NEW QUESTION 1
Which Check Point software blade provides protection from zero-day and undiscovered threats?

• A. Firewall
• B. Threat Emulation
• C. Application Control
• D. Threat Extraction

Answer: B

NEW QUESTION 2
What are the main stages of a policy installations?

• A. Verification & Compilation, Transfer and Commit
• B. Verification & Compilation, Transfer and Installation
• C. Verification, Commit, Installation
• D. Verification, Compilation & Transfer, Installation

Answer: B

NEW QUESTION 3
You want to gather and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?

• A. SmartEvent Client Info
• B. SecuRemote
• C. Check Point Protect
• D. Check Point Capsule Cloud

Answer: C

NEW QUESTION 4
Fill in the blank: The “fw monitor” tool can be best used to troubleshoot _______.

• A. AV issues
• B. VPN errors
• C. Network issues
• D. Authentication issues

Answer: C

NEW QUESTION 5
Which command will allow you to see the interface status?

• A. cphaprob interface
• B. cphaprob –I interface
• C. cphaprob –a if
• D. cphaprob stat

Answer: C

NEW QUESTION 6
What is the command to check the status of Check Point processes?

• A. top
• B. cptop
• C. cphaprob list
• D. cpwd_admin list

Answer: D

NEW QUESTION 7
What must you do first if “fwm sic_reset” could not be completed?

• A. Cpstop then find keyword “certificate” in objects_5_0.C and delete the section
• B. Reinitialize SIC on the security gateway then run “fw unloadlocal”
• C. Reset SIC from Smart Dashboard
• D. Change internal CA via cpconfig

Answer: D

NEW QUESTION 8
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or via CLI.
Which command should he use in CLI? (Choose the correct answer.)

• A. remove database lock
• B. The database feature has one command lock database override.
• C. override database lock
• D. The database feature has two commands lock database override and unlock databas
• E. Both will work.

Answer: D

NEW QUESTION 9
What needs to be configured if the NAT property ‘Translate destination or client side’ is not enabled in Global Properties?

• A. A host route to route to the destination IP.
• B. Use the file local.arp to add the ARP entries for NAT to work.
• C. Nothing, the Gateway takes care of all details necessary.
• D. Enabling ‘Allow bi-directional NAT’ for NAT to work correctly.

Answer: C

NEW QUESTION 10
In R80.10, how do you manage your Mobile Access Policy?

• A. Through the Unified Policy
• B. Through the Mobile Console
• C. From SmartDashboard
• D. From the Dedicated Mobility Tab

Answer: A

NEW QUESTION 11
Which of these statements describes the Check Point ThreatCloud?

• A. Blocks or limits usage of web applications
• B. Prevents or controls access to web sites based on category
• C. Prevents Cloud vulnerability exploits
• D. A worldwide collaborative security network

Answer: D

NEW QUESTION 12
What command can you use to have cpinfo display all installed hotfixes?

• A. cpinfo -hf
• B. cpinfo –y all
• C. cpinfo –get hf
• D. cpinfo installed_jumbo

Answer: B

NEW QUESTION 13
Fill in the blank: The tool _______ generates a R80 Security Gateway configuration report.

• A. infoCP
• B. infoview
• C. cpinfo
• D. fw cpinfo

Answer: C

NEW QUESTION 14
What is the command to check the status of the SmartEvent Correlation Unit?

• A. fw ctl get int cpsead_stat
• B. cpstat cpsead
• C. fw ctl stat cpsemd
• D. cp_conf get_stat cpsemd

Answer: B

NEW QUESTION 15
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

• A. Smart Cloud Services
• B. Load Sharing Mode Services
• C. Threat Agent Solution
• D. Public Cloud Services

Answer: A

NEW QUESTION 16
What happen when IPS profile is set in Detect Only Mode for troubleshooting?

• A. It will generate Geo-Protection traffic
• B. Automatically uploads debugging logs to Check Point Support Center
• C. It will not block malicious traffic
• D. Bypass licenses requirement for Geo-Protection control

Answer: C

Explanation:
It is recommended to enable Detect-Only for Troubleshooting on the profile during the initial installation of
IPS. This option overrides any protections that are set to Prevent so that they will not block any traffic.
During this time you can analyze the alerts that IPS generates to see how IPS will handle network traffic, while avoiding any impact on the flow of traffic.

NEW QUESTION 17
Connections to the Check Point R80 Web API use what protocol?

• A. HTTPS
• B. RPC
• C. VPN
• D. SIC

Answer: A

NEW QUESTION 18
......