Check Point Security Exam A

Exam Questions and Answers

Question 1 (Exam A): When enabling tracking on a rule, what is the default option?
- Detailed Log is not the default option.
- The default option is Log.
Question 2 (Exam A): Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components?
- Licensed Check Point products for the Gala operating system and the Gaia operating system itself.
Question 3 (Exam A): Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?
- Contract file (.xml)
Question 4 (Exam A): Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as
- User Administration
Question 5 (Exam A): Can you use the same layer in multiple policies or rulebases?
- Yes, a layer can be shared with multiple policies and rules.
Question 6 (Exam A): Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made?
- Tom's changes will have been stored on the Management when he reconnects and he will not lose any of his work.
Question 7 (Exam A): Security Gateway software blades must be attached to what?
- Security Gateway container
Question 8 (Exam A): Which tool allows you to monitor the top bandwidth on smart console?
- SmartView Monitor
Question 9 (Exam A): A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?
- The local directly connected subnet defined by the subnet IP and subnet mask.
- Security Zones are not supported by Check Point firewalls. The firewall rule can be configured to include one or more subnets in a zone. The zone is based on the network topology and determined according to where the interface leads to.
Question 10 (Exam A): When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?
- Only one rule is required for each connection.
Question 11 (Exam A): Which type of Endpoint Identity Agent includes packet tagging and computer authentication?
- Full
Question 12 (Exam A): Fill in the blanks: Gaia can be configured using
- Gaia Interface; GaiaUI
Question 13 (Exam A): An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE?
- A Sectional Title can be used to disable multiple rules by disabling only the sectional title.
Question 14 (Exam A): In which scenario is it a valid option to transfer a license from one hardware device to another?
- From a 4400 Appliance to a 2200 Appliance.
Question 15 (Exam A): What are the three types of UserCheck messages?
- inform, ask, and block
Question 16 (Exam A): A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?
- In the State tables.
Question 17 (Exam A): What is the RFC number that acts as a best practice guide for NAT?
- RFC 1918
Question 18 (Exam A): URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology?
- UserCheck
Question 19 (Exam A): One of major features in SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?
- AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.
Question 20 (Exam A): What is a role of Publishing?
- The Publish operation sends the modifications made via SmartConsole in the private session and makes them public.
Question 21 (Exam A): Name one limitation of using Security Zones in the network?
- Security zones will not work in Manual NAT rules.
Question 22 (Exam A): When configuring LDAP with User Directory integration, changes applied to a User Directory template are:
- Reflected immediately for all users who are using that template.
Question 23 (Exam A): True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.
- True, every administrator works on a different database that is independent of the other administrators.
Question 24 (Exam A): What are the three deployment options available for a security gateway?
- Standalone, Distributed, and Bridge Mode
Question 25 (Exam A): Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway?
- NAT
Question 26 (Exam A): Choose what BEST describes users on Gaia Platform.
- There is one default user that cannot be deleted.
Question 27 (Exam A): Which type of Check Point license ties the package license to the IP address of the Security Management Server?
- Central
Question 28 (Exam A): Which statement is true regarding using section titles in rule bases?
- Section titles are not sent to the gateway.
Question 29 (Exam A): Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?
- Monitoring
Question 30 (Exam A): Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
- Local
Question 31 (Exam A): What is the purpose of Captive Portal?
- It manages user permission in SmartConsole.
Question 32 (Exam A): Which statement is NOT a benefit of Application Control?
- Scans the content of files being downloaded by users in order to make policy decisions.
Question 33 (Exam A): Identity Awareness allows easy configuration for network access and auditing based on what three items?
- Client machine IP address, Network location, and the identity of a user and the identity of a machine.
Question 34 (Exam A): How do logs change when the "Accounting" tracking option is enabled on a traffic rule?
- Involved traffic logs will be forwarded to a log server.
Question 35 (Exam A): Fill in the blank: The position of an Implied rule is manipulated in the
- Global Properties
Question 36 (Exam A): You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
- Content Awareness is not enabled.
