To add a file to the Threat Prevention Whitelist, what two items are needed?

IP address of Management Server and Gateway

Which of the following describes how Threat Extraction functions?

Delivers PDF versions of original files with active content removed.

Detect threats and provides a detailed report of discovered threats.

Delivers file with original content.

Which method below is NOT one of the ways to communicate using the Management API's?

Sending API commands over an http connection using web-services

Typing API commands from a dialog box inside the SmartConsole GUI application

Typing API commands using Gaia's secure shell (clish)

Typing API commands using the 'mgmt_cli' command

What is false regarding prerequisites for the Central Deployment usage?

No need to establish SIC between gateways and the management server, since the CDT tool will take care about SIC automatically.

The administrator must have write permission on SmartUpdate

Security Gateway must have the latest CPUSE Deployment Agent

The Security Gateway must have a policy installed

How can you grant GAiA API Permissions for a newly created user?

Assign the user a permission profile in SmartConsole

Assign the user the admin RBAC role in clish

No need to grant access since every user has access by default.

In bash, use the following command: 'gaia_api access --user Tom --enable true'

Can Check Point and Third-party Gateways establish a certificate-based Site-to-Site VPN tunnel?

Yes, but they need to have a mutually trusted certificate authority

Yes, but they have to have a pre-shared secret key

No, they cannot share certificate authorities

No, Certificate based VPNs are only possible between Check Point devices

Which of the following statements about Site-to-Site VPN Domain-based is NOT true?

Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway.

Domain-based- VPN domains are pre-defined for all VPN Gateways. When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways.

Route-based- The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. The Routing Table can have routes to forward traffic to these VTIs. Any traffic routed through a VTI is automatically identified as VPN Traffic and is passed through the VPN Tunnel associated with the VTI.

Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway.

What is the best sync method in the ClusterXL deployment?

Use 3 clusters + 1st sync + 2nd sync + 3rd sync

Use 2 clusters + 1st sync + 2nd sync

As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?

Full layer3 VPN -IPSec VPN that gives users network access to all mobile applications

That is used to deploy the mobile device as a generator of one-time passwords for authenticating to an RSA Authentication Manager

Full Layer4 VPN -SSL VPN that gives users network access to all mobile applications

You can make sure that documents are sent to the intended recipients only

After finishing installation admin John likes to use top command in expert mode. John has to set the expert-password and was able to use top command. A week later John has to use the top command again. He detected that the expert password is no longer valid. What is the most probable reason for this behavior?

'save config' was not issued on clish

changes are only possible via SmartConsole

'save config' was not issued in expert mode

'write memory' was not issued on clish

If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsive, which if these steps should NOT be performed:

Rename the hostname of the Standby member to match exactly the hostname of the Active member.

Manually synchronize the Active and Standby Security Management Servers.

Change the Active Security Management Server to Standby.

Change the Standby Security Management Server to Active.

After some changes in the firewall policy you run into some issues. You want to test if the policy from two weeks ago have the same issue. You don't want to lose the changes from the last weeks. What is the best way to do it?

Use the Gaia WebUI to take a backup of the Gateway. In SmartConsole under Security Policies go to the Installation History view of the Gateway, select the policy version from two weeks ago and press the 'Install specific version' button.

Use the Gaia WebUI to take a snapshot of management. In the In SmartConsole under Manage & Settings go to Sessions -> Revisions and select the revision from two weeks ago. Run the action 'Revert to this revision...' Restore the management snapshot.

In SmartConsole under Manage & Settings go to Sessions -> Revisions and select the revision from two weeks ago. Run the action 'Revert to this revision...'.

In SmartConsole under Security Policies go to the Installation History view of the Gateway, select the policy version from two weeks ago and press the 'Install specific version' button.

What is the difference between Updatable Objects and Dynamic Objects?

Updatable Objects is a Threat Cloud Service. The provided Objects are updated automatically. Dynamic Objects are created and maintained locally. In both cases there is no need to install policy for the changes to take effect.

Dynamic Objects are maintained automatically by the Threat Cloud. Updatable Objects are created and maintained locally. In both cases there is no need to install policy for the changes to take effect.

Updatable Objects is a Threat Cloud Service. The provided Objects are updated automatically. Dynamic Objects are created and maintained locally. For Dynamic Objects there is no need to install policy for the changes to take effect.

Dynamic Objects are maintained automatically by the Threat Cloud. For Dynamic Objects there is no need to install policy for the changes to take effect. Updatable Objects are created and maintained locally.

Which of the following Central Deployment is NOT a limitation in R81.10 SmartConsole?

Security Gateways/Clusters in ClusterXL HA new mode

Security Gateway Clusters in Load Sharing mode

Where you can see and search records of action done by R80 SmartConsole administrators?

In the Logs & Monitor, logs, select 'Audit Log View'

In SmartView Tracker, open active log

How does the Anti-Virus feature of the Threat Prevention policy block traffic from infected websites?

By dropping traffic from websites identified through ThreatCloud Verification and URL Caching

By matching logs against ThreatCloud information about the reputation of the website.

By dropping traffic that is not proven to be from clean websites in the URL Filtering blade

By allowing traffic from websites that are known to run Antivirus Software on servers regularly

Which Check Point software blades could be enforced under a Threat Prevention profile using a Check Point SmartConsole application?

IPS, Anti-Bot, Anti-Virus, Threat Emulation, Threat Extraction

Firewall, IPS, Anti-Bot, Anti-Virus, Threat Emulation

IPS, Anti-Bot, URL Filtering, Application Control, Threat Emulation

Firewall, PS, Threat Emulation, Application Control

What is the mechanism behind Threat Extraction?

Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.

This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.

This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.

This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring).

John detected high load on sync interface. Which is most recommended solution?

For short connections like http service - do not sync

For short connections like icmp service - delay sync for 2 seconds

For FTP connections - do not sync

Add a second interface to handle sync traffic

CHKP 301 - 341

Authored by Joder Lapolla

Computers

1st Grade

Used 2+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

44 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

Which of these statements describes the Check Point ThreatCloud?

Blocks or limits usage of web applications

Prevents or controls access to web sites based on category

Prevents Cloud vulnerability exploits

A worldwide collaborative security network

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

What are possible Automatic Reactions in SmartEvent?

Mail, SNMP Trap, Block Source, Block Event Activity, External Script

Web Mail, Block Destination, SNMP Trap, SmartTask

Web Mail, Block Service, SNMP Trap, SmartTask, Geo Protection

Web Mail, Forward to SandBlast Appliance, SNMP Trap, External Script

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

Which of the following Check Point commands is true to enable Multi-Version Cluster (MVC)?

Check Point Security Management HA (Secondary): set cluster member mvc on

Check Point Security Gateway Only: set cluster member mvc on

Check Point Security Management HA (Primary): set cluster member mvc on

Check Point Security Gateway Cluster Member: set cluster member mvc on

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

Hit Count is a feature to track the number of connections that each rule matches, which one is not a benefit of Hit Count.

Better understand the behavior of the Access Control Policy

Improve Firewall performance - You can move a rule that has a high hit count to a higher position in the Rule Base

Automatically rearrange Access Control Policy based on Hit Count Analysis.

Analyze a Rule Base - You can delete rules that have no matching connections

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

Which Correction mechanisms are available with ClusterXL under R81.10?

Correction Mechanisms are only available of Maestro Hyperscale Orchestrators

Pre-Correction and SDF (Sticky Decision Function)

SDF (Sticky Decision Function) and Flush and ACK

Dispatcher (Early Correction) and Firewall (Late Correction)

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

What are the methods of SandBlast Threat Emulation deployment?

Cloud, Appliance and Private

Cloud, Appliance and Hybrid

Cloud, Smart-1 and Hybrid

Cloud, OpenServer and Vmware

MULTIPLE CHOICE QUESTION

2 mins • 2 pts

By default, what information is NOT collected from a Security Gateway in a CPINFO?

OS and Network Statistics

System message logs

Configuration and database files

Firewall logs

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

42 questions

Scratch Programming Quiz August

Quiz

•

1st Grade

41 questions

iT Skills

Quiz

•

1st - 3rd Grade

46 questions

CERTAMEN DEL SABER

Quiz

•

1st - 3rd Grade

45 questions

Computer Hardware and Software Review

Quiz

•

KG - University

40 questions

KLS 1 Drawing For Children 1

Quiz

•

1st Grade

40 questions

Adm. Sistem Jaringan (ASJ) Kelas XI TKJ

Quiz

•

KG - Professional Dev...

40 questions

Pemrograman Dasar

Quiz

•

1st Grade

40 questions

3nima-animasi2d3d

Quiz

•

1st Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

29 questions

Alg. 1 Section 5.1 Coordinate Plane

Quiz

•

9th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

11 questions

FOREST Effective communication

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

20 questions

Telling Time to the Hour and Half hour

Quiz

•

1st Grade

10 questions

Heating / Cooling Matter

Quiz

•

1st Grade

10 questions

Exploring Rosa Parks and Black History Month

Interactive video

•

1st - 5th Grade

20 questions

Place Value

Quiz

•

KG - 3rd Grade

10 questions

Counting Coins

Quiz

•

1st Grade

10 questions

Identifying Points, Lines, Rays, and Angles

Interactive video

•

1st - 5th Grade

5 questions

Heating and Cooling Pre-Assessment

Quiz

•

1st Grade

20 questions

VOWEL TEAMS: AI and AY

Quiz

•

1st Grade