NEW QUESTION 1
Office mode means that:

• A. SecurID client assigns a routable MAC addres
• B. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.
• C. Users authenticate with an Internet browser and use secure HTTPS connection.
• D. Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.
• E. Allows a security gateway to assign a remote client an IP addres
• F. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.

Answer: D

NEW QUESTION 2
Which packet info is ignored with Session Rate Acceleration?

• A. source port ranges
• B. source ip
• C. source port
• D. same info from Packet Acceleration is used

Answer: C

NEW QUESTION 3
What is the responsibility of SOLR process on R80.10 management server?

• A. Validating all data before it’s written into the database
• B. It generates indexes of data written to the database
• C. Communication between SmartConsole applications and the Security Management Server
• D. Writing all information into the database

Answer: B

NEW QUESTION 4
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

• A. Smart Cloud Services
• B. Load Sharing Mode Services
• C. Threat Agent Solution
• D. Public Cloud Services

Answer: A

NEW QUESTION 5
Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

• A. Auditor
• B. Read Only All
• C. Super User
• D. Full Access

Answer: B

NEW QUESTION 6
Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using _______ .

• A. TCP port 19009
• B. TCP Port 18190
• C. TCP Port 18191
• D. TCP Port 18209

Answer: A

NEW QUESTION 7
SandBlast agent extends 0 day prevention to what part of the network?

• A. Web Browsers and user devices
• B. DMZ server
• C. Cloud
• D. Email servers

Answer: A

NEW QUESTION 8
The Correlation Unit performs all but the following actions:

• A. Marks logs that individually are not events, but may be part of a larger pattern to be identified later.
• B. Generates an event based on the Event policy.
• C. Assigns a severity level to the event.
• D. Takes a new log entry that is part of a group of items that together make up an event, and adds it to an ongoing event.

Answer: C

NEW QUESTION 9
In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Stateful Mode configuration, chain modules marked with
_______ will not apply.

• A. ffff
• B. 1
• C. 3
• D. 2

Answer: D

NEW QUESTION 10
You are investigating issues with to gateway cluster members are not able to establish the first initial cluster synchronization. What service is used by the FWD daemon to do a Full Synchronization?

• A. TCP port 443
• B. TCP port 257
• C. TCP port 256
• D. UDP port 8116

Answer: C

NEW QUESTION 11
The Event List within the Event tab contains:

• A. a list of options available for running a query.
• B. the top events, destinations, sources, and users of the query results, either as a chart or in a tallied list.
• C. events generated by a query.
• D. the details of a selected event.

Answer: C

NEW QUESTION 12
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

• A. Symmetric routing
• B. Failovers
• C. Asymmetric routing
• D. Anti-Spoofing

Answer: C

NEW QUESTION 13
What is the Implicit Clean-up Rule?

• A. A setting is defined in the Global Properties for all policies.
• B. A setting that is configured per Policy Layer.
• C. Another name for the Clean-up Rule.
• D. Automatically created when the Clean-up Rule is defined.

Answer: C

NEW QUESTION 14
Which Check Point software blade provides Application Security and identity control?

• A. Identity Awareness
• B. Data Loss Prevention
• C. URL Filtering
• D. Application Control

Answer: D

NEW QUESTION 15
What is true about the IPS-Blade?

• A. In R80, IPS is managed by the Threat Prevention Policy
• B. In R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
• C. In R80, IPS Exceptions cannot be attached to “all rules”
• D. In R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Answer: A

NEW QUESTION 16
What are the different command sources that allow you to communicate with the API server?

• A. SmartView Monitor, API_cli Tool, Gaia CLI, Web Services
• B. SmartConsole GUI Console, mgmt_cli Tool, Gaia CLI, Web Services
• C. SmartConsole GUI Console, API_cli Tool, Gaia CLI, Web Services
• D. API_cli Tool, Gaia CLI, Web Services

Answer: B

NEW QUESTION 17
......