Question 37 (Exam A): How many layers make up the TCP/IP model?
- 4
Question 38 (Exam A): Fill in the blank: The feature allows administrators to share a policy with other policy packages.
- Shared policies
Question 39 (Exam A): Access roles allow the firewall administrator to configure network access according to:
- All of the above (remote access clients, a combination of computer or computer groups and networks, users and user groups).
Question 40 (Exam A): In SmartEvent, a correlation unit (CU) is used to do what?
- Collect security gateway logs, index the logs and then compress the logs.
Question 41 (Exam A): The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful Inspections and Proxies, which statement is correct?
- When it comes to performance, stateful inspection was significantly faster than proxies.
Question 42 (Exam A): What are the Threat Prevention software components available on the Check Point Security Gateway?
- IPS, Anti-Bot, Anti-Virus, Threat Emulation, and Threat Extraction
Question 43 (Exam A): Check Point licenses come in two forms. What are those forms?
- Central and Local.
Question 44 (Exam A): Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?
- Manual NAT can offer more flexibility than Automatic NAT.
Question 45 (Exam A): What is the default tracking option of a rule?
- Log
Question 46 (Exam A): A network administrator has informed you that they have identified a malicious host on the network and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?
- Anti-Malware protection
Question 47 (Exam A): The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands?
- Execute the command "expert" in the cli.sh shell
Question 48 (Exam A): Where can an administrator edit a list of trusted SmartConsole clients?
- In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server
Question 49 (Exam A): In which deployment is the security management server and Security Gateway installed on the same appliance?
- Standalone
Question 50 (Exam A): When dealing with rule base layers, what two layer types can be utilized?
- Ordered Layers and Inline Layers
Question 51 (Exam A): How can the changes made by an administrator before publishing the session be seen by a Super User administrator?
- From the SmartView Tracker audit log.
Question 52 (Exam A): What are the three main components of Check Point security management architecture?
- SmartConsole, Security Management, and Security Gateway.
Question 53 (Exam A): What is the main objective when using Application Control?
- To filter out specific content.
Question 54 (Exam A): What command from the CLI would be used to view current licensing?
- show license -s
Question 55 (Exam A): In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?
- Install policy
Question 56 (Exam A): The Gateway Status view in SmartConsole shows the overall status of Security Gateways and Software Blades. What does the Status Attention mean?
- At least one Software Blade has a minor issue, but the gateway works.
Question 57 (Exam A): Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?
- Security questions
Question 58 (Exam A): Which of the following is NOT a component of a Distinguished Name?
- User container
Question 59 (Exam A): In SmartConsole, on which tab are Permissions and Administrators defined?
- Manage and Settings
Question 60 (Exam A): Which of the following is used to initially create trust between a Gateway and Security Management Server?
- One-time Password
Question 61 (Exam A): How many users can have read/write access in Gaia Operating System at one time?
- Infinite
Question 62 (Exam A): What is the default shell of Gaia CLI?
- clish
Question 63 (Exam A): The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?
- The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.
Question 64 (Exam A): In which scenario will an administrator need to manually define Proxy ARP?
- When they configure a "Manual Hide NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.
Question 65 (Exam A): Which Threat Prevention profile uses sanitization technology?
- Perimeter
Question 66 (Exam A): Which two Identity Awareness daemons are used to support identity sharing?
- Policy Decision Point (PDP) and Policy Enforcement Point (PEP).
Question 67 (Exam A): Which product correlates logs and detects security threats?
- SmartEvent
Question 68 (Exam A): To provide updated malicious data signatures to all Threat Prevention blades, the Threat Prevention gateway does what with the data?
- Share the data to the ThreatCloud for use by other Threat Prevention blades.
Question 69 (Exam A): Which policy type is used to enforce bandwidth and traffic control rules?
- QoS
Question 70 (Exam A): When a SAM rule is required on Security Gateway to quickly block suspicious connections, what actions does the administrator need to take?
- SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required.
Question 71 (Exam A): Fill in the blank: An Endpoint identity agent uses a _____ for user authentication.
- Username/password or Kerberos Ticket
Question 72 (Exam A): Fill in the blanks: The _____ collects logs and sends them to the _____.
- Security management server; Security Gateway
Question 73 (Exam A): Which of the following is NOT an advantage to using multiple LDAP servers?
- Information on a user is hidden, yet distributed across several servers.
Question 74 (Exam A): Fill in the blank: In NAT, only the _____ is translated.
- Destination (or Source)
Question 75 (Exam A): When Admin logs into SmartConsole and sees a lock icon on a gateway object, what does that indicate?
- Another Admin has made an edit to that object and has yet to publish the change.
Question 76 (Exam A): DLP and Geo Policy are examples of what type of Policy?
- Shared Policies
Question 77 (Exam A): Fill in the blanks: In NAT, only the _____ is translated.
- Source)
Question 78 (Exam A): Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?
- IPS blade
Question 79 (Exam A): In large organizations where there are a number of managed Check Point firewalls that generate a lot of logs, it is recommended to install the Log Server on a dedicated computer. Which statement is FALSE?
- The dedicated Log Server must be the same version as the Security Management Server.
Question 80 (Exam A): In order to modify Security Policies the administrator can use which of the following tools?
- SmartConsole and WebUI on the Security Management Server.
Question 81 (Exam A): A SAM rule is implemented to provide what function or benefit?
- Handle traffic as defined in the policy.
Question 82 (Exam A): Is it possible to have more than one administrator connected to a Security Management Server at once?
- Yes, but objects edited by one administrator will be locked for editing by others until the session is published.
Question 83 (Exam A): Which default Gaia user has full read/write access?
- admin
Question 84 (Exam A): Which is a main component of the Check Point security management architecture?
- SmartConsole
Question 85 (Exam A): When using Automatic Hide NAT, what is enabled by default?
- Source Port Address Translation (PAT)
Question 86 (Exam A): Which of the following cannot be configured in an Access Role Object?
- Time
Question 87 (Exam A): What are the two types of NAT supported by the Security Gateway?
- Hide and Static
Question 88 (Exam A): In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?
- Monitoring Blade
Question 89 (Exam A): What is UserCheck?
- Communication tool used to inform a user about a website or application they are trying to access.
Question 90 (Exam A): What is the default shell for the command line interface?
- clish
Question 91 (Exam A): When configuring Anti-Spoofing, which tracking options can an Administrator select?
- Log, Alert, None
Question 92( Exam A): Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers?
- IPS
Question 93 (Exam A): Which log queries show only dropped packets with a specific source and destination address?
- src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop
Question 94 (Exam A): Which of the following licenses are considered temporary?
- Plug-and-play (Trial) and Evaluation
Question 95 (Exam A): Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) _____ Server.
- LDAP
Question 96 (Exam A): In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?
- Different computers or appliances.
Question 97 (Exam A): Core Protections are installed as part of what Policy?
- Access Control Policy.
Question 98 (Exam A): A Check Point Software license consists of two components, the Software Blade and the Software Container. There are _____ types of Software Containers:
- Three
Question 99 (Exam A): In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule?
- Inspect, Bypass, and Categorize
Question 100 (Exam A): Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___
- Captive Portal and Transparent Kerberos Authentication.
Question 101 (Exam A): With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis?
- The host portion of the URL.
Question 102 (Exam A): Choose what BEST describes the reason why querying logs now are very fast.
- Indexing Engine indexes logs for faster search results.
Question 103 (Exam A): Rugged appliances use which operating system? (name of OS)
- Red Hat Enterprise Linux version 5
Question 104 (Exam A): What is the main difference between Static NAT and Hide NAT?
- Static NAT allows incoming and outgoing connections; Hide NAT only allows outgoing connections.
Question 105 (Exam A): Which application is used for the central management and deployment of licenses and packages?
- SmartUpdate
Question 106 (Exam A): Which Check Point software blade prevents malicious files?
- Anti-Virus
Question 107 (Exam A): Why is a Central License the preferred and recommended method of licensing?
- Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed.
