Q1. As a Security Administrator, you must refresh the Client Authentication authorization time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

A. in the user object's Authentication screen.

B. in the Gateway object's Authentication screen.

C. in the Limit tab of the Client Authentication Action Properties screen.

D. in the Global Properties Authentication screen.

View Answer

Q2. Which packet info is ignored with Session Rate Acceleration?

A. source port ranges

B. source ip

C. source port

D. same info from Packet Acceleration is used

View Answer

Q3. Which command collects diagnostic data for analyzing customer setup remotely?

A. cpinfo

B. migrate export

C. sysinfo

D. cpview

View Answer

Q4. If you need strong protection for the encryption of user data, what option would be the BEST choice?

A. Use Diffie-Hellman for key construction and pre-shared keys for Quick Mode. Choose SHA in Quick Mode and encrypt with AES. Use AH protocol. Switch to Aggressive Mode.

B. When you need strong encryption, IPsec is not the best choice. SSL VPNu2021s are a better choice.

C. Use certificates for Phase 1, SHA for all hashes, AES for all encryption and PFS, and use ESP protocol.

D. Disable Diffie-Hellman by using stronger certificate based key-derivation. Use AES-256 bit on all encrypted channels and add PFS to QuickMode. Use double encryption by implementing AH and ESP as protocols.

View Answer

Q5. VPN Tunnel Sharing can be configured with any of the options below, EXCEPT One:

A. Gateway-based

B. Subnet-based

C. IP range based

D. Host-based

View Answer

Q6. What command syntax would you use to turn on PDP logging in a distributed environment?

A. pdp track=1

B. pdp tracker on

C. pdp logging on

D. pdp log=1

View Answer

Q7. Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?

A. fw cpinfo

B. cpinfo -o date.cpinfo.txt

C. diag

D. cpstat - date.cpstat.txt

View Answer

Q8. After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue?

A. The packet has been sent out through a VPN tunnel unencrypted.

B. An IPSO ACL has blocked the packetu2021s outbound passage.

C. A SmartDefense module has blocked the packet.

D. It is due to NAT.

View Answer

Q9. Your R80 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?

A. On a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.

B. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server objectu2021s Logs and Masters window, enable Schedule log switch, and select the Time object.

C. Create a time object, and add 48 hours as the interval. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.

D. Create a time object, and add 48 hours as the interval. Select that time objectu2021s Global Properties > Logs and Masters window, to schedule a logswitch.

View Answer

Q10. When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?

A. Leveraging identity in the application control blade

B. Basic identity enforcement in the internal network

C. Identity-based auditing and logging

D. Identity-based enforcement for non-AD users (non-Windows and guest users)

View Answer