NEW QUESTION 1

What is the default shell for the command line interface?

• A. Expert
• B. Clish
• C. Admin
• D. Normal

Answer: B

Explanation:
The default shell of the CLI is called clish References:

NEW QUESTION 2

Which of the following is NOT a license activation method?

• A. SmartConsole Wizard
• B. Online Activation
• C. License Activation Wizard
• D. Offline Activation

Answer: A

NEW QUESTION 3

Where does the security administrator activate Identity Awareness within SmartDashboard?

• A. Gateway Object > General Properties
• B. Security Management Server > Identity Awareness
• C. Policy > Global Properties > Identity Awareness
• D. LDAP Server Object > General Properties

Answer: A

NEW QUESTION 4

Under which file is the proxy arp configuration stored?

• A. $FWDIR/state/proxy_arp.conf on the management server
• B. $FWDIR/conf/local.arp on the management server
• C. $FWDIR/state/_tmp/proxy.arp on the security gateway
• D. $FWDIR/conf/local.arp on the gateway

Answer: D

NEW QUESTION 5

What is the mechanism behind Threat Extraction?

• A. This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender
• B. This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient
• C. This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring).
• D. Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast

Answer: D

NEW QUESTION 6

If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

• A. Rename the hostname of the Standby member to match exactly the hostname of the Active member.
• B. Change the Standby Security Management Server to Active.
• C. Change the Active Security Management Server to Standby.
• D. Manually synchronize the Active and Standby Security Management Servers.

Answer: A

NEW QUESTION 7

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

• A. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
• B. Mail, Block Source, Block Destination, Block Services, SNMP Trap
• C. Mail, Block Source, Block Destination, External Script, SNMP Trap
• D. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

Answer: A

NEW QUESTION 8

As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

• A. in the user object's Authentication screen.
• B. in the Gateway object's Authentication screen.
• C. in the Limit tab of the Client Authentication Action Properties screen.
• D. in the Global Properties Authentication screen.

Answer: C

NEW QUESTION 9

Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

• A. Source Address
• B. Destination Address
• C. TCP Acknowledgment Number
• D. Source Port

Answer: C

NEW QUESTION 10

Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?

• A. Check Point software deployed on a non-Check Point appliance.
• B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability.
• C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server andSecurity deployment model.
• D. A check Point Management Server software using the Open SSL.

Answer: A

Explanation:

NEW QUESTION 11

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _____ consolidate billions of logs and shows them as prioritized security events.

• A. SmartMonitor
• B. SmartView Web Application
• C. SmartReporter
• D. SmartTracker

Answer: B

Explanation:
Event Analysis with SmartEvent
The SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, graphical threat management information. SmartConsole, SmartView Web Application, and the SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so you can immediately respond to security incidents, and do the necessary actions to prevent more attacks. You can customize the views to monitor the events that are most important to you. You can move from a high level view to detailed forensic analysis in a few clicks. With the free-text search and suggestions, you can quickly run data analysis and identify critical security events.

NEW QUESTION 12

Which method below is NOT one of the ways to communicate using the Management API’s?

• A. Typing API commands using the “mgmt_cli” command
• B. Typing API commands from a dialog box inside the SmartConsole GUI application
• C. Typing API commands using Gaia’s secure shell (clash)19+
• D. Sending API commands over an http connection using web-services

Answer: D

NEW QUESTION 13

Fill in the blank: Service blades must be attached to a _____ .

• A. Security Gateway
• B. Management container
• C. Management server
• D. Security Gateway container

Answer: A

NEW QUESTION 14

In the Check Point Security Management Architecture, which component(s) can store logs?

• A. SmartConsole
• B. Security Management Server and Security Gateway
• C. Security Management Server
• D. SmartConsole and Security Management Server

Answer: B

NEW QUESTION 15

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

• A. Security questions
• B. Check Point password
• C. SecurID
• D. RADIUS

Answer: A

Explanation:
Authentication Schemes :- Check Point Password
- Operating System Password
- RADIUS
- SecurID
- TACAS
- Undefined If a user with an undefined authentication scheme is matched to a Security Rule with some form of authentication, access is always denied.

NEW QUESTION 16

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

• A. ThreatWiki
• B. Whitelist Files
• C. AppWiki
• D. IPS Protections

Answer: A

NEW QUESTION 17

You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

• A. restore_backup
• B. import backup
• C. cp_merge
• D. migrate import

Answer: A

NEW QUESTION 18

Which Check Point feature enables application scanning and the detection?

• A. Application Dictionary
• B. AppWiki
• C. Application Library
• D. CPApp

Answer: B

Explanation:
AppWiki Application Classification Library
AppWiki enables application scanning and detection of more than 5,000 distinct applications and over 300,000 Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games and more.

NEW QUESTION 19

Which SmartConsole tab is used to monitor network and security performance?

• A. Manage Seeting
• B. Security Policies
• C. Gateway and Servers
• D. Logs and Monitor

Answer: C

NEW QUESTION 20

Where do we need to reset the SIC on a gateway object?

• A. SmartDashboard > Edit Gateway Object > General Properties > Communication
• B. SmartUpdate > Edit Security Management Server Object > SIC
• C. SmartUpdate > Edit Gateway Object > Communication
• D. SmartDashboard > Edit Security Management Server Object > SIC

Answer: A

NEW QUESTION 21
......