156-315.80 : Check Point Certified Security Expert – R80 : Part 04

  1. When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

    • None, Security Management Server would be installed by itself.
    • SmartConsole
    • SecureClient
    • SmartEvent
  2. On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

    • 18210
    • 18184
    • 257
    • 18191
  3. How many images are included with Check Point TE appliance in Recommended Mode?

    • 2(OS) images
    • images are chosen by administrator during installation
    • as many as licensed for
    • the newest image
  4. What is the least amount of CPU cores required to enable CoreXL?

    • 2
    • 1
    • 4
    • 6
  5. You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

    • Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
    • Create Create network objects that restricts all applicable rules to only certain networks.
    • Create network objects that restricts all applicable rules to only certain networks.
    • Run separate SmartConsole instances to login and configure each Security Gateway directly.
  6. Which of the following authentication methods ARE NOT used for Mobile Access?

    • RADIUS server
    • Username and password (internal, LDAP)
    • SecurID
    • TACACS+
  7. What is the correct command to observe the Sync traffic in a VRRP environment?

    • fw monitor –e “accept[12:4,b]=224.0.0.18;”
    • fw monitor –e “accept port(6118;”
    • fw monitor –e “accept proto=mcVRRP;”
    • fw monitor –e “accept dst=224.0.0.18;”
  8. What has to be taken into consideration when configuring Management HA?

    • The Database revisions will not be synchronized between the management servers
    • SmartConsole must be closed prior to synchronized changes in the objects database
    • If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections.
    • For Management Server synchronization, only External Virtual Switches are supported. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.
  9. What is the difference between an event and a log?

    • Events are generated at gateway according to Event Policy
    • A log entry becomes an event when it matches any rule defined in Event Policy
    • Events are collected with SmartWorkflow form Trouble Ticket systems
    • Log and Events are synonyms
  10. What are the attributes that SecureXL will check after the connection is allowed by Security Policy?

    • Source address, Destination address, Source port, Destination port, Protocol
    • Source MAC address, Destination MAC address, Source port, Destination port, Protocol
    • Source address, Destination address, Source port, Destination port
    • Source address, Destination address, Destination port, Protocol
  11. Which statement is NOT TRUE about Delta synchronization?

    • Using UDP Multicast or Broadcast on port 8161
    • Using UDP Multicast or Broadcast on port 8116
    • Quicker than Full sync
    • Transfers changes in the Kernel tables between cluster members.
  12. The Event List within the Event tab contains:

    • a list of options available for running a query.
    • the top events, destinations, sources, and users of the query results, either as a chart or in a tallied list.
    • events generated by a query.
    • the details of a selected event.
  13. Which statement is correct about the Sticky Decision Function?

    • It is not supported with either the Performance pack or a hardware based accelerator card
    • Does not support SPI’s when configured for Load Sharing
    • It is automatically disabled if the Mobile Access Software Blade is enabled on the cluster
    • It is not required L2TP traffic
  14. Which statement is true regarding redundancy?

    • System Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob –f if command.
    • ClusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast.
    • Machines in a ClusterXL High Availability configuration must be synchronized.
    • Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments.
  15. NAT rules are prioritized in which order?

    1. Automatic Static NAT

    2. Automatic Hide NAT

    3. Manual/Pre-Automatic NAT

    4. Post-Automatic/Manual NAT rules

    • 1, 2, 3, 4
    • 1, 4, 2, 3
    • 3, 1, 2, 4
    • 4, 3, 1, 2
  16. In R80.10, how do you manage your Mobile Access Policy?

    • Through the Unified Policy
    • Through the Mobile Console
    • From SmartDashboard
    • From the Dedicated Mobility Tab
  17. R80.10 management server can manage gateways with which versions installed?

    • Versions R77 and higher
    • Versions R76 and higher
    • Versions R75.20 and higher
    • Versions R75 and higher
  18. Which command can you use to verify the number of active concurrent connections?

    • fw conn all
    • fw ctl pstat
    • show all connections
    • show connections
  19. Which of the following statements is TRUE about R80 management plug-ins?

    • The plug-in is a package installed on the Security Gateway.
    • Installing a management plug-in requires a Snapshot, just like any upgrade process.
    • A management plug-in interacts with a Security Management Server to provide new features and support for new products.
    • Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
  20. How can SmartView application accessed?

    • http://<Security Management IP Address>/smartview
    • http://<Security Management IP Address>:4434/smartview/
    • https://<Security Management IP Address>/smartview/
    • https://<Security Management host name>:4434/smartview/
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments