156-315.80 : Check Point Certified Security Expert – R80 : Part 21

  1. Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

    • Source Address
    • Destination Address
    • TCP Acknowledgement Number
    • Source Port
    Explanation:

    Connections are identified by the 5 tuple attributes: source address, destination address, source port, destination port, protocol. When the packets in a connection match all the 5 tuple attributes, the traffic flow can be processed on the accelerated path.

  2. There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

    • Using Web Services
    • Using cpconfig
    • Using CLISH
    • Using SmartConsole GUI console
  3. What does the Log “Views” tab show when SmartEvent is Correlating events?

    • A list of common reports
    • Reports for customization
    • Top events with charts and graphs
    • Details of a selected logs
  4. By default, the R80 web API uses which content-type in its response?

    • Java Script
    • XML
    • Text
    • JSON
  5. The “fw monitor” tool can be best used to troubleshoot _______________.

    • Logging issues
    • FWD issues
    • Network traffic issues
    • Authentication issues
  6. What is the best sync method in the ClusterXL deployment?

    • Use 1 cluster + 1st sync
    • Use 1 dedicated sync interface
    • Use 3 clusters + 1st sync + 2nd sync + 3rd sync
    • Use 2 clusters +1st sync + 2nd sync
  7. When using the Mail Transfer Agent, where are the debug logs stored?

    • $FWDIR/bin/emaild.mta.elg
    • $FWDIR/log/mtad.elg
    • /var/log/mail.mta.elg
    • $CPDIR/log/emaild.elg
  8. Kurt is planning to upgrade his Security Management Server to R80.X. What is the lowest supported version of the Security Management he can upgrade from?

    • R76 Splat
    • R77.X Gaia
    • R75 Splat
    • R75 Gaia
  9. Which process is used mainly for backward compatibility of gateways in R80.X? It provides communication with GUI-client, database manipulation, policy compilation and Management HA synchronization.

    • cpm
    • fwd
    • cpd
    • fwm
  10. What CLI utility runs connectivity tests from a Security Gateway to an AD domain controller?

    • test_connectivity_ad –d <domain>
    • test_ldap_connectivity –d <domain>
    • test_ad_connectivity –d <domain>
    • ad_connectivity_test –d <domain>
  11. According to out of the box SmartEvent policy, which blade will automatically be correlated into events?

    • Firewall
    • VPN
    • IPS
    • HTTPS
  12. What state is the Management HA in when both members have different policies/databases?

    • Synchronized
    • Never been synchronized
    • Lagging
    • Collision
  13. The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule based and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

    • The connection is destined for a server within the network
    • The connection required a Security server
    • The packet is the second in an established TCP connection
    • The packets are not multicast
  14. SmartEvent Security Checkups can be run from the following Logs and Monitor activity:

    • Reports
    • Advanced
    • Checkups
    • Views
  15. SmartEvent uses it’s event policy to identity events. How can this be customized?

    • By modifying the firewall rulebase
    • By creating event candidates
    • By matching logs against exclusions
    • By matching logs against event rules
  16. Which 3 types of tracking are available for Threat Prevention Policy?

    • SMS Alert, Log, SNMP alert
    • Syslog, None, User-defined scripts
    • None, Log, Syslog
    • Alert, SNMP trap, Mail
  17. What is the best method to upgrade a Security Management Server to R80.x when it is not connected to the Internet?

    • CPUSE offline upgrade only
    • Advanced upgrade or CPUSE offline upgrade
    • Advanced Upgrade only
    • SmartUpdate offline upgrade
  18. Which of the following is NOT a valid type SecureXL template?

    • Accept Template
    • Deny template
    • Drop Template
    • NAT Template
  19. When Configuring Endpoint Compliance Settings for Applications and Gateways within Mobile Access, which of the three approaches will allow you to configure individual policies for each application?

    • Basic Approach
    • Strong Approach
    • Very Advanced Approach
    • Medium Approach
  20. Check Point Support in many cases asks you for a configuration summary of your Check Point system. This is also called:

    • cpexport
    • sysinfo
    • cpsizeme
    • cpinfo
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments