Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?

/var/opt/CPshrd-R80/conf/local.arp

What is the recommended configuration when the customer requires SmartLog indexing for 14 days and SmartEvent to keep events for 180 days?

Choose different setting for log storage and SmartEvent db

Use Multi-Domain Management Server

Install Management and SmartEvent on different machines

You want to set up a VPN tunnel to an external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.

In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to 'User defined' and put in the local network.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDIR/conf/user.def.FW1 file -> subnet_for_range_and_peer = { };

In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies /Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FW1 file -> subnet_for_range_and_peer = { };

What is the benefit of Manual NAT over Automatic NAT?

You have the full control about the priority of the NAT rules

On IPSO and GAIA Gateways, it is handled in a stateful manner.

There is no benefit since Automatic NAT has in any case higher priority over Manual NAT

If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy

With SecureXL enabled, accelerated packets will pass through the following:

Network InterfaceCard and the Acceleration Device

Network Interface Card, OSI Network Layer, and the Acceleration Device

Network Interface Card, Check Point Firewall Kernel, and the AccelerationDevice

Network Interface Card, OSI Network Layer, OS IP Stack, and the Acceleration Device

Which of the following statements about SecureXL NAT Templates is true?

NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are enabled by default and work only if Accept Templates are enabled.

DROP Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if NAT Templates are disabled.

NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if Accept Templates are disabled.

ACCEPT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if NAT Templates are disabled.

Which NAT rules are prioritized first?

Manual Post-Automatic NAT Rules

What is the best method to upgrade a Security Management Server to R80.x when it is not connected to the Internet?

Advanced upgrade or CPUSE offline upgrade

Advanced upgrade or CPUSE offline upgrade only

Check Point APIs allow system engineers and developers to make changes to their organization’s security policy with CLI tools and Web Services. Which of the following is NOT a possible use case?

Create new dashboards to manage 3rd party task.

Create products that use and enhance 3rd party solutions.

Create products that use and enhance the Check Point Solution.

Execute automated scripts to perform common tasks.

What are the blades of Threat Prevention?

IPS, AntiVirus, AntiBot, Threat Emulation, Threat Extraction

DLP, AntiVirus, QoS, AntiBot, Threat Emulation, Threat Extraction

IPS, QoS, AntiVirus, AntiBot, Threat Emulation, Threat Extraction

What kind of information would you expect to see when using the "sim affinity -l" command?

Overview over SecureXL templated connections

The involved firewall kernel modules in inbound and outbound packet chain

The VMACs used in a Security Gateway cluster

What are valid Policy Types in R81.10?

Access Control, Threat Prevention, QoS, Desktop Security

Access Control, IPS, Threat Emulation, NAT

Access Control, RemoteAccess VPN, NAT, IPS

What is true about the IPS-Blade?

IPS is managed by the Threat Prevention Policy

IPS Exceptions cannot be attached to "all rules"

In the IPS Layer, the only three possible actions are Basic, Optimized and Strict

The GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Return oriented programming (ROP) exploits are detected by which security blade?

Check Point Anti-Virus / Threat Emulation

With Mobile Access enabled, administrators select the web-based and native applications that can be accessed by remote users and define the actions that users can perform within the applications. Mobile Access encrypts all traffic using:

HTTPS for web-based applications and 3DES or RC4 algorithm for native applications. For end users to access the native applications, they need to install the SSL Network Extender.

HTTPS for web-based applications and AES or RSA algorithm for native applications. For end users to access the native application, no additional software is required.

HTTPS for web-based applications and 3DES or RC4 algorithm for native applications. For end users to access the native applications, no additional software is required.

HTTPS for web-based applications and AES or RSA algorithm for native applications. For end users to access the native application, they need to install the SSL Network Extender

Under which file is the proxy arp configuration stored?

$FWDIR/conf/local.arp on the gateway

$FWDIR/conf/local.arp on the management server

$FWDIR/state/_tmp/proxy.arp on the security gateway

$FWDIR/state/proxy_arp.conf on the management server

What is "Accelerated Policy Installation"?

Starting R81, the Access Control Policy installation process is accelerated thereby reducing the duration of the process significantly

Starting R81, the Desktop Security Policy installation process is accelerated thereby reducing the duration of the process significantly

Starting R81, the QoS Policy installation process is accelerated thereby reducing the duration of the process significantly

Starting R81, the Threat Prevention Policy installation process is accelerated thereby reducing the duration of the process significantly

What are the minimum open server hardware requirements for a Security Management Server/Standalone Security Gateway?

4 CPU cores, 8GB of RAM and 500GB of disk space

2 CPU cores, 4GB of RAM and 15GB of disk space

8 CPU cores, 16GB of RAM and 500 GB of disk space

8 CPU cores, 32GB of RAM and 1 TB of disk space

Installations and upgrades with CPUSE require that the CPUSE agent is up-to-date. Usually the latest build is downloaded automatically. How can you verify the CPUSE agent build?

In WebUI Status and Actions page or by running the following command in CLISH: show installer status build

In the Management Server or Gateway object in SmartConsole or by running the following command in CLISH: show installer agent version

In WebUI Status and Actions page or by running the following command in CLISH: show installer agent version

In the Management Server or Gateway object in SmartConsole or by running the following command in CLISH: show installer status build

What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

Anti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command Control Center

Anti-Bot is the only protection mechanism which starts a counter-attack against known Command Control Centers

Anti-Bot is the only countermeasure against unknown malware

Anti-Bot is the only signature-based method of malware protection

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

SND is used to distribute packets among Firewall instances

SND is a feature of fw monitor to capture accelerated packets

SND is an alternative to IPSec Main Mode, using only 3 packets

SND is a feature to accelerate multiple SSL VPN connections

Which of the following is true regarding the Proxy ARP feature for Manual NAT?

Automatic proxy ARP configuration can be enabled

Translate Destination on Client Side should be configured

fw ctl proxy should be configured

The local.arp file must always be configured

What Factors preclude Secure XL Templating?

Source Port Ranges/Encrypted Connections

What is the main difference between Threat Extraction and Threat Emulation?

Threat Extraction always delivers a file and takes less than a second to complete

Threat Emulation never delivers a file that takes less than a second to complete

Threat Emulation never delivers a file and takes more than 3 minutes to complete

Threat Extraction never delivers a file and takes more than 3 minutes to complete

When deploying SandBlast, how would a Threat Emulation appliance benefit from the integration of ThreatCloud?

ThreatCloud is a collaboration platform for all the Check Point customers to share information about malicious and benign files that all of the customers can benefit from as it makes emulation of known files unnecessary.

ThreatCloud is a collaboration platform for Check Point customers to benefit from VMWare ESXi infrastructure which supports the Threat Emulation Appliances as virtual machines in the EMC Cloud.

ThreatCloud is a database-related application which is located on-premise to preserve privacy of company-related data.

ThreatCloud is a collaboration platform for all the Check Point customers to form a virtual cloud consisting of a combination of all on-premise private cloud environments.

What is the responsibility of SOLR process on the management server?

It generates indexes of data written to the database

Writing all information into the database

Validating all data before it’s written into the database

Communication between SmartConsole applications and the Security Management Server

Which of the following is a task of the CPD process?

Transfers messages between Firewall processes

Responsible for processing most traffic on a security gateway

Invoke and monitor critical processes and attempts to restart them if they fail

You had setup the VPN Community 'VPN-Stores' with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways.

action:"Key Install" AND 1.1.1.1 AND Quick Mode

action:"Key Install" AND 1.1.1.1 AND Main Mode

Blade:"VPN" AND VPN-Stores AND Main Mode

Blade:"VPN" AND VPN-Stores AND Quick Mode

What are the two modes for SNX (SSL Network Extender)?

Network Mode and Application Mode

Which statement is true about ClusterXL?

Supports Dynamic Routing (Unicast and Multicast)

Supports Dynamic Routing (Unicast Only)

Does not support Dynamic Routing

Supports Dynamic Routing (Multicast Only)

CHKP 251 - 300

Authored by Joder Lapolla

Computers

1st Grade

Used 2+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

50 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

To find records in the logs that shows log records from the Application URL Filtering Software Blade where traffic was dropped, what would be the query syntax?

blade:"application control" AND action:drop

blade;"application control" AND action;drop

blade: application control AND action:drop

(blade: application control AND action;drop)

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

When an encrypted packet is decrypted, where does this happen?

Inbound chain

Outbound chain

Security policy

Decryption is not supported

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

Which Check Point daemon invokes and monitors critical processes and attempts to restart them if they fail?

fwm

cpd

cpm

cpwd

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

What is the SandBlast Agent designed to do?

Ensure the Check Point SandBlast services is running on the end user's system

Clean up email sent with malicious attachments

If malware enters an end user's system, the SandBlast Agent prevents the malware from spreading with the network

Performs OS-level sandboxing for SandBlast Cloud architecture

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

After replacing a faulty Gateway the admin installed the new Hardware and want to push the policy. Installing the policy using the SmartConsole he got an Error for the Threat Prevention Policy. There is no error for the Access Control Policy. What will be the most common cause for the issue?

The admin forgot to reestablish the SIC for the new hardware. That is typically the case when configure only the interfaces of the replacement hardware instead restoring a backup.

The IPS Protection engine on the replacement hardware is too old. Before pushing the Threat Prevention Policy use SmartConsole -> Security Policies -> Updates -> IPS 'Update Now' to update the engine.

The admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing.

The Threat Prevention Policy can't be installed on a Gateway without an already installed Access Control Policy. First install only the Access Control Policy.

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

Which one of the following is true about Threat Extraction?

Takes minutes to complete (less than 3 minutes)

Takes less than a second to complete

Works on MS Office and PDF files only

Always delivers a file

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

In Advanced Permanent Tunnel Configuration, to set the amount of time the tunnel test runs without a response before the peer host is declared 'down', you would set the_______ ?

life sign polling interval

life sign timeout

life_sign_timeout

life_sign_polling_interval

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

JTI SAP Bootcamp

Quiz

•

1st - 5th Grade

45 questions

Philipp simp

Quiz

•

1st Grade

50 questions

ict 101-150

Quiz

•

1st Grade

50 questions

Unit 3 - Connections

Quiz

•

1st Grade

50 questions

TEKNISI KOMPUTER LEVEL C

Quiz

•

1st Grade

55 questions

*Computer Science Test*

Quiz

•

KG - Professional Dev...

45 questions

Computer - Term 4 - Revision

Quiz

•

1st - 5th Grade

53 questions

Digital Arts

Quiz

•

KG - 12th Grade

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

12 questions

Presidents' Day

Quiz

•

KG - 5th Grade

20 questions

Telling Time to the Hour and Half hour

Quiz

•

1st Grade

10 questions

Exploring Rosa Parks and Black History Month

Interactive video

•

1st - 5th Grade

6 questions

President's Day

Lesson

•

1st Grade

10 questions

Identifying Physical and Chemical Changes

Interactive video

•

1st - 5th Grade

7 questions

Lunar and Chinese New Year for Kids | Bedtime History

Interactive video

•

1st - 12th Grade

10 questions

Presidents Day

Interactive video

•

1st - 5th Grade

15 questions

Making Inferences

Quiz

•

1st - 3rd Grade