لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
You want to store the GAIA configuration in a file for later reference. What command should you use?
A. rite mem
B. how config –f
C. ave config –o
D. ave configuration
عرض الإجابة
اجابة صحيحة: D
السؤال #2
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?
A. etects and blocks malware by correlating multiple detection engines before users are affected
B. onfigure rules to limit the available network bandwidth for specified users or groups
C. se UserCheck to help users understand that certain websites are against the company’s security policy
D. ake rules to allow or block applications and Internet sites for individual applications, categories, and risk levels
عرض الإجابة
اجابة صحيحة: A
السؤال #3
In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?
A. w ctl sdstat
B. w ctl affinity –l –a –r –v
C. w ctl multik stat
D. pinfo
عرض الإجابة
اجابة صحيحة: B
السؤال #4
Which features are only supported with R80.10 Gateways but not R77.x?
A. ccess Control policy unifies the Firewall, Application Control & URL Filtering, Data Awareness, and Mobile Access Software Blade policies
B. imits the upload and download throughput for streaming media in the company to 1 Gbps
C. he rule base can be built of layers, each containing a set of the security rules
D. ime object to a rule to make the rule active only during specified times
عرض الإجابة
اجابة صحيحة: C
السؤال #5
Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?
A. ou can assign only one profile per gateway and a profile can be assigned to one rule Only
B. ou can assign multiple profiles per gateway and a profile can be assigned to one rule only
C. ou can assign multiple profiles per gateway and a profile can be assigned to one or more rules
D. ou can assign only one profile per gateway and a profile can be assigned to one or more rules
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Check Point APIs allow system engineers and developers to make changes to their organization’s security policy with CLI tools and Web Services for all the following except:
A. reate new dashboards to manage 3rd party task
B. reate products that use and enhance 3rd party solutions
C. xecute automated scripts to perform common tasks
D. reate products that use and enhance the Check Point Solution
عرض الإجابة
اجابة صحيحة: A
السؤال #7
To ensure that VMAC mode is enabled, which CLI command should you run on all cluster members?
A. w ctl set int fwha vmac global param enabled
B. w ctl get int vmac global param enabled; result of command should return value 1
C. phaprob-a if
D. w ctl get int fwha_vmac_global_param_enabled; result of command should return value 1
عرض الإجابة
اجابة صحيحة: D
السؤال #8
What are the main stages of a policy installations?
A. erification & Compilation, Transfer and Commit
B. erification & Compilation, Transfer and Installation
C. erification, Commit, Installation
D. erification, Compilation & Transfer, Installation
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active- Active cluster.
A. ymmetric routing
B. ailovers
C. symmetric routing
D. nti-Spoofing
عرض الإجابة
اجابة صحيحة: C
السؤال #10
What kind of information would you expect to see using the sim affinity command?
A. he VMACs used in a Security Gateway cluster
B. he involved firewall kernel modules in inbound and outbound packet chain
C. verview over SecureXL templated connections
D. etwork interfaces and core distribution used for CoreXL
عرض الإجابة
اجابة صحيحة: D
السؤال #11
You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down.What command do you run to determine the cause?
A. phaprob –f register
B. phaprob –d –s report
C. pstat –f all
D. phaprob –a list
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Which of the following describes how Threat Extraction functions?
A. etect threats and provides a detailed report of discovered threats
B. roactively detects threats
C. elivers file with original content
D. elivers PDF versions of original files with active content removed
عرض الإجابة
اجابة صحيحة: B
السؤال #13
To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?
A. ccept Template
B. eny Template
C. rop Template
D. AT Template
عرض الإجابة
اجابة صحيحة: B
السؤال #14
Which of these statements describes the Check Point ThreatCloud?
A. locks or limits usage of web applications
B. revents or controls access to web sites based on category
C. revents Cloud vulnerability exploits
D. worldwide collaborative security network
عرض الإجابة
اجابة صحيحة: D
السؤال #15
Which command lists all tables in Gaia?
A. w tab –t
B. w tab –list
C. w-tab –s
D. w tab -1
عرض الإجابة
اجابة صحيحة: C
السؤال #16
What command can you use to have cpinfo display all installed hotfixes?
A. pinfo -hf
B. pinfo –y all
C. pinfo –get hf
D. pinfo installed_jumbo
عرض الإجابة
اجابة صحيحة: B
السؤال #17
On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:
A. 8210
B. 8184
C. 57
D. 8191
عرض الإجابة
اجابة صحيحة: B
السؤال #18
The Firewall kernel is replicated multiple times, therefore:
A. he Firewall kernel only touches the packet if the connection is accelerated
B. he Firewall can run different policies per core
C. he Firewall kernel is replicated only with new connections and deletes itself once the connection times out
D. he Firewall can run the same policy on all cores
عرض الإجابة
اجابة صحيحة: D
السؤال #19
What are the different command sources that allow you to communicate with the API server?
A. martView Monitor, API_cli Tool, Gaia CLI, Web Services
B. martConsole GUI Console, mgmt_cli Tool, Gaia CLI, Web Services
C. martConsole GUI Console, API_cli Tool, Gaia CLI, Web Services
D. PI_cli Tool, Gaia CLI, Web Services
عرض الإجابة
اجابة صحيحة: B
السؤال #20
What is the command to show SecureXL status?
A. waccel status
B. waccel stats -m
C. waccel -s
D. waccel stat
عرض الإجابة
اجابة صحيحة: D
السؤال #21
There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?
A. sing Web Services
B. sing Mgmt_cli tool
C. sing CLISH
D. sing SmartConsole GUI console
E. vents are collected with SmartWorkflow from Trouble Ticket systems
عرض الإجابة
اجابة صحيحة: E
السؤال #22
To add a file to the Threat Prevention Whitelist, what two items are needed?
A. ile name and Gateway
B. bject Name and MD5 signature
C. D5 signature and Gateway
D. P address of Management Server and Gateway
عرض الإجابة
اجابة صحيحة: B
السؤال #23
To help SmartEvent determine whether events originated internally or externally you must define using the Initial Settings under General Settings in the Policy Tab. How many options are available to calculate the traffic direction?
A. Network; Host; Objects; Services; API
B. Incoming; Outgoing; Network
C. Internal; External
D. Incoming; Outgoing; Internal; Other
عرض الإجابة
اجابة صحيحة: D
السؤال #24
Where you can see and search records of action done by R80 SmartConsole administrators?
A. n SmartView Tracker, open active log
B. n the Logs & Monitor view, select “Open Audit Log View”
C. n SmartAuditLog View
D. n Smartlog, all logs
عرض الإجابة
اجابة صحيحة: B
السؤال #25
How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?
A. nstall appliance TE250X on SpanPort on LAN switch in MTA mode
B. nstall appliance TE250X in standalone mode and setup MTA
C. ou can utilize only Check Point Cloud Services for this scenario
D. t is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance
عرض الإجابة
اجابة صحيحة: C
السؤال #26
John detected high load on sync interface. Which is most recommended solution?
A. or short connections like http service – delay sync for 2 seconds
B. dd a second interface to handle sync traffic
C. or short connections like http service – do not sync
D. or short connections like icmp service – delay sync for 2 seconds
عرض الإجابة
اجابة صحيحة: A
السؤال #27
You need to see which hotfixes are installed on your gateway, which command would you use?
A. pinfo –h all
B. pinfo –o hotfix
C. pinfo –l hotfix
D. pinfo –y all
عرض الإجابة
اجابة صحيحة: D
السؤال #28
Which of the following will NOT affect acceleration?
A. onnections destined to or originated from the Security gateway
B. 5-tuple match
C. ulticast packets
D. onnections that have a Handler (ICMP, FTP, H
عرض الإجابة
اجابة صحيحة: B
السؤال #29
What is the SandBlast Agent designed to do?
A. erforms OS-level sandboxing for SandBlast Cloud architecture
B. nsure the Check Point SandBlast services is running on the end user’s system
C. f malware enters an end user’s system, the SandBlast Agent prevents the malware from spreading with the network
D. lean up email sent with malicious attachments
عرض الإجابة
اجابة صحيحة: C
السؤال #30
What is the name of the secure application for Mail/Calendar for mobile devices?
A. apsule Workspace
B. apsule Mail
C. apsule VPN
D. ecure Workspace
عرض الإجابة
اجابة صحيحة: A
السؤال #31
What is the mechanism behind Threat Extraction?
A. his a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender
B. his is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient
C. his is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring)
D. ny active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast
عرض الإجابة
اجابة صحيحة: D
السؤال #32
Which Check Point daemon monitors the other daemons?
A. wm
B. pd
C. pwd
D. wssd
عرض الإجابة
اجابة صحيحة: C
السؤال #33
Which of the following process pulls application monitoring status?
A. wd
B. wm
C. pwd
D. pd
عرض الإجابة
اجابة صحيحة: D
السؤال #34
Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?
A. heck Point Remote User
B. heck Point Capsule Workspace
C. heck Point Mobile Web Portal
D. heck Point Capsule Remote
عرض الإجابة
اجابة صحيحة: C
السؤال #35
How can SmartView application accessed?
A. ttp:///smartview
B. ttp://:4434/smartview/
C. ttps:///smartview/
D. ttps://:4434/smartview/
عرض الإجابة
اجابة صحيحة: C
السؤال #36
When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:
A. hreat Emulation
B. TTPS
C. OS
D. oIP
عرض الإجابة
اجابة صحيحة: D
السؤال #37
Fill in the blank: The R80 utility fw monitor is used to troubleshoot __________.
A. ser data base corruption
B. DAP conflicts
C. raffic issues
D. hase two key negotiations
عرض الإجابة
اجابة صحيحة: C
السؤال #38
In ClusterXL Load Sharing Multicast Mode:
A. nly the primary member received packets sent to the cluster IP address
B. nly the secondary member receives packets sent to the cluster IP address
C. ackets sent to the cluster IP address are distributed equally between all members of the cluster
D. very member of the cluster received all of the packets sent to the cluster IP address
عرض الإجابة
اجابة صحيحة: D
السؤال #39
Which statement is NOT TRUE about Delta synchronization?
A. sing UDP Multicast or Broadcast on port 8161
B. sing UDP Multicast or Broadcast on port 8116
C. uicker than Full sync
D. ransfers changes in the Kernel tables between cluster members
عرض الإجابة
اجابة صحيحة: A
السؤال #40
What is the purpose of extended master key extension/session hash?
A. DP VOIP protocol extension
B. n case of TLS1
C. pecial TCP handshaking extension
D. upplement DLP data watermark
عرض الإجابة
اجابة صحيحة: B
السؤال #41
What is the benefit of “tw monitor” over “tcpdump”?
A. fw monitor” reveals Layer 2 information, while “tcpdump” acts at Layer 3
B. fw monitor” is also available for 64-Bit operating systems
C. ith “fw monitor”, you can see the inspection points, which cannot be seen in “tcpdump”
D. fw monitor” can be used from the CLI of the Management Server to collect information from multiple gateways
عرض الإجابة
اجابة صحيحة: C
السؤال #42
What has to be taken into consideration when configuring Management HA?
A. he Database revisions will not be synchronized between the management servers
B. martConsole must be closed prior to synchronized changes in the objects database
C. f you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections
D. or Management Server synchronization, only External Virtual Switches are supported
عرض الإجابة
اجابة صحيحة: A
السؤال #43
Which command is used to display status information for various components?
A. how all systems
B. how system messages
C. ysmess all
D. how sysenv all
عرض الإجابة
اجابة صحيحة: D
السؤال #44
What command verifies that the API server is responding?
A. pi stat
B. pi status
C. how api_status
D. pp_get_status
عرض الإجابة
اجابة صحيحة: B
السؤال #45
You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?
A. w ctl multik dynamic_dispatching on
B. w ctl multik dynamic_dispatching set_mode 9
C. w ctl multik set_mode 9
D. w ctl multik pq enable
عرض الإجابة
اجابة صحيحة: C
السؤال #46
Can multiple administrators connect to a Security Management Server at the same time?
A. o, only one can be connected
B. es, all administrators can modify a network object at the same time
C. es, every administrator has their own username, and works in a session that is independent of other administrators
D. es, but only one has the right to write
عرض الإجابة
اجابة صحيحة: C
السؤال #47
What component of R80 Management is used for indexing?
A. BSync
B. PI Server
C. wm
D. OLR
عرض الإجابة
اجابة صحيحة: D
السؤال #48
What are the steps to configure the HTTPS Inspection Policy?
A. o to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard
B. o to Application&url filtering blade > Advanced > Https Inspection > Policy
C. o to Manage&Settings > Blades > HTTPS Inspection > Policy
D. o to Application&url filtering blade > Https Inspection > Policy
عرض الإجابة
اجابة صحيحة: A
السؤال #49
Which command would disable a Cluster Member permanently?
A. lusterXL_admin down
B. phaprob_admin down
C. lusterXL_admin down-p
D. et clusterXL down-p
عرض الإجابة
اجابة صحيحة: C
السؤال #50
What API command below creates a new host with the name “New Host” and IP address of “192.168.0.10”?
A. ew host name “New Host” ip-address “192
B. et host name “New Host” ip-address “192
C. reate host name “New Host” ip-address “192
D. dd host name “New Host” ip-address “192
عرض الإجابة
اجابة صحيحة: D
السؤال #51
Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?
A. ynchronized
B. ever been synchronized
C. agging
D. ollision
عرض الإجابة
اجابة صحيحة: D
السؤال #52
With MTA (Mail Transfer Agent) enabled the gateways manages SMTP traffic and holds external email with potentially malicious attachments. What is required in order to enable MTA (Mail Transfer Agent) functionality in the Security Gateway?
A. hreat Cloud Intelligence
B. hreat Prevention Software Blade Package
C. ndpoint Total Protection
D. raffic on port 25
عرض الإجابة
اجابة صحيحة: B
السؤال #53
SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser. What are the two modes of SNX?
A. pplication and Client Service
B. etwork and Application
C. etwork and Layers
D. irtual Adapter and Mobile App
عرض الإجابة
اجابة صحيحة: B
السؤال #54
When setting up an externally managed log server, what is one item that will not be configured on the R80 Security Management Server?
A. P
B. IC
C. AT
D. QDN
عرض الإجابة
اجابة صحيحة: C
السؤال #55
Which of the following authentication methods ARE NOT used for Mobile Access?
A. ADIUS server
B. sername and password (internal, LDAP)
C. ecurID
D. ACACS+
عرض الإجابة
اجابة صحيحة: D
السؤال #56
Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC __________.
A. CP Port 18190
B. CP Port 18209
C. CP Port 19009
D. CP Port 18191
عرض الإجابة
اجابة صحيحة: D
السؤال #57
Both ClusterXL and VRRP are fully supported by Gaia R80.10 and available to all Check Point appliances. Which the following command is NOT related to redundancy and functions?
A. phaprob stat
B. phaprob –a if
C. phaprob –l list
D. phaprob all show stat
عرض الإجابة
اجابة صحيحة: D
السؤال #58
Which is NOT an example of a Check Point API?
A. ateway API
B. anagement API
C. PSC SDK
D. hreat Prevention API
عرض الإجابة
اجابة صحيحة: A
السؤال #59
What is not a component of Check Point SandBlast?
A. hreat Emulation
B. hreat Simulator
C. hreat Extraction
D. hreat Cloud
عرض الإجابة
اجابة صحيحة: B
السؤال #60
Which process is available on any management product and on products that require direct GUI access, such as SmartEvent and provides GUI client communications, database manipulation, policy compilation and Management HA synchronization?
A. pwd
B. wd
C. pd
D. wm
عرض الإجابة
اجابة صحيحة: D
السؤال #61
As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?
A. hat is used to deploy the mobile device as a generator of one-time passwords for authenticating to an RSA Authentication Manager
B. ill Layer4 VPN –SSL VPN that gives users network access to all mobile applications
C. ull Layer3 VPN –IPSec VPN that gives users network access to all mobile applications
D. ou can make sure that documents are sent to the intended recipients only
عرض الإجابة
اجابة صحيحة: C
السؤال #62
In the Firewall chain mode FFF refers to:
A. tateful Packets
B. o Match
C. ll Packets
D. tateless Packets
عرض الإجابة
اجابة صحيحة: C
السؤال #63
Which of these is an implicit MEP option?
A. rimary-backup
B. ource address based
C. ound robin
D. oad Sharing
عرض الإجابة
اجابة صحيحة: A
السؤال #64
What is a best practice before starting to troubleshoot using the “fw monitor” tool?
A. un the command: fw monitor debug on
B. lear the connections table
C. isable CoreXL
D. isable SecureXL
عرض الإجابة
اجابة صحيحة: D
السؤال #65
SmartEvent does NOT use which of the following procedures to identify events:
A. atching a log against each event definition
B. reate an event candidate
C. atching a log against local exclusions
D. atching a log against global exclusions
عرض الإجابة
اجابة صحيحة: C
السؤال #66
Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?
A. ogd
B. wd
C. wm
D. pd
عرض الإجابة
اجابة صحيحة: B
السؤال #67
VPN Link Selection will perform the following when the primary VPN link goes down?
A. he Firewall will drop the packets
B. he Firewall can update the Link Selection entries to start using a different link for the same tunnel
C. he Firewall will send out the packet on all interfaces
D. he Firewall will inform the client that the tunnel is down
عرض الإجابة
اجابة صحيحة: B
السؤال #68
What is the recommended number of physical network interfaces in a Mobile Access cluster deployment?
A. Interfaces – an interface leading to the organization, a second interface leading to the internet, a third interface for synchronization, a fourth interface leading to the Security Management Server
B. Interfaces – an interface leading to the organization, a second interface leading to the Internet, a third interface for synchronization
C. Interface – an interface leading to the organization and the Internet, and configure for synchronization
D. Interfaces – a data interface leading to the organization and the Internet, a second interface for synchronization
عرض الإجابة
اجابة صحيحة: B
السؤال #69
What is the limitation of employing Sticky Decision Function?
A. ith SDF enabled, the involved VPN Gateways only supports IKEv1
B. cceleration technologies, such as SecureXL and CoreXL are disabled when activating SDF
C. ith SDF enabled, only ClusterXL in legacy mode is supported
D. ith SDF enabled, you can only have three Sync interfaces at most
عرض الإجابة
اجابة صحيحة: B
السؤال #70
Which statement is most correct regarding about “CoreXL Dynamic Dispatcher”?
A. he CoreXL FW instances assignment mechanism is based on Source MAC addresses, Destination MAC addresses
B. he CoreXL FW instances assignment mechanism is based on the utilization of CPU cores
C. he CoreXL FW instances assignment mechanism is based on IP Protocol type
D. he CoreXl FW instances assignment mechanism is based on Source IP addresses, Destination IP addresses, and the IP ‘Protocol’ type
عرض الإجابة
اجابة صحيحة: B
السؤال #71
You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?
A. estore_backup
B. mport backup
C. p_merge
D. igrate import
عرض الإجابة
اجابة صحيحة: D
السؤال #72
You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?
A. dit fwaffinity
B. pconfig; reboot required
C. dit fwaffinity
D. pconfig; reboot not required
عرض الإجابة
اجابة صحيحة: B
السؤال #73
When SecureXL is enabled, all packets should be accelerated, except packets that match the following conditions:
A. ll UDP packets
B. ll IPv6 Traffic
C. ll packets that match a rule whose source or destination is the Outside Corporate Network
D. IFS packets
عرض الإجابة
اجابة صحيحة: D
السؤال #74
What is mandatory for ClusterXL to work properly?
A. he number of cores must be the same on every participating cluster node
B. he Magic MAC number must be unique per cluster node
C. he Sync interface must not have an IP address configured
D. f you have “Non-monitored Private” interfaces, the number of those interfaces must be the same on all cluster members
عرض الإجابة
اجابة صحيحة: B
السؤال #75
Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?
A. xport R80 configuration, clean install R80
B. PUSE offline upgrade
C. PUSE online upgrade
D. martUpdate upgrade
عرض الإجابة
اجابة صحيحة: B
السؤال #76
CPM process stores objects, policies, users, administrators, licenses and management data in a database. The database is:
A. ySQL
B. ostgres SQL
C. arisDB
D. OLR
عرض الإجابة
اجابة صحيحة: B
السؤال #77
Which of the following commands shows the status of processes?
A. pwd_admin -l
B. pwd -l
C. pwd admin_list
D. pwd_admin list
عرض الإجابة
اجابة صحيحة: D
السؤال #78
Which remote Access Solution is clientless?
A. heckpoint Mobile
B. ndpoint Security Suite
C. ecuRemote
D. obile Access Portal
عرض الإجابة
اجابة صحيحة: D
السؤال #79
What information is NOT collected from a Security Gateway in a Cpinfo?
A. irewall logs
B. onfiguration and database files
C. ystem message logs
D. S and network statistics
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.