لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?
A. SmartView Tracker and SmartView Monitor
B. SmartLSM and SmartUpdate
C. SmartDashboard and SmartView Tracker
D. SmartView Monitor and SmartUpdate
عرض الإجابة
اجابة صحيحة: A
السؤال #2
Which of the following is NOT an option for internal network definition of Anti-spoofing?
A. Specific – derived from a selected object
B. Route-based – derived from gateway routing table
C. Network defined by the interface IP and Net Mask
D. Not-defined
عرض الإجابة
اجابة صحيحة: B
السؤال #3
What statement is true regarding Visitor Mode?
A. VPN authentication and encrypted traffic are tunneled through port TCP 443
B. Only ESP traffic is tunneled through port TCP 443
C. Only Main mode and Quick mode traffic are tunneled on TCP port 443
D. All VPN traffic is tunneled through UDP port 4500
عرض الإجابة
اجابة صحيحة: A
السؤال #4
Which path below is available only when CoreXL is enabled?
A. Slow path
B. Firewall path
C. Medium path
D. Accelerated path
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?
A. Bridge
B. Load Sharing
C. High Availability
D. Fail Open
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Where do you verify that UserDirectory is enabled?
A. Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
B. Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
C. Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
D. Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
عرض الإجابة
اجابة صحيحة: B
السؤال #7
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
A. The rule base can be built of layers, each containing a set of the security rules
B. Limits the upload and download throughput for streaming media in the company to 1 Gbps
C. Time object to a rule to make the rule active only during specified times
D. Sub Policies are sets of rules that can be created and attached to specific rules
عرض الإجابة
اجابة صحيحة: A
السؤال #8
How Capsule Connect and Capsule Workspace differ?
A. Capsule Connect provides a Layer3 VPN
B. Capsule Workspace can provide access to any application
C. Capsule Connect provides Business data isolation
D. Capsule Connect does not require an installed application at client
عرض الإجابة
اجابة صحيحة: B
السؤال #9
NAT can NOT be configured on which of the following objects?
A. HTTP Logical Server
B. Gateway
C. Address Range
D. Host
عرض الإجابة
اجابة صحيحة: B
السؤال #10
Which statement is NOT TRUE about Delta synchronization?
A. Using UDP Multicast or Broadcast on port 8161
B. Using UDP Multicast or Broadcast on port 8116
C. Quicker than Full sync
D. Transfers changes in the Kernel tables between cluster members
عرض الإجابة
اجابة صحيحة: A
السؤال #11
The CDT utility supports which of the following?
A. Major version upgrades to R77
B. Only Jumbo HFA’s and hotfixes Only major version upgrades to R80
C.
D.
عرض الإجابة
اجابة صحيحة: A
السؤال #12
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 0
B. Blank field under Rule Number
C. Rule 1
D. Cleanup Rule
عرض الإجابة
اجابة صحيحة: C
السؤال #13
Mesh and Star are two types of VPN topologies. Which statement below is TRUE about these types of communities?
A. A star community requires Check Point gateways, as it is a Check Point proprietary technology
B. In a star community, satellite gateways cannot communicate with each other
C. In a mesh community, member gateways cannot communicate directly with each other
D. In a mesh community, all members can create a tunnel with any other member
عرض الإجابة
اجابة صحيحة: C
السؤال #14
What happens when you run the command: fw sam -J src [Source IP Address]?
A. Connections from the specified source are blocked without the need to change the Security Policy
B. Connections to the specified target are blocked without the need to change the Security Policy
C.
D. Connections to and from the specified target are blocked without the need to change the Security Policy
عرض الإجابة
اجابة صحيحة: D
السؤال #15
In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?
A. SND is a feature to accelerate multiple SSL VPN connections
B. SND is an alternative to IPSec Main Mode, using only 3 packets
C. SND is used to distribute packets among Firewall instances
D. SND is a feature of fw monitor to capture accelerated packets
عرض الإجابة
اجابة صحيحة: A
السؤال #16
Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list.
A. SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status
B. SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor
C. SmartView Tracker, CPINFO, SmartUpdate
D. Security Policy Editor, Log Viewer, Real Time Monitor GUI
عرض الإجابة
اجابة صحيحة: A
السؤال #17
R80.10 management server can manage gateways with which versions installed?
A. Versions R77 and higher
B. Versions R76 and higher
C. Versions R75
D. Version R75 and higher
عرض الإجابة
اجابة صحيحة: A
السؤال #18
What is the Manual Client Authentication TELNET port?
A. 23
B. 264C
D. 259
عرض الإجابة
اجابة صحيحة: B
السؤال #19
Match the following commands to their correct function. Each command has one function only listed.
