السؤال #1

Which options are given on features, when editing a Role on Gaia Platform?

A. Read/Write, Read Only

B. Read/Write, Read only, None

C. Read/Write, None

D. Read Only, None

عرض الإجابة

اجابة صحيحة: D

السؤال #2

Which of the following is NOT a component of Check Point Capsule?

A. Capsule Docs

B. Capsule Cloud

C. Capsule Enterprise

D. Capsule Workspace

عرض الإجابة

اجابة صحيحة: C

السؤال #3

By default, which port does the WebUI listen on?

A. 80

B. 4434

C. 443

D. 8080

عرض الإجابة

اجابة صحيحة: A

السؤال #4

When using Monitored circuit VRRP, what is a priority delta?

A. When an interface fails the priority changes to the priority delta

B. When an interface fails the delta claims the priority

C. When an interface fails the priority delta is subtracted from the priority

D. When an interface fails the priority delta decides if the other interfaces takes over

عرض الإجابة

اجابة صحيحة: A

السؤال #5

What is the Transport layer of the TCP/IP model responsible for?

A. It transports packets as datagrams along different routes to reach their destination

B. It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application

C. It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer

D. It deals with all aspects of the physical components of network connectivity and connects with different network types

عرض الإجابة

اجابة صحيحة: B

السؤال #6

Which of these attributes would be critical for a site-to-site VPN?

A. Scalability to accommodate user groups

B. Centralized management

C. Strong authentication

D. Strong data encryption

عرض الإجابة

اجابة صحيحة: B

السؤال #7

Where would an administrator enable Implied Rules logging?

A. In Smart Log Rules View

B. In SmartDashboard on each rule

C. In Global Properties under Firewall

D. In Global Properties under log and alert

عرض الإجابة

اجابة صحيحة: D

السؤال #8

Review the rules. Assume domain UDP is enabled in the implied rules. What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

A. can connect to the Internet successfully after being authenticated

B. is prompted three times before connecting to the Internet successfully

C. can go to the Internet after Telnetting to the client authentication daemon port 259

D. can go to the Internet, without being prompted for authentication

عرض الإجابة

اجابة صحيحة: D

السؤال #9

Which of the following uses the same key to decrypt as it does to encrypt?

A. Asymmetric encryption

B. Dynamic encryption

C. Certificate-based encryption

D. Symmetric encryption

عرض الإجابة

اجابة صحيحة: A

السؤال #10

True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

A. False, this feature has to be enabled in the Global Properties

B. True, every administrator works in a session that is independent of the other administrators

C. True, every administrator works on a different database that is independent of the other administrators

D. False, only one administrator can login with write permission

عرض الإجابة

اجابة صحيحة: C

السؤال #11

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

A. ThreatWiki

B. Whitelist Files

C. AppWiki

D. IPS Protections

عرض الإجابة

اجابة صحيحة: A

السؤال #12

Fill in the blank: An identity server uses a ___________ for user authentication.

A. Shared secret

B. Certificate

C. One-time password

D. Token

عرض الإجابة

اجابة صحيحة: B

السؤال #13

Session unique identifiers are passed to the web api using which http header option?

A. X-chkp-sid

B. Accept-Charset

C. Proxy-Authorization

D. Application

عرض الإجابة

اجابة صحيحة: D

السؤال #14

What happens when you run the command: fw sam -J src [Source IP Address]?

A. Connections from the specified source are blocked without the need to change the Security Policy

B. Connections to the specified target are blocked without the need to change the Security Policy

C. Connections to and from the specified target are blocked without the need to change the Security Policy

D. Connections to and from the specified target are blocked with the need to change the Security Policy

عرض الإجابة

اجابة صحيحة: A

السؤال #15

Which is the correct order of a log flow processed by SmartEvent components:

A. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client

B. Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client

C. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client

D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client

عرض الإجابة

اجابة صحيحة: B

السؤال #16

Which policy type has its own Exceptions section?

A. Thread Prevention

B. Access Control

C. Threat Emulation

D. Desktop Security

عرض الإجابة

اجابة صحيحة: A

السؤال #17

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

A. Security Management Server’s /home/

B. Windows registry is available for future Security Management Server authentications

C. there is no memory used for saving a fingerprint anyway

D. SmartConsole cache is available for future Security Management Server authentications

عرض الإجابة

اجابة صحيحة: C

السؤال #18

John is using Management HA. Which Smartcenter should be connected to for making changes?

