لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
What object type would you use to grant network access to an LDAP user group?
A. Access Role
B. User Group
C. SmartDirectory Group
D. Group Template
عرض الإجابة
اجابة صحيحة: B
السؤال #2
When should you generate new licenses?
A. efore installing contract files
B. fter a device upgrade
C. hen the existing license expires, license is upgraded or the IP-address associated with the license changes
D. nly when the license is upgraded
عرض الإجابة
اجابة صحيحة: B
السؤال #3
Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the _____ algorithm.
A. SHA-256
B. SHA-200
C. MD5
D. SHA-128
عرض الإجابة
اجابة صحيحة: B
السؤال #4
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
B. Create a separate Security Policy package for each remote Security Gateway
C. Create network object that restrict all applicable rules to only certain networks
D. Run separate SmartConsole instances to login and configure each Security Gateway directly
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Identity Awareness allows the Security Administrator to configure network access based on which of the following?
A. ame of the application, identity of the user, and identity of the machine
B. dentity of the machine, username, and certificate
C. etwork location, identity of a user, and identity of a machine
D. rowser-Based Authentication, identity of a user, and network location
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Which SmartConsole tab is used to monitor network and security performance?
A. Manage Seeting
B. Security Policies
C. Gateway and Servers
D. Logs and Monitor
عرض الإجابة
اجابة صحيحة: C
السؤال #7
As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:
A. in the user object's Authentication screen
B. in the Gateway object's Authentication screen
C. in the Limit tab of the Client Authentication Action Properties screen
D. in the Global Properties Authentication screen
عرض الإجابة
اجابة صحيحة: D
السؤال #8
The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?
A. R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80
B. R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80
C. R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80
D. R80 Management cannot manage earlier versions of Check Point Gateways prior to R80
E. Consult the R80 Release Notes for more information
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address.
A. High Availability
B. Load Sharing Multicast
C. Load Sharing Pivot
D. Master/Backup
عرض الإجابة
اجابة صحيحة: B
السؤال #10
You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
A. Logging has disk space issues
B. Data Awareness is not enabled
C. Identity Awareness is not enabled
D. Logs are arriving from Pre-R80 gateways
عرض الإجابة
اجابة صحيحة: A
السؤال #11
View the rule below. What does the pen-symbol in the left column mean?
A. Those rules have been published in the current session
B. Rules have been edited by the logged in administrator, but the policy has not been published yet
C. Another user has currently locked the rules for editing
D. The configuration lock is present
عرض الإجابة
اجابة صحيحة: B
السؤال #12
Which of the following situations would not require a new license to be generated and installed?
A. he Security Gateway is upgraded
B. he existing license expires
C. he license is upgraded
D. he IP address of the Security Management or Security Gateway has changed
عرض الإجابة
اجابة صحيحة: A
السؤال #13
You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm's business partners. Which SmartConsole application should you use to confirm your suspicious?
A. SmartDashboard
B. SmartUpdate
C. SmartView Status
D. SmartView Tracker
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Fill in the blank: RADIUS Accounting gets _____ data from requests generated by the accounting client
A. Destination
B. Identity
C. Payload
D. Location
عرض الإجابة
اجابة صحيحة: A
السؤال #15
Which option in a firewall rule would only match and allow traffic to VPN gateways for oneCommunity in common?
A. All Connections (Clear or Encrypted)
B. Accept all encrypted traffic
C. Specific VPN Communities
D. All Site-to-Site VPN Communities
عرض الإجابة
اجابة صحيحة: C
السؤال #16
Which SmartConsole tab is used to monitor network and security performance?
A. anage & Settings
B. ecurity Policies
C. ateway & Servers
D. ogs & Monitor
عرض الإجابة
اجابة صحيحة: D
السؤال #17
Which VPN routing option uses VPN routing for every connection a satellite gateway handles?
A. To satellites through center only
B. To center only
C. To center and to other satellites through center
D. To center, or through the center to other satellites, to internet and other VPN targets
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?
A. DLP
B. SSL Inspection
C. Application Control
D. URL Filtering
عرض الإجابة
اجابة صحيحة: A
السؤال #19
The ______ software blade package uses CPU-level and OS-level sandboxing in order to delect and block malware.
A. Next Generation Threat Prevention
B. Next Generation Threat Emulation
C. Next Generation Threat Extraction
D. Next Generation Firewall
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Which set of objects have an Authentication tab?
A. Templates, Users
B. Users, Networks
C. Users, User Group
D. Networks, Hosts
عرض الإجابة
اجابة صحيحة: D
السؤال #21
Which tool is used to enable cluster membership on a Gateway?
A. SmartUpdate
B. cpconfig
C. SmartConsole
D. sysconfig
عرض الإجابة
اجابة صحيحة: B
السؤال #22
Examine the sample Rule Base.What will be the result of a verification of the policy from SmartConsole?
A. No errors or Warnings
B. Verification Error
C. Verification Error
D. Verification Error
عرض الإجابة
اجابة صحيحة: C
السؤال #23
____________ is the Gaia command that turns the server off.
A. sysdown
B. exit
C. halt
D. shut-down
عرض الإجابة
اجابة صحيحة: C
السؤال #24
Which SmartConsole tab is used to monitor network and security performance?
A. Manage & Settings
B. Security Policies
C. Gateway & Servers
D. Logs & Monitor
عرض الإجابة
اجابة صحيحة: D
السؤال #25
Which the following type of authentication on Mobile Access can NOT be used as the first authentication method?
A. Dynamic ID
B. RADIUS
C. Username and Password
D. Certificate
عرض الإجابة
اجابة صحيحة: B
السؤال #26
ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp. How will you describe the new “Publish” button in R80 Management Console?
A. The Publish button takes any changes an administrator has made in their management session, publishes a copy to the Check Point of R80, and then saves it to the R80 database
B. The Publish button takes any changes an administrator has made in their management session and publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
C. The Publish button makes any changes an administrator has made in their management session visible to all other administrator sessions and saves it to the Database
D. The Publish button makes any changes an administrator has made in their management session visible to the new Unified Policy session and saves it to the Database
عرض الإجابة
اجابة صحيحة: C
السؤال #27
You are the Check Point administrator for Alpha Corp. You received a call that one of theusers is unable to browse the Internet on their new tablet which is connected to the companywireless, which goes through a Check Point Gateway. How would you review the logs to seewhat is blocking this traffic?
A. Open SmartLog and connect remotely to the wireless controller
B. Open SmartEvent to see why they are being blocked
C. Open SmartDashboard and review the logs tab
D. Open SmartLog and filter for the IP address of the tablet
عرض الإجابة
اجابة صحيحة: D
السؤال #28
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
A. UserCheck
B. Active Directory Query
C. Account Unit Query
D. User Directory Query
عرض الإجابة
اجابة صحيحة: B
السؤال #29
According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):
A. Interoperable Device
B. Network Node
C. Externally managed gateway
D. Gateway
عرض الإجابة
اجابة صحيحة: B
السؤال #30
What is the BEST method to deploy identity Awareness for roaming users?
A. Use Office Mode
B. Use identity agents
C. Share user identities between gateways
D. Use captive portal
عرض الإجابة
اجابة صحيحة: A
السؤال #31
At what point is the Internal Certificate Authority (ICA) created?
A. Upon creation of a certificate
B. During the primary Security Management Server installation process
C. When an administrator decides to create one
D. When an administrator initially logs into SmartConsole
عرض الإجابة
اجابة صحيحة: A
السؤال #32
Each cluster, at a minimum, should have at least ___________ interfaces.
A. Five
B. Two
C. Three
D. Four
عرض الإجابة
اجابة صحيحة: C
السؤال #33
Which of the following is NOT a policy type available for each policy package?
A. Threat Emulation
B. Access Control
C. Desktop Security
D. Threat Prevention
عرض الإجابة
اجابة صحيحة: A
السؤال #34
What key is used to save the current CPView page in a filename format cpview_"cpview process ID".cap"number of captures"?
A. S
B. W
C. C
D. Space bar
عرض الإجابة
اجابة صحيحة: C
السؤال #35
Which of the following technologies extracts detailed information from packets and storesthat information in state tables?
A. INSPECT Engine
B. Next-Generation Firewall
C. Packet Filtering
D. Application Layer Firewall
عرض الإجابة
اجابة صحيحة: B
السؤال #36
ABC Corp has a new administrator who logs into the Gaia Portal to make some changes. He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below. What is the likely cause for this?
