Study Guide for Cyber PDF
Document Details
Uploaded by Deleted User
Tags
Related
- CompTIA Security+ SY0-701 Exam Questions PDF
- CISSP Sample Questions - Feb 26, 2024 - PDF
- CISSP All-in-One Exam Guide - Chapter 22: Security Incidents PDF
- CompTIA Security+ Exam Prep: Data Sources for Investigations PDF
- SC-100 Cybersecurity Architect Expert Certification Study Cram PDF
- CompTIA CySA+ (CS0-003) Study Guide PDF
Summary
This document contains a study guide for a computer science/cyber security exam, containing practice questions and answers.
Full Transcript
Question 1 ( Exam A ) When enabling tracking on a rule, what is the default option? - - - - Answer : **C** Next Question Question 2 ( Exam A ) Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components? - - - - Answer : ...
Question 1 ( Exam A ) When enabling tracking on a rule, what is the default option? - - - - Answer : **C** Next Question Question 2 ( Exam A ) Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components? - - - - Answer : **B** Next Question Question 3 ( Exam A ) Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code? - - - - Answer : **C** Next Question Question 4 ( Exam A ) Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as \_\_\_\_\_\_\_. - - - - Answer : **C** Next Question Question 5 ( Exam A ) Can you use the same layer in multiple policies or rulebases? - - - - Answer : **A** Next Question Question 6 ( Exam A ) Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made? - - - - Answer : **D** Next Question Question 7 ( Exam A ) Security Gateway software blades must be attached to what? - - - - Answer : **A** Next Question Question 8 ( Exam A ) Which tool allows you to monitor the top bandwidth on smart console? - - - - Answer : **D** Next Question Question 9 ( Exam A ) A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone? - - - - Answer : **A** Next Question Question 10 ( Exam A ) When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering? - - - - Answer : **D** Next Question Question 11 ( Exam A ) Which type of Endpoint Identity Agent includes packet tagging and computer authentication? - - - - Answer : **A** Next Question Question 12 ( Exam A ) Fill in the blanks: Gaia can be configured using \_\_\_\_\_\_\_ the \_\_\_\_\_\_\_\_. - - - - Answer : **A** Next Question Question 13 ( Exam A ) An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE? - - - - Answer : **C** Next Question Question 14 ( Exam A ) In which scenario is it a valid option to transfer a license from one hardware device to another? - - - - Answer : **C** Next Question Question 15 ( Exam A ) What are the three types of UserCheck messages? - - - - Answer : **D** Next Question Question 16 ( Exam A ) A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored? - - - - Answer : **B** Next Question Question 17 ( Exam A ) What is the RFC number that act as a best practice guide for NAT? - - - - Answer : **C** Next Question Question 18 ( Exam A ) URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology? - - - - Answer : **B** Next Question Question 19 ( Exam A ) One of major features in SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy? - - - - Answer : **C** Next Question Question 20 ( Exam A ) What is a role of Publishing? - - - - Answer : **B** Next Question Question 21 ( Exam A ) Name one limitation of using Security Zones in the network? - - - - Answer : **B** Next Question Question 22 ( Exam A ) When configuring LDAP with User Directory integration, changes applied to a User Directory template are: - - - - Answer : **D** Next Question Question 23 ( Exam A ) True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time. - - - - Answer : **C** Next Question Question 24 ( Exam A ) What are the three deployment options available for a security gateway? - - - - Answer : **D** Next Question Question 25 ( Exam A ) Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway? - - - - Answer : **D** Next Question Question 26 ( Exam A ) Choose what BEST describes users on Gaia Platform. - - - - Answer : **B** Next Question Question 27 ( Exam A ) Which type of Check Point license ties the package license to the IP address of the Security Management Server? - - - - Answer : **A** Next Question Question 28 ( Exam A ) An administrator wishes to use Application objects in a rule in their policy, but there are no Application objects listed as options to add when clicking the \"+\" to add new items to the \"Services & Applications\" column of a rule. What should be done to fix this? - - - - Answer : **B** Next Question Question 29 ( Exam A ) Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance? - - - - Answer : **B** Next Question Question 30 ( Exam A ) Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address? - - - - Answer : **D** Next Question Question 31 ( Exam A ) What is the purpose of Captive