What is Consolidation Policy?

The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database.

The collective name of the Security Policy, Address Translation, and IPS Policies

The collective name of the logs generated by SmartReporter.

A global Policy used to share a common enforcement policy for multiple Security Gateways.

Where do you verify that UserDirectory is enabled?

Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked.

Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked.

Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked.

Which of the following actions do NOT take place in IKE Phase 1?

Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key.

Peers agree on encryption method.

Peers agree on integrity method.

Each side generates a session key from its private key and peer's public key.

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.To make this scenario work, the IT administrator must: 1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources. 2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected. 3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action. 4) Install policy. Ms McHanry tries to access the resource but is unable. What should she do?

Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”.

Have the security administrator reboot the firewall.

Have the security administrator select Any for the Machines tab in the appropriate Access Role.

Install the Identity Awareness agent on her iPad

A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?

A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box

Secure Internal Communications (SIC) not configured for the object.

Anti-spoofing not configured on the interfaces on the Gateway object

A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Which of the following is NOT a valid option when configuring access for Captive Portal?

According to the Firewall Policy

As you review this Security Policy, what changes could you make to accommodate Rule 4?

Modify the column VPN in Rule 2 to limit access to specific traffic

Remove the service HTTP from the column Service in Rule 4.

Modify the columns Source or Destination in Rule 4

What happens when you run the command: fw sam -J src [Source IP Address]?

Connections from the specified source are blocked without the need to change the Security Policy.

Connections to the specified target are blocked without the need to change the Security Policy.

Connections to and from the specified target are blocked without the need to change the Security Policy

Connections to and from the specified target are blocked with the need to change the Security Policy

The CDT utility supports which of the following?

Major version upgrades to R77.30

Only Jumbo HFA’s and hotfixes

Only major version upgrades to R80.10

Using ClusterXL, what statement is true about the Sticky Decision Function?

Can only be changed for Load Sharing implementations

All connections are processed and synchronized by the pivot

Is only relevant when using SecureXL

How Capsule Connect and Capsule Workspace differ?

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications

Capsule Workspace can provide access to any application

Capsule Connect provides Business data isolation

Capsule Connect does not require an installed application at client

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

Time object to a rule to make the rule active only during specified times.

What are the three components for Check Point Capsule?

Capsule Workspace, Capsule Docs, Capsule Cloud

Capsule Docs, Capsule Cloud, Capsule Connect

Capsule Workspace, Capsule Cloud, Capsule Connect

Capsule Workspace, Capsule Docs, Capsule Connect

What is true about the IPS-Blade?

in R80, IPS is managed by the Threat Prevention Policy

in R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict

in R80, IPS Exceptions cannot be attached to “all rules”

in R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway

Go to clash-Run cpstop | Run cpstart

Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

More than 10GB and less than 20 GB

If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

Rename the hostname of the Standby member to match exactly the hostname of the Active member.

Change the Standby Security Management Server to Active

Change the Active Security Management Server to Standby.

Manually synchronize the Active and Standby Security Management Servers.

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

Someone else has changed this rule

This rule is managed by check point’s SOC

This rule can’t be changed as it’s an implied rule

Which method below is NOT one of the ways to communicate using the Management API’s?

Sending API commands over an http connection using web-services

Typing API commands using the “mgmt_cli” command

Typing API commands from a dialog box inside the SmartConsole GUI application

Typing API commands using Gaia’s secure shell (clash)19+

What is the main difference between Threat Extraction and Threat Emulation?

Threat Extraction always delivers a file and takes less than a second to complete

Threat Emulation never delivers a file and takes more than 3 minutes to complete

Threat Emulation never delivers a file that takes less than a second to complete

Threat Extraction never delivers a file and takes more than 3 minutes to complete

Checkpoint 161-200

Quiz

•

Computers

•

1st Grade

•

Practice Problem

•

Easy

. .

Used 43+ times

FREE Resource

40 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Choose the correct statement regarding Implicit Rules

To edit the Implicit rules you go to: Launch Button > Policy > Global Properties > Firewall.

Implied rules are fixed rules that you cannot change.

You can directly edit the Implicit rules by double-clicking on a specific Implicit rule.

You can edit the Implicit rules but only if requested by Check Point support personnel.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why

You checked the cache password on desktop option in Global Properties

Another rule that accepts HTTP without authentication exists in the Rule Base.

You have forgotten to place the User Authentication Rule before the Stealth Rule.

Users must use the SecuRemote Client, to use the User Authentication Rule.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After a while, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?

Run fwm dbexport -1 filename. Restore the database. Then, run fwm dbimport -1 filename to import the users.

Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport

Restore the entire database, except the user database, and then create the new user and user group.

Restore the entire database, except the user database.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list.

SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status

SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor

SmartView Tracker, CPINFO, SmartUpdate

Security Policy Editor, Log Viewer, Real Time Monitor GUI

MULTIPLE CHOICE QUESTION

1 min • 1 pt

You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?

SNX modifies the routing table to forward VPN traffic to the Security Gateway.

An office mode address must be obtained by the client.

The SNX client application must be installed on the client.

Active-X must be allowed on the client.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?

FTP

SMTP

HTTP

RLOGIN

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?

External-user group

LDAP group

A group with a genetic user

All Users

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

43 questions

systemy operacyjne

Quiz

•

1st - 6th Grade

42 questions

Thi trắc nghiệm THT (2024-2025)

Quiz

•

1st - 5th Grade

43 questions

NEW 2.1 Computational Thinking

Quiz

•

1st Grade

40 questions

PAS TLJ XI

Quiz

•

1st Grade - University

40 questions

W4-Lesson Mastery- Understanding Input, Process, and Output

Quiz

•

1st - 5th Grade

43 questions

игры

Quiz

•

1st - 11th Grade

40 questions

7 komputer i urządzenia cyfrowe

Quiz

•

1st - 6th Grade

44 questions

MICROSOFT OFFICE ICON

Quiz

•

KG - 12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

20 questions

Telling Time to the Hour and Half hour

Quiz

•

1st Grade

10 questions

Life Cycle of a Frog

Quiz

•

1st - 2nd Grade

10 questions

Exploring Rosa Parks and Black History Month

Interactive video

•

1st - 5th Grade

20 questions

Place Value

Quiz

•

KG - 3rd Grade

10 questions

100th Day of School 1st/2nd

Quiz

•

1st - 2nd Grade

15 questions

Reading Comprehension

Quiz

•

1st - 5th Grade

10 questions

Identifying Physical and Chemical Changes

Interactive video

•

1st - 5th Grade

10 questions

Exploring the American Revolution

Interactive video

•

1st - 5th Grade