Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.
Message digests use which of the following?
Which of the following statements accurately describes the command snapshot?
Where can administrator edit a list of trusted SmartConsole clients in R80?
Administrator wishes to update IPS from SmartConsole by clicking on the option “update now” under the IPS tab. Which device requires internet access for the update to work?
Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ________ all traffic. However, in the Application Control policy layer, the default action is ________ all traffic.
After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.
How many users can have read/write access in Gaia at one time?
What CLI utility allows an administrator to capture traffic along the firewall inspection chain?
Fill in the blank: A _______ is used by a VPN gateway to send traffic as if it were a physical interface.
In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?
Look at the screenshot below. What CLISH command provides this output?
Which of the following is NOT an advantage to using multiple LDAP servers?
You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second GAiA computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1. Run cpconfig on the Gateway, select Secure Internal Communication, enter the activation key, and reconfirm.
2. Initialize Internal Certificate Authority (ICA) on the Security Management Server.
3. Configure the Gateway object with the host name and IP addresses for the remote site.
4. Click the Communication button in the Gateway object's General screen, enter the activation key, and click Initialize and OK.
5. Install the Security Policy.
R80 Security Management Server can be installed on which of the following operating systems?
Which of these components does NOT require a Security Gateway R77 license?
The organization's security manager wishes to back up just the Gaia operating system parameters. Which command can be used to back up only Gaia operating system parameters like interface details, Static routes and Proxy ARP entries?
The Captive Portal tool:
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?
What statement is true regarding Visitor Mode?
By default, which port does the WebUI listen on?
Vanessa is firewall administrator in her company; her company is using Check Point firewalls on central and remote locations, which are managed centrally by R80 Security Management Server. One central location has an installed R77.30 Gateway on Open server. Remote location is using Check Point UTM-1 570 series appliance with R71. Which encryption is used in Secure Internal Communication (SIC) between central management and firewall on each location?
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?
To optimize Rule Base efficiency, the most hit rules should be where?
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below.
Where can the administrator check for more information on these errors?
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________.
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?
Fill in the blank: RADIUS protocol uses ______ to communicate with the gateway.
ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp.
How will you describe the new “Publish” button in R80 Management Console?
What does ExternalZone represent in the presented rule?
Examine the following Rule Base.
What can we infer about the recent changes made to the Rule Base?
Fill in the blank: A _________ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.
Which of the following is NOT a component of a Distinguished Name?
What is the default shell for the command line interface?
What is the default time length that Hit Count Data is kept?
Packages and licenses are loaded from all of these sources EXCEPT
ALPHA Corp has a new administrator who logs into the Gaia Portal to make some changes. He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below. What is the likely cause for this?
Which of the following is NOT an integral part of VPN communication within a network?
What is the order of NAT priorities?
Which statement is NOT TRUE about Delta synchronization?
Which of the following is NOT a valid deployment option for R80?
Which of the following is NOT an option to calculate the traffic direction?
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?
You have discovered suspicious activity in your network. What is the BEST immediate action to take?
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
What data MUST be supplied to the SmartConsole System Restore window to restore a backup?
When an encrypted packet is decrypted, where does this happen?
Fill in the blank: The position of an implied rule is manipulated in the __________________ window.
Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?
One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?
In the Check Point Security Management Architecture, which component(s) can store logs?
When configuring LDAP User Directory integration, Changes applied to a User Directory template are:
Which of the following is an authentication method used for Identity Awareness?
Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway. Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?
Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers?
Which tool is used to enable ClusterXL?
The SmartEvent R80 Web application for real-time event monitoring is called:
What is the SOLR database for?
What is the Manual Client Authentication TELNET port?
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After a while, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
Match the following commands to their correct function. Each command has one function only listed.
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?
The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method. How many times per day will CPUSE agent check for hotfixes and automatically download them?
When launching SmartDashboard, what information is required to log into R77?
What is the benefit of Manual NAT over Automatic NAT?
You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?
Which is the correct order of a log flow processed by SmartEvent components:
What happens if the identity of a user is known?
Choose the correct statement regarding Implicit Rules.
Which the following type of authentication on Mobile Access can NOT be used as the first authentication method?
MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?
VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?
Which of the following uses the same key to decrypt as it does to encrypt?
Which of these statements describes the Check Point ThreatCloud?
According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):
Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list.