156-315.80 : Check Point Certified Security Expert – R80 : Part 06
-
Which command gives us a perspective of the number of kernel tables?
- fw tab -t
- fw tab -s
- fw tab -n
- fw tab -k
-
When simulating a problem on ClusterXL cluster with cphaprob –d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?
- cphaprob –d STOP unregister
- cphaprob STOP unregister
- cphaprob unregister STOP
- cphaprob –d unregister STOP
Explanation:esting a failover in a controlled manner using following command;
# cphaprob -d STOP -s problem -t 0 register
This will register a problem state on the cluster member this was entered on; If you then run;
# cphaprob list
this will show an entry named STOP.
to remove this problematic register run following;
# cphaprob -d STOP unregister -
How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?
- Install appliance TE250X on SpanPort on LAN switch in MTA mode.
- Install appliance TE250X in standalone mode and setup MTA.
- You can utilize only Check Point Cloud Services for this scenario.
- It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance.
-
What is the main difference between Threat Extraction and Threat Emulation?
- Threat Emulation never delivers a file and takes more than 3 minutes to complete.
- Threat Extraction always delivers a file and takes less than a second to complete.
- Threat Emulation never delivers a file that takes less than a second to complete.
- Threat Extraction never delivers a file and takes more than 3 minutes to complete.
-
When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:
- Threat Emulation
- HTTPS
- QOS
- VoIP
-
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
- Smart Cloud Services
- Load Sharing Mode Services
- Threat Agent Solution
- Threat Agent Solution
-
Which of the following is NOT a component of Check Point Capsule?
- Capsule Docs
- Capsule Cloud
- Capsule Enterprise
- Capsule Workspace
-
What is the purpose of Priority Delta in VRRP?
- When a box up, Effective Priority = Priority + Priority Delta
- When an Interface is up, Effective Priority = Priority + Priority Delta
- When an Interface fail, Effective Priority = Priority – Priority Delta
- When a box fail, Effective Priority = Priority – Priority Delta
Explanation:Each instance of VRRP running on a supported interface may monitor the link state of other interfaces. The monitored interfaces do not have to be running VRRP.
If a monitored interface loses its link state, then VRRP will decrement its priority over a VRID by the specified delta value and then will send out a new VRRP HELLO packet. If the new effective priority is less than the priority a backup platform has, then the backup platform will beging to send out its own HELLO packet.
Once the master sees this packet with a priority greater than its own, then it releases the VIP. -
Which statements below are CORRECT regarding Threat Prevention profiles in SmartConsole?
- You can assign only one profile per gateway and a profile can be assigned to one rule Only.
- You can assign multiple profiles per gateway and a profile can be assigned to one rule only.
- You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.
- You can assign only one profile per gateway and a profile can be assigned to one or more rules.
-
Using ClusterXL, what statement is true about the Sticky Decision Function?
- Can only be changed for Load Sharing implementations
- All connections are processed and synchronized by the pivot
- Is configured using cpconfig
- Is only relevant when using SecureXL
-
What is the name of the secure application for Mail/Calendar for mobile devices?
- Capsule Workspace
- Capsule Mail
- Capsule VPN
- Secure Workspace
-
Where do you create and modify the Mobile Access policy in R80?
- SmartConsole
- SmartMonitor
- SmartEndpoint
- SmartDashboard
-
SmartConsole R80 requires the following ports to be open for SmartEvent R80 management:
- 19090,22
- 19190,22
- 18190,80
- 19009,443
-
Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?
- $FWDIR/database/fwauthd.conf
- $FWDIR/conf/fwauth.conf
- $FWDIR/conf/fwauthd.conf
- $FWDIR/state/fwauthd.conf
-
What API command below creates a new host with the name “New Host” and IP address of “192.168.0.10”?
- new host name “New Host” ip-address “192.168.0.10”
- set host name “New Host” ip-address “192.168.0.10”
- create host name “New Host” ip-address “192.168.0.10”
- add host name “New Host” ip-address “192.168.0.10”
-
As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?
- That is used to deploy the mobile device as a generator of one-time passwords for authenticating to an RSA Authentication Manager.
- Fill Layer4 VPN –SSL VPN that gives users network access to all mobile applications.
- Full Layer3 VPN –IPSec VPN that gives users network access to all mobile applications.
- You can make sure that documents are sent to the intended recipients only.
-
You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?
- cphaprob –f register
- cphaprob –d –s report
- cpstat –f all
- cphaprob –a list
-
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
- Mail, Block Source, Block Event Activity, External Script, SNMP Trap
- Mail, Block Source, Block Destination, Block Services, SNMP Trap
- Mail, Block Source, Block Destination, External Script, SNMP Trap
- Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
-
Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?
- mgmt_cli add-host “Server_1” ip_address “10.15.123.10” –format txt
- mgmt_cli add host name “Server_1” ip-address “10.15.123.10” –format json
- mgmt_cli add object-host “Server_1” ip-address “10.15.123.10” –format json
- mgmt._cli add object “Server-1” ip-address “10.15.123.10” –format json
Example:
mgmt_cli add host name “New Host 1” ip-address “192.0.2.1” –format json
• “–format json” is optional. By default the output is presented in plain text. -
What are the steps to configure the HTTPS Inspection Policy?
- Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard
- Go to Application&url filtering blade > Advanced > Https Inspection > Policy
- Go to Manage&Settings > Blades > HTTPS Inspection > Policy
- Go to Application&url filtering blade > Https Inspection > Policy