NEW QUESTION 1

A digital signature:

• A. Guarantees the authenticity and integrity of a message.
• B. Automatically exchanges shared keys.
• C. Decrypts data to its original form.
• D. Provides a secure key exchange mechanism over the Internet.

Answer: A

NEW QUESTION 2

Which of the following is a hash algorithm?

• A. 3DES
• B. IDEA
• C. DES
• D. MD5

Answer: D

NEW QUESTION 3

Which of the following describes how Threat Extraction functions?

• A. Detect threats and provides a detailed report of discovered threats
• B. Proactively detects threats
• C. Delivers file with original content
• D. Delivers PDF versions of original files with active content removed

Answer: B

NEW QUESTION 4

Which of the following is NOT an alert option?

• A. SNMP
• B. High alert
• C. Mail
• D. User defined alert

Answer: B

Explanation:
In Action, select:
none - No alert.
log - Sends a log entry to the database.
alert - Opens a pop-up window to your desktop.
mail - Sends a mail alert to your Inbox.
snmptrap - Sends an SNMP alert.
useralert - Runs a script. Make sure a user-defined action is available. Go to SmartDashboard > Global Properties > Log and Alert > Alert Commands.

NEW QUESTION 5

Which command can you use to verify the number of active concurrent connections?

• A. fw conn all
• B. fw ctl pst pstat
• C. show all connections
• D. show connections

Answer: B

NEW QUESTION 6

Fill in the blank: The ____ software blade enables Application Security policies to allow, block, or limit website access based on user, group, and machine identities.

• A. Application Control
• B. Data Awareness
• C. URL Filtering
• D. Threat Emulation

Answer: A

NEW QUESTION 7

Which of the following statements accurately describes the command snapshot?

• A. snapshot creates a full OS-level backup, including network-interface data, Check Point production information, and configuration settings of a GAiA Security Gateway.
• B. snapshot creates a Security Management Server full system-level backup on any OS
• C. snapshot stores only the system-configuration settings on the Gateway
• D. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server

Answer: A

NEW QUESTION 8

You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After a while, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?

• A. Run fwm dbexport -1 filenam
• B. Restore the databas
• C. Then, run fwm dbimport -1 filename to import the users.
• D. Run fwm_dbexport to export the user databas
• E. Select restore the entire database in the Database Revision scree
• F. Then, run fwm_dbimport.
• G. Restore the entire database, except the user database, and then create the new user and user group.
• H. Restore the entire database, except the user database.

Answer: D

NEW QUESTION 9

R80 Security Management Server can be installed on which of the following operating systems?

• A. Gaia only
• B. Gaia, SPLAT, Windows Server only
• C. Gaia, SPLAT, Windows Server and IPSO only
• D. Gaia and SPLAT only

Answer: A

Explanation:
R80 can be installed only on GAIA OS.
Supported Check Point Installations All R80 servers are supported on the Gaia Operating System:
• Security Management Server
• Multi-Domain Security Management Server
• Log Server
• Multi-Domain Log Server
• SmartEvent Server

NEW QUESTION 10

What happens if the identity of a user is known?

• A. If the user credentials do not match an Access Role, the traffic is automatically dropped.
• B. If the user credentials do not match an Access Role, the system displays a sandbox.
• C. If the user credentials do not match an Access Role, the gateway moves onto the next rule.
• D. If the user credentials do not match an Access Role, the system displays the Captive Portal.

Answer: C

NEW QUESTION 11

Which of the following is an authentication method used for Identity Awareness?

• A. SSL
• B. Captive Portal
• C. PKI
• D. RSA

Answer: B

NEW QUESTION 12

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

• A. Rule is locked by AdminA, because the save bottom has not been press.
• B. Rule is locked by AdminA, because an object on that rule is been edited.
• C. Rule is locked by AdminA, and will make it available if session is published.
• D. Rule is locked by AdminA, and if the session is saved, rule will be available

Answer: C

NEW QUESTION 13

Which repositories are installed on the Security Management Server by SmartUpdate?

• A. License and Update
• B. Package Repository and Licenses
• C. Update and License and Contract
• D. License and Contract and Package Repository

Answer: D

NEW QUESTION 14

Which utility shows the security gateway general system information statistics like operating system information and resource usage, and individual software blade statistics of VPN, Identity Awareness and DLP?

• A. cpconfig
• B. fw ctl pstat
• C. cpview
• D. fw ctl multik stat

Answer: C

Explanation:
CPView Utility is a text based built-in utility that can be run ('cpview' command) on Security Gateway / Security Management Server / Multi-Domain Security Management Server. CPView Utility shows statistical data that contain both general system information (CPU, Memory, Disk space) and information for different Software Blades (only on Security Gateway). The data is continuously updated in easy to access views.

NEW QUESTION 15

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

• A. SmartView Monitor
• B. SmartEvent
• C. SmartUpdate
• D. SmartDashboard

Answer: B

Explanation:
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously.

NEW QUESTION 16

You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

• A. fw ctl multik dynamic_dispatching on
• B. fw ctl multik dynamic_dispatching set_mode 9
• C. fw ctl multik set_mode 9
• D. fw ctl miltik pq enable

Answer: C

NEW QUESTION 17

Which Check Point software blade provides protection from zero-day and undiscovered threats?

• A. Firewall
• B. Threat Emulation
• C. Application Control
• D. Threat Extraction

Answer: D

Explanation:
SandBlast Threat Emulation
As part of the Next Generation Threat Extraction software bundle (NGTX), the SandBlast Threat Emulation capability prevents infections from undiscovered exploits zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network.

NEW QUESTION 18

How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

• A. Change the gateway settings to allow Captive Portal access via an external interface.
• B. No action is necessar
• C. This access is available by default.
• D. Change the Identity Awareness settings under Global Properties to allow Captive Policy access on all interfaces.
• E. Change the Identity Awareness settings under Global Properties to allow Captive Policy access for an external interface.

Answer: A

NEW QUESTION 19

Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?

• A. DLP
• B. SSL Inspection
• C. Application Control
• D. URL Filtering

Answer: A

Explanation:
Check Point revolutionizes DLP by combining technology and processes to move businesses from passive detection to active Data Loss Prevention. Innovative MultiSpect™ data classification combines user, content and process information to make accurate decisions, while UserCheck™ technology empowers users to remediate incidents in real time. Check Point’s self-educating network-based DLP solution frees IT/security personnel from incident handling and educates users on proper data handling policies—protecting sensitive corporate information from both intentional and unintentional loss.

NEW QUESTION 20

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

• A. I have changed this rule
• B. Someone else has changed this rule
• C. This rule is managed by check point’s SOC
• D. This rule can’t be changed as it’s an implied rule

Answer: A

NEW QUESTION 21
......