لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
SandBlast appliances can be deployed in the following modes:
A. sing a SPAN port to receive a copy of the traffic only
B. etect only
C. nline/prevent or detect
D. s a Mail Transfer Agent and as part of the traffic flow only
عرض الإجابة
اجابة صحيحة: C
السؤال #2
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
A. dd host name ip-address
B. dd hostname ip-address
C. et host name ip-address
D. et hostname ip-address
عرض الإجابة
اجابة صحيحة: A
السؤال #3
Which command can you use to enable or disable multi-queue per interface?
A. pmq set
B. pmqueue set
C. pmq config
D. t cpmq enable
عرض الإجابة
اجابة صحيحة: A
السؤال #4
Which statement is true about ClusterXL?
A. upports Dynamic Routing (Unicast and Multicast)
B. upports Dynamic Routing (Unicast Only)
C. upports Dynamic Routing (Multicast Only)
D. oes not support Dynamic Routing
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Under which file is the proxy arp configuration stored?
A. FWDIR/state/proxy_arp
B. FWDIR/conf/local
C. FWDIR/state/_tmp/proxy
D. FWDIR/conf/local
عرض الإجابة
اجابة صحيحة: D
السؤال #6
Which statement is correct about the Sticky Decision Function?
A. t is not supported with either the Performance pack of a hardware based accelerator card
B. oes not support SPI’s when configured for Load Sharing
C. t is automatically disabled if the Mobile Access Software Blade is enabled on the cluster
D. t is not required L2TP traffic
عرض الإجابة
اجابة صحيحة: A
السؤال #7
What is the protocol and port used for Health Check and State Synchronization in ClusterXL?
A. CP and 18190
B. CP and 257
C. CP and 8116
D. PC and 8116
عرض الإجابة
اجابة صحيحة: C
السؤال #8
For best practices, what is the recommended time for automatic unlocking of locked admin accounts?
A. 0 minutes
B. 5 minutes
C. dmin account cannot be unlocked automatically
D. 0 minutes at least
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Identify the API that is not supported by Check Point currently.
A. 80 Management API-
B. dentity Awareness Web Services API
C. pen REST API
D. PSEC SDK
عرض الإجابة
اجابة صحيحة: C
السؤال #10
SandBlast has several functional components that work together to ensure that attacks are prevented in real- time. Which the following is NOT part of the SandBlast component?
A. hreat Emulation
B. obile Access
C. ail Transfer Agent
D. hreat Cloud
عرض الإجابة
اجابة صحيحة: C
السؤال #11
In R80.10, how do you manage your Mobile Access Policy?
A. hrough the Unified Policy
B. hrough the Mobile Console
C. rom SmartDashboard
D. rom the Dedicated Mobility Tab
عرض الإجابة
اجابة صحيحة: A
السؤال #12
SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.
A. his statement is true because SecureXL does improve all traffic
B. his statement is false because SecureXL does not improve this traffic but CoreXL does
C. his statement is true because SecureXL does improve this traffic
D. his statement is false because encrypted traffic cannot be inspected
عرض الإجابة
اجابة صحيحة: C
السؤال #13
When simulating a problem on ClusterXL cluster with cphaprob –d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?
A. phaprob –d STOP unregister
B. phaprob STOP unregister
C. phaprob unregister STOP
D. phaprob –d unregister STOP
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Using ClusterXL, what statement is true about the Sticky Decision Function?
A. an only be changed for Load Sharing implementations
B. ll connections are processed and synchronized by the pivot
C. s configured using cpconfig
D. s only relevant when using SecureXL
عرض الإجابة
اجابة صحيحة: A
السؤال #15
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
A. liminate all possible contradictory rules such as the Stealth or Cleanup rules
B. reate a separate Security Policy package for each remote Security Gateway
C. reate network objects that restricts all applicable rules to only certain networks
D. un separate SmartConsole instances to login and configure each Security Gateway directly
عرض الإجابة
اجابة صحيحة: B
السؤال #16
During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?
A. ost having a Critical event found by Threat Emulation
B. ost having a Critical event found by IPS
C. ost having a Critical event found by Antivirus
D. ost having a Critical event found by Anti-Bot
عرض الإجابة
اجابة صحيحة: D
السؤال #17
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
A. one, Security Management Server would be installed by itself
B. martConsole
C. ecureClient
D. ecurity Gateway
E. martEvent
عرض الإجابة
اجابة صحيحة: D
السؤال #18
Which two of these Check Point Protocols are used by SmartEvent Processes?
A. LA and CPD
B. WD and LEA
C. WD and CPLOG
D. LA and CPLOG
عرض الإجابة
اجابة صحيحة: D
السؤال #19
The SmartEvent R80 Web application for real-time event monitoring is called:
A. martView Monitor
B. martEventWeb
C. here is no Web application for SmartEvent
D. martView
عرض الإجابة
اجابة صحيحة: B
السؤال #20
Which command shows actual allowed connections in state table?
A. w tab –t StateTable
B. w tab –t connections
C. w tab –t connection
D. w tab connections
عرض الإجابة
اجابة صحيحة: B
السؤال #21
What is the command to see cluster status in cli expert mode?
A. w ctl stat
B. lusterXL stat
C. lusterXL status
D. phaprob stat
عرض الإجابة
اجابة صحيحة: D
السؤال #22
What CLI command compiles and installs a Security Policy on the target’s Security Gateways?
A. wm compile
B. wm load
C. wm fetch
D. wm install
عرض الإجابة
اجابة صحيحة: B
السؤال #23
In a Client to Server scenario, which represents that the packet has already checked against the tables and the Rule Base?
A. ig l
B. ittle o
C. ittle i
D. ig O
عرض الإجابة
اجابة صحيحة: D
السؤال #24
When installing a dedicated R80 SmartEvent server. What is the recommended size of the root partition?
A. ny size
B. ess than 20GB
C. ore than 10GB and less than 20GB
D. t least 20GB
عرض الإجابة
اجابة صحيحة: D
السؤال #25
The Event List within the Event tab contains:
A. list of options available for running a query
B. he top events, destinations, sources, and users of the query results, either as a chart or in a tallied list
C. vents generated by a query
D. he details of a selected event
عرض الإجابة
اجابة صحيحة: C
السؤال #26
What command would show the API server status?
A. pm status
B. pi restart
C. pi status
D. how api status
عرض الإجابة
اجابة صحيحة: C
السؤال #27
What is the purpose of a SmartEvent Correlation Unit?
A. he SmartEvent Correlation Unit is designed to check the connection reliability from SmartConsole to the SmartEvent Server
B. he SmartEvent Correlation Unit’s task it to assign severity levels to the identified events
C. he Correlation unit role is to evaluate logs from the log server component to identify patterns/threats and convert them to events
D. he SmartEvent Correlation Unit is designed to check the availability of the SmartReporter Server
عرض الإجابة
اجابة صحيحة: C
السؤال #28
Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R80.10. Company’s Developer Team is having random access issue to newly deployed Application Server in DMZ’s Application Server Farm Tier and blames DMZ Security Gateway as root cause. The ticket has been created and issue is at Pamela’s desk for an investigation.Pamela decides to use Check Point’s Packet Analyzer Tool-fw monitor to iron out the issue during approved
A. amela should check SecureXL status on DMZ Security gateway and if it’s turned ON
B. amela should check SecureXL status on DMZ Security Gateway and if it’s turned OFF
C. amela should use tcpdump over fw monitor tool as tcpdump works at OS-level and captures entire traffic
D. amela should use snoop over fw monitor tool as snoop works at NIC driver level and captures entire traffic
عرض الإجابة
اجابة صحيحة: A
السؤال #29
Fill in the blank: The “fw monitor” tool can be best used to troubleshoot _________ .
A. V issues
B. PN errors
C. etwork issues
D. uthentication issues
عرض الإجابة
اجابة صحيحة: C
السؤال #30
What is considered Hybrid Emulation Mode?
A. anual configuration of file types on emulation location
B. oad sharing of emulation between an on premise appliance and the cloud
C. oad sharing between OS behavior and CPU Level emulation
D. igh availability between the local SandBlast appliance and the cloud
عرض الإجابة
اجابة صحيحة: B
السؤال #31
Connections to the Check Point R80 Web API use what protocol?
A. TTPS
B. PC
C. PN
D. IC
عرض الإجابة
اجابة صحيحة: A
السؤال #32
What are the three components for Check Point Capsule?
A. apsule Docs, Capsule Cloud, Capsule Connect
B. apsule Workspace, Capsule Cloud, Capsule Connect
C. apsule Workspace, Capsule Docs, Capsule Connect
D. apsule Workspace, Capsule Docs, Capsule Cloud
عرض الإجابة
اجابة صحيحة: D
السؤال #33
Fill in the blank: The R80 feature _________ permits blocking specific IP addresses for a specified time period.