Question 108 (Exam A): Which of the following technologies extracts detailed information from packets and stores that information in state tables?
- INSPECT Engine
Question 109 (Exam A): What default layers are included when creating a new policy layer?
- Application Control, URL Filtering, and Threat Prevention
Question 110 (Exam A): When changes are made to a Rule base, it is important to _____ to enforce changes.
- Publish database
Question 111 (Exam A): After a new Log Server is added to the environment and the SIC trust has been established, what will the gateways do?
- Logs are not automatically forwarded to a new Log Server. SmartConsole must be used manually to configure each gateway to send its logs to the server.
Question 112 (Exam A): Secure Internal Communication (SIC) is handled by what process?
- CPD
Question 113 (Exam A): To increase security, the administrator has modified the Core protection 'Host Port Scan' from 'Medium' to ‘High' Predefined Sensitivity. Which Policy should the administrator install?
- The Threat Prevention Policy
Question 114 (Exam A): Name the utility that is used to block activities that appear to be suspicious.
- Suspicious Activity Monitoring (SAM)
Question 115 (Exam A): When should you generate new licenses?
- When the existing license expires, the license is upgraded, or the IP address associated with the license changes.
Question 116 (Exam A): When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service?
- The host part of the URL is sent to the Check Point Online Web Service.
Question 117 (Exam A): Which deployment adds a Security Gateway to an existing environment without changing IP routing?
- Bridge mode
Question 118 (Exam A): Name the pre-defined Roles included in Gaia OS.
- AdminRole, and MonitorRole
Question 119 (Exam A): Gaia has two default user accounts that cannot be deleted. What are those user accounts?
- Admin and Monitor
Question 120 (Exam A): Name the authentication method that requires token authenticator.
- SecurID
Question 121 (Exam A): Which default Gaia user has full read/write access?
- Admin
Question 122 (Exam A): Log query results can be exported to what file format?
- Comma Separated Value (csv)
Question 123 (Exam A): There are four policy types available for each policy package. What are those policy types?
- Access Control, Threat Prevention, Mobile Access, and HTTPS Inspection.
Question 124 (Exam A): Which tool allows for the automatic updating of the Gaia OS?
- CPASE - Check Point Automatic Service Engine
Question 125 (Exam A): The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways.
- After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA.
Question 126 (Exam A): Which of the following allows viewing of billions of consolidated security logs?
- SmartView Web Application
Question 127 (Exam A): What kind of NAT enables Source Port Address Translation by default?
- Automatic Hide NAT.
Question 128 (Exam A): Application Control/URL filtering database library is known as:
- AppWiki
Question 129 (Exam A): What are the types of Software Containers?
- Security Management, Security Gateway, and Endpoint Security.
Question 130 (Exam A): Stateful Inspection compiles and registers connections where?
- State Table
Question 131 (Exam A): Security Zones do no work with what type of defined rule?
- Manual NAT rule
Question 132 (Exam A): Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code?
- Enterprise Network Security Appliances.
Question 133 (Exam A): Which of the following is NOT a valid deployment option?
- CloudGuard
Question 134 (Exam A): Which of the following is NOT a method used by Identity Awareness for acquiring identity?
- Remote Access.
Question 135 (Exam A): What Check Point tool is used to automatically update Check Point products for the Gaia OS?
- Check Point Upgrade Service Engine (CPUSE)
Question 136 (Exam A): What are the advantages of a "shared policy"?
- Allows the administrator to share a policy so that it is available to use in another Policy Package.
Question 137 (Exam A): URL Filtering cannot be used to:
- Control Bandwidth issues.
Question 138 (Exam A): Which SmartConsole application shows correlated logs?
- SmartEvent.
Question 139 (Exam A): Which of the following is used to extract state related information?
- STATE Engine
Question 140 (Exam A): Which part of SmartConsole allows administrators to add, edit delete, and clone objects?
- Object Explorer
Question 141 (Exam A): For Automatic Hide NAT rules created by the administrator, what is a TRUE statement?
- Source Port Address Translation (PAT) is enabled by default.