A. secondary Smartcenter

B. active Smartcenter

C. connect virtual IP of Smartcenter HA

D. primary Smartcenter

عرض الإجابة

اجابة صحيحة: D

السؤال #19

During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

A. Dropped without sending a negative acknowledgment

B. Dropped without logs and without sending a negative acknowledgment

C. Dropped with negative acknowledgment

D. Dropped with logs and without sending a negative acknowledgment

عرض الإجابة

اجابة صحيحة: C

السؤال #20

SmartEvent does NOT use which of the following procedures to identity events:

A. Matching a log against each event definition

B. Create an event candidate

C. Matching a log against local exclusions

D. Matching a log against global exclusions

عرض الإجابة

اجابة صحيحة: A

السؤال #21

There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

A. Using Web Services

B. Using Mgmt_cli tool

C. Using CLISH

D. Using SmartConsole GUI console

عرض الإجابة

اجابة صحيحة: A

السؤال #22

Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

A. host name myHost12 ip-address 10

B. mgmt add host name ip-address 10

C. add host name emailserver1 ip-address 10

D. mgmt add host name emailserver1 ip-address 10

عرض الإجابة

اجابة صحيحة: D

السؤال #23

What SmartEvent component creates events?

A. Consolidation Policy

B. Correlation Unit

C. SmartEvent Policy

D. SmartEvent GUI

عرض الإجابة

اجابة صحيحة: A

السؤال #24

Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

A. Slow Path

B. Medium Path

C. Fast Path

D. Accelerated Path

عرض الإجابة

اجابة صحيحة: A

السؤال #25

You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor. Unfortunately, you get the message: “There are no machines that contain Firewall Blade and SmartView Monitor”. What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.

A. Purchase the SmartView Monitor license for your Security Management Server

B. Enable Monitoring on your Security Management Server

C. Purchase the SmartView Monitor license for your Security Gateway

D. Enable Monitoring on your Security Gateway

عرض الإجابة

اجابة صحيحة: A

السؤال #26

Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links. Which component of SandBlast protection is her company using on a Gateway?

A. SandBlast Threat Emulation

B. SandBlast Agent

C. Check Point Protect

D. SandBlast Threat Extraction

عرض الإجابة

اجابة صحيحة: B

السؤال #27

What is the benefit of Manual NAT over Automatic NAT?

A. If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy

B. There is no benefit since Automatic NAT has in any case higher priority over Manual NAT

C. You have the full control about the priority of the NAT rules

D. On IPSO and GAIA Gateways, it is handled in a Stateful manner

عرض الإجابة

اجابة صحيحة: B

السؤال #28

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

A. Any size

B. Less than 20GB

C. More than 10GB and less than 20 GB

D. At least 20GB

عرض الإجابة

اجابة صحيحة: C

السؤال #29

With which command can you view the running configuration of Gaia-based system.

A. show conf-active

B. show configuration active

C. show configuration

D. show running-configuration

عرض الإجابة

اجابة صحيحة: A

السؤال #30

Which statement is NOT TRUE about Delta synchronization?

A. Using UDP Multicast or Broadcast on port 8161

B. Using UDP Multicast or Broadcast on port 8116

C. Quicker than Full sync

D. Transfers changes in the Kernel tables between cluster members

عرض الإجابة

اجابة صحيحة: D

السؤال #31

The CDT utility supports which of the following?

A. Major version upgrades to R77

B. Only Jumbo HFA’s and hotfixes

C. Only major version upgrades to R80

D. All upgrades

عرض الإجابة

اجابة صحيحة: A

السؤال #32

The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

A. You can only use the rule for Telnet, FTP, SMPT, and rlogin services

B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server

C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out

D. You can limit the authentication attempts in the User Properties' Authentication tab

عرض الإجابة

اجابة صحيحة: D

السؤال #33

On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

A. 18210

B. 18184C

D. 18191

عرض الإجابة

اجابة صحيحة: D

السؤال #34

Which Threat Prevention Profile is not included by default in R80 Management?

