لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?
A. DLP
B. SSL Inspection
C. Application Control
D. URL Filtering
عرض الإجابة
اجابة صحيحة: A
السؤال #2
How is communication between different Check Point components secured in R80?
A. By using IPSEC
B. By using SIC
C. By using ICA
D. By using 3DES
عرض الإجابة
اجابة صحيحة: B
السؤال #3
You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
A. Logging has disk space issues
B. Data Awareness is not enabled
C. Identity Awareness is not enabled
D. Logs are arriving from Pre-R80 gateways
عرض الإجابة
اجابة صحيحة: A
السؤال #4
The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?
A. No, it will not work independently
B. Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway
C. No, it will not work independently because hit count requires all rules to be logged
D. Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways
عرض الإجابة
اجابة صحيحة: D
السؤال #5
What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?
A. S
B. W
C. C
D. Space bar
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.
A. Explicit Drop
B. Implied Drop
C. Explicit CleanUp
D. Implicit Drop
عرض الإجابة
اجابة صحيحة: C
السؤال #7
Which option will match a connection regardless of its association with a VPN community?
A. All Site-to-Site VPN Communities
B. Accept all encrypted traffic
C. All Connections (Clear or Encrypted)
D. Specific VPN Communities
عرض الإجابة
اجابة صحيحة: B
السؤال #8
Which one of the following is the preferred licensing model? Select the Best answer.
A. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server
B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway
C. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency
D. Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Which icon indicates in the WebUI that read/write access is enabled?
A. Pencil
B. Padlock
C. Book
D. Eyeglasses
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Which of the following is TRUE regarding Gaia command line?
A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks
B. Configuration changes should be done in expert-mode and CLISH is used for monitoring
C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks
D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks
عرض الإجابة
اجابة صحيحة: D
السؤال #11
You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?
A. Right click Accept in the rule, select “More”, and then check “Enable Identity Captive Portal”
B. On the firewall object, Legacy Authentication screen, check “Enable Identity Captive Portal”
C. In the Captive Portal screen of Global Properties, check “Enable Identity Captive Portal”
D. On the Security Management Server object, check the box “Identity Logging”
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .
A. The license is attached to the wrong Security Gateway
B. The existing license expires
C. The license is upgraded
D. The IP address of the Security Management or Security Gateway has changed
عرض الإجابة
اجابة صحيحة: A
السؤال #13
What are the two types of NAT supported by the Security Gateway?
A. Destination and Hide
B. Hide and Static
C. Static and Source
D. Source and Destination
عرض الإجابة
اجابة صحيحة: B
السؤال #14
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
A. None, Security Management Server would be installed by itself
B. SmartConsole
C. SecureClient
D. Security Gateway
عرض الإجابة
اجابة صحيحة: D
السؤال #15
What is the most complete definition of the difference between the Install Policy button on the SmartConsole’s tab, and the Install Policy button within a specific policy?
A. The Global one also saves and publishes the session before installation
B. The Global one can install multiple selected policies at the same time
C. The local one does not install the Anti-Malware policy along with the Network policy
D. The second one pre-selects the installation for only the current policy and for the applicable gateways
عرض الإجابة
اجابة صحيحة: D
السؤال #16
Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.
A. Sent to the Internal Certificate Authority
B. Sent to the Security Administrator
C. Stored on the Security Management Server
D. Stored on the Certificate Revocation List
عرض الإجابة
اجابة صحيحة: D
السؤال #17
To optimize Rule Base efficiency the most hit rules should be where?
A. Removed from the Rule Base
B. Towards the middle of the Rule Base
C. Towards the top of the Rule Base
D. Towards the bottom of the Rule Base
عرض الإجابة
اجابة صحيحة: C
السؤال #18
Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?
A. Application Control
B. Data Awareness
C. Identity Awareness
D. Threat Emulation
عرض الإجابة
اجابة صحيحة: A
السؤال #19
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.
A. NT domain
B. SMTP
C. LDAP
D. SecurID
عرض الإجابة
اجابة صحيحة: C
السؤال #20
Fill in the blanks: There are ________ types of software containers ________.
A. Three; security management, Security Gateway, and endpoint security
B. Three; Security gateway, endpoint security, and gateway management
C. Two; security management and endpoint security
D. Two; endpoint security and Security Gateway
عرض الإجابة
اجابة صحيحة: A
السؤال #21
Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct. What is the most likely reason?
A. Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole
B. Check Point Management software authentication details are not automatically the same as the Operating System authentication details
C. SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions
D. Authentication failed because Vanessa’s username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia
عرض الإجابة
اجابة صحيحة: B
السؤال #22
What are the three conflict resolution rules in the Threat Prevention Policy Layers?
A. Conflict on action, conflict on exception, and conflict on settings
B. Conflict on scope, conflict on settings, and conflict on exception
C. Conflict on settings, conflict on address, and conflict on exception
D. Conflict on action, conflict on destination, and conflict on settings
عرض الإجابة
اجابة صحيحة: C
السؤال #23
Which type of attack can a firewall NOT prevent?
