156-315.80 : Check Point Certified Security Expert – R80 : Part 18

  1. When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

    • RADIUS
    • Remote Access and RADIUS
    • AD Query
    • AD Query and Browser-based Authentication
    Explanation:

    Identity Awareness gets identities from these acquisition sources:
    – AD Query
    – Browser-Based Authentication
    – Endpoint Identity Agent
    – Terminal Servers Identity Agent
    – Remote Access

  2. True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

    • False, this feature has to be enabled in the Global Properties.
    • True, every administrator works in a session that is independent of the other administrators.
    • True, every administrator works on a different database that is independent of the other administrators.
    • False, only one administrator can login with write permission.
  3. Which utility allows you to configure the DHCP service on Gaia from the command line?

    • ifconfig
    • dhcp_ofg
    • sysconfig
    • cpconfig
  4. There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A’s interface issues were resolved and it became operational.

    When it re-joins the cluster, will it become active automatically?

    • No, since ‘maintain’ current active cluster member’ option on the cluster object properties is enabled by default.
    • No, since ‘maintain’ current active cluster member’ option is enabled by default on the Global Properties.
    • Yes, since ‘Switch to higher priority cluster member’ option on the cluster object properties is enabled by default.
    • Yes, since ‘Switch to higher priority cluster member’ option is enabled by default on the Global Properties.
  5. DLP and Geo Policy are examples of what type of Policy?

    • Standard Policies
    • Shared Policies
    • Inspection Policies
    • Unified Policies
  6. Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _______ .

    • Firewall policy install
    • Threat Prevention policy install
    • Anti-bot policy install
    • Access Control policy install
  7. How many users can have read/write access in Gaia at one time?

    • Infinite
    • One
    • Three
    • Two
  8. Which software blade does NOT accompany the Threat Prevention policy?

    • Anti-virus
    • IPS
    • Threat Emulation
    • Application Control and URL Filtering
  9. Check Point ClusterXL Active/Active deployment is used when:

    • Only when there is Multicast solution set up.
    • There is Load Sharing solution set up.
    • Only when there is Unicast solution set up.
    • There is High Availability solution set up.
  10. To optimize Rule Base efficiency, the most hit rules should be where?

    • Removed from the Rule Base.
    • Towards the middle of the Rule Base.
    • Towards the top of the Rule Base.
    • Towards the bottom of the Rule Base.
  11. What two ordered layers make up the Access Control Policy Layer?

    • URL Filtering and Network
    • Network and Threat Prevention
    • Application Control and URL Filtering
    • Network and Application Control
  12. Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ____ all traffic. However, in the Application Control policy layer, the default action is ______ all traffic.

    • Accept; redirect
    • Accept; drop
    • Redirect; drop
    • Drop; accept
  13. Which command is used to obtain the configuration lock in Gaia?

    • Lock database override
    • Unlock database override
    • Unlock database lock
    • Lock database user
    Explanation:

    Obtaining a Configuration Lock
    – lock database override
    – unlock database

  14. What is the default shell for the command line interface?

    • Expert
    • Clish
    • Admin
    • Normal
    Explanation:

    The default shell of the CLI is called clish

  15. You plan to automate creating new objects using new R80 Management API. You decide to use GAIA CLI for this task.

    What is the first step to run management API commands on GAIA’s shell?

    • mgmt_admin@teabag > id.txt
    • mgmt_login
    • login user admin password teabag
    • mgmt_cli login user “admin” password “teabag” > id.txt
  16. In SmartConsole the IPS Blade is managed by:

    • Threat Protection policy
    • Anti-Bot Blade
    • Threat Prevention policy
    • Layers on Firewall policy
  17. When users connect to the Mobile Access portal they are unable to open File Shares.

    Which log file would you want to examine?

    • cvpnd.elg
    • httpd.elg
    • vpnd.elg
    • fw.elg
  18. What is the correct order of the default “fw monitor” inspection points?

    • i, I, o, O
    • 1, 2, 3, 4
    • i, o, I, O
    • I, i, O, o
  19. What is the default size of NAT table fwx_alloc?

    • 20000
    • 35000
    • 25000
    • 10000
  20. What are types of Check Point APIs available currently as part of R80.10 code?

    • Security Gateway API Management API, Threat Prevention API and Identity Awareness Web Services API
    • Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API
    • OSE API, OPSEC SDK API, Threat Extraction API and Policy Editor API
    • CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments