Check Point Certified Security Expert - R80 v1.0 (156-315.80)

Page:    1 / 28   
Total 408 questions

You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or ______ action for the file types.

  • A. Inspect/Bypass
  • B. Inspect/Prevent
  • C. Prevent/Bypass
  • D. Detect/Bypass


Answer : A

Reference:
https://sc1.checkpoint.com/documents/R77/CP_R77_ThreatPrevention_WebAdmin/101703.htm

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

  • A. None, Security Management Server would be installed by itself.
  • B. SmartConsole
  • C. SecureClient
  • D. Security Gateway
  • E. SmartEvent


Answer : D

Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_Guide-webAdmin/89230.htm

On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

  • A. 18210
  • B. 18184
  • C. 257
  • D. 18191


Answer : B

How many images are included with Check Point TE appliance in Recommended Mode?

  • A. 2(OS) images
  • B. images are chosen by administrator during installation
  • C. as many as licensed for
  • D. the most new image


Answer : A

What is the least amount of CPU cores required to enable CoreXL?

  • A. 2
  • B. 1
  • C. 4
  • D. 6


Answer : B

Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_PerformanceTuning_WebAdmin/6731.htm

You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

  • A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
  • B. Create a separate Security Policy package for each remote Security Gateway.
  • C. Create network objects that restricts all applicable rules to only certain networks.
  • D. Run separate SmartConsole instances to login and configure each Security Gateway directly.


Answer : B

Which of the following authentication methods ARE NOT used for Mobile Access?

  • A. RADIUS server
  • B. Username and password (internal, LDAP)
  • C. SecurID
  • D. TACACS+


Answer : D

Reference:
https://sc1.checkpoint.com/documents/R77/CP_R77_Mobile_Access_WebAdmin/41587.htm

What is the correct command to observe the Sync traffic in a VRRP environment?

  • A. fw monitor ""e "accept[12:4,b]=224.0.0.18;"
  • B. fw monitor ""e "accept port(6118;"
  • C. fw monitor ""e "accept proto=mcVRRP;"
  • D. fw monitor ""e "accept dst=224.0.0.18;"


Answer : D

What has to be taken into consideration when configuring Management HA?

  • A. The Database revisions will not be synchronized between the management servers
  • B. SmartConsole must be closed prior to synchronized changes in the objects database
  • C. If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections.
  • D. For Management Server synchronization, only External Virtual Switches are supported. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.


Answer : A

What is the difference between an event and a log?

  • A. Events are generated at gateway according to Event Policy
  • B. A log entry becomes an event when it matches any rule defined in Event Policy
  • C. Events are collected with SmartWorkflow form Trouble Ticket systems
  • D. Log and Events are synonyms


Answer : B

What are the attributes that SecureXL will check after the connection is allowed by Security Policy?

  • A. Source address, Destination address, Source port, Destination port, Protocol
  • B. Source MAC address, Destination MAC address, Source port, Destination port, Protocol
  • C. Source address, Destination address, Source port, Destination port
  • D. Source address, Destination address, Destination port, Protocol


Answer : A

Which statement is NOT TRUE about Delta synchronization?

  • A. Using UDP Multicast or Broadcast on port 8161
  • B. Using UDP Multicast or Broadcast on port 8116
  • C. Quicker than Full sync
  • D. Transfers changes in the Kernel tables between cluster members.


Answer : A

Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7288.htm

The Event List within the Event tab contains:

  • A. a list of options available for running a query.
  • B. the top events, destinations, sources, and users of the query results, either as a chart or in a tallied list.
  • C. events generated by a query.
  • D. the details of a selected event.


Answer : C

Reference:
https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/
CP_R80_LoggingAndMonitoring/131915

Which statement is correct about the Sticky Decision Function?

  • A. It is not supported with either the Performance pack of a hardware based accelerator card
  • B. Does not support SPI"™s when configured for Load Sharing
  • C. It is automatically disabled if the Mobile Access Software Blade is enabled on the cluster
  • D. It is not required L2TP traffic


Answer : A

Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7290.htm

Which statement is true regarding redundancy?

  • A. System Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob ""f if command.
  • B. ClusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast.
  • C. Machines in a ClusterXL High Availability configuration must be synchronized.
  • D. Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments.


Answer : D

Page:    1 / 28   
Total 408 questions