A. Network Bandwidth Saturation
B. Buffer Overflow
C. SYN Flood
D. SQL Injection
عرض الإجابة
اجابة صحيحة: A
السؤال #24
To view the policy installation history for each gateway, which tool would an administrator use?
A. Revisions
B. Gateway installations
C. Installation history
D. Gateway history
عرض الإجابة
اجابة صحيحة: C
السؤال #25
Which options are given on features, when editing a Role on Gaia Platform?
A. Read/Write, Read Only
B. Read/Write, Read only, None
C. Read/Write, None
D. Read Only, None
عرض الإجابة
اجابة صحيحة: B
السؤال #26
Which of the following is NOT a component of a Distinguished Name?
A. Organization Unit
B. Country
C. Common name
D. User container
عرض الإجابة
اجابة صحيحة: D
السؤال #27
What is the default time length that Hit Count Data is kept?
A. 3 month
B. 4 weeks
C. 12 months
D. 6 months
عرض الإجابة
اجابة صحيحة: D
السؤال #28
Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below. Where can the administrator check for more information on these errors?
A. The Log and Monitor section in SmartConsole
B. The Validations section in SmartConsole
C. The Objects section in SmartConsole
D. The Policies section in SmartConsole
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Examine the following Rule Base. What can we infer about the recent changes made to the Rule Base?
A. Rule 7 was created by the 'admin' administrator in the current session
B. 8 changes have been made by administrators since the last policy installation
C. Te rules 1, 5 and 6 cannot be edited by the 'admin' administrator
D. Rule 1 and object webserver are locked by another administrator
عرض الإجابة
اجابة صحيحة: D
السؤال #30
What Check Point tool is used to automatically update Check Point products for the Gaia OS?
A. Check Point INSPECT Engine
B. Check Point Upgrade Service Engine
C. Check Point Update Engine
D. Check Point Upgrade Installation Service
عرض الإجابة
اجابة صحيحة: B
السؤال #31
Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?
A. Check Point software deployed on a non-Check Point appliance
B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability
C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server and Security deployment model
D. A check Point Management Server software using the Open SSL
عرض الإجابة
اجابة صحيحة: A
السؤال #32
Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address.
A. High Availability
B. Load Sharing Multicast
C. Load Sharing Pivot
D. Master/Backup
عرض الإجابة
اجابة صحيحة: B
السؤال #33
The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.
A. Next Generation Threat Prevention
B. Next Generation Threat Emulation
C. Next Generation Threat Extraction
D. Next Generation Firewall
عرض الإجابة
اجابة صحيحة: B
السؤال #34
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
A. UserCheck
B. Active Directory Query
C. Account Unit Query
D. User Directory Query
عرض الإجابة
اجابة صحيحة: B
السؤال #35
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?
A. Security questions
B. Check Point password
C. SecurID
D. RADIUS
عرض الإجابة
اجابة صحيحة: A
السؤال #36
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?
A. IPsec VPN blade should be enabled on both Security Gateway
B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS
D. The Security Gateways are pre-R75
عرض الإجابة
اجابة صحيحة: C
السؤال #37
What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?
A. Verification tool
B. Verification licensing
C. Automatic licensing
D. Automatic licensing and Verification tool
عرض الإجابة
اجابة صحيحة: D
السؤال #38
John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John’s changes available to other administrators, and to save the database before installing a policy, what must John do?
A. Logout of the session
B. File > Save
C. Install database
D. Publish the session
عرض الإجابة
اجابة صحيحة: D
السؤال #39
R80 is supported by which of the following operating systems:
A. Windows only
B. Gaia only
C. Gaia, SecurePlatform, and Windows
D. SecurePlatform only
عرض الإجابة
اجابة صحيحة: B
السؤال #40
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?
A. set web ssl-port
B. set Gaia-portal
C. set Gaia-portal https-port
D. set web https-port
عرض الإجابة
اجابة صحيحة: A
السؤال #41
When should you generate new licenses?
A. Before installing contract files
B. After an RMA procedure when the MAC address or serial number of the appliance changes
C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes
D. Only when the license is upgraded
عرض الإجابة
اجابة صحيحة: B
السؤال #42
Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers?
A. Anti-Malware
B. IPS
C. Anti-bot
D. Anti-Spam
عرض الإجابة
اجابة صحيحة: C
السؤال #43
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
A. Gateway and Servers
B. Logs and Monitor
C. Manage SeetingD
عرض الإجابة
اجابة صحيحة: B
السؤال #44
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.
A. remove database lock
B. The database feature has one command lock database override
C. override database lock
D. The database feature has two commands: lock database override and unlock database
عرض الإجابة
اجابة صحيحة: D
السؤال #45
Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.
A. Both User and Objects databases
B. Network databases only
C. Objects databases only
D. User databases only
عرض الإجابة
اجابة صحيحة: A
السؤال #46
Which of the following is NOT a valid deployment option for R80?
A. All-in-one (stand-alone)
B. Log server
C. SmartEvent
D. Multi-domain management server
عرض الإجابة
اجابة صحيحة: D
السؤال #47
You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?
A. Open SmartLog and connect remotely to the IP of the wireless controller
B. Open SmartView Tracker and filter the logs for the IP address of the tablet
C. Open SmartView Tracker and check all the IP logs for the tablet
D. Open SmartLog and query for the IP address of the Manager’s tablet
عرض الإجابة
اجابة صحيحة: B
السؤال #48
What is a role of Publishing?
A. The Publish operation sends the modifications made via SmartConsole in the private session and makes them public
B. The Security Management Server installs the updated policy and the entire database on Security Gateways
C. The Security Management Server installs the updated session and the entire Rule Base on Security Gateways
D. Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base
عرض الإجابة
اجابة صحيحة: A
السؤال #49
The following graphic shows:
A. View from SmartLog for logs initiated from source address 10
B. View from SmartView Tracker for logs of destination address 10
C. View from SmartView Tracker for logs initiated from source address 10
D. View from SmartView Monitor for logs initiated from source address 10
عرض الإجابة
اجابة صحيحة: C
السؤال #50
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?
A. All Connections (Clear or Encrypted)
B. Accept all encrypted traffic
C. Specific VPN Communities
D. All Site-to-Site VPN Communities
عرض الإجابة
اجابة صحيحة: C
السؤال #51
Fill in the blanks: The _________ collects logs and sends them to the _________ .
A. Log server; security management server
B. Log server; Security Gateway
C. Security management server; Security Gateway
D. Security Gateways; log server
عرض الإجابة
اجابة صحيحة: D
السؤال #52
Fill in the blank: To build an effective Security Policy, use a ________ and _______ rule.
A. Cleanup; stealth
B. Stealth; implicit
C. Cleanup; default
D. Implicit; explicit
عرض الإجابة
اجابة صحيحة: A
السؤال #53
Access roles allow the firewall administrator to configure network access according to:
A. a combination of computer groups and network
B. users and user groups
C. all of above
D. remote access clients
عرض الإجابة
اجابة صحيحة: C
السؤال #54
What Check Point technologies deny or permit network traffic?
A. Application Control, DLP
B. Packet Filtering, Stateful Inspection, Application Layer Firewall
C. ACL, SandBlast, MPT
D. IPS, Mobile Threat Protection
عرض الإجابة
اجابة صحيحة: B
السؤال #55
What is the purpose of the Stealth Rule?
A. To prevent users from directly connecting to a Security Gateway
B. To reduce the number of rules in the database
C. To reduce the amount of logs for performance issues
D. To hide the gateway from the Internet
عرض الإجابة
اجابة صحيحة: A
السؤال #56
What is NOT an advantage of Stateful Inspection?
A. High Performance
B. Good Security
C. No Screening above Network layer
D. Transparency
عرض الإجابة
اجابة صحيحة: A
السؤال #57
ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp. How will you describe the new “Publish” button in R80 Management Console?
A. The Publish button takes any changes an administrator has made in their management session, publishes a copy to the Check Point of R80, and then saves it to the R80 database
B. The Publish button takes any changes an administrator has made in their management session and publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
C. The Publish button makes any changes an administrator has made in their management session visible to all other administrator sessions and saves it to the Database
D. The Publish button makes any changes an administrator has made in their management session visible to the new Unified Policy session and saves it to the Database
عرض الإجابة
اجابة صحيحة: C
السؤال #58
What are the advantages of a “shared policy” in R80?
A. Allows the administrator to share a policy between all the users identified by the Security Gateway
B. Allows the administrator to share a policy between all the administrators managing the Security Management Server
C. Allows the administrator to share a policy so that it is available to use in another Policy Package
D. Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway
عرض الإجابة
اجابة صحيحة: C
السؤال #59
Which of the following is NOT a license activation method?
A. SmartConsole Wizard
B. Online Activation
C. License Activation Wizard
D. Offline Activation
عرض الإجابة
اجابة صحيحة: A
السؤال #60
When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?
A. Distributed
B. Standalone
C. Bridge
عرض الإجابة
اجابة صحيحة: A
السؤال #61
When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?
A. Log, send snmp trap, email
B. Drop packet, alert, none
C. Log, alert, none
D. Log, allow packets, email
عرض الإجابة
اجابة صحيحة: C
السؤال #62
ALPHA Corp has a new administrator who logs into the Gaia Portal to make some changes. He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below. What is the likely cause for this?
A. The Gaia /bin/confd is locked by another administrator from a SmartConsole session
B. The database is locked by another administrator SSH session
C. The Network address of his computer is in the blocked hosts
D. The IP address of his computer is not in the allowed hosts
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.