NEW QUESTION 1
Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

• A. All options stop Check Point processes
• B. backup
• C. migrate export
• D. snapshot

Answer: D

NEW QUESTION 2
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

• A. There is a virus foun
• B. Traffic is still allowed but not accelerated
• C. The connection required a Security server
• D. Acceleration is not enabled
• E. The traffic is originating from the gateway itself

Answer: D

NEW QUESTION 3
Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

• A. host name myHost12 ip-address 10.50.23.90
• B. mgmt add host name ip-address 10.50.23.90
• C. add host name emailserver1 ip-address 10.50.23.90
• D. mgmt add host name emailserver1 ip-address 10.50.23.90

Answer: D

NEW QUESTION 4
Which VPN routing option uses VPN routing for every connection a satellite gateway handles?

• A. To satellites through center only
• B. To center only
• C. To center and to other satellites through center
• D. To center, or through the center to other satellites, to internet and other VPN targets

Answer: D

Explanation: On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:
To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address
To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet.

NEW QUESTION 5
What Check Point technologies deny or permit network traffic?

• A. Application Control DLP
• B. Packet Filtering, Stateful Inspection, Application Layer Firewall
• C. ACL SandBlast, MPT
• D. IPS, Mobile Threat Protection

Answer: B

NEW QUESTION 6
Can a Check Point gateway translate both source IP address and destination IP address in a given packet?

• A. Yes.
• B. No.
• C. Yes, but only when using Automatic NAT.
• D. Yes, but only when using Manual NAT.

Answer: A

NEW QUESTION 7
Which of the following is NOT a set of Regulatory Requirements related to Information Security?

• A. ISO 37001
• B. Sarbanes Oxley (SOX)
• C. HIPPA
• D. PCI

Answer: A

Explanation: ISO 37001 - Anti-bribery management systems

NEW QUESTION 8
On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

• A. Kerberos SSO which will be working for Active Directory integration
• B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user
• C. Obligatory usage of Captive Portal
• D. The ports 443 or 80 what will be used by Browser-Based and configured Authentication

Answer: B

Explanation: To enable Identity Awareness:
Log in to R80 SmartConsole.
From the Awareness.
Gateway&s
Servers
view, double-click the Security Gateway on which to enable Identity
On the Network Security tab, select Identity Awareness.
The Identity Awareness
Configuration wizard opens.
Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers
Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Terminal Servers - Identify users in a Terminal Server environment (originating from one IP address).

NEW QUESTION 9
What port is used for communication to the User Center with SmartUpdate?

• A. CPMI 200
• B. TCP 8080
• C. HTTP 80
• D. HTTPS 443

Answer: D

NEW QUESTION 10
Which policy type is used to enforce bandwidth and traffic control rules?

• A. Threat Emulation
• B. Access Control
• C. QoS
• D. Threat Prevention

Answer: C

Explanation: Check Point's QoS Solution
QoS is a policy-based QoS management solution from Check Point Software Technologies Ltd., satisfies your needs for a bandwidth management solution. QoS is a unique, software-only based application that manages traffic end-to-end across networks, by distributing enforcement throughout network hardware and software.

NEW QUESTION 11
Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

• A. mgmt_cli add-host “Server_1” ip_address “10.15.123.10” --format txt
• B. mgmt_cli add host name “Server_1” ip_address “10.15.123.10” --format json
• C. mgmt_cli add object-host “Server_1” ip_address “10.15.123.10” --format json
• D. mgmt_cli add object “Server_1” ip_address “10.15.123.10” --format json

Answer: A

NEW QUESTION 12
There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A’s interface issues were resolved and it became operational. When it re-joins the cluster, will it become active automatically?

• A. No, since “maintain current active cluster member” option on the cluster object properties is enabled by default
• B. No, since “maintain current active cluster member” option is enabled by default on the Global Properties
• C. Yes, since “Switch to higher priority cluster member” option on the cluster object properties is enabled by default
• D. Yes, since “Switch to higher priority cluster member” option is enabled by default on the Global Properties

Answer: A

Explanation: What Happens When a Security Gateway Recovers?
In a Load Sharing configuration, when the failed Security Gateway in a cluster recovers, all connections are redistributed among all active members. High Availability and Load Sharing in ClusterXL ClusterXL Administration Guide R77 Versions | 31 In a High Availability configuration, when the failed Security Gateway in a cluster recovers, the recovery method depends on the configured cluster setting. The options are:
• Maintain Current Active Security Gateway means that if one member passes on control to a lower priority member, control will be returned to the higher priority member only if the lower priority member fails. This mode is recommended if all members are equally capable of processing traffic, in order to minimize the number of failover events.
• Switch to Higher Priority Security Gateway means that if the lower priority member has control and the higher priority member is restored, then control will be returned to the higher priority member. This mode is recommended if one member is better equipped for handling connections, so it will be the default Security Gateway.

NEW QUESTION 13
According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):

• A. Gateway
• B. Interoperable Device
• C. Externally managed gateway
• D. Network Node

Answer: C

NEW QUESTION 14
Fill in the blank: RADIUS protocol uses ______ to communicate with the gateway.

• A. UDP
• B. TDP
• C. CCP
• D. HTTP

Answer: A

Explanation: Parameters:

NEW QUESTION 15
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the
most likely cause?

• A. The POP3 rule is disabled.
• B. POP3 is accepted in Global Properties.
• C. The POP3 rule is hidden.
• D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.

Answer: C

NEW QUESTION 16
What is a reason for manual creation of a NAT rule?

• A. In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.
• B. Network Address Translation of RFC1918-compliant networks is needed to access the Internet.
• C. Network Address Translation is desired for some services, but not for others.
• D. The public IP-address is different from the gateway’s external IP

Answer: D

NEW QUESTION 17
Study the Rule base and Client Authentication Action properties screen.


After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:

• A. user is prompted for authentication by the Security Gateways again.
• B. FTP data connection is dropped after the user is authenticated successfully.
• C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
• D. FTP connection is dropped by Rule 2.

Answer: C

NEW QUESTION 18
What component of R80 Management is used for indexing?

• A. DBSync
• B. API Server
• C. fwm
• D. SOLR

Answer: D