A. The Gaia /bin/confd is locked by another administrator from a SmartConsole session
B. The database is locked by another administrator SSH session
C. The Network address of his computer is in the blocked hosts
D. The IP address of his computer is not in the allowed hosts
عرض الإجابة
اجابة صحيحة: B
السؤال #37
Fill in the blank: The ____ software blade enables Application Security policies to allow, block, or limit website access based on user, group, and machine identities.
A. Application Control
B. Data Awareness
C. URL Filtering
D. Threat Emulation
عرض الإجابة
اجابة صحيحة: B
السؤال #38
An administrator is creating an IPsec site-to-site VPN between his corporate office andbranch office. Both offices are protected by Check Point Security Gateway managed by thesame Security Management Server (SMS). While configuring the VPN community to specifythe pre-shared secret, the administrator did not find a box to input the pre-shared secret. Whydoes it not allow him to specify the pre-shared secret?
A. The Gateway is an SMB device
B. The checkbox “Use only Shared Secret for all external members” is not checked
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS
D. Pre-shared secret is already configured in Global Properties
عرض الإجابة
اجابة صحيحة: C
السؤال #39
Provide very wide coverage for all products and protocols, with noticeable performance impact. How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.
A. Set High Confidence to Low and Low Confidence to Inactive
B. Set the Performance Impact to Medium or lower
C. The problem is not with the Threat Prevention Profil
D. Consider adding more memory to the appliance
E. Set the Performance Impact to Very Low Confidence to Prevent
عرض الإجابة
اجابة صحيحة: A
السؤال #40
Can a Check Point gateway translate both source IP address and destination IP address in a given packet?
A. Yes
B. No
C. Yes, but only when using Automatic NAT
D. Yes, but only when using Manual NAT
عرض الإجابة
اجابة صحيحة: A
السؤال #41
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ____ .
A. User Directory
B. Captive Portal and Transparent Kerberos Authentication
C. Captive Portal
D. UserCheck
عرض الإجابة
اجابة صحيحة: B
السؤال #42
Fill in the blanks. In ______ NAT, the _______ is translated.
A. Hide; source
B. Static; source
C. Simple; source
D. Hide; destination
عرض الإجابة
اجابة صحيحة: B
السؤال #43
Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?
A. Machine Hide NAT
B. Address Range Hide NAT
C. Network Hide NAT
D. Machine Static NAT
عرض الإجابة
اجابة صحيحة: BC
السؤال #44
Which key is created during Phase 2 of a site-to-site VPN?
A. Pre-shared secret
B. Diffie-Hellman Public Key
C. Symmetrical IPSec key
D. Diffie-Hellman Private Key
عرض الإجابة
اجابة صحيحة: C
السؤال #45
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled
B. POP3 is accepted in Global Properties
C. The POP3 rule is hidden
D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77
عرض الإجابة
اجابة صحيحة: B
السؤال #46
Which software blade enables Access Control policies to accept, drop, or limit web siteaccess based on user, group, and/or machine?
A. Application Control
B. Data Awareness
C. Identity Awareness
D. Threat Emulation
عرض الإجابة
اجابة صحيحة: A
السؤال #47
When configuring LDAP User Directory integration, Changes applied to a User Directory template are:
A. Reflected immediately for all users who are using template
B. Not reflected for any users unless the local user template is changed
C. Reflected for all users who are using that template and if the local user template is changed as well
D. Not reflected for any users who are using that template
عرض الإجابة
اجابة صحيحة: D
السؤال #48
Which back up method uses the command line to create an image of the OS?
A. ystem backup
B. ave Configuration
C. igrate
D. napshot
عرض الإجابة
اجابة صحيحة: D
السؤال #49
Fill in the blank: The R80 utility fw monitor is used to troubleshoot _______
A. User data base corruption
B. LDAP conflicts
C. Traffic issues
D. Phase two key negotiation
عرض الإجابة
اجابة صحيحة: C
السؤال #50
Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _____.
A. Firewall policy install
B. Threat Prevention policy install
C. Anti-bot policy install
D. Access Control policy install
عرض الإجابة
اجابة صحيحة: A
السؤال #51
What Identity Agent allows packet tagging and computer authentication?
A. Endpoint Security Client
B. Full Agent
C. Light Agent
D. System Agent
عرض الإجابة
اجابة صحيحة: D
السؤال #52
When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?
A. RADIUS
B. Remote Access and RADIUS
C. AD Query
D. AD Query and Browser-based Authentication
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.