحة: D
السؤال #29
Fill in the blank: Back up and restores can be accomplished through_________.
A. SmartConsole, WebUI, or CLI
B. WebUI, CLI, or SmartUpdate
C. CLI, SmartUpdate, or SmartBackup
D. SmartUpdate, SmartBackup, or SmartConsole
عرض الإجابة
اجابة صحيحة: A
السؤال #30
What is the Transport layer of the TCP/IP model responsible for?
A. It transports packets as datagrams along different routes to reach their destination
B. It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application
C. It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer
D. It deals with all aspects of the physical components of network connectivity and connects with different network types
عرض الإجابة
اجابة صحيحة: B
السؤال #31
When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?
A. Any size
B. Less than 20GB
C. More than 10GB and less than 20 GB
D. At least 20GB
عرض الإجابة
اجابة صحيحة: D
السؤال #32
You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?
A. fw ctl multik dynamic_dispatching on
B. fw ctl multik dynamic_dispatching set_mode 9
C. fw ctl multik set_mode 9
D. fw ctl miltik pq enable
عرض الإجابة
اجابة صحيحة: A
السؤال #33
You have discovered suspicious activity in your network. What is the BEST immediate action to take?
A. Create a policy rule to block the traffic
B. Create a suspicious action rule to block that traffic
C. Wait until traffic has been identified before making any changes
D. Contact ISP to block the traffic
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: