What Factor preclude Secure XL Templating?
Answer : A
Explanation:
There are factors that can preclude templating if all other parameters are met for packet acceleration, such as:
ג€¢ Source port ranges
ג€¢ IPS features not supported in Acceleration
ג€¢ NATג€™d traffic, unless NAT templates are enabled
ג€¢ Encrypted connections
In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?
Answer : B
Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _____________ .
Answer : D
The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
Answer : D
Reference:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638
What is not a component of Check Point SandBlast?
Answer : B
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
Answer : D
Explanation:
Synchronization works in two modes:
Full Sync transfers all Security Gateway kernel table information from one cluster member to another. It is handled by the fwd daemon using an encrypted TCP connection on port 256.
Delta Sync transfers changes in the kernel tables between cluster members. Delta sync is handled by the Security Gateway kernel using UDP connections on port
8116.
Reference:
https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_ClusterXL_AdminGuide/html_frameset.htm?topic=documents/
R80.10/WebAdminGuides/EN/CP_R80.10_ClusterXL_AdminGuide/7288
Fill in the blank: The command ___________ provides the most complete restoration of a R80 configuration.
Answer : A
Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic. The cpm process:
Answer : C
Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?
Answer : A
Reference:
https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_MobileAccess_AdminGuide/html_frameset.htm?topic=documents/
R80.10/WebAdminGuides/EN/CP_R80.10_MobileAccess_AdminGuide/41587
Which of the SecureXL templates are enabled by default on Security Gateway?
Answer : D
What happen when IPS profile is set in Detect Only Mode for troubleshooting?
Answer : C
Explanation:
It is recommended to enable Detect-Only for Troubleshooting on the profile during the initial installation of IPS. This option overrides any protections that are set to
Prevent so that they will not block any traffic.
During this time you can analyze the alerts that IPS generates to see how IPS will handle network traffic, while avoiding any impact on the flow of traffic.
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_IPS_AdminGuide/12750.htm
What is true about VRRP implementations?
Answer : C
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/87911.htm
The Security Gateway is installed on GAIA R80. The default port for the Web User Interface is ______.
Answer : D
Fill in the blank: The R80 feature ______ permits blocking specific IP addresses for a specified time period.
Answer : C
Explanation:
Suspicious Activity Rules Solution
Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify access privileges upon detection of any suspicious network activity
(for example, several attempts to gain unauthorized access).
The detection of suspicious activity is based on the creation of Suspicious Activity rules. Suspicious Activity rules are Firewall rules that enable the system administrator to instantly block suspicious connections that are not restricted by the currently enforced security policy. These rules, once set (usually with an expiration date), can be applied immediately without the need to perform an Install Policy operation.
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_SmartViewMonitor_AdminGuide/17670.htm
What is the mechanism behind Threat Extraction?
Answer : D
Have any questions or issues ? Please dont hesitate to contact us