Is it possible to establish a VPN before the user login to the Endpoint Client?
A. yes, you had to set neo_remember_user_password to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_remember_user_password attribute in the trac_client_1 .ttm file located in the SFWDIR/conf directory on the Security Gateway
B. no, the user must login first.
C. yes. you had to set neo_always_connected to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_always_connected attribute in the trac_client_1 .ttm file located in the SFWDIR/conf directory on the Security Gateway
D. yes, you had to enable Machine Authentication in the Gateway object of the Smart Console
Which feature is NOT provided by all Check Point Mobile Access solutions?
A. Support for IPv6
B. Granular access control
C. Strong user authentication
D. Secure connectivity
Explanation:
The feature that is not provided by all Check Point Mobile Access solutions is support for IPv6. Check Point Mobile Access is a comprehensive solution that provides secure remote access to corporate applications and resources using various methods, such as SSL VPN, IPsec VPN, clientless VPN, and mobile VPN. However, not all of these methods support IPv6, which is the latest version of the Internet Protocol that uses 128-bit addresses. According to the Check Point Mobile Access R81 Administration Guide1, only the following Mobile Access methods support IPv6:
SSL Network Extender (SNX) - a thin client that enables remote users to connect securely to the corporate network using SSL/TLS VPN.
Mobile VPN - a full VPN client that enables remote users to connect securely to the corporate network using IPsec VPN.
Capsule Connect - a mobile VPN app for iOS and Android devices that enables remote users to connect securely to the corporate network using IPsec VPN.
The following Mobile Access methods do not support IPv6:
Clientless VPN - a web-based method that enables remote users to access web applications and services using a web browser without installing any software on their devices.
Endpoint Security VPN - a full VPN client that enables remote users to connect securely to the corporate network using IPsec VPN and also provides endpoint security features such as firewall, anti-virus, anti-malware, etc.
Capsule Workspace - a mobile app for iOS and Android devices that enables remote users to access email, calendar, contacts, and corporate applications securely without requiring a VPN connection.
Which one is not a valid Package Option In the Web GUI for CPUSE?
A. Clean Install
B. Export Package
C. Upgrade
D. Database Conversion to R81.20 only
Explanation:
CPUSE (Check Point Upgrade Service Engine) is a tool that allows users to download, import, install, and uninstall software packages on Gaia OS. CPUSE has a web-based user interface that can be accessed through Gaia Portal. CPUSE offers four package options in the web GUI for different purposes4:
Clean Install - This option performs a clean installation of a Major Version package, which erases all existing configuration and data on the system.
Export Package - This option exports a package from CPUSE repository to an external location for backup or transfer purposes.
Upgrade - This option performs an upgrade of a Major Version package or a Minor Version package, which preserves the existing configuration and data on the system.
Database Conversion - This option converts the database schema of a Major Version package to match the current version.
Therefore, the correct answer is B.
Which statement is WRONG regarding the usage of the Central Deployment in SmartConsole?
A. You can install Hotfixes with the Central Deployment in SmartConsole
B. You can install Jumbo Hotfix accumulators with the Central Deployment in SmartConsole.
C. Only be installed Hotfixes can with the Central Deployment in SmartConsole
D. You can upgrade your cluster without user intervention with the Central Deployment in SmartConsole from R80.40 to R81.20.
Explanation: The statement that is wrong regarding the usage of the Central Deployment in SmartConsole is that only be installed Hotfixes can with the Central Deployment in SmartConsole. This is wrong because Central Deployment can also be used to install Jumbo Hotfix accumulators, upgrade clusters, and perform other operations on multiple gateways simultaneously. Central Deployment simplifies and automates the deployment process and reduces human errors and downtime. References: [Check Point Security Expert R81 Administration Guide], page 23.
You want to gather data and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?
A. Check Point Capsule Cloud
B. Sandblast Mobile Protect
C. SecuRemote
D. SmartEvent Client Info
Explanation: SandBlast Mobile Protect is an application that provides comprehensive protection for mobile devices against cyber threats. SandBlast Mobile Protect is a lightweight app that does not affect the device performance or battery life. It monitors network traffic, device behavior, and installed apps to detect and prevent attacks such as phishing, malware, ransomware, botnets, and man-in-the-middle5. SandBlast Mobile Protect also integrates with Check Point’s ThreatCloud intelligence network to provide real-time threat information and updates6. Therefore, the correct answer is B.
Which command collects diagnostic data for analyzing a customer setup remotely?
A. cpv
B. cpinfo
C. migrate export
D. sysinfo
From SecureXL perspective, what are the three paths of traffic flow:
A. Initial Path; Medium Path; Accelerated Path
B. Layer Path; Blade Path; Rule Path
C. Firewall Path; Accelerated Path; Medium Path
D. Firewall Path; Accept Path; Drop Path
Explanation: From SecureXL perspective, the three paths of traffic flow are Firewall Path, Accelerated Path, and Medium Path. Firewall Path is the path that handles packets that are not processed by SecureXL and are sent to the Firewall kernel for inspection. Accelerated Path is the path that handles packets that are processed by SecureXL and bypass the Firewall kernel. Medium Path is the path that handles packets that are partially processed by SecureXL and partially by the Firewall kernel1. References: Check Point R81 Performance Tuning Administration Guide
Which components allow you to reset a VPN tunnel?
A. vpn tu command or SmartView monitor
B. delete vpn ike sa or vpn she11 command
C. vpn tunnelutil or delete vpn ike sa command
D. SmartView monitor only
UserCheck objects in the Application Control and URL Filtering rules allow the gateway to communicate with the users. Which action is not supported in UserCheck objects?
A. Ask
B. Drop
C. Inform
D. Reject
Which one of the following is true about Capsule Connect?
A. It is a full layer 3 VPN client
B. It offers full enterprise mobility management
C. It is supported only on iOS phones and Windows PCs
D. It does not support all VPN authentication methods
Explanation: Capsule Connect is a full layer 3 VPN client that provides secure and seamless remote access to corporate networks from iOS and Android devices. It supports all VPN authentication methods, such as certificates, passwords, tokens, and challenge-response. It also supports split tunneling and seamless roaming. References: Capsule Connect Datasheet, Capsule Connect Administration Guide
By default, the R81 web API uses which content-type in its response?
A. Java Script
B. XML
C. Text
D. JSON
Explanation: By default, the R81 web API uses JSON as the content-type in its response. JSON stands for JavaScript Object Notation and is a lightweight data-interchange format that is easy to read and write. XML, Java Script, and Text are not the default content-types for the R81 web API. References: : Check Point Software, Getting Started, Web API; : JSON.org, Introducing JSON.
What kind of information would you expect to see when using the "sim affinity -I" command?
A. Overview over SecureXL templated connections
B. The VMACs used in a Security Gateway cluster
C. Affinity Distribution
D. The involved firewall kernel modules in inbound and outbound packet chain
Explanation:
The “sim affinity -I” command is a command that displays the affinity distribution of the Security Gateway’s interfaces. Affinity distribution is the assignment of CPU cores to handle the traffic from different interfaces. The “sim affinity -I” command shows the following information for each interface:
The interface name, such as eth0, eth1, etc.
The interface index, such as 0, 1, 2, etc.
The interface type, such as physical, bond, VLAN, etc.
The interface state, such as up or down
The interface speed, such as 1000 Mbps, 10000 Mbps, etc.
The interface MTU, such as 1500, 9000, etc.
The interface MAC address, such as 00:11:22:33:44:55
The interface IP address, such as 192.168.1.1, 10.0.0.1, etc.
The interface affinity mask, such as 0x00000001, 0x00000002, etc. The affinity mask is a hexadecimal value that represents the CPU cores that are assigned to handle the traffic from the interface. For example, 0x00000001 means that only CPU core 0 is assigned, 0x00000003 means that CPU cores 0 and 1 are assigned, and so on.
The “sim affinity -I” command can help you to monitor and optimize the performance of your Security Gateway by showing you how the traffic load is distributed among the CPU cores. You can also use the “sim affinity” command with other options to change the affinity settings of the interfaces or the firewall instances. For more information, you can refer to the Check Point R81.20 (Titan) Resolved Issues and Enhancements1 or the Solved: Sim Affinity - Check Point CheckMates2.
| Page 9 out of 36 Pages |
| Previous |