Portal? - - - - Answer : **C** Next Question Question 32 ( Exam A ) Which of these is NOT a feature or benefit of Application Control? - - - - Answer : **C** Next Question Question 33 ( Exam A ) Identity Awareness allows easy configuration for network access and auditing based on what three items? - - - - Answer : **B** Next Question Question 34 ( Exam A ) How do logs change when the \"Accounting\" tracking option is enabled on a traffic rule? - - - - Answer : **A** Next Question Question 35 ( Exam A ) Fill in the blank: The position of an Implied rule is manipulated in the \_\_\_\_\_\_\_ window. - - - - Answer : **B** Next Question Question 36 ( Exam A ) You have enabled \"Extended Log\" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason? - - - - Answer : **C** Next Question Question 37 ( Exam A ) How many layers make up the TCP/IP model? - - - - Answer : **B** Next Question Question 38 ( Exam A ) Fill in the blank: The \_\_\_\_\_ feature allows administrators to share a policy with other policy packages. - - - - Answer : **D** Next Question Question 39 ( Exam A ) Access roles allow the firewall administrator to configure network access according to: - - - - Answer : **D** Next Question Question 40 ( Exam A ) In SmartEvent, a correlation unit (CU) is used to do what? - - - - Answer : **C** Next Question Question 41 ( Exam A ) The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful Inspections and Proxies, which statement is correct? - - - - Answer : **C** Next Question Question 42 ( Exam A ) What are the Threat Prevention software components available on the Check Point Security Gateway? - - - - Answer : **B** Next Question Question 43 ( Exam A ) Check Point licenses come in two forms. What are those forms? - - - - Answer : **A** Next Question Question 44 ( Exam A ) Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true? - - - - Answer : **A** Next Question Question 45 ( Exam A ) What is the default tracking option of a rule? - - - - Answer : **B** Next Question Question 46 ( Exam A ) A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic? - - - - Answer : **B** Next Question Question 47 ( Exam A ) The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands? - - - - Answer : **C** Next Question Question 48 ( Exam A ) Where can administrator edit a list of trusted SmartConsole clients? - - - - Answer : **B** Next Question Question 49 ( Exam A ) In which deployment is the security management server and Security Gateway installed on the same appliance? - - - - Answer : **A** Next Question Question 50 ( Exam A ) When dealing with rule base layers, what two layer types can be utilized? - - - - Answer : **B** Question 51 ( Exam A ) How can the changes made by an administrator before publishing the session be seen by a Super User administrator? - - - - Answer : **C** Next Question Question 52 ( Exam A ) What are the three main components of Check Point security management architecture? - - - - Answer : **A** Next Question Question 53 ( Exam A ) What is the main objective when using Application Control? - - - - Answer : **A** Next Question Question 54 ( Exam A ) What command from the CLI would be used to view current licensing? - - - - Answer : **C** Next Question Question 55 ( Exam A ) In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform? - - - - Answer : **C** Next Question Question 56 ( Exam A ) The Gateway Status view in SmartConsole shows the overall status of Security Gateways and Software Blades. What does the Status Attention mean? - - - - Answer : **C** Next Question Question 57 ( Exam A ) Which of the following is NOT an authentication scheme used for accounts created through SmartConsole? - - - - Answer : **C** Next Question Question 58 ( Exam A ) Which of the following is NOT a component of a Distinguished Name? - - - - Answer : **C** Next Question Question 59 ( Exam A ) In SmartConsole, on which tab are Permissions and Administrators defined? - - - - Answer : **A** Next Question Question 60 ( Exam A ) Which of the following is used to initially create trust between a Gateway and Security Management Server? - - - - Answer : **D** Next Question Question 61 ( Exam A ) How many users can have read/write access in Gaia Operating System at one time? - - - - Answer : **A** Next Question Question 62 ( Exam A ) What is the default shell of Gaia CLI? - - - - Answer : **A** Next Question Question 63 ( Exam A ) The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method? - - - - Answer : **C** Next Question Question 64 ( Exam A ) In which scenario will an administrator need to manually define Proxy ARP? - - - - Answer : **C** Next Question Question 65 ( Exam A ) Which Threat Prevention profile uses sanitization technology? - - - - Answer : **B** Next Question Question 66 ( Exam A ) Which two Identity Awareness daemons are used to support identity