A. lock Port Overflow
B. ocal Interface Spoofing
C. uspicious Activity Monitoring
D. daptive Threat Prevention
عرض الإجابة
اجابة صحيحة: C
السؤال #34
An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?
A. e can use the fw accel stat command on the gateway
B. e can use the fw accel statistics command on the gateway
C. e can use the fwaccel stat command on the Security Management Server
D. e can use the fwaccel stat command on the gateway
عرض الإجابة
اجابة صحيحة: D
السؤال #35
SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?
A. nalyzes each log entry as it arrives at the log server according to the Event Policy
B. orrelates all the identified threats with the consolidation policy
C. ollects syslog data from third party devices and saves them to the database
D. onnects with the SmartEvent Client when generating threat reports
عرض الإجابة
اجابة صحيحة: A
السؤال #36
Which of the following is NOT a component of Check Point Capsule?
A. apsule Docs
B. apsule Cloud
C. apsule Enterprise
D. apsule Workspace
عرض الإجابة
اجابة صحيحة: C
السؤال #37
SandBlast agent extends 0 day prevention to what part of the network?
A. eb Browsers and user devices
B. MZ server
C. loud
D. mail servers
عرض الإجابة
اجابة صحيحة: A
السؤال #38
Which web services protocol is used to communicate to the Check Point R80 Identity Awareness Web API?
A. OAP
B. EST
C. LANG
D. ML-RPC
عرض الإجابة
اجابة صحيحة: B
السؤال #39
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
A. he rule base can be built of layers, each containing a set of the security rules
B. imits the upload and download throughput for streaming media in the company to 1 Gbps
C. ime object to a rule to make the rule active only during specified times
D. ub Policies ae sets of rules that can be created and attached to specific rules
عرض الإجابة
اجابة صحيحة: D
السؤال #40
What is the responsibility of SOLR process on R80.10 management server?
A. alidating all data before it’s written into the database
B. t generates indexes of data written to the database
C. ommunication between SmartConsole applications and the Security Management Server
D. riting all information into the database
عرض الإجابة
اجابة صحيحة: B
السؤال #41
NAT rules are prioritized in which order?1. Automatic Static NAT2. Automatic Hide NAT3. Manual/Pre-Automatic NAT4. Post-Automatic/Manual NAT rules
A. , 2, 3, 4
B. , 4, 2, 3
C. , 1, 2, 4
D. , 3, 1, 2
عرض الإجابة
اجابة صحيحة: A
السؤال #42
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
A. ail, Block Source, Block Event Activity, External Script, SNMP Trap
B. ail, Block Source, Block Destination, Block Services, SNMP Trap
C. ail, Block Source, Block Destination, External Script, SNMP Trap
D. ail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
عرض الإجابة
اجابة صحيحة: A
السؤال #43
Which is NOT a SmartEvent component?
A. martEvent Server
B. orrelation Unit
C. og Consolidator
D. og Server
عرض الإجابة
اجابة صحيحة: C
السؤال #44
What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti- Virus, IPS, and Threat Emulation?
A. nti-Bot is the only countermeasure against unknown malware
B. nti-Bot is the only protection mechanism which starts a counter-attack against known Command & Control Centers
C. nti-Bot is the only signature-based method of malware protection
D. nti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command & Control Center
عرض الإجابة
اجابة صحيحة: D
السؤال #45
What is the most recommended way to install patches and hotfixes?
A. PUSE Check Point Update Service Engine
B. pm -Uv
C. oftware Update Service
D. nixinstallScript
عرض الإجابة
اجابة صحيحة: A
السؤال #46
Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.
A. CP port 19009
B. CP Port 18190
C. CP Port 18191
D. CP Port 18209
عرض الإجابة
اجابة صحيحة: A
السؤال #47
What is correct statement about Security Gateway and Security Management Server failover in Check Point R80.X in terms of Check Point Redundancy driven solution?
A. ecurity Gateway failover is an automatic procedure but Security Management Server failover is a manual procedure
B. ecurity Gateway failover as well as Security Management Server failover is a manual procedure
C. ecurity Gateway failover is a manual procedure but Security Management Server failover is an automatic procedure
D. ecurity Gateway failover as well as Security Management Server failover is an automatic procedure
عرض الإجابة
اجابة صحيحة: A
السؤال #48
What is the purpose of Priority Delta in VRRP?
