Check Point Security Gateway Administration Quiz

Questions and Answers

Question #1: What action must an administrator perform in order for changes made to policy to be enforced by a Security Gateway?

• Install policy
• Save changes
• Install database
• Publish changes (correct)

Question #2: What is the name of the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

• Contract file (.xml)
• Both License (.lic) and Contract (.xml) files (correct)
• license File (.lic)
• cp.macro

Question #3: Which two Identity Awareness daemons are used to support identity sharing?

• Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
• Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
• Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)
• Policy Activation Point (PAP) and Policy Decision Point (PDP) (correct)

Question #4: In which scenario will an administrator need to manually define Proxy ARP?

When they configure an 'Automatic Static NAT' which translates to an IP address that does not belong to one of the firewall’s interfaces (D)

Question #5: What is the file extension for the electronically signed file used by Check Point to translate the features in the license into a code?

.xml (D)

Flashcards are hidden until you start studying

Study Notes

Policy Enforcement

• An administrator must install the policy for changes made to be enforced by a Security Gateway.

Licensing

• The electronically signed file used by Check Point to translate license features into a code is called a license file.
• The license file has an extension of .lic.

Identity Awareness

• The two daemons used to support identity sharing are PDP (Policy Decision Point) and PEP (Policy Enforcement Point).

Proxy ARP

• An administrator needs to manually define Proxy ARP in a scenario where multiple subnets are hiding behind a single IP address.