sharing? - - - - Answer : **D** Next Question Question 67 ( Exam A ) Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices? - - - - Answer : **B** Next Question Question 68 ( Exam A ) To provide updated malicious data signatures to all Threat Prevention blades, the Threat Prevention gateway does what with the data? - - - - Answer : **D** Next Question Question 69 ( Exam A ) Which policy type is used to enforce bandwidth and traffic control rules? - - - - Answer : **D** Next Question Question 70 ( Exam A ) When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take? - - - - Answer : **A** Next Question Question 71 ( Exam A ) Fill in the blank: An Endpoint identity agent uses a \_\_\_\_\_ for user authentication. - - - - Answer : **B** Next Question Question 72 ( Exam A ) Fill in the blanks: The \_\_\_\_\_\_\_ collects logs and sends them to the \_\_\_\_\_\_\_. - - - - Answer : **D** Next Question Question 73 ( Exam A ) Which of the following is NOT an advantage to using multiple LDAP servers? - - - - Answer : **C** Next Question Question 74 ( Exam A ) Fill in the blanks: The Application Layer Firewalls inspect traffic through the \_\_\_\_\_\_ layer(s) of the TCP/IP model and up to and including the \_\_\_\_\_\_ layer. - - - - Answer : **C** Next Question Question 75 ( Exam A ) When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, what does that indicate? - - - - Answer : **B** Next Question Question 76 ( Exam A ) DLP and Geo Policy are examples of what type of Policy? - - - - Answer : **B** Next Question Question 77 ( Exam A ) Fill in the blanks: In \_\_\_\_\_ NAT, Only the \_\_\_\_\_\_\_\_ is translated. - - - - Answer : **D** Next Question Question 78 ( Exam A ) Which of the following is considered a \"Subscription Blade\", requiring renewal every 1-3 years? - - - - Answer : **A** Next Question Question 79 ( Exam A ) In large organizations where there are a number of managed Check Point firewalls that generate a lot of logs it is recommended to Install the Log Server on a dedicated computer. Which statement is FALSE? - - - - Answer : **A** Next Question Question 80 ( Exam A ) In order to modify Security Policies the administrator can use which of the following tools? (Choose the best answer.) - - - - Answer : **B** Next Question Question 81 ( Exam A ) A SAM rule Is implemented to provide what function or benefit? - - - - Answer : **B** Next Question Question 82 ( Exam A ) Is it possible to have more than one administrator connected to a Security Management Server at once? - - - - Answer : **C** Next Question Question 83 ( Exam A ) Which default Gaia user has full read/write access? - - - - Answer : **A** Next Question Question 84 ( Exam A ) Which is a main component of the Check Point security management architecture? - - - - Answer : **C** Next Question Question 85 ( Exam A ) When using Automatic Hide NAT, what is enabled by default? - - - - Answer : **A** Next Question Question 86 ( Exam A ) Which of the following cannot be configured in an Access Role Object? - - - - Answer : **C** Next Question Question 87 ( Exam A ) What are the two types of NAT supported by the Security Gateway? - - - - Answer : **C** Next Question Question 88 ( Exam A ) In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway? - - - - Answer : **C** Next Question Question 89 ( Exam A ) What is UserCheck? - - - - Answer : **D** Next Question Question 90 ( Exam A ) What is the default shell for the command line interface? - - - - Answer : **A** Next Question Question 91 ( Exam A ) When configuring Anti-Spoofing, which tracking options can an Administrator select? - - - - Answer : **A** Next Question Question 92 ( Exam A ) Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? (Choose the best answer.) - - - - Answer : **A** Next Question Question 93 ( Exam A ) Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1? - - - - Answer : **B** Next Question Question 94 ( Exam A ) Which of the following licenses are considered temporary? - - - - Answer : **A** Next Question Question 95 ( Exam A ) Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) \_\_\_\_\_\_\_\_\_\_\_ Server. - - - - Answer : **B** Next Question Question 96 ( Exam A ) In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms? - - - - Answer : **B** Next Question Question 97 ( Exam A ) Core Protections are installed as part of what Policy? - - - - Answer : **A** Next Question Question 98 ( Exam A ) A Check Point Software license consists of two components, the Software Blade and the Software Container. There are \_\_\_\_\_\_ types of Software Containers: \_\_\_\_\_\_\_\_. - - - - Answer : **C** Next Question Question 99 ( Exam A ) In HTTPS Inspection policy, what actions are available in the \"Actions\" column of a rule? - - - - Answer : **A** Next Question Question 100 ( Exam A ) Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using \_\_\_\_\_\_\_\_\_\_\_. - - - - Answer : **A** Question 101 ( Exam A ) With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis? - - - - Answer : **D** Next Question Question 102 ( Exam A ) Choose what BEST describes the reason why querying logs now are very fast. - - - - Answer : **B** Next Question Question 103 ( Exam A ) Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system? - - - - Answer : **B** Next Question Question 104 ( Exam A ) What is the main difference between Static NAT and Hide NAT? - - - - Answer : **B** Next Question Question 105 ( Exam A ) Which application is used for the central management and deployment of licenses and packages? - - - - Answer : **C** Next Question Question 106 ( Exam A ) Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud? - - - - Answer : **D** Next Question Question 107 ( Exam A ) Why is a Central License the preferred and recommended method of licensing? - - - - Answer : **D** Next Question Question 108 ( Exam A ) Which of the following technologies extracts detailed information from packets and stores that information in state tables? - - - - Answer : **C** Next Question Question 109 ( Exam A ) What default layers are included when creating a new policy layer? - - - - Answer : **A** Next Question Question 110 ( Exam A ) When changes are made to a Rule base, it is important to \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ to enforce changes. - - - - Answer : **C** Next Question Question 111 ( Exam A ) After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do? - - - - Answer : **D** Next Question Question 112 ( Exam A ) Secure Internal Communication (SIC) is handled by what process? - - - - Answer : **D** Next Question Question 113 ( Exam A ) To increase security, the administrator has modified the Core protection 'Host Port Scan' from 'Medium' to 'High' Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes? - - - - Answer : **D** Next Question Question 114 ( Exam A ) Name the utility that is used to block activities that appear to be suspicious. - - - - Answer : **C** Next Question Question 115 ( Exam A ) When should you generate new licenses? - - - - Answer : **A** Next Question Question 116 ( Exam A ) When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service? - - - - Answer : **C** Next Question Question 117 ( Exam A ) Which deployment adds a Security Gateway to an existing environment without changing IP routing? - - - - Answer : **D** Next Question Question 118 ( Exam A ) Name the pre-defined Roles included in Gaia OS. - - - - Answer : **A** Next Question Question 119 ( Exam A ) Gaia has two default user accounts that cannot be deleted. What are those user accounts? - - - - Answer : **D** Next Question Question 120 ( Exam A ) Name the authentication method that requires token authenticator. - - - - Answer : **A** Next Question Question 121 ( Exam A ) Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware? - - - - Answer : **D** Next Question Question 122 ( Exam A ) Log query results can be exported to what file format? - - - - Answer : **B** Next Question Question 123 ( Exam A ) There are four policy types available for each policy package. What are those policy types? - - - - Answer : **D** Next Question Question 124 ( Exam A ) Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS? - - - - Answer : **D** Next Question Question 125 ( Exam A ) The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways. Which statement best describes this Secure Internal Communication (SIC)? - - - - Answer : **A** Next Question Question 126 ( Exam A ) Fill in the blank: SmartConsole, SmartEvent GUI client, and \_\_\_\_\_\_\_\_\_\_\_ allow viewing of billions of consolidated logs and shows them as prioritized security events. - - - - Answer : **C** Next Question Question 127 ( Exam A ) What kind of NAT enables Source Port Address Translation by default? - - - - Answer : **C** Next Question Question 128 ( Exam A ) Application Control/URL filtering database library is known as: - - - - Answer : **B** Next Question Question 129 ( Exam A ) What are the types of Software Containers? - - - - Answer : **B** Next Question Question 130 ( Exam A ) Stateful Inspection compiles and registers connections where? - - - - Answer : **C** Next Question Question 131 ( Exam A ) Security Zones do no work with what type of defined rule? - - - - Answer : **B** Next Question Question 132 ( Exam A ) Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)? - - - - Answer : **A** Next Question Question 133 ( Exam A ) Which of the following is NOT a valid deployment option? - - - - Answer : **B** Next Question Question 134 ( Exam A ) Which of the following is NOT a method used by Identity Awareness for acquiring identity? - - - - Answer : **A** Next Question Question 135 ( Exam A ) What Check Point tool is used