156-215.80 : Check Point Certified Security Administrator (CCSA R80) : Part 19
-
Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?
- SmartManager
- SmartConsole
- Security Gateway
- Security Management Server
-
Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?
- All of the above options stop Check Point processes
- backup
- migrate export
- snapshot
-
What is the Transport layer of the TCP/IP model responsible for?
- It transports packets as datagrams along different routes to reach their destination.
- It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.
- It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.
- It deals with all aspects of the physical components of network connectivity and connects with different network types.
-
What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global Properties?
- A host route to route to the destination server
- Use the file local.arp to add the ARP entries for NAT to work
- Nothing, the Gateway takes care of all details necessary
- Enabling ‘Allow bi-directional NAT’ for NAT to work correctly
-
In the Check Point Security Management Architecture, which component(s) can store logs?
- SmartConsole
- Security Management Server and Security Gateway
- Security Management Server
- SmartConsole and Security Management Server
-
In order to install a license, it must first be added to the ____________.
- User Center
- Package repository
- Download Center Web site
- License and Contract repository
-
When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:
- Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.
- Windows registry is available for future Security Management Server authentications.
- There is no memory used for saving a fingerprint anyway.
- SmartConsole cache is available for future Security Management Server authentications.
-
By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.
- SHA-256
- SHA-200
- MD5
- SHA-128
-
Which message indicates IKE Phase 2 has completed successfully?
- Quick Mode Complete
- Aggressive Mode Complete
- Main Mode Complete
- IKE Mode Complete
-
Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.
What is the possible explanation for this?
- DNS Rule is using one of the new features of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.
- Another administrator is logged into the Management and currently editing the DNS Rule.
- DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.
- This is normal behavior in R80 when there are duplicate rules in the Rule Base.
-
When tunnel test packets no longer invoke a response, Tunnel and User Monitoring displays _____________ for the given VPN tunnel.
- Down
- No Response
- Inactive
- Failed
-
Which of the following is the most secure means of authentication?
- Password
- Certificate
- Token
- Pre-shared secret
-
What is the BEST command to view configuration details of all interfaces in Gaia CLISH?
-
ifconfig -a
-
show interfaces all
-
show interfaces detail
-
show configuration interfaces
-
-
Authentication rules are defined for ____________.
- User groups
- Users using UserCheck
- Individual users
- All users in the database
-
Which Threat Tool within SmartConsole provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?
- ThreatWiki
- Whitelist Files
- AppWiki
- IPS Protections
-
Which of the following is an authentication method used for Identity Awareness?
- SSL
- Captive Portal
- PKI
- RSA
-
The SIC Status “Unknown” means
- There is connection between the gateway and Security Management Server but it is not trusted.
- The secure communication is established.
- There is no connection between the gateway and Security Management Server.
- The Security Management Server can contact the gateway, but cannot establish SIC.
Explanation:SIC Status
After the gateway receives the certificate issued by the ICA, the SIC status shows if the Security Management Server can communicate securely with this gateway:
Communicating – The secure communication is established.
Unknown – There is no connection between the gateway and Security Management Server.
Not Communicating – The Security Management Server can contact the gateway, but cannot establish SIC. A message shows more information. -
What is a reason for manual creation of a NAT rule?
- In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.
- Network Address Translation of RFC1918-compliant networks is needed to access the Internet.
- Network Address Translation is desired for some services, but not for others.
- The public IP-address is different from the gateway’s external IP
-
Which of the following commands is used to verify license installation?
- Cplic verify license
- Cplic print
- Cplic show
- Cplic license
-
To enforce the Security Policy correctly, a Security Gateway requires:
- a routing table
- awareness of the network topology
- a Demilitarized Zone
- a Security Policy install
Explanation:The network topology represents the internal network (both the LAN and the DMZ) protected by the gateway. The gateway must be aware of the layout of the network topology to:
Correctly enforce the Security Policy.
Ensure the validity of IP addresses for inbound and outbound traffic.
Configure a special domain for Virtual Private Networks.