What are the three conflict resolution rules in the Threat Prevention Policy Layers?
Answer : C
What does the ג€unknownג€ SIC status shown on SmartConsole mean?
Answer : D
Explanation:
The most typical status is Communicating. Any other status indicates that the SIC communication is problematic. For example, if the SIC status is Unknown then there is no connection between the Gateway and the Security Management server. If the SIC status is Not Communicating, the Security Management server is able to contact the gateway, but SIC communication cannot be established.
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_SecMan_WebAdmin/html_frameset.htm?topic=documents/R76/
CP_R76_SecMan_WebAdmin/118037 -
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which
CLISH commands are required to be able to change this TCP port?
Answer : A
Explanation:
In Clish -
A. Connect to command line on Security Gateway / each Cluster member.
B. Log in to Clish.
C. Set the desired port (e.g., port 4434):
HostName> set web ssl-port <Port_Number>
D. Save the changes:
HostName> save config -
E. Verify that the configuration was saved:
[Expert@HostName]# grep 'httpd:ssl_port' /config/db/initial
Reference:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk83482
Browser-based Authentication sends users to a web page to acquire identities using ________ .
Answer : B
Explanation:
To enable Identity Awareness:
1. Log in to SmartDashboard.
2. From the Network Objects tree, expand the Check Point branch.
3. Double-click the Security Gateway on which to enable Identity Awareness.
4. In the Software Blades section, select Identity Awareness on the Network Security tab.
The Identity Awareness Configuration wizard opens.
5. Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
✑ AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers.
✑ Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62050.htm
Which default Gaia user has full read/write access?
Answer : C
The _________ collects logs and sends them to the _________ .
Answer : D
The Security Gateway is installed on GAiA R80. The default port for the WEB User Interface is _______ .
Answer : D
To build an effective Security Policy, use a ________ and _______ rule.
Answer : A
Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
Answer : D
Which utility shows the security gateway general system information statistics like operating system information and resource usage, and individual software blade statistics of VPN, Identity Awareness and DLP?
Answer : C
Explanation:
CPView Utility is a text based built-in utility that can be run ('cpview' command) on Security Gateway / Security Management Server / Multi-Domain Security
Management Server. CPView Utility shows statistical data that contain both general system information (CPU, Memory, Disk space) and information for different
Software Blades (only on Security Gateway). The data is continuously updated in easy to access views.
Reference:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk101878
The following graphic shows:
Answer : C
In R80, Unified Policy is a combination of
Answer : D
Explanation:
D is the best answer given the choices.
Unified Policy -
In R80 the Access Control policy unifies the policies of these pre-R80 Software Blades:
✑ Firewall and VPN
✑ Application Control and URL Filtering
✑ Identity Awareness
✑ Data Awareness
✑ Mobile Access
✑ Security Zones
Reference:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/
CP_R80_SecMGMT/126197&anchor=o129934
The command __________ provides the most complete restoration of an R80 configuration.
Answer : A
Explanation:
(Should be "migrate import")
"migrate import" Restores backed up configuration for R80 version, in previous versions the command was " upgrade_import ".
The Gaia operating system supports which routing protocols?
Answer : A
Explanation:
The Advanced Routing Suite -
The Advanced Routing Suite CLI is available as part of the
Advanced Networking Software Blade
.
For organizations looking to implement scalable, fault-tolerant, secure networks, the Advanced Networking blade enables them to run industry-standard dynamic routing protocols including BGP, OSPF, RIPv1, and RIPv2 on security gateways. OSPF, RIPv1, and RIPv2 enable dynamic routing over a single autonomous
ג€"
ג€"
system
like a single department, company, or service provider
to avoid network failures. BGP provides dynamic routing support across more complex
ג€"
networks involving multiple autonomous systems
such as when a company uses two service providers or divides a network into multiple areas with different administrators responsible for the performance of each.
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_SecurePlatform_AdvancedRouting_WebAdmin/html_frameset.htm
Joey wants to configure NTP on R80 Security Management Server. He decided to do this via WebUI. What is the correct IP address and default port to access the
Web UI for Gaia platform via browser?
Answer : A
Explanation:
Access to Web UI Gaia administration interface, initiate a connection from a browser to the default administration IP address:
Logging in to the WebUI -
Logging in -
To log in to the WebUI:
1. Enter this URL in your browser:
https://<Gaia IP address>
2. Enter your user name and password.
Reference:
https://sc1.checkpoint.com/documents/R77/CP_R77_Gaia_AdminWebAdminGuide/html_frameset.htm?topic=documents/R77/
CP_R77_Gaia_AdminWebAdminGuide/75930