to automatically update Check Point products for the Gaia OS? - - - - Answer : **B** Next Question Question 136 ( Exam A ) What are the advantages of a \"shared policy\"? - - - - Answer : **B** Next Question Question 137 ( Exam A ) URL Filtering cannot be used to: - - - - Answer : **A** Next Question Question 138 ( Exam A ) Which SmartConsole application shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns? - - - - Answer : **A** Next Question Question 139 ( Exam A ) Which of the following is used to extract state related information from packets and store that information in state tables? - - - - Answer : **A** Next Question Question 140 ( Exam A ) Which part of SmartConsole allows administrators to add, edit delete, and clone objects? - - - - Answer : **D** Next Question Question 141 ( Exam A ) For Automatic Hide NAT rules created by the administrator what is a TRUE statement? - - - - Answer : **C** Next Question Question 142 ( Exam A ) Which of the following is true about Stateful Inspection? - - - Answer : **C** Next Question Question 143 ( Exam A ) What is the user ID of a user that have all the privileges of a root user? - - - - Answer : **C** Next Question Question 144 ( Exam A ) What are the two elements of address translation rules? - - - - Answer : **C** Next Question Question 145 ( Exam A ) Fill in the blanks: A \_\_\_\_\_\_\_ license requires an administrator to designate a gateway for attachment whereas a \_\_\_\_\_\_\_ license is automatically attached to a Security Gateway. - - - - Answer : **C** Next Question Question 146 ( Exam A ) Fill in the blank: RADIUS protocol uses \_\_\_\_\_\_\_\_\_ to communicate with the gateway. - - - - Answer : **A** Next Question Question 147 ( Exam A ) Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine? - - - - Answer : **D** Next Question Question 148 ( Exam A ) Which one of the following is TRUE? - - - - Answer : **D** Next Question Question 149 ( Exam A ) You have discovered suspicious activity in your network. What is the BEST immediate action to take? - - - - Answer : **C** Next Question Question 150 ( Exam A ) Which of the following is NOT an identity source used for Identity Awareness? - - - - Answer : **D** Question 151 ( Exam A ) Which statement describes what Identity Sharing is in Identity Awareness? - - - - Answer : **B** Next Question Question 152 ( Exam A ) What is the order of NAT priorities? - - - - Answer : **C** Next Question Question 153 ( Exam A ) Which Security Blade needs to be enabled in order to sanitize and remove potentially malicious content from files, before those files enter the network? - - - - Answer : **D** Next Question Question 154 ( Exam A ) What are the three essential components of the Check Point Security Management Architecture? - - - - Answer : **B** Next Question Question 155 ( Exam A ) A layer can support different combinations of blades. What are the supported blades: - - - - Answer : **B** Next Question Question 156 ( Exam A ) What type of NAT is a one-to-one relationship where each host is translated to a unique address? - - - - Answer : **D** Next Question Question 157 ( Exam A ) Which option in tracking allows you to see the amount of data passed in the connection? - - - - Answer : **D** Next Question Question 158 ( Exam A ) If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? (Choose the BEST answer.) - - - - Answer : **D** Next Question Question 159 ( Exam A ) Which of the following is NOT an alert option? - - - - Answer : **D** Next Question Question 160 ( Exam A ) Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers? - - - - Answer : **C** Next Question Question 161 ( Exam A ) Which Check Point software blade provides protection from zero-day and undiscovered threats? - - - - Answer : **A** Next Question Question 162 ( Exam A ) Which options are given on features, when editing a Role on Gaia Platform? - - - - Answer : **C** Next Question Question 163 ( Exam A ) AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a lock icon on a rule? (Choose the BEST answer.) - - - - Answer : **B** Next Question Question 164 ( Exam A ) Fill in the blanks: A Security Policy is created in \_\_\_\_\_, stored in the \_\_\_\_\_, and Distributed to the various \_\_\_\_\_\_\_. - - - - Answer : **D** Next Question Question 165 ( Exam A ) What is NOT an advantage of Stateful Inspection? - - - - Answer : **C** Next Question Question 166 ( Exam A ) Fill in the blank: Once a license is activated, a \_\_\_\_\_\_ should be installed. - - - - Answer : **D** Next Question Question 167 ( Exam A ) Where is the "Hit Count" feature enabled or disabled in SmartConsole? - - - - Answer : **C** Next Question Question 168 ( Exam A ) Fill in the blank: The \_\_\_\_\_\_ is used to obtain identification and security information about network users. - - - - Answer : **C** Next Question Question 169 ( Exam A ) When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored? - - - - Answer : **C** Next Question Question 170 ( Exam A ) By default, which port does the WebUI listen on? - - - - Answer : **D** Next Question Question 171 ( Exam A ) True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway. - - - - Answer : **D** Next Question Question 172 ( Exam A ) Fill in the blanks: A Check Point software license consists of a \_\_\_\_\_\_\_ and \_\_\_\_\_\_\_. - - - - Answer : **C** Next Question Question 173 ( Exam A ) SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following: - - - - Answer : **B** Next Question Question 174 ( Exam A ) Which of the following is NOT a tracking log option in R80.x? - - - - Answer : **D** Next Question Question 175 ( Exam A ) Fill in the blank: To create a policy for traffic to or from a specific geographical location, use the \_\_\_\_\_\_. - - - - Answer : **D** Next Question Question 176 ( Exam A ) Where can alerts be viewed? - - - - Answer : **A** Next Question Question 177 ( Exam A ) Which of the following is NOT a valid application navigation tab in SmartConsole? - - - - Answer : **D** Next Question Question 178 ( Exam A ) Fill in the blank: An identity server uses a \_\_\_\_\_\_\_\_\_ to trust a Terminal Server Identity Agent. - - - - Answer : **C** Next Question Question 179 ( Exam A ) John is the administrator of a Security Management server managing a Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John's changes available to other administrators before installing a policy, what should John do? - - - - Answer : **D** Next Question Question 180 ( Exam A ) What technologies are used to deny or permit network traffic? - - - - Answer : **B** Next Question Question 181 ( Exam A ) When connected to the Check Point Management Server using the SmartConsole the first administrator to connect has a lock on: - - - - Answer : **B** Next Question Question 182 ( Exam A ) Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol? - - - - Answer : **C** Next Question Question 183 ( Exam A ) Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in: - - - - Answer : **A** Next Question Question 184 ( Exam A ) If there is an Accept Implied Policy set to "First\", what is the reason Jorge cannot see any logs? - - - - Answer : **C** Next Question Question 185 ( Exam A ) Which Threat Prevention Software Blade provides comprehensive protection against malicious and unwanted network traffic, focusing on application and server vulnerabilities? - - - - Answer : **A** Next Question Question 186 ( Exam A ) What is the purpose of a Stealth Rule? - - - - Answer : **C** Next Question Question 187 ( Exam A ) Which one of the following is the preferred licensing model? (Choose the best answer.) - - - - Answer : **D** Next Question Question 188 ( Exam A ) Fill in the blanks: Default port numbers for an LDAP server is\_\_\_\_ for standard connections and\_\_\_\_ SSL connections. - - - - Answer : **C** Next Question Question 189 ( Exam A ) Identity Awareness allows the Security Administrator to configure network access based on which of the following? - - - - Answer : **B** Next Question Question 190 ( Exam A ) Using the SmartConsole, which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them? - - - - Answer : **B** Next Question Question 191 ( Exam A ) If an administrator wants to restrict access to a network resource, only allowing certain users to access it, and only when they are on a specific network, what is the best way to accomplish this? - - - - Answer : **D** Next Question Question 192 ( Exam A ) Which command shows the installed licenses in Expert mode? - - - - Answer : **D** Next Question Question 193 ( Exam A ) Which type of attack can a firewall NOT prevent? - - - - Answer : **D** Next Question Question 194 ( Exam A ) What object type would you use to grant network access to an LDAP user group? - - - - Answer : **C** Next Question Question 195 ( Exam A ) In the Check Point Security Management Architecture, which component(s) can store logs? - - - - Answer : **D** Next Question Question 196 ( Exam A ) Choose what BEST describes a Session. - - - - Answer : **B** Next Question Question 197 ( Exam A ) Which Check Point Application Control feature enables application scanning and detection? - - - - Answer : **C** Next Question Question 198 ( Exam A ) Fill in the blank: In order to install a license, it must first be added to the \_\_\_\_\_\_. - - - - Answer : **A** Next Question Question 199 ( Exam A ) Which software blade does NOT accompany the Threat Prevention policy? - - - - Answer : **D** Next Question Question 200 ( Exam A ) Which of the following is an authentication method used for Identity Awareness? - - - - Answer : **B** Question 201 ( Exam A ) In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server? - - - - Answer : **D** Next Question Question 202 ( Exam A ) Fill in the blank: RADIUS Accounting gets \_\_\_\_ data from requests generated by the accounting client. - - - - Answer : **D** Next Question Question 203 ( Exam A ) When a gateway requires user information for authentication, what order does it query servers for user information? - - - - Answer : **C** Next Question Question 204 ( Exam A ) Which Threat Tool within SmartConsole provides a list of trusted files for the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed? - - - - Answer : **D** Next Question Question 205 ( Exam A ) What is the Transport layer of the TCP/IP model responsible for? - - - - Answer : **D** Next Question Question 206 ( Exam A ) Which of the completed statements is NOT true? The WebUI can be used to manage Operating System user accounts and: - - - - Answer : **C** Next Question Question 207 ( Exam A ) An administrator wishes to enable Identity Awareness on the Check Point firewalls. However, they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company? - - - - Answer : **B** Next Question Question 208 ( Exam A ) Which Check Point supported authentication scheme typically requires a user to possess a token? - - - - Answer : **D** Next Question Question 209 ( Exam A ) Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies? - - - - Answer : **B** Next Question Question 210 ( Exam A ) Fill in the blank: Backup and restores can be accomplished through \_\_\_\_\_\_\_\_\_. - - - - Answer : **D** Next Question Question 211 ( Exam A ) Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices? - - - - Answer : **A** Next Question Question 212 ( Exam A ) You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic? - - - - Answer : **C** Next Question Question 213 ( Exam A ) While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain? - - - - Answer : **D** Next Question Question 214 ( Exam A ) In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category? - - - - Answer : **D** Next Question Question 215 ( Exam A ) What is the purpose of the Stealth Rule? - - - - Answer : **B** Next Question Question 216 ( Exam A ) Identity Awareness lets an administrator easily configure network access and auditing based on three items. Choose the correct statement. - - - - Answer : **D** Next Question Question 217 ( Exam A ) Which SmartConsole tab is used to monitor network and security performance? - - - - Answer : **B** Next Question Question 218 ( Exam A ) From the Gaia web interface, which of the following operations CANNOT be performed on a Security Management Server? - - - - Answer : **C** Next Question Question 219 ( Exam A ) The SIC Status "Unknown" means: - - - - Answer : **B** Next Question Question 220 ( Exam A ) Fill in the blank: Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is \_\_\_\_\_\_\_\_\_\_. - - - - Answer : **B** Next Question Question 221 ( Exam A ) Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis? - - - - Answer : **D** Next Question Question 222 ( Exam A ) Which of the following situations would not require a new license to be generated and installed? - - - - Answer : **B** Next Question Question 223 ( Exam A ) What does the "unknown" SIC status shown on SmartConsole mean? - - - - Answer : **D** Next Question Question 224 ( Exam A ) Fill in the blank: A(n) \_\_\_\_\_\_\_\_\_\_ rule is created by an administrator and configured to allow or block traffic based on specified criteria. - - - - Answer : **B** Next Question Question 225 ( Exam A ) Of all the Check Point components in your network, which one changes most often and should be backed up most frequently? - - - - Answer : **D** Next Question Question 226 ( Exam A ) When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed? - - - - Answer : **A** Next Question Question 227 ( Exam A ) Which of the following is NOT a type of Endpoint Identity Agent? - - - - Answer : **D** Next Question Question 228 ( Exam A ) What are two basic rules Check Point recommends for building an effective security policy? - - - - Answer : **B** Next Question Question 229 ( Exam A ) Which command is used to add users to or from existing roles? - - - - Answer : **A** Next Question Question 230 ( Exam A ) What licensing feature automatically verifies current licenses and activates new licenses added to the License and Contracts repository? - - - - Answer : **C** Next Question Question 231 ( Exam A ) At what point is the Internal Certificate Authority (ICA) created? - - - - Answer : **A** Next Question Question 232 ( Exam A ) What is NOT an advantage of Packet Filtering? - - - - Answer : **A** Next Question Question 233 ( Exam A ) Which information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option? - - - - Answer : **B** Next Question Question 234 ( Exam A ) Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers? - - - - Answer : **B**
