When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or ________.
You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?
The essential means by which state synchronization works to provide failover in the event an active member goes down, ____________ is used specifically for clustered environments to allow gateways to report their own state and learn about the states of other members in the cluster.
Tom has connected to the R81 Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward.
What will happen to the changes already made?
Please choose the path to monitor the compliance status of the Check Point R81.10 based management.
As an administrator, you may be required to add the company logo to reports. To do this, you would save the logo as a PNG file with the name ‘cover-company-logo.png’ and then copy that image file to which directory on the SmartEvent server?
SmartConsole R81 requires the following ports to be open for SmartEvent R81 management:
When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:
For Management High Availability, which of the following is NOT a valid synchronization status?
You want to verify if your management server is ready to upgrade to R81.10. What tool could you use in this process?
Fill in the blank: The “fw monitor” tool can be best used to troubleshoot ____________________.
In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Wire Mode configuration, chain modules marked with ____________ will not apply.
Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?
What will be the effect of running the following command on the Security Management Server?
Which of the following technologies extracts detailed information from packets and stores that information in state tables?
Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?
Fill in the blank: The R81 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows then as prioritized security events.
What is the most ideal Synchronization Status for Security Management Server High Availability deployment?
Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.
Which details she need to fill in System Restore window before she can click OK button and test the backup?
SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:
You notice that your firewall is under a DDoS attack and would like to enable the Penalty Box feature, which command you use?
After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?
When attempting to start a VPN tunnel, in the logs the error “no proposal chosen” is seen numerous times. No other VPN-related entries are present.
Which phase of the VPN negotiations has failed?
Which file gives you a list of all security servers in use, including port number?
: 156
VPN Link Selection will perform the following when the primary VPN link goes down?
Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?
What is the protocol and port used for Health Check and State Synchronization in ClusterXL?
Please choose correct command to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?
John is using Management HA. Which Smartcenter should be connected to for making changes?
To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
: 131
Which command is used to display status information for various components?
To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
Which Check Point software blades could be enforced under Threat Prevention profile using Check Point R81.10 SmartConsole application?
Which command shows the current connections distributed by CoreXL FW instances?
Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?
Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
What key is used to save the current CPView page in a filename format cpview_”cpview process ID”.cap”number of captures”?
Fill in the blank. Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is ________ .
GAiA Software update packages can be imported and installed offline in situation where:
One of major features in R81 SmartConsole is concurrent administration.
Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?
How is communication between different Check Point components secured in R81? As with all questions, select the BEST answer.
When a packet arrives at the gateway, the gateway checks it against the rules in the hop Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
If a “ping”-packet is dropped by FW1 Policy –on how many inspection Points do you see this packet in “fw monitor”?
Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway?
What state is the Management HA in when both members have different policies/databases?
Which SmartEvent component is responsible to collect the logs from different Log Servers?
What command is used to manually failover a cluster during a zero-downtime upgrade?
What are types of Check Point APIs available currently as part of R81.10 code?
What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?
Mobile Access Gateway can be configured as a reverse proxy for Internal Web Applications Reverse proxy users browse to a URL that is resolved to the Security Gateway IP address. Which of the following Check Point command is true for enabling the Reverse Proxy:
In R81.10 a new feature dynamic log distribution was added. What is this for?
In the R81 SmartConsole, on which tab are Permissions and Administrators defined?
In Advanced Permanent Tunnel Configuration, to set the amount of time the tunnel test runs without a
response before the peer host is declared ‘down’, you would set the_________?
Alice knows about the Check Point Management HA installation from Bob and needs to know which Check Point Security Management Server is currently capable of issuing and managing certificate. Alice uses the Check Point command "cpconfig'' to run the Check Point Security Management Server configuration tool on both Check Point Management HA instances "Primary & Secondary" Which configuration option does she need to look for:
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
John detected high load on sync interface. Which is most recommended solution?
What is required for a certificate-based VPN tunnel between two gateways with separate management systems?
IF the first packet of an UDP session is rejected by a rule definition from within a security policy (not including the clean up rule), what message is sent back through the kernel?
Which process is used mainly for backward compatibility of gateways in R81.X? It provides communication with GUI-client, database manipulation, policy compilation and Management HA synchronization.
Which of the completed statements is NOT true? The WebUI can be used to manage user accounts and:
Which of the following processes pulls the application monitoring status from gateways?
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?
You have used the "set inactivity-timeout 120" command to prevent the session to be disconnected after 10 minutes of inactivity. However, the Web session is being disconnected after 10 minutes. Why?
If you needed the Multicast MAC address of a cluster, what command would you run?
Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?
Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .
In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?
You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?
Fill in the blank: The R81 feature _____ permits blocking specific IP addresses for a specified time period.
There are 4 ways to use the Management API for creating host object with R81 Management API. Which one is NOT correct?
Tom has been tasked to install Check Point R81 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?
SandBlast Mobile identifies threats in mobile devices by using on-device, network, and cloud-based algorithms and has four dedicated components that constantly work together to protect mobile devices and their data. Which component is NOT part of the SandBlast Mobile solution?
Fill in the blank: The tool _____ generates a R81 Security Gateway configuration report.
What are the different command sources that allow you to communicate with the API server?
The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .
Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.
What is the correct command to observe the Sync traffic in a VRRP environment?
What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?
The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
You want to gather and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?
In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.
Your manager asked you to check the status of SecureXL, and its enabled templates and features. What command will you use to provide such information to manager?
You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?