NEW QUESTION 1
Sieve is a Cyber Security Engineer working for Global Bank with a large scale deployment of Check Point Enterprise Appliances Steve's manager. Diana asks him to provide firewall connection table details from one of the firewalls for which he is responsible. Which of these commands may impact performance briefly and should not be used during heavy traffic times of day?

• A. fw tab -t connections -s
• B. fw tab -t connections
• C. fw tab -t connections -c
• D. fw tab -t connections -f

Answer: B

NEW QUESTION 2
As an administrator, you may be required to add the company logo to reports. To do this, you would save the logo as a PNG file with the name ‘cover-company-logo.png’ and then copy that image file to which directory on the SmartEvent server?

• A. SFWDIR/smartevent/conf
• B. $RTDIR/smartevent/conf
• C. $RTDIR/smartview/conf
• D. $FWDIR/smartview/conf

Answer: C

NEW QUESTION 3
How many images are included with Check Point TE appliance in Recommended Mode?

• A. 2(OS) images
• B. images are chosen by administrator during installation
• C. as many as licensed for
• D. the most new image

Answer: A

NEW QUESTION 4
SmartConsole R80 requires the following ports to be open for SmartEvent R80 management:

• A. 19090,22
• B. 19190,22
• C. 18190,80
• D. 19009,443

Answer: D

NEW QUESTION 5
What can we infer about the recent changes made to the Rule Base?

• A. Rule 7 was created by the ‘admin’ administrator in the current session
• B. 8 changes have been made by administrators since the last policy installation
• C. The rules 1, 5 and 6 cannot be edited by the ‘admin’ administrator
• D. Rule 1 and object webserver are locked by another administrator

Answer: D

NEW QUESTION 6
The log server sends what to the Correlation Unit?

• A. Authentication requests
• B. CPMI dbsync
• C. Logs
• D. Event Policy

Answer: D

NEW QUESTION 7
VPN Link Selection will perform the following when the primary VPN link goes down?

• A. The Firewall will drop the packets.
• B. The Firewall can update the Link Selection entries to start using a different link for the same tunnel.
• C. The Firewall will send out the packet on all interfaces.
• D. The Firewall will inform the client that the tunnel is down.

Answer: B

NEW QUESTION 8
Fill in the blank: ________ information is included in “Full Log” tracking option, but is not included in “Log” tracking option?

• A. Destination port
• B. Data type
• C. File attributes
• D. Application

Answer: B

NEW QUESTION 9
What is the port used for SmartConsole to connect to the Security Management Server?

• A. CPMI port 18191/TCP
• B. CPM port/TCP port 19009
• C. SIC port 18191/TCP
• D. https port 4434/TCP

Answer: A

NEW QUESTION 10
Which file gives you a list of all security servers in use, including port number?

• A. $FWDIR/conf/conf.conf
• B. $FWDIR/conf/servers.conf
• C. $FWDIR/conf/fwauthd.conf
• D. $FWDIR/conf/serversd.conf

Answer: C

NEW QUESTION 11
What are the blades of Threat Prevention?

• A. IPS, DLP, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction
• B. DLP, AntiVirus, QoS, AntiBot, Sandblast Threat Emulation/Extraction
• C. IPS, AntiVirus, AntiBot
• D. IPS, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

Answer: D

NEW QUESTION 12
fwssd is a child process of which of the following Check Point daemons?

• A. fwd
• B. cpwd
• C. fwm
• D. cpd

Answer: A

NEW QUESTION 13
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

• A. All Connections (Clear or Encrypted)
• B. Accept all encrypted traffic
• C. Specific VPN Communities
• D. All Site-to-Site VPN Communities

Answer: B

NEW QUESTION 14
SmartEvent does NOT use which of the following procedures to identify events:

• A. Matching a log against each event definition
• B. Create an event candidate
• C. Matching a log against local exclusions
• D. Matching a log against global exclusions

Answer: C

Explanation:
Events are detected by the SmartEvent Correlation Unit. The Correlation Unit task is to scan logs for criteria that match an Event Definition. SmartEvent uses these procedures to identify events:
• Matching a Log Against Global Exclusions
• Matching a Log Against Each Event Definition
• Creating an Event Candidate
• When a Candidate Becomes an Event References:

NEW QUESTION 15
Which statement is true regarding redundancy?

• A. System Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob –f if command.
• B. ClusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast.
• C. Machines in a ClusterXL High Availability configuration must be synchronized.
• D. Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments.

Answer: D

NEW QUESTION 16
When SecureXL is enabled, all packets should be accelerated, except packets that match the following conditions:

• A. All UDP packets
• B. All IPv6 Traffic
• C. All packets that match a rule whose source or destination is the Outside Corporate Network
• D. CIFS packets

Answer: D

NEW QUESTION 17
Which of the following is NOT an option to calculate the traffic direction?

• A. Incoming
• B. Internal
• C. External
• D. Outgoing

Answer: D

NEW QUESTION 18
......