Question 142 (Exam A): Which of the following is true about Stateful Inspection?
- Stateful Inspection requires two rules.
Question 143 (Exam A): What is the user ID of a user that have all the privileges of a root user?
- User ID 0
Question 144 (Exam A): What are the two elements of address translation rules?
- Original packet and translated packet.
Question 145 (Exam A): Fill in the blanks: A _____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.
- Formal; local
Question 146 (Exam A): Fill in the blank: RADIUS protocol uses ____ to communicate with the gateway.
- UDP
Question 147 (Exam A): Which software blade enables Access Control policies?
- Application Control
Question 148 (Exam A): Which one of the following is TRUE?
- Ordered policy is a sub-policy within anothe policy.
Question 149 (Exam A): You have discovered suspicious activity. What is the BEST immediate action to take?
- Create a Suspicious Activity Monitoring (SAM) rule to block that traffic.
Question 150 (Exam A): Which of the following is NOT an identity source used for Identity Awareness?
- AD Query
Question 151 (Exam A): Which statement describes what Identity Sharing is in Identity Awareness?
- Management servers can acquire and share identities with Security Gateways
Question 152 (Exam A): What is the order of NAT priorities?
- Static NAT, hide NAT, IP Pool NAT
Question 153 (Exam A): Which Security Blade needs to be enabled?
- Threat Extraction
Question 154 (Exam A): What are the three essential components of the Check Point Security Management Architecture?
- SmartConsole, Security Management Server, and Security Gateway
Question 155 (Exam A): A layer can support different combinations of blades. What are the blades?
- Firewall, URL Filtering, Content Awareness, and Mobile Access
Question 156 (Exam A): What type of NAT is a one-to-one relationship?
- Static
Question 157 (Exam A): Which option in tracking allows you to see the amount of data passed?
- Logs
Question 158 (Exam A): If there are two administrators... What must be done to make them available? - Publish or discard the session.
Question 159 (Exam A): Which is NOT an alert option?
- User defined (or high) alert
Question 160 (Exam A): Which Identity Source(s) should be selected?
- Endpoint Identity Agent and Browser-Based Authentication
Question 161 (Exam A): Which Check Point software blade provides?
- Threat Emulation
Question 162 (Exam A): Which options are given on features while editing a role?
- Read/Write, Read Only, None
Question 163 (Exam A): Which Check Point tool is used to automatically update Check Point products for the Gaia OS?
- Check Point Upgrade Service Engine (CPUSE)
Question 164 (Exam A): Fill in the blanks: A Security Policy is created in and stored in the
- Rule base, Security Management Server.
Question 165 (Exam A): What is NOT an advantage of Stateful Inspection?
- No Screening above Network Layer
Question 166 (Exam A): Fill in the blank: Once a license is activated, a _____ should be installed.
- License Contract file
Question 167 (Exam A): Where is the "Hit Count" feature enabled or disabled in SmartConsole?
- On the Policy layer.
Question 168 (Exam A): Fill in the blank: The _____ is used to obtain identification and security information.
- User Directory
Question 169 (Exam A): When you upload a package or license, where is the package or license stored?
- Security Management Server
Question 170 (Exam A): By default, which port does the WebUI listen on?
- 443
Question 171 (Exam A): True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway
- True, CLI is the preferred method for licensing
Question 172 (Exam A): Fill in the blanks: A Check Point software license consists of a ____ and _____.
- Software blade; software container
Question 173 (Exam A): SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following:
- Security Policy Management, Log Analysis, System Health Monitoring, Multi-Domain Security Management.
Question 174 (Exam A): Which of the following is NOT a tracking log option?
- Full Log
Question 175 (Exam A): Fill in the blank: To create a policy for traffic to or from a specific geographical location, use the _____.
- Geo Policy shared policy
Question 176 (Exam A): Where can alerts be viewed?
- SmartView Monitor.
Question 177 (Exam A): Which of the following is NOT a valid application navigation tab?
- Manage and Command Line
Question 178 (Exam A): Fill in the blank: An identity server uses a _____ to trust a Terminal Server Identity Agent.
- Certificate
Question 179 (Exam A): If the administrator is currently updating the network objects what should John do before installing a policy?
- Publish the session.
Question 180 (Exam A): What technologies are used to deny or permit network traffic?
- Stateful Inspection, Firewall Blade, and URL/Application Blade
Question 181 (Exam A): When connected to the Check Point Management Server, when the first administrator connects, what does that admin have a lock on?
- The entire Management Database and other administrators can connect to make changes.
Question 182 (Exam A): Using AD Query, what protocol?
- LDAP
Question 183 (Exam A): Bob and Joe both have Admin Roles, what BEST describes their situation?
- Since they both are logged in on different interfaces, they will be able to make changes.
Question 184 (Exam A): If there is an Accept Implied Policy set to “First”, what is the reason Jorge cannot see any logs?
- Track log column is set to Log instead of Full Log
Question 185 (Exam A): Which Threat Prevention Software Blade provides protection?
- IPS
Question 186 (Exam A): What is the purpose of Stealth Rule?
- To drop any traffic destined for the firewall.
Question 187 (Exam A): Which licensing model? (Choose the best answer.)
- Local licensing because it ties the package license to the IP-address of the gateway.
Question 188 (Exam A): Fill in the blanks: Default port numbers for an LDAP server is ____ for standard connections and _____ for SSL connections.
- 389, 636
Question 189 (Exam A): Identity Awareness allows the Security Administrator.
- Network location, identity of a user, and identity of a machine.
Question 190 (Exam A): Using the SmartConsole, which pre-defined Permission Profile should be assigned?
- Read Only All
Question 191 (Exam A): If an administrator wants to restrict network access, what is the best way?
- Create an Access Role object with specific users/user groups and specific networks.
Question 192 (Exam A): Which command shows the installed licenses in Expert mode?
- cplic print
Question 193 (Exam A): Which single Security Blade can block downloaded malicious files?
- Anti-Virus, Anti-Malware
Question 194 (Exam A): What object type would be used to grant network access to an LDAP user group?
- Access Role
Question 195 (Exam A): In the Check Point Security Management Architecture, which component(s) can store logs?
- Security Management Server and Security Gateway
Question 196 (Exam A): Choose what BEST describes a session.
- Starts when an Administrator logs in, and ends when the administrator publishes changes made.
Question 197 (Exam A): Which Check Point tool is used to sanitize malicious content?
- Threat Extraction
Question 198 (Exam A): Fill in the blank: In order to install a license, it must first be added to the _____.
- License and Contract repository
Question 199 (Exam A): Which software blade does NOT accompany the Threat Prevention policy?
- Anti-virus
Question 200 (Exam A): Which authentication method for Identity Awareness?
- RSA
Question 201 (Exam A): Which of the following is NOT a function?
- Verify and compile Security Policies
Question 202 (Exam A): Fill in the blank: RADIUS Accounting gets _____ data from requests.
- Identity
Question 203 (Exam A): When a gateway requires user information...
- First the internal user database, then generic external user profile, finally LDAP servers in order of priority.
Question 204 (Exam A): Which Threat Tool within SmartConsole?
- Whitelist Files
Question 205 (Exam A): What is the Transport layer of the TCP/IP responsible for?
- It transports packets as datagrams along different routes
Question 206 (Exam A): Which of the complete statements is NOT true?
- edit the home directory of the user
Question 207 (Exam A): An administrator wishes to enable Identity Awareness.
- Browser-Based Authentication
Question 208 (Exam A): Which Check Point supported authentication scheme typically requires a token?
- SecurID
Question 209 (Exam A): Which Check Point software blade provides visibility of users?
- Identity Awareness
Question 210 (Exam A): Fill in the blank: Backup and restores can be accomplished through ___.
- SmartUpdate, SmartBackup, or SmartConsole
Question 211 (Exam A): Which SmartConsole tab shows logs?
- Logs Monitor
Question 212 (Exam A): You received a call that a user can't browse the internet