In which deployment is the security management server and Security Gateway installed on the same appliance?
In terms of Order Rule Enforcement, when a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom Which of the following statements is correct?
Aaron is a Syber Security Engineer working for Global Law Firm with large scale deployment of Check Point Enterprise Appliances running GAiA R81.X The Network Security Developer Team is having an issue testing the API with a newly deployed R81.X Security Management Server Aaron wants to confirm API services are working properly. What should he do first?
Fill in the blank: The R81 utility fw monitor is used to troubleshoot ______________________.
SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser. What are the two modes of SNX?
Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?
Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?
By default how often updates are checked when the CPUSE Software Updates Policy is set to Automatic?
What destination versions are supported for a Multi-Version Cluster Upgrade?
John detected high load on sync interface. Which is most recommended solution?
When configuring SmartEvent Initial settings, you must specify a basic topology for SmartEvent to help it calculate traffic direction for events. What is this setting called and what are you defining?
Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
UserCheck objects in the Application Control and URL Filtering rules allow the gateway to communicate with the users. Which action is not supported in UserCheck objects?
What is a possible command to delete all of the SSH connections of a gateway?
Fill in the blank: __________ information is included in “Full Log†tracking option, but is not included in “Log†tracking option?
While using the Gaia CLI. what is the correct command to publish changes to the management server?
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?
When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?
Which statements below are CORRECT regarding Threat Prevention profiles in Smart Dashboard?
When gathering information about a gateway using CPINFO, what information is included or excluded when using the “-x†parameter?
John is using Management HA. Which Smartcenter should be connected to for making changes?
In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Wire Mode configuration, chain modules marked with ____________ will not apply.
You find one of your cluster gateways showing “Down†when you run the “cphaprob stat†command. You then run the “clusterXL_admin up†on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?
To add a file to the Threat Prevention Whitelist, what two items are needed?
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory. Which process is true for receiving these Tiles;
What is the valid range for Virtual Router Identifier (VRID) value in a Virtual Routing Redundancy Protocol (VRRP) configuration?
SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?
SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?
What is the port used for SmartConsole to connect to the Security Management Server?
Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.
When setting up an externally managed log server, what is one item that will not be configured on the R81 Security Management Server?
When simulating a problem on ClusterXL cluster with cphaprob –d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?
Which web services protocol is used to communicate to the Check Point R81 Identity Awareness Web API?
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?
You are investigating issues with to gateway cluster members are not able to establish the first initial cluster synchronization. What service is used by the FWD daemon to do a Full Synchronization?
NO: 180
What command can you use to have cpinfo display all installed hotfixes?
As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?
To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?
Which process is available on any management product and on products that require direct GUI access, such as SmartEvent and provides GUI client communications, database manipulation, policy compilation and Management HA synchronization?
You are the administrator for ABC Corp. You have logged into your R81 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.
What does this mean?
Which SmartConsole tab is used to monitor network and security performance?
In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Stateful Mode configuration, chain modules marked with __________________ will not apply.
Which Check Point software blade provides Application Security and identity control?
You have a Gateway is running with 2 cores. You plan to add a second gateway to build a cluster and used a device with 4 cores.
How many cores can be used in a Cluster for Firewall-kernel on the new device?
Fill in the blank: The “fw monitor†tool can be best used to troubleshoot ____________________.
What is the minimum amount of RAM needed for a Threat Prevention Appliance?
When SecureXL is enabled, all packets should be accelerated, except packets that match the following conditions:
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?
The SmartEvent R81 Web application for real-time event monitoring is called:
SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:
After the initial installation on Check Point appliance, you notice that the Management-interface and default gateway are incorrect.
Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.
The ____ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.
With SecureXL enabled, accelerated packets will pass through the following:
To ensure that VMAC mode is enabled, which CLI command should you run on all cluster members?
To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:
After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?
Using ClusterXL, what statement is true about the Sticky Decision Function?
Which of the following links will take you to the SmartView web application?
SmartEvent does NOT use which of the following procedures to identify events:
In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?
Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or ______ .
Hit Count is a feature to track the number of connections that each rule matches, which one is not benefit of Hit Count.
The admin lost access to the Gaia Web Management Interface but he was able to connect via ssh. How can you check if the web service is enabled, running and which port is used?
Which upgrade method you should use upgrading from R80.40 to R81.10 to avoid any downtime?
True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
You want to allow your Mobile Access Users to connect to an internal file share. Adding the Mobile Application 'File Share' to your Access Control Policy in the SmartConsole didn't work. You will be only allowed to select Services for the 'Service & Application' column How to fix it?
What mechanism can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources?
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
The WebUI offers several methods for downloading hotfixes via CPUSE except:
The “MAC magic†value must be modified under the following condition:
In which scenario will an administrator need to manually define Proxy ARP?
Which two Identity Awareness daemons are used to support identity sharing?
Which statement is WRONG regarding the usage of the Central Deployment in SmartConsole?
Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?
Vanessa is firewall administrator in her company. Her company is using Check Point firewall on a central and several remote locations which are managed centrally by R77.30 Security Management Server. On central location is installed R77.30 Gateway on Open server. Remote locations are using Check Point UTM-1570 series appliances with R75.30 and some of them are using a UTM-1-Edge-X or Edge-W with latest available firmware. She is in process of migrating to R81.
What can cause Vanessa unnecessary problems, if she didn’t check all requirements for migration to R81?
Check Point security components are divided into the following components:
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________ .
What will be the effect of running the following command on the Security Management Server?
Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?
Which statement is most correct regarding about “CoreXL Dynamic Dispatcher�
Please choose the path to monitor the compliance status of the Check Point R81.10 based management.
You want to verify if your management server is ready to upgrade to R81.10. What tool could you use in this process?
Joey wants to upgrade from R75.40 to R81 version of Security management. He will use Advanced Upgrade with Database Migration method to achieve this.
What is one of the requirements for his success?
Which command can you use to enable or disable multi-queue per interface?
CPM process stores objects, policies, users, administrators, licenses and management data in a database. The database is:
The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .
In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
The fwd process on the Security Gateway sends logs to the fwd process on the Management Server via which 2 processes?
Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?
Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?
What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?
When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or ________.
To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:
What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?
Which of the SecureXL templates are enabled by default on Security Gateway?
Your manager asked you to check the status of SecureXL, and its enabled templates and features. What command will you use to provide such information to manager?
Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?
You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?
Which of the following authentication methods ARE NOT used for Mobile Access?
Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .
On R81.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?
Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?
If you needed the Multicast MAC address of a cluster, what command would you run?
Session unique identifiers are passed to the web api using which http header option?
Fill in the blank: The tool _____ generates a R81 Security Gateway configuration report.
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.
Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?
Which command can you use to verify the number of active concurrent connections?
The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?