Filters
Question type
Study Flashcards

SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:


A) ping, traceroute, netstat, and route
B) ping, nslookup, Telnet, and route
C) ping, whois, nslookup, and Telnet
D) ping, traceroute, netstat, and nslookup

E) A) and D)
F) B) and D)

Correct Answer

verifed

verified

Which command can you use to verify the number of active concurrent connections?


A) fw conn all
B) fw ctl pstat
C) show all connections
D) show connections

E) A) and D)
F) All of the above

Correct Answer

verifed

verified

What happen when IPS profile is set in Detect Only Mode for troubleshooting?


A) It will generate Geo-Protection traffic
B) Automatically uploads debugging logs to Check Point Support Center
C) It will not block malicious traffic
D) Bypass licenses requirement for Geo-Protection control

E) B) and D)
F) B) and C)

Correct Answer

verifed

verified

Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.


A) TCP port 19009
B) TCP Port 18190
C) TCP Port 18191
D) TCP Port 18209

E) A) and B)
F) All of the above

Correct Answer

verifed

verified

You have a Geo-Protection policy blocking Australia and a number of other countries. Your network now requires a Check Point Firewall to be installed in Sydney, Australia. What must you do to get SIC to work?


A) Remove Geo-Protection, as the IP-to-country database is updated externally, and you have no control of this.
B) Create a rule at the top in the Sydney firewall to allow control traffic from your network
C) Nothing - Check Point control connections function regardless of Geo-Protection policy
D) Create a rule at the top in your Check Point firewall to bypass the Geo-Protection

E) A) and C)
F) B) and C)

Correct Answer

verifed

verified

Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every


A) 15 sec
B) 60 sec
C) 5 sec
D) 30 sec

E) A) and C)
F) A) and B)

Correct Answer

verifed

verified

Which blades and or features are not supported in R80?


A) SmartEvent Maps
B) SmartEvent
C) Identity Awareness
D) SmartConsole Toolbars

E) All of the above
F) A) and D)

Correct Answer

verifed

verified

You have existing dbedit scripts from R77. Can you use them with R80.10?


A) dbedit is not supported in R80.10
B) dbedit is fully supported in R80.10
C) You can use dbedit to modify threat prevention or access policies, but not create or modify layers
D) dbedit scripts are being replaced by mgmt_cli in R80.10

E) A) and C)
F) B) and C)

Correct Answer

verifed

verified

In terms of Order Rule Enforcement, when a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom. Which of the following statements is correct?


A) If the Action of the matching rule is Accept , the gateway will drop the packet. If the Action of the matching rule is Accept , the gateway will drop the packet.
B) If the Action of the matching rule is Drop , the gateway continues to check rules in the next Policy Layer down. Drop , the gateway continues to check rules in the next Policy Layer down.
C) If the Action of the matching rule is Drop , the gateway stops matching against later rules in the Policy Rule Base and drops the packet. , the gateway stops matching against later rules in the Policy Rule Base and drops the packet.
D) If the rule does not matched in the Network policy it will continue to other enabled policies

E) B) and C)
F) None of the above

Correct Answer

verifed

verified

What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?


A) Idle <20%
B) USR <20%
C) SYS <20%
D) Wait <20%

E) All of the above
F) A) and D)

Correct Answer

verifed

verified

You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?


A) restore_backup
B) import backup
C) cp_merge
D) migrate import

E) All of the above
F) A) and D)

Correct Answer

verifed

verified

Advanced Security Checkups can be easily conducted within:


A) Reports
B) Advanced
C) Checkups
D) Views
E) Summary

F) A) and B)
G) All of the above

Correct Answer

verifed

verified

What are the methods of SandBlast Threat Emulation deployment?


A) Cloud, Appliance and Private
B) Cloud, Appliance and Hybrid
C) Cloud, Smart-1 and Hybrid
D) Cloud, OpenServer and Vmware

E) A) and C)
F) A) and D)

Correct Answer

verifed

verified

The Compliance Blade allows you to search for text strings in many windows and panes, to search for a value in a field, what would your syntax be?


A) field_name:string
B) name field:string
C) name_field:string
D) field name:string

E) A) and D)
F) B) and C)

Correct Answer

verifed

verified

Where do you create and modify the Mobile Access policy in R80?


A) SmartConsole
B) SmartMonitor
C) SmartEndpoint
D) SmartDashboard

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

How often does Threat Emulation download packages by default?


A) Once a week
B) Once an hour
C) Twice per day
D) Once per day

E) All of the above
F) C) and D)

Correct Answer

verifed

verified

Which encryption algorithm is the least secured?


A) AES-128
B) AES-256
C) DES
D) 3DES

E) A) and D)
F) B) and C)

Correct Answer

verifed

verified

When Configuring Endpoint Compliance Settings for Applications and Gateways within Mobile Access, which of the three approaches will allow you to configure individual policies for each application?


A) Basic Approach
B) Strong Approach
C) Very Advanced Approach
D) Medium Approach

E) B) and D)
F) All of the above

Correct Answer

verifed

verified

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?


A) Go to clash-Run cpstop | Run cpstart
B) Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
C) Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores
D) Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

E) C) and D)
F) A) and D)

Correct Answer

verifed

verified

What is not a component of Check Point SandBlast?


A) Threat Emulation
B) Threat Simulator
C) Threat Extraction
D) Threat Cloud

E) B) and D)
F) All of the above

Correct Answer

verifed

verified

Showing 61 - 80 of 340

Related Exams

Exam 1

Check Point Certified Security Principles Associate (CCSPA)

60 Questions

Exam 2

Check Point Certified Security Administrator (CCSA R80)

676 Questions

Show Answer