A. hen a box up, Effective Priority = Priority + Priority Delta
B. hen an Interface is up, Effective Priority = Priority + Priority Delta
C. hen an Interface fail, Effective Priority = Priority – Priority Delta
D. hen a box fail, Effective Priority = Priority – Priority Delta
عرض الإجابة
اجابة صحيحة: C
السؤال #49
On what port does the CPM process run?
A. CP 857
B. CP 18192
C. CP 900
D. CP 19009
عرض الإجابة
اجابة صحيحة: D
السؤال #50
What will SmartEvent automatically define as events?
A. irewall
B. PN
C. PS
D. TTPS
عرض الإجابة
اجابة صحيحة: C
السؤال #51
John is using Management HA. Which Smartcenter should be connected to for making changes?
A. econdary Smartcenter
B. ctive Smartenter
C. onnect virtual IP of Smartcenter HA
D. rimary Smartcenter
عرض الإجابة
اجابة صحيحة: B
السؤال #52
Which of the following statements is TRUE about R80 management plug-ins?
A. he plug-in is a package installed on the Security Gateway
B. nstalling a management plug-in requires a Snapshot, just like any upgrade process
C. management plug-in interacts with a Security Management Server to provide new features and support for new products
D. sing a plug-in offers full central management only if special licensing is applied to specific features of the plug-in
عرض الإجابة
اجابة صحيحة: C
السؤال #53
Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?
A. nable DLP and select
B. nable
C. reate FW rule for particular protocol
D. ecli advanced attributes set prohibited_file_types exe
عرض الإجابة
اجابة صحيحة: A
السؤال #54
Which command collects diagnostic data for analyzing customer setup remotely?
A. pinfo
B. igrate export
C. ysinfo
D. pview
عرض الإجابة
اجابة صحيحة: A
السؤال #55
How many images are included with Check Point TE appliance in Recommended Mode?
A. (OS) images
B. mages are chosen by administrator during installation
C. s many as licensed for
D. he most new image
عرض الإجابة
اجابة صحيحة: A
السؤال #56
Which statement is true regarding redundancy?
A. ystem Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob –f if command
B. lusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast
C. achines in a ClusterXL High Availability configuration must be synchronized
D. oth ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments
عرض الإجابة
اجابة صحيحة: D
السؤال #57
Tom has been tasked to install Check Point R80 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?
A. ne machine, but it needs to be installed using SecurePlatform for compatibility purposes
B. ne machine
C. wo machines
D. hree machines
عرض الإجابة
اجابة صحيحة: C
السؤال #58
What is the correct command to observe the Sync traffic in a VRRP environment?
A. w monitor –e “accept[12:4,b]=224
B. w monitor –e “accept port(6118;”
C. w monitor –e “accept proto=mcVRRP;”
D. w monitor –e “accept dst=224
عرض الإجابة
اجابة صحيحة: D
السؤال #59
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
A. mart Cloud Services
B. oad Sharing Mode Services
C. hreat Agent Solution
D. ublic Cloud Services
عرض الإجابة
اجابة صحيحة: A
السؤال #60
The following command is used to verify the CPUSE version:
A. ostName:0>show installer status build
B. Expert@HostName:0]#show installer status
C. Expert@HostName:0]#show installer status build
D. ostName:0>show installer build
عرض الإجابة
اجابة صحيحة: A
السؤال #61
Which command gives us a perspective of the number of kernel tables?
A. w tab -t
B. w tab -s
C. w tab -n
D. w tab -k
عرض الإجابة
اجابة صحيحة: B
السؤال #62
What is the command to check the status of the SmartEvent Correlation Unit?
A. w ctl get int cpsead_stat
B. pstat cpsead
C. w ctl stat cpsemd
D. p_conf get_stat cpsemd
عرض الإجابة
اجابة صحيحة: B
السؤال #63
What cloud-based SandBlast Mobile application is used to register new devices and users?
A. heck Point Protect Application
B. anagement Dashboard
C. ehavior Risk Engine
D. heck Point Gateway
عرض الإجابة
اجابة صحيحة: D
السؤال #64
From SecureXL perspective, what are the tree paths of traffic flow:
A. nitial Path; Medium Path; Accelerated Path
B. ayer Path; Blade Path; Rule Path
C. irewall Path; Accept Path; Drop Path
D. irewall Path; Accelerated Path; Medium Path
عرض الإجابة
اجابة صحيحة: D
السؤال #65
Security Checkup Summary can be easily conducted within:
A. ummary
B. iews
C. eports
D. heckups
عرض الإجابة
اجابة صحيحة: C
السؤال #66
SandBlast Mobile identifies threats in mobile devices by using on-device, network, and cloud-based algorithms and has four dedicated components that constantly work together to protect mobile devices and their data. Which component is NOT part of the SandBlast Mobile solution?
A. anagement Dashboard
B. ateway
C. ersonal User Storage
D. ehavior Risk Engine
عرض الإجابة
اجابة صحيحة: C
السؤال #67
To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:
A. w ctl Dyn_Dispatch on
B. w ctl Dyn_Dispatch enable
C. w ctl multik set_mode 4
D. w ctl multik set_mode 1
عرض الإجابة
اجابة صحيحة: C
السؤال #68
Your manager asked you to check the status of SecureXL, and its enabled templates and features. What command will you use to provide such information to manager?
A. w accel stat
B. waccel stat
C. w acces stats
D. waccel stats
عرض الإجابة
اجابة صحيحة: B
السؤال #69
In R80 spoofing is defined as a method of:
A. isguising an illegal IP address behind an authorized IP address through Port Address Translation
B. iding your firewall from unauthorized users
C. etecting people using false or wrong authentication logins
D. aking packets appear as if they come from an authorized IP address
عرض الإجابة
اجابة صحيحة: D
السؤال #70
What are the attributes that SecureXL will check after the connection is allowed by Security Policy?
A. ource address, Destination address, Source port, Destination port, Protocol
B. ource MAC address, Destination MAC address, Source port, Destination port, Protocol
C. ource address, Destination address, Source port, Destination port
D. ource address, Destination address, Destination port, Protocol
عرض الإجابة
اجابة صحيحة: A
السؤال #71
With Mobile Access enabled, administrators select the web-based and native applications that can be accessed by remote users and define the actions that users can perform the applications. Mobile Access encrypts all traffic using:
A. TTPS for web-based applications and 3DES or RC4 algorithm for native applications
B. TTPS for web-based applications and AES or RSA algorithm for native applications
C. TTPS for web-based applications and 3DES or RC4 algorithm for native applications
D. TTPS for web-based applications and AES or RSA algorithm for native applications
عرض الإجابة
اجابة صحيحة: A
السؤال #72
What is true about VRRP implementations?
A. RRP membership is enabled in cpconfig
B. RRP can be used together with ClusterXL, but with degraded performance
C. ou cannot have a standalone deployment
D. ou cannot have different VRIDs in the same physical network
عرض الإجابة
اجابة صحيحة: C
السؤال #73
Which of the following is NOT a type of Check Point API available in R80.10?
A. dentity Awareness Web Services
B. PSEC SDK
C. obile Access
D. anagement
عرض الإجابة
اجابة صحيحة: C
السؤال #74
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?
A. wd
B. wm
C. pd
D. pwd
عرض الإجابة
اجابة صحيحة: B
السؤال #75
What is the port used for SmartConsole to connect to the Security Management Server?
A. PMI port 18191/TCP
B. PM port/TCP port 19009
C. IC port 18191/TCP
D. ttps port 4434/TCP
عرض الإجابة
اجابة صحيحة: B
السؤال #76
Which Check Point software blades could be enforced under Threat Prevention profile using Check Point R80.10 SmartConsole application?
A. PS, Anti-Bot, URL Filtering, Application Control, Threat Emulation
B. irewall, IPS, Threat Emulation, Application Control
C. PS, Anti-Bot, Anti-Virus, Threat Emulation, Threat Extraction
D. irewall, IPS, Anti-Bot, Anti-Virus, Threat Emulation
عرض الإجابة
اجابة صحيحة: C
السؤال #77
Please choose correct command to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?
A. ost name myHost12 ip-address 10
B. gmt: add host name ip-address 10
C. dd host name emailserver1 ip-address 10
D. gmt: add host name emailserver1 ip-address 10
عرض الإجابة
اجابة صحيحة: D
السؤال #78
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
A. DP port 265
B. CP port 265
C. DP port 256
D. CP port 256
عرض الإجابة
اجابة صحيحة: D
السؤال #79
Session unique identifiers are passed to the web api using which http header option?
A. -chkp-sid
B. ccept-Charset
C. roxy-Authorization
D. pplication
عرض الإجابة
اجابة صحيحة: C
السؤال #80
Which view is NOT a valid CPVIEW view?
A. DA
B. AD
C. DP
D. PN
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.