156-315.80 : Check Point Certified Security Expert – R80 : Part 06

  1. Which command gives us a perspective of the number of kernel tables?

    • fw tab -t
    • fw tab -s
    • fw tab -n
    • fw tab -k
  2. When simulating a problem on ClusterXL cluster with cphaprob –d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?

    • cphaprob –d STOP unregister
    • cphaprob STOP unregister
    • cphaprob unregister STOP
    • cphaprob –d unregister STOP
    Explanation:

    esting a failover in a controlled manner using following command;
    # cphaprob -d STOP -s problem -t 0 register
    This will register a problem state on the cluster member this was entered on; If you then run;
    # cphaprob list
    this will show an entry named STOP.
    to remove this problematic register run following;
    # cphaprob -d STOP unregister

  3. How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

    • Install appliance TE250X on SpanPort on LAN switch in MTA mode.
    • Install appliance TE250X in standalone mode and setup MTA.
    • You can utilize only Check Point Cloud Services for this scenario.
    • It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance.
  4. What is the main difference between Threat Extraction and Threat Emulation?

    • Threat Emulation never delivers a file and takes more than 3 minutes to complete.
    • Threat Extraction always delivers a file and takes less than a second to complete.
    • Threat Emulation never delivers a file that takes less than a second to complete.
    • Threat Extraction never delivers a file and takes more than 3 minutes to complete.
  5. When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:

    • Threat Emulation
    • HTTPS
    • QOS
    • VoIP
  6. SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

    • Smart Cloud Services
    • Load Sharing Mode Services
    • Threat Agent Solution
    • Threat Agent Solution
  7. Which of the following is NOT a component of Check Point Capsule?

    • Capsule Docs
    • Capsule Cloud
    • Capsule Enterprise
    • Capsule Workspace
  8. What is the purpose of Priority Delta in VRRP?

    • When a box up, Effective Priority = Priority + Priority Delta
    • When an Interface is up, Effective Priority = Priority + Priority Delta
    • When an Interface fail, Effective Priority = Priority – Priority Delta
    • When a box fail, Effective Priority = Priority – Priority Delta
    Explanation:

    Each instance of VRRP running on a supported interface may monitor the link state of other interfaces. The monitored interfaces do not have to be running VRRP.
    If a monitored interface loses its link state, then VRRP will decrement its priority over a VRID by the specified delta value and then will send out a new VRRP HELLO packet. If the new effective priority is less than the priority a backup platform has, then the backup platform will beging to send out its own HELLO packet.
    Once the master sees this packet with a priority greater than its own, then it releases the VIP.

  9. Which statements below are CORRECT regarding Threat Prevention profiles in SmartConsole?

    • You can assign only one profile per gateway and a profile can be assigned to one rule Only.
    • You can assign multiple profiles per gateway and a profile can be assigned to one rule only.
    • You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.
    • You can assign only one profile per gateway and a profile can be assigned to one or more rules.
  10. Using ClusterXL, what statement is true about the Sticky Decision Function?

    • Can only be changed for Load Sharing implementations
    • All connections are processed and synchronized by the pivot
    • Is configured using cpconfig
    • Is only relevant when using SecureXL
  11. What is the name of the secure application for Mail/Calendar for mobile devices?

    • Capsule Workspace
    • Capsule Mail
    • Capsule VPN
    • Secure Workspace
  12. Where do you create and modify the Mobile Access policy in R80?

    • SmartConsole
    • SmartMonitor
    • SmartEndpoint
    • SmartDashboard
  13. SmartConsole R80 requires the following ports to be open for SmartEvent R80 management:

    • 19090,22
    • 19190,22
    • 18190,80
    • 19009,443
  14. Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?

    • $FWDIR/database/fwauthd.conf
    • $FWDIR/conf/fwauth.conf
    • $FWDIR/conf/fwauthd.conf
    • $FWDIR/state/fwauthd.conf
  15. What API command below creates a new host with the name “New Host” and IP address of “192.168.0.10”?

    • new host name “New Host” ip-address “192.168.0.10”
    • set host name “New Host” ip-address “192.168.0.10”
    • create host name “New Host” ip-address “192.168.0.10”
    • add host name “New Host” ip-address “192.168.0.10”
  16. As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?

    • That is used to deploy the mobile device as a generator of one-time passwords for authenticating to an RSA Authentication Manager.
    • Fill Layer4 VPN –SSL VPN that gives users network access to all mobile applications.
    • Full Layer3 VPN –IPSec VPN that gives users network access to all mobile applications.
    • You can make sure that documents are sent to the intended recipients only.
  17. You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?

    • cphaprob –f register
    • cphaprob –d –s report
    • cpstat –f all
    • cphaprob –a list
  18. In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

    • Mail, Block Source, Block Event Activity, External Script, SNMP Trap
    • Mail, Block Source, Block Destination, Block Services, SNMP Trap
    • Mail, Block Source, Block Destination, External Script, SNMP Trap
    • Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
  19. Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

    • mgmt_cli add-host “Server_1” ip_address “10.15.123.10” –format txt
    • mgmt_cli add host name “Server_1” ip-address “10.15.123.10” –format json
    • mgmt_cli add object-host “Server_1” ip-address “10.15.123.10” –format json
    • mgmt._cli add object “Server-1” ip-address “10.15.123.10” –format json

    Example:

    mgmt_cli add host name “New Host 1” ip-address “192.0.2.1” –format json
    • “–format json” is optional. By default the output is presented in plain text.

  20. What are the steps to configure the HTTPS Inspection Policy?

    • Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard
    • Go to Application&url filtering blade > Advanced > Https Inspection > Policy
    • Go to Manage&Settings > Blades > HTTPS Inspection > Policy
    • Go to Application&url filtering blade > Https Inspection > Policy
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments