The customer has about 150 remote access user with a Windows laptops. Not more than 50 Clients will be connected at the same time. The customer want to use multiple VPN Gateways as entry point and a personal firewall. What will be the best license for him?
A. He will need Capsule Connect using MEP (multiple entry points).
B. Because the customer uses only Windows clients SecuRemote will be sufficient and no additional license is needed
C. He will need Harmony Endpoint because of the personal firewall.
D. Mobile Access license because he needs only a 50 user license, license count is per concurrent user.
Explanation: Harmony Endpoint is a solution that provides comprehensive protection for endpoint devices against cyber threats. Harmony Endpoint includes a personal firewall that controls the network traffic to and from the endpoint device, based on predefined rules and policies. Harmony Endpoint also integrates with Check Point’s VPN solutions to provide secure remote access to corporate resources1. Therefore, the customer will need Harmony Endpoint because of the personal firewall requirement.
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?
A. Application Control
B. Firewall
C. Identity Awareness
D. URL Filtering
When a packet arrives at the gateway, the gateway checks it against the rules in the hop Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?
A. If the Action is Accept, the gateway allows the packet to pass through the gateway.
B. If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
C. If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
D. If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.
Explanation: When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches the packet. The order of rule enforcement depends on the action of the matching rule. If the action is Accept, the gateway allows the packet to pass through the gateway, but also continues to check rules in the next Policy Layer down. If the action is Drop, Reject, or Encrypt, the gateway applies that action to the packet and stops checking rules in that Policy Layer and any subsequent Policy Layers. If there is no matching rule in a Policy Layer, the gateway applies the Implicit Clean-up Rule for that Policy Layer, which is usually Drop.
After replacing a faulty Gateway the admin installed the new Hardware and want to push the policy. Installing the policy using the SmartConsole he got an Error for the Threat Prevention Policy. There is no error for the Access Control Policy. What will be the most common cause for the issue?
A. The admin forgot to reestablish the SIC for the new hardware. That is typically the case when configure only the interfaces of the replacement hardware instead restoring a backup.
B. The IPS Protection engine on the replacement hardware is too old. Before pushing the Threat Prevention Policy use SmartConsole -> Security Policies -> Updates -> IPS 'Update Now' to update the engine.
C. The admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing.
D. The Threat Prevention Policy can't be installed on a Gateway without an already installed Access Control Policy. First install only the Access Control Policy.
Explanation: The most common cause for the issue is that the admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing. Without a valid license, the Threat Prevention Policy cannot be installed on the new hardware. The admin should check the license status on the SmartConsole -> Gateways & Servers -> Licenses & Contracts and apply the appropriate license for the replacement hardware. References: Check Point Certified Security Expert R81.20 Course Overview, sk171213: Threat Prevention policy installation reports failure in SmartConsole with this error: “Policy installation had failed due to an internal error.”
What is "Accelerated Policy Installation"?
A. Starting R81, the Desktop Security Policy installation process is accelerated thereby reducing the duration of the process significantly
B. Starting R81, the QoS Policy installation process is accelerated thereby reducing the duration of the process significantly
C. Starting R81, the Access Control Policy installation process is accelerated thereby reducing the duration of the process significantly
D. Starting R81, the Threat Prevention Policy installation process is accelerated thereby reducing the duration of the process significantly
Which command is used to obtain the configuration lock in Gaia?
A. Lock database override
B. Unlock database override
C. Unlock database lock
D. Lock database user
Explanation: Which command is used to obtain the configuration lock in Gaia? The command that is used to obtain the configuration lock in Gaia is lock database override. This command allows a user to take over the configuration lock from another user who is currently logged in with read/write access. The other user will be forced to logout and will lose any unsaved changes. This command should be used with caution and only when necessary. References: Gaia Administration Guide R81, page 15.
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
A. Run cprestart from clish
B. After upgrading the hardware, increase the number of kernel instances using cpconfig
C. Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores
D. Hyperthreading must be enabled in the bios to use CoreXL
Explanation: After installing a new multicore CPU to replace the existing single core CPU, the administrator is required to perform one additional task, which is to increase the number of kernel instances using cpconfig. This is because by default, only one kernel instance is enabled on a Security Gateway. To take advantage of multiple cores, the administrator needs to configure more kernel instances according to the number of cores available on the CPU. References: Configuring CoreXL
You plan to automate creating new objects using new R81 Management API. You decide to use GAIA CLI for this task. What is the first step to run management API commands on GAIA’s shell?
A. mgmt_admin@teabag > id.txt
B. mgmt_login
C. login user admin password teabag
D. mgmt_cli login user “admin” password “teabag” > id.txt
Aaron is a Syber Security Engineer working for Global Law Firm with large scale deployment of Check Point Enterprise Appliances running GAiA R81.X The Network Security Developer Team is having an issue testing the API with a newly deployed R81.X Security Management Server Aaron wants to confirm API services are working properly. What should he do first?
A. Aaron should check API Server status with "fwm api status" from Expert mode If services are stopped, he should start them with "fwm api start".
B. Aaron should check API Server status with "cpapi status" from Expert mode. If services are stopped, he should start them with "cpapi start"
C. Aaron should check API Server status with "api status" from Expert mode If services are stopped, he should start them with "api start"
D. Aaron should check API Server status with "cpm api status" from Expert mode. If services are stopped, he should start them with "cpi api start".
Explanation: Aaron should check API Server status with “api status” from Expert mode. If services are stopped, he should start them with “api start”. This is the correct way to verify and start the API Server on a Security Management Server running Gaia R81.X. The other commands are either invalid or not related to the API Server. The api command is a wrapper script that simplifies the management of the API Server. It can be used to start, stop, restart, status, enable, or disable the API Server. References: [API Server]
Which Check Point feature enables application scanning and the detection?
A. Application Dictionary
B. AppWiki
C. Application Library
D. CPApp
Explanation: AppWiki is the Check Point feature that enables application scanning and the detection. AppWiki is an easy to use tool that lets you search and filter Check Point’s Web 2.0 Applications Database to find out information about internet applications, including social network widgets; filter by a category, tag, or risk level; and search for a keyword or application1. AppWiki helps you to identify and control the applications on your network, and to apply granular policies based on the application type, risk, and characteristics1. AppWiki is integrated with the Check Point Application Control Software Blade, which provides the industry’s strongest application security and identity control to organizations of all sizes1.
Which of the completed statements is NOT true? The WebUI can be used to manage user accounts and:
A. assign privileges to users.
B. edit the home directory of the user.
C. add users to your Gaia system.
D. assign user rights to their home directory in the Security Management Server.
Explanation: The WebUI can be used to manage user accounts and assign privileges to users. It can also add users to your Gaia system and edit the home directory of the user. However, it cannot assign user rights to their home directory in the Security Management Server1. References: Check Point Resource Library, page 3.
Kurt is planning to upgrade his Security Management Server to R81.X. What is the lowest supported version of the Security Management he can upgrade from?
A. R76 Splat
B. R77.X Gaia
C. R75 Splat
D. R75 Gaia
Explanation: The lowest supported version of the Security Management that can be upgraded to R81.X is R75 Gaia. This means that the Security Management Server must be running on the Gaia Operating System and have a version of R75 or higher. R76 Splat, R77.X Gaia, and R75 Splat are not supported for upgrading to R81.X1. References: 1: Check Point Software, Getting Started, Supported Upgrade Paths.
| Page 8 out of 36 Pages |
| Previous |