156-315.80 : Check Point Certified Security Expert – R80 : Part 16
-
By default, which port does the WebUI listen on?
- 80
- 4434
- 443
- 8080
-
Which VPN routing option uses VPN routing for every connection a satellite gateway handles?
- To satellites through center only
- To center only
- To center and to other satellites through center
- To center, or through the center to other satellites, to Internet and other VPN targets
-
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?
-
set web ssl-port <new port number>
-
set Gaia-portal port <new port number>
-
set Gaia-portal https-port <new port number>
-
set web https-port <new port number>
-
-
Joey want to configure NTP on R80 Security Management Server. He decided to do this via WebUI. What is the correct address to access the Web UI for Gaia platform via browser?
- https://<Device_IP_Adress>
- http://<Device IP_Address>:443
- https://<Device_IP_Address>:10000
- https://<Device_IP_Address>:4434
-
The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to “None”?
- No, it will work independently. Hit Count will be shown only for rules Track option set as Log or alert.
- Yes it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway.
- No, it will not work independently because hit count requires all rules to be logged.
- Yes it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways.
-
Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or ______ .
- On all satellite gateway to satellite gateway tunnels
- On specific tunnels for specific gateways
- On specific tunnels in the community
- On specific satellite gateway to central gateway tunnels
-
True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway.
- True, CLI is the prefer method for Licensing
- False, Central License are handled via Security Management Server
- False, Central Licenses are installed via Gaia on Security Gateways
- True, Central License can be installed with CPLIC command on a Security Gateway
-
In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?
- Pentagon
- Combined
- Meshed
- Star
-
When a packet arrives at the gateway, the gateway checks it against the rules in the hop Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?
- If the Action is Accept, the gateway allows the packet to pass through the gateway.
- If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
- If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
- If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.
-
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
- UserCheck
- Active Directory Query
- Account Unit Query
- User Directory Query
-
Why would an administrator see the message below?
- A new Policy Package created on both the Management and Gateway will be deleted and must be backed up first before proceeding.
- A new Policy Package created on the Management is going to be installed to the existing Gateway.
- A new Policy Package created on the Gateway is going to be installed on the existing Management.
- A new Policy Package created on the Gateway and transferred to the Management will be overwritten by the Policy Package currently on the Gateway but can be restored from a periodic backup on the Gateway.
-
Which command is used to add users to or from existing roles?
-
Add rba user <User Name> roles <List>
-
Add rba user <User Name>
-
Add user <User Name> roles <List>
-
Add user <User Name>
-
-
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
- All Connections (Clear or Encrypted)
- Accept all encrypted traffic
- Specific VPN Communities
- All Site-to-Site VPN Communities
-
Fill in the blank: An identity server uses a __________ for user authentication.
- Shared secret
- Certificate
- One-time password
- Token
-
In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?
- Limit
- Resource
- Custom Application / Site
- Network Object
-
Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?
- Application Control
- Threat Emulation
- Anti-Virus
- Advanced Networking Blade
-
Fill in the blank: __________ information is included in “Full Log” tracking option, but is not included in “Log” tracking option?
- Destination port
- Data type
- File attributes
- Application
-
Which options are given on features, when editing a Role on Gaia Platform?
- Read/Write, Read Only
- Read/Write, Read Only, None
- Read/Write, None
- Read Only, None
-
Fill in the blanks: Gaia can be configured using the ______ or _____ .
- GaiaUI; command line interface
- WebUI; Gaia Interface
- Command line interface; WebUI
- Gaia Interface; GaiaUI
-
What is the purpose of the CPCA process?
- Monitoring the status of processes.
- Sending and receiving logs.
- Communication between GUI clients and the SmartCenter server.
- Generating and modifying certificates.
Subscribe
0 Comments
Newest