لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Message digests use which of the following?
A. DES and RC4
B. IDEA and RC4
C. SSL and MD4
D. SHA-1 and MD5
عرض الإجابة
اجابة صحيحة: D
السؤال #2
The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?
A. R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80
B. R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80
C. R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80
D. R80 Management cannot manage earlier versions of Check Point Gateways prior to R80
عرض الإجابة
اجابة صحيحة: A
السؤال #3
Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______
A. UserCheck
B. User Directory
C. User Administration
D. User Center
عرض الإجابة
اجابة صحيحة: B
السؤال #4
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address 10.0.0.19 via DHCP. John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The cur
A. John should install the identity Awareness Agent
B. The firewall admin should install the Security Policy
C. John should lock and unlock the computer
D. Investigate this as a network connectivity issue
عرض الإجابة
اجابة صحيحة: C
السؤال #5
You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.
A. You checked the cache password on desktop option in Global Properties
B. Another rule that accepts HTTP without authentication exists in the Rule Base
C. You have forgotten to place the User Authentication Rule before the Stealth Rule
D. Users must use the SecuRemote Client, to use the User Authentication Rule
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list.
A. SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status
B. SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor
C. SmartView Tracker, CPINFO, SmartUpdate
D. Security Policy Editor, Log Viewer, Real Time Monitor GUI
عرض الإجابة
اجابة صحيحة: C
السؤال #7
Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base. To make this scenario work, the IT administrator must: 1) Enable I
A. Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”
B. Have the security administrator reboot the firewall
C. Have the security administrator select Any for the Machines tab in the appropriate Access Role
D. Install the Identity Awareness agent on her iPad
عرض الإجابة
اجابة صحيحة: A
السؤال #8
R80 Security Management Server can be installed on which of the following operating systems?
A. Gaia only
B. Gaia, SPLAT, Windows Server only
C. Gaia, SPLAT, Windows Server and IPSO only
D. Gaia and SPLAT only
عرض الإجابة
اجابة صحيحة: A
السؤال #9
How many users can have read/write access in Gaia at one time?
A. Infinite
B. One
C. Three
D. Two
عرض الإجابة
اجابة صحيحة: B
السؤال #10
Anti-Spoofing is typically set up on which object type?
A. Security Gateway
B. Host
C. Security Management object
D. Network
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Where do you verify that UserDirectory is enabled?
A. Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
B. Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
C. Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
D. Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Fill in the blank: The ________ feature allows administrators to share a policy with other policy packages.
A. Shared policy packages
B. Shared policies
C. Concurrent policy packages
D. Concurrent policies
عرض الإجابة
اجابة صحيحة: A
السؤال #13
What port is used for delivering logs from the gateway to the management server?
A. Port 258
B. Port 18209
C. Port 257
D. Port 981
عرض الإجابة
اجابة صحيحة: C
السؤال #14
What are the two high availability modes?
A. Load Sharing and Legacy
B. Traditional and New
C. Active and Standby
D. New and Legacy
عرض الإجابة
اجابة صحيحة: D
السؤال #15
While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block? 1) Select Active Mode tab in SmartView Tracker. 2) Select Tools > Block Intruder. 3) Select Log Viewing tab in SmartView Tracker. 4) Set Blocking Timeout value to 60 minutes. 5) Highlight connection that should be blocked.
A. 1, 2, 5, 4
B. 3, 2, 5, 4
C. 1, 5, 2, 4
D. 3, 5, 2, 4
عرض الإجابة
اجابة صحيحة: C
السؤال #16
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
A. Check Point Password
B. TACACS
C. LDAP
D. Windows password
عرض الإجابة
اجابة صحيحة: C
السؤال #17
While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?
A. Security Gateways is not part of the Domain
B. SmartConsole machine is not part of the domain
C. SMS is not part of the domain
D. Identity Awareness is not enabled on Global properties
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Look at the screenshot below. What CLISH command provides this output?
A. show configuration all
B. show confd configuration
C. show confd configuration all
D. show configuration
عرض الإجابة
اجابة صحيحة: D
السؤال #19
If there is an Accept Implied Policy set to “First”, what is the reason Jorge cannot see any logs?
A. Log Implied Rule was not selected on Global Properties
B. Log Implied Rule was not set correctly on the track column on the rules base
C. Track log column is set to none
D. Track log column is set to Log instead of Full Log
عرض الإجابة
اجابة صحيحة: A
السؤال #20
All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?
A. FTP
B. SMTP
C. HTTP
D. RLOGIN
عرض الإجابة
اجابة صحيحة: B
السؤال #21
What are the three essential components of the Check Point Security Management Architecture?
A. SmartConsole, Security Management Server, Security Gateway
B. SmartConsole, SmartUpdate, Security Gateway
C. Security Management Server, Security Gateway, Command Line Interface
D. WebUI, SmartConsole, Security Gateway
عرض الإجابة
اجابة صحيحة: A
السؤال #22
Which application should you use to install a contract file?
A. SmartView Monitor
B. WebUI
C. SmartUpdate
D. SmartProvisioning
عرض الإجابة
اجابة صحيحة: C
السؤال #23
Which R77 GUI would you use to see number of packets accepted since the last policy install?
A. SmartView Monitor
B. SmartView Tracker
C. SmartDashboard
D. SmartView Status
عرض الإجابة
اجابة صحيحة: A
السؤال #24
You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?
A. XlateDst
B. XlateSPort
C. XlateDPort
D. XlateSrc
عرض الإجابة
اجابة صحيحة: B
السؤال #25
You are unable to login to SmartDashboard. You log into the management server and run #cpwd_admin list with the following output: What reason could possibly BEST explain why you are unable to connect to SmartDashboard?
A. CDP is down
B. SVR is down
C. FWM is down
D. CPSM is down
عرض الإجابة
اجابة صحيحة: C
السؤال #26
The Captive Portal tool:
A. Acquires identities from unidentified users
B. Is only used for guest user authentication
C. Allows access to users already identified
D. Is deployed from the Identity Awareness page in the Global Properties settings
عرض الإجابة
اجابة صحيحة: A
السؤال #27
You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the “Select additional profile that will be able edit this layer” you do not see anything. What is the most likely cause of this problem? Select the BEST answer.
A. “Edit layers by Software Blades” is unselected in the Permission Profile
B. There are no permission profiles available and you need to create one first
C. All permission profiles are in use
D. “Edit layers by selected profiles in a layer editor” is unselected in the Permission profile
عرض الإجابة
اجابة صحيحة: B
السؤال #28
As you review this Security Policy, what changes could you make to accommodate Rule 4?
A. Remove the service HTTP from the column Service in Rule 4
B. Modify the column VPN in Rule 2 to limit access to specific traffic
C. Nothing at all
D. Modify the columns Source or Destination in Rule 4
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?
A. Bridge
B. Load Sharing
C. High Availability
D. Fail Open
عرض الإجابة
اجابة صحيحة: A
السؤال #30
Where would an administrator enable Implied Rules logging?
A. In Smart Log Rules View
B. In SmartDashboard on each rule
C. In Global Properties under Firewall
D. In Global Properties under log and alert
عرض الإجابة
اجابة صحيحة: B
السؤال #31
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the system displays the Captive Portal
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the traffic is automatically dropped
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action
عرض الإجابة
اجابة صحيحة: D
السؤال #32
According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A (n):
A. Gateway
B. Interoperable Device
C. Externally managed gateway
D. Network Node
عرض الإجابة
اجابة صحيحة: C
السؤال #33
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?
A. Firewall
B. Identity Awareness
C. Application Control
D. URL Filtering
عرض الإجابة
اجابة صحيحة: B
السؤال #34
Fill in the blank: Each cluster has __________ interfaces.
A. Five
B. Two
C. Three
D. Four
عرض الإجابة
اجابة صحيحة: C
السؤال #35
An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install). Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets
A. The setting Log does not capture this level of detail for GRE
B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt
C. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker
D. The Log Server is failing to log GRE traffic properly because it is VPN traffic
عرض الإجابة
اجابة صحيحة: C
السؤال #36
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset
B. Click the Communication button for the firewall object, then click Reset
C. Run cpconfig, and select Secure Internal Communication > Change One Time Password
D. Click Communication > Reset on the Gateway object, and type a new activation key
عرض الإجابة
اجابة صحيحة: B
السؤال #37
Choose the correct statement regarding Implicit Rules.
A. To edit the Implicit rules you go to: Launch Button > Policy > Global Properties > Firewall
B. Implied rules are fixed rules that you cannot change
C. You can directly edit the Implicit rules by double-clicking on a specific Implicit rule
D. You can edit the Implicit rules but only if requested by Check Point support personnel
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: