You need to see which hotfixes are installed on your gateway, which command would you use?
Both ClusterXL and VRRP are fully supported by Gaia R81.20 and available to all Check Point appliances. Which the following command is NOT related to redundancy and functions?
Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?
You want to store the GAIA configuration in a file for later reference. What command should you use?
: 131
Which command is used to display status information for various components?
When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?
With MTA (Mail Transfer Agent) enabled the gateways manages SMTP traffic and holds external email with potentially malicious attachments. What is required in order to enable MTA (Mail Transfer Agent) functionality in the Security Gateway?
In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?
An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?
Which process is available on any management product and on products that require direct GUI access, such as SmartEvent and provides GUI client communications, database manipulation, policy compilation and Management HA synchronization?
Customer’s R81 management server needs to be upgraded to R81.20. What is the best upgrade method when the management server is not connected to the Internet?
To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?
Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?
As an administrator, you may be required to add the company logo to reports. To do this, you would save the logo as a PNG file with the name ‘cover-company-logo.png’ and then copy that image file to which directory on the SmartEvent server?
For Management High Availability, which of the following is NOT a valid synchronization status?
Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enabled which path is handling the traffic?
: 156
VPN Link Selection will perform the following when the primary VPN link goes down?
For best practices, what is the recommended time for automatic unlocking of locked admin accounts?
You have a Gateway is running with 2 cores. You plan to add a second gateway to build a cluster and used a device with 4 cores.
How many cores can be used in a Cluster for Firewall-kernel on the new device?
SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?
In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?
Check Point APIs allow system engineers and developers to make changes to their organization’s security policy with CLI tools and Web Services for all the following except:
You have a Geo-Protection policy blocking Australia and a number of other countries. Your network now requires a Check Point Firewall to be installed in Sydney, Australia.
What must you do to get SIC to work?
Ken wants to obtain a configuration lock from other administrator on R81 Security Management Server. He can do this via WebUI or via CLI.
Which command should he use in CLI? (Choose the correct answer.)
What is correct statement about Security Gateway and Security Management Server failover in Check Point R81.X in terms of Check Point Redundancy driven solution?
SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:
You notice that your firewall is under a DDoS attack and would like to enable the Penalty Box feature, which command you use?
In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Stateful Mode configuration, chain modules marked with __________________ will not apply.
Fill in the blank: Identity Awareness AD-Query is using the Microsoft _______________ API to learn users from AD.
Tom has connected to the R81 Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward.
What will happen to the changes already made?
Which web services protocol is used to communicate to the Check Point R81 Identity Awareness Web API?
During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:
Which file gives you a list of all security servers in use, including port number?
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
Identity Awareness allows the Security Administrator to configure network access based on which of the following?
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret and cannot be enabled.
Why does it not allow him to specify the pre-shared secret?
What command is used to manually failover a Multi-Version Cluster during the upgrade?
What ports are used for SmartConsole to connect to the Security Management Server?
In CoreXL, the Firewall kernel is replicated multiple times. Each replicated copy or instance can perform the following:
According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory. Which process is true for receiving these Tiles;
View the rule below. What does the lock-symbol in the left column mean? (Choose the BEST answer.)
What are the correct steps upgrading a HA cluster (M1 is active, M2 is passive) using Multi-Version Cluster(MVC)Upgrade?
You are the administrator for ABC Corp. You have logged into your R81 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.
What does this mean?
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
How to can you make sure that the old logs will be available after updating the Management to version R81.20 using the Advanced Upgrade Method?
You have used the SmartEvent GUI to create a custom Event policy. What is the best way to display the correlated Events generated by SmartEvent Policies?
Which process is used mainly for backward compatibility of gateways in R81.X? It provides communication with GUI-client, database manipulation, policy compilation and Management HA synchronization.
The customer has about 150 remote access user with a Windows laptops. Not more than 50 Clients will be connected at the same time. The customer want to use multiple VPN Gateways as entry point and a personal firewall. What will be the best license for him?
Hit Count is a feature to track the number of connections that each rule matches, which one is not benefit of Hit Count.
In R81.20 a new feature dynamic log distribution was added. What is this for?
Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.
Which details she need to fill in System Restore window before she can click OK button and test the backup?
Fill in the blank: The “fw monitor” tool can be best used to troubleshoot ____________________.
Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
In Threat Prevention, you can create new or clone profiles but you CANNOT change the out-of-the-box profiles of:
By default how often updates are checked when the CPUSE Software Updates Policy is set to Automatic?
Which Check Point daemon invokes and monitors critical processes and attempts to restart them if they fail?
What are the available options for downloading Check Point hotfixes in Gala WebUI (CPUSE)?
Kurt is planning to upgrade his Security Management Server to R81.X. What is the lowest supported version of the Security Management he can upgrade from?
In which deployment is the security management server and Security Gateway installed on the same appliance?
Secure Configuration Verification (SCV), makes sure that remote access client computers are configured in accordance with the enterprise Security Policy. Bob was asked by Alice to implement a specific SCV configuration but therefore Bob needs to edit and configure a specific Check Point file. Which location file and directory is true?
How many versions, besides the destination version, are supported in a Multi-Version Cluster Upgrade?
What is the port used for SmartConsole to connect to the Security Management Server?
SmartEvent uses it's event policy to identify events. How can this be customized?
What are the different command sources that allow you to communicate with the API server?
Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or _____ action for the file types.
To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:
Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
Fill in the blank: The R81 feature _____ permits blocking specific IP addresses for a specified time period.
How many images are included with Check Point TE appliance in Recommended Mode?
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
Fill in the blank: The R81 utility fw monitor is used to troubleshoot ______________________.
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
CPM process stores objects, policies, users, administrators, licenses and management data in a database. The database is:
SandBlast Mobile identifies threats in mobile devices by using on-device, network, and cloud-based algorithms and has four dedicated components that constantly work together to protect mobile devices and their data. Which component is NOT part of the SandBlast Mobile solution?
You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.
Fill in the blank: The tool _____ generates a R81 Security Gateway configuration report.
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .
What are the attributes that SecureXL will check after the connection is allowed by Security Policy?
Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every
Which method below is NOT one of the ways to communicate using the Management API’s?
Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?
Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?
Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .
Which Check Point software blade provides Application Security and identity control?
You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?
Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?
One of major features in R81 SmartConsole is concurrent administration.
Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?
Please choose the path to monitor the compliance status of the Check Point R81.20 based management.
When SecureXL is enabled, all packets should be accelerated, except packets that match the following conditions:
Which statements below are CORRECT regarding Threat Prevention profiles in Smart Dashboard?
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?