NEW QUESTION 1
True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

• A. True, CLI is the prefer method for Licensing
• B. False, Central License are handled via Security Management Server
• C. False, Central License are installed via Gaia on Security Gateways
• D. True, Central License can be installed with CPLIC command on a Security Gateway

Answer: D

NEW QUESTION 2
Which of the following is used to extract state related information from packets and store that information in state tables?

• A. STATE Engine
• B. TRACK Engine
• C. RECORD Engine
• D. INSPECT Engine

Answer: D

Explanation:
Stateful Inspection, the packet is intercepted at the network layer, but then the INSPECT Engine takes over.
It extracts state-related information required for the security decision from all application layers and maintains this information in dynamic state tables for evaluating subsequent connection attempts.

NEW QUESTION 3
Fill in the blank: In order to install a license, it must first be added to the ______.

• A. User Center
• B. Package repository
• C. Download Center Web site
• D. License and Contract repository

Answer: B

NEW QUESTION 4
In the Check Point Security Management Architecture, which component(s) can store logs?

• A. SmartConsole
• B. Security Management Server and Security Gateway
• C. Security Management Server
• D. SmartConsole and Security Management Server

Answer: B

NEW QUESTION 5
Which two Identity Awareness commands are used to support identity sharing?

• A. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
• B. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)
• C. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
• D. Policy Activation Point (PAP) and Policy Decision Point (PDP)

Answer: A

NEW QUESTION 6
Fill in the blank: Each cluster, at a minimum, should have at least _______ interfaces.

• A. Five
• B. Two
• C. Three
• D. Four

Answer: C

NEW QUESTION 7
Under which file is the proxy arp configuration stored?

• A. $FWDIR/state/proxy_arp.conf on the management server
• B. $FWDIR/conf/local.arp on the management server
• C. $FWDIR/state/_tmp/proxy.arp on the security gateway
• D. $FWDIR/conf/local.arp on the gateway

Answer: D

NEW QUESTION 8
Which of the following commands is used to monitor cluster members in CLI?

• A. show cluster state
• B. show active cluster
• C. show clusters
• D. show running cluster

Answer: A

NEW QUESTION 9
What is the main objective when using Application Control?

• A. To filter out specific content.
• B. To assist the firewall blade with handling traffic.
• C. To see what users are doing.
• D. Ensure security and privacy of information.

Answer: A

Explanation:
https://www.checkpoint.com/cyber-hub/network-security/what-is-application-control/

NEW QUESTION 10
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

• A. Symmetric routing
• B. Failovers
• C. Asymmetric routing
• D. Anti-Spoofing

Answer: B

NEW QUESTION 11
Is it possible to have more than one administrator connected to a Security Management Server at once?

• A. Yes, but only if all connected administrators connect with read-only permissions.
• B. Yes, but objects edited by one administrator will be locked for editing by others until the session is published.
• C. No, only one administrator at a time can connect to a Security Management Server
• D. Yes, but only one of those administrators will have write-permission
• E. All others will have read-only permission.

Answer: B

NEW QUESTION 12
What are the types of Software Containers?

• A. Smart Console, Security Management, and Security Gateway
• B. Security Management, Security Gateway, and Endpoint Security
• C. Security Management, Log & Monitoring, and Security Policy
• D. Security Management, Standalone, and Security Gateway

Answer: B

NEW QUESTION 13
Fill in the blanks: Gaia can be configured using _______ the ________.

• A. Command line interface; WebUI
• B. Gaia Interface; GaiaUI
• C. WebUI; Gaia Interface
• D. GaiaUI; command line interface

Answer: A

Explanation:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/C

NEW QUESTION 14
What two ordered layers make up the Access Control Policy Layer?

• A. URL Filtering and Network
• B. Network and Threat Prevention
• C. Application Control and URL Filtering
• D. Network and Application Control

Answer: D

NEW QUESTION 15
Choose what BEST describes the reason why querying logs now is very fast.

• A. New Smart-1 appliances double the physical memory install
• B. Indexing Engine indexes logs for faster search results
• C. SmartConsole now queries results directly from the Security Gateway
• D. The amount of logs been store is less than the usual in older versions

Answer: B

Explanation:
Ref: https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_LoggingAndMonitoring_Ad

NEW QUESTION 16
When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?

• A. Stateful Inspection offers unlimited connections because of virtual memory usage.
• B. Stateful Inspection offers no benefits over Packet Filtering.
• C. Stateful Inspection does not use memory to record the protocol used by the connection.
• D. Only one rule is required for each connection.

Answer: D

NEW QUESTION 17
If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

• A. Rename the hostname of the Standby member to match exactly the hostname of the Active member.
• B. Change the Standby Security Management Server to Active.
• C. Change the Active Security Management Server to Standby.
• D. Manually synchronize the Active and Standby Security Management Servers.

Answer: A

NEW QUESTION 18
What is the main difference between Threat Extraction and Threat Emulation?

• A. Threat Emulation never delivers a file and takes more than 3 minutes to complete
• B. Threat Extraction always delivers a file and takes less than a second to complete
• C. Threat Emulation never delivers a file that takes less than a second to complete
• D. Threat Extraction never delivers a file and takes more than 3 minutes to complete

Answer: B

NEW QUESTION 19
......