A. Basic – Provides reliable protection on a range of non-HTTP protocols for servers, with minimal impact on network performance

B. Optimized – Provides excellent protection for common network products and protocols against recent or popular attacks

C. Strict – Provides a wide coverage for all products and protocols, with impact on network performance

D. Recommended – Provides all protection for all common network products and servers, with impact on network performance

عرض الإجابة

اجابة صحيحة: D

السؤال #35

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

A. SmartManager

B. SmartConsole

C. Security Gateway

D. Security Management Server

عرض الإجابة

اجابة صحيحة: B

السؤال #36

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19. John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The

A. John should lock and unlock his computer

B. Investigate this as a network connectivity issue

C. The access should be changed to authenticate the user instead of the PC

D. John should install the Identity Awareness Agent

عرض الإجابة

اجابة صحيحة: D

السؤال #37

You have discovered activity in your network. What is the BEST immediate action to take?

A. Create a policy rule to block the traffic

B. Create a suspicious action rule to block that traffic

C. Wait until traffic has been identified before making any changes

D. Contact ISP to block the traffic

عرض الإجابة

اجابة صحيحة: A

السؤال #38

Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

A. The firewall topologies

B. NAT Rules

C. The Rule Base

D. The VPN Domains

عرض الإجابة

اجابة صحيحة: ACD

السؤال #39

Which NAT rules are prioritized first?

A. Post-Automatic/Manual NAT rules

B. Manual/Pre-Automatic NAT

C. Automatic Hide NAT

D. Automatic Static NAT

عرض الإجابة

اجابة صحيحة: D

السؤال #40

What is the command to see cluster status in cli expert mode?

A. fw ctl stat

B. clusterXL stat

C. clusterXL statusD

عرض الإجابة

اجابة صحيحة: B

السؤال #41

The Firewall kernel is replicated multiple times, therefore:

A. The Firewall kernel only touches the packet if the connection is accelerated

B. The Firewall can run different policies per core

C. The Firewall kernel is replicated only with new connections and deletes itself once the connection times out

D. The Firewall can run the same policy on all cores

عرض الإجابة

اجابة صحيحة: D

السؤال #42

Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

A. All options stop Check Point processes

B. backup

C. migrate export

D. snapshot

عرض الإجابة

اجابة صحيحة: A

السؤال #43

You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm's business partners. Which SmartConsole application should you use to confirm your suspicious?

A. SmartDashboard

B. SmartUpdate

C. SmartView Status

D. SmartView Tracker

عرض الإجابة

اجابة صحيحة: B

السؤال #44

Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?

A. Export R80 configuration, clean install R80

B. CPUSE online upgrade

C. CPUSE offline upgrade

D. SmartUpdate upgrade

عرض الإجابة

اجابة صحيحة: A

السؤال #45

Which of the following is NOT a tracking option? (Select three)

A. Partial log

B. Log

C. Network log

D. Full log

عرض الإجابة

اجابة صحيحة: C

السؤال #46

Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.

A. remove database lock

B. The database feature has one command lock database override

C. override database lock

D. The database feature has two commands: lock database override and unlock database

عرض الإجابة

اجابة صحيحة: D

السؤال #47

Which of the following describes how Threat Extraction functions?

A. Detect threats and provides a detailed report of discovered threats

B. Proactively detects threats

C. Delivers file with original content

D. Delivers PDF versions of original files with active content removed

عرض الإجابة

اجابة صحيحة: B

السؤال #48

As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

A. in the user object's Authentication screen

B. in the Gateway object's Authentication screen

C. in the Limit tab of the Client Authentication Action Properties screen

D. in the Global Properties Authentication screen

عرض الإجابة

اجابة صحيحة: B

السؤال #49

You want to store the GAiA configuration in a file for later reference. What command should you use?

A. write mem

B. show config -f

C. save config -o

D. save configuration

عرض الإجابة

اجابة صحيحة: A

لا تريد أن تفوت شيئا؟

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع!
احصل الان

عرض الإجابات بعد التقديم

لا تريد أن تفوت شيئا؟

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع! احصل الان

عرض الإجابات بعد التقديم

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع!
احصل الان