A. C1>F6; C2>F4; C3>F2; C4>F5
B. C1>F2; C2>F1; C3>F6; C4>F4
C. C1>F2; C2>F4; C3>F1; C4>F5
D. C1>F4; C2>F6; C3>F3; C4>F5
عرض الإجابة
اجابة صحيحة: A
السؤال #20
What CLI utility allows an administrator to capture traffic along the firewall inspection chain?
A. show interface (interface) –chain
B. tcpdump
C. tcpdump /snoop
D. fw monitor
عرض الإجابة
اجابة صحيحة: D
السؤال #21
What is Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and IPS Policies
B. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database
C. The collective name of the logs generated by SmartReporter
D. A global Policy used to share a common enforcement policy for multiple Security Gateways
عرض الإجابة
اجابة صحيحة: D
السؤال #22
When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?
A. Any size
B. Less than 20GB
C. More than 10GB and less than 20 GB
D. At least 20GB
عرض الإجابة
اجابة صحيحة: B
السؤال #23
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0
B. Select Block intruder from the Tools menu in SmartView Tracker
C. Create a Suspicious Activity Rule in Smart Monitor
D. Add a temporary rule using SmartDashboard and select hide rule
عرض الإجابة
اجابة صحيحة: D
السؤال #24
From SecureXL perspective, what are the tree paths of traffic flow:
A. Initial Path; Medium Path; Accelerated Path
B. Layer Path; Blade Path; Rule Path
C. Firewall Path; Accept Path; Drop Path
D. Firewall Path; Accelerated Path; Medium Path
عرض الإجابة
اجابة صحيحة: B
السؤال #25
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?
A. fwd
B. fwm
C. cpd
D. cpwd
عرض الإجابة
اجابة صحيحة: D
السؤال #26
Which tool CANNOT be launched from SmartUpdate R77?
A. IP Appliance Voyager
B. snapshot
C. GAiA WebUI
D. cpinfo
عرض الإجابة
اجابة صحيحة: C
السؤال #27
On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:
A. 18210
B. 18184C
D. 18191
عرض الإجابة
اجابة صحيحة: A
السؤال #28
What are the three components for Check Point Capsule?
A. Capsule Docs, Capsule Cloud, Capsule Connect
B. Capsule Workspace, Capsule Cloud, Capsule Connect Capsule Workspace, Capsule Docs, Capsule Connect Capsule Workspace, Capsule Docs, Capsule Cloud
C.
D.
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?
A. External-user group
B. LDAP group
C. A group with a genetic user
D. All Users
عرض الإجابة
اجابة صحيحة: A
السؤال #30
Which two of these Check Point Protocols are used by _____ ?
A. ELA and CPD
B. FWD and LEA
C. FWD and CPLOG
D. ELA and CPLOG
عرض الإجابة
اجابة صحيحة: A
السؤال #31
Which rule is responsible for the user authentication failure?
A. Rule 4
B. Rule 6
C. Rule 3
D. Rule 5
عرض الإجابة
اجابة صحيحة: D
السؤال #32
When launching SmartDashboard, what information is required to log into R77?
A. User Name, Management Server IP, certificate fingerprint file
B. User Name, Password, Management Server IP
C. Password, Management Server IP
D. Password, Management Server IP, LDAP Server IP
عرض الإجابة
اجابة صحيحة: D
السؤال #33
In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?
A. Accounting
B. Suppression
C. Accounting/Suppression
D. Accounting/Extended
عرض الإجابة
اجابة صحيحة: C
السؤال #34
An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install). Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets
A. The setting Log does not capture this level of detail for GRE
B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt
C. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker
D. The Log Server is failing to log GRE traffic properly because it is VPN traffic
عرض الإجابة
اجابة صحيحة: A
السؤال #35
Which of these components does NOT require a Security Gateway R77 license?
A. Security Management Server
B. Check Point Gateway
C. SmartConsole
D. SmartUpdate upgrading/patching
عرض الإجابة
اجابة صحيحة: A
السؤال #36
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column)
B. Install the View Implicit Rules package using SmartUpdate
C. Define two log servers on the R77 Gateway object
D. Check the Log Implied Rules Globally box on the R77 Gateway object
عرض الإجابة
اجابة صحيحة: C
السؤال #37
As you review this Security Policy, what changes could you make to accommodate Rule 4?
A. Remove the service HTTP from the column Service in Rule 4
B. Modify the column VPN in Rule 2 to limit access to specific traffic
C. Nothing at all
D. Modify the columns Source or Destination in Rule 4
عرض الإجابة
اجابة صحيحة: B
السؤال #38
What are the three tabs available in SmartView Tracker?
A. Network & Endpoint, Management, and Active
B. Network, Endpoint, and Active
C. Predefined, All Records, Custom Queries
D. Endpoint, Active, and Custom Queries
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: