Topic CCSA Flashcards by Sebastian Pacheco

When enabling tracking on a rule, what is the default option?
A. Accounting Log
B. Extended Log
C. Log
D. Detailed Log

Answer: C

How well did you know this?

Not at all

Perfectly

Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components?
A. The Security Gateway (SG) and Security Management Server (SMS) software and the CPUSE engine.
B. Licensed Check Point products for the Gala operating system and the Gaia operating system itself.
C. The CPUSE engine and the Gaia operating system.
D. The Gaia operating system only.

Answer: B

How well did you know this?

Not at all

Perfectly

Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?
A. Both License (.lie) and Contract (.xml) files
B. cp.macro
C. Contract file (.xml)
D. license File (.lie)

Answer: B

How well did you know this?

Not at all

Perfectly

Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as __.
A. User Center
B. User Administration
C. User Directory
D. UserCheck

Answer: C

How well did you know this?

Not at all

Perfectly

Can you use the same layer in multiple policies or rulebases?
A. Yes -a layer can be shared with multiple policies and rules.
B. No -each layer must be unique.
C. No -layers cannot be shared or reused, but an identical one can be created.
D. Yes -but it must be copied and pasted with a different name.

Answer: A

How well did you know this?

Not at all

Perfectly

Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made?
A. Tom will have to reboot his SmartConsole computer, clear the cache, and restore changes.
B. Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot.
C. Tom’s changes will be lost since he lost connectivity and he will have to start again.
D. Tom’s changes will have been stored on the Management when he reconnects and he will not lose any of his work.

Answer: D

How well did you know this?

Not at all

Perfectly

Security Gateway software blades must be attached to what?
A. Security Gateway
B. Security Gateway container
C. Management server
D. Management container

Answer: B

How well did you know this?

Not at all

Perfectly

Which tool allows you to monitor the top bandwidth on smart console?
A. Logs & Monitoring
B. Smart Event
C. Gateways & Severs Tab
D. SmartView Monitor

Answer: D

How well did you know this?

Not at all

Perfectly

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?
A. The zone is based on the network topology and determined according to where the interface leads to.
B. Security Zones are not supported by Check Point firewalls.
C. The firewall rule can be configured to include one or more subnets in a zone.
D. The local directly connected subnet defined by the subnet IP and subnet mask.

Answer: A

How well did you know this?

Not at all

Perfectly

When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?
A. Stateful Inspection offers unlimited connections because of virtual memory usage.
B. Stateful Inspection offers no benefits over Packet Filtering.
C. Stateful Inspection does not use memory to record the protocol used by the connection.
D. Only one rule is required for each connection.

Answer: D

How well did you know this?

Not at all

Perfectly

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?
A. Full
B. Custom
C. Complete
D. Light

Answer: A

How well did you know this?

Not at all

Perfectly

Fill in the blanks: Gaia can be configured using the __ and the __.
A. Command line interface; WebUI
B. Gaia Interface; GaiaUI
C. WebUI; Gaia Interface
D. GaiaUI; command line interface

Answer: A

How well did you know this?

Not at all

Perfectly

An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE?
A. Section titles are not sent to the gateway side.
B. These sections are simple visual divisions of the Rule Base and do not hinder the order of rule enforcement.
C. A Sectional Title can be used to disable multiple rules by disabling only the sectional title.
D. Sectional Titles do not need to be created in the SmartConsole.

Answer: C

How well did you know this?

Not at all

Perfectly

In which scenario is it a valid option to transfer a license from one hardware device to another?
A. From a 4400 Appliance to a 2200 Appliance
B. From a 4400 Appliance to an HP Open Server
C. From an IBM Open Server to an HP Open Server
D. From an IBM Open Server to a 2200 Appliance

Answer: C

How well did you know this?

Not at all

Perfectly

What are the three types of UserCheck messages?
A. action, inform, and ask
B. ask, block, and notify
C. block, action, and warn
D. inform, ask, and block

Answer: D

How well did you know this?

Not at all

Perfectly

A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?
A. In the system SMEM memory pool.
B. In State tables.
C. In the Sessions table.
D. In a CSV file on the firewall hard drive located in $FWDIR/conf/.

Answer: B

How well did you know this?

Not at all

Perfectly

What is the RFC number that acts as a best practice guide for NAT?
A. RFC 1939
B. RFC 1950
C. RFC 1918
D. RFC 793

Answer: C

How well did you know this?

Not at all

Perfectly

URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology?
A. WebCheck
B. UserCheck
C. Harmony Endpoint
D. URL categorization

Answer: B

How well did you know this?

Not at all

Perfectly

One of the major features in SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?
A. AdminA, AdminB, and AdminC are editing three different rules at the same time.
B. AdminA and AdminB are editing the same rule at the same time.
C. AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.
D. AdminB sees a pencil icon next to the rule that AdminB is currently editing.

Answer: B

How well did you know this?

Not at all

Perfectly

What is the role of Publishing?
A. The Security Management Server installs the updated policy and the entire database on Security Gateways.
B. The Publish operation sends the modifications made via SmartConsole in the private session and makes them public.
C. The Security Management Server installs the updated session and the entire Rule Base on Security Gateways.
D. Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base.

Answer: B

How well did you know this?

Not at all

Perfectly

Name one limitation of using Security Zones in the network?
A. Security zones will not work in Automatic NAT rules
B. Security zone will not work in Manual NAT rules
C. Security zones will not work in firewall policy layer
D. Security zones cannot be used in network topology

Answer: B

How well did you know this?

Not at all

Perfectly

When configuring LDAP with User Directory integration, changes applied to a User Directory template are:
A. Not reflected for any users unless the local user template is changed.
B. Not reflected for any users who are using that template.
C. Reflected for all users who are using that template and if the local user template is changed as well.
D. Reflected immediately for all users who are using that template.

Answer: D

How well did you know this?

Not at all

Perfectly

True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.
A. True, every administrator works on a different database that is independent of the other administrators.
B. False, this feature has to be enabled in the Global Properties.
C. True, every administrator works in a session that is independent of the other administrators.
D. False, only one administrator can login with write permission.

Answer: C

How well did you know this?

Not at all

Perfectly

What are the three deployment options available for a security gateway?
A. Standalone, Distributed, and Bridge Mode
B. Bridge Mode, Remote, and Standalone
C. Remote, Standalone, and Distributed
D. Distributed, Bridge Mode, and Remote

Answer: A

How well did you know this?

Not at all

Perfectly

Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway? A. Data Loss Prevention B. Antivirus C. Application Control D. NAT

Answer: D

Choose what BEST describes users on Gaia Platform. A. There are two default users and neither can be deleted. B. There are two default users and one cannot be deleted. C. There is one default user that can be deleted. D. There is one default user that cannot be deleted.

Answer: A

Which type of Check Point license ties the package license to the IP address of the Security Management Server? A. Central B. Corporate C. Local D. Formal

Answer: A

An administrator wishes to use Application objects in a rule in their policy, but there are no Application objects listed as options to add when clicking the "+" to add new items to the "Services & Applications" column of a rule. What should be done to fix this? A. The administrator should drag-and-drop the needed Application objects from the Object Explorer into the new rule. B. The "Application Control" blade should be enabled on a gateway. C. "Applications & URL Filtering" should first be enabled on the policy layer where the rule is being created. D. The administrator should first create some applications to add to the rule.

Answer: C

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance? A. Threat Emulation B. Monitoring C. Logging and Status D. Application Control

Answer: B

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address? A. Formal B. Central C. Corporate D. Local

Answer: D

What is the purpose of Captive Portal? A. Manage user permissions in SmartConsole. B. Provide remote access to SmartConsole. C. Authenticate users, allowing them access to the Internet and corporate resources. D. Authenticate users, allowing them access to the Gaia OS.

Answer: C

Which of these is NOT a feature or benefit of Application Control? A. Eliminate unknown and unwanted applications in your network to reduce IT complexity and application risk. B. Identify and control which applications are in your IT environment and which to add to the IT environment. C. Scans the content of files being downloaded by users in order to make policy decisions. D. Automatically identify trusted software that has authorization to run.

Answer: C

Identity Awareness allows easy configuration for network access and auditing based on what three items? A. Client machine IP address. B. Network location, the identity of a user and the identity of a machine. C. Log server IP address. D. Gateway proxy IP address.

Answer: B

How do logs change when the "Accounting" tracking option is enabled on a traffic rule? A. Involved traffic logs will be forwarded to a log server. B. Provides log details view email to the Administrator. C. Involved traffic logs are updated every 10 minutes to show how much data has passed on the connection. D. Provides additional information to the connected user.

Answer: C

Fill in the blank: The position of an Implied rule is manipulated in the window __. A. NAT B. Global Properties C. Object Explorer D. Firewall

Answer: B

You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason? A. Identity Awareness is not enabled. B. Log Trimming is enabled. C. Logging has disk space issues. D. Content Awareness is not enabled.

Answer: D

How many layers make up the TCP/IP model? A. 2 B. 4 C. 6 D. 7

Answer: B

Fill in the blank: The feature __ allows administrators to share a policy with other policy packages. A. Concurrent policy packages B. Concurrent policies C. Global Policies D. Shared policies

Answer: D

Access roles allow the firewall administrator to configure network access according to: A. Remote access clients. B. A combination of computer or computer groups and networks. C. Users and user groups. D. All of the above.

Answer: D

In SmartEvent, a correlation unit (CU) is used to do what? A. Collect security gateway logs, index the logs and then compress the logs. B. Receive firewall and other software blade logs in a region and forward them to the primary log server. C. Analyze log entries and identify events. D. Send SAM block rules to the firewalls during a DOS attack.

Answer: C

The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful inspections and proxies, which statement is correct? A. Stateful Inspection is limited to Layer 3 visibility, with no Layer 4 to Layer 7 visibility capabilities. B. When it comes to performance, proxies were significantly faster than stateful inspection firewalls. C. Proxies offer far more security because of being able to give visibility of the payload (the data). D. When it comes to performance, stateful inspection was significantly faster than proxies.

Answer: D

What are the Threat Prevention software components available on the Check Point Security Gateway? A. IPS, Threat Emulation and Threat Extraction B. IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction C. IPS, Anti-Bot, Anti-Virus, Threat Emulation and Threat Extraction D. IDS, Forensics, Anti-Virus, Sandboxing

Answer: C

Check Point licenses come in two forms. What are those forms? A. Central and Local. B. Access Control and Threat Prevention. C. On-premise and Public Cloud. D. Security Gateway and Security Management.

Answer: A

Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true? A. Manual NAT can offer more flexibility than Automatic NAT. B. Dynamic Network Address Translation (NAT) Overloading can offer more flexibility than Port Address Translation. C. Dynamic NAT with Port Address Translation can offer more flexibility than Network Address Translation (NAT) Overloading. D. Automatic NAT can offer more flexibility than Manual NAT.

Answer: A

What is the default tracking option of a rule? A. Tracking B. Log C. None D. Alert

Answer: B

A network administrator has informed you that they have identified a malicious host on the network and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic? A. Anti-Bot protection B. Anti-Malware protection C. Policy-based routing D. Suspicious Activity Monitoring (SAM) rules

Answer: D

The default shell of the Gaia CU is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands? A. Execute the command 'enable' in the cli.sh shell. B. Execute the 'conf t' command in the cli.sh shell. C. Execute the command 'expert' in the cli.sh shell. D. Execute the 'exit' command in the cli.sh shell.

Answer: C

Where can an administrator edit a list of trusted SmartConsole clients? A. cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server. B. In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients. C. WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients, via cpconfig on a Security Gateway. D. Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients.

Answer: B

In which deployment is the security management server and Security Gateway installed on the same appliance? A. Standalone B. Remote C. Distributed D. Bridge Mode

Answer: A

When dealing with rule base layers, what two layer types can be utilized? A. Ordered Layers and Inline Layers B. Inbound Layers and Outbound Layers C. R81.10 does not support Layers D. Structured Layers and Overlap Layers

Answer: A

How can the changes made by an administrator before publishing the session be seen by a Super User administrator? A. By impersonating the administrator with the 'Login as...' option. B. They cannot be seen. C. From the SmartView Tracker audit log. D. From Manage and Settings > Sessions, right-click on the session and click 'View Changes...'.

Answer: D

What are the three main components of Check Point security management architecture? A. SmartConsole, Security Management, and Security Gateway. B. Smart Console, Standalone, and Security Management. C. SmartConsole, Security policy, and Logs & Monitoring. D. GUI-Client, Security Management, and Security Gateway.

Answer: A

What is the main objective when using Application Control? A. To filter out specific content. B. To assist the firewall blade with handling traffic. C. To see what users are doing. D. Ensure security and privacy of information.

Answer: D

What command from the CLI would be used to view current licensing? A. license view B. fw ctl tab -t license -s C. show license -s D. cplic print

Answer: D

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform? A. Publish changes B. Save changes C. Install policy D. Install database

Answer: C

The Gateway Status view in SmartConsole shows the overall status of Security Gateways and Software Blades. What does the Status Attention mean? A. Cannot reach the Security Gateway. B. The gateway and all its Software Blades are working properly. C. At least one Software Blade has a minor issue, but the gateway works. D. Cannot make SIC between the Security Management Server and the Security Gateway.

Answer: C

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole? A. RADIUS B. Check Point password C. Security questions D. SecureID

Answer: C

Which of the following is NOT a component of a Distinguished Name? A. Common Name B. Country C. User container D. Organizational Unit

Answer: C

In SmartConsole, on which tab are Permissions and Administrators defined? A. Manage and Settings B. Logs and Monitor C. Security Policies D. Gateways and Servers

Answer: A

Which of the following is used to initially create trust between a Gateway and Security Management Server? A. Certificate B. Internal Certificate Authority C. Token D. One-time Password

Answer: D

How many users can have read/write access in Gaia Operating System at one time? A. One B. Three C. Two D. Infinite

Answer: A

What is the default shell of Gaia CLI? A. clish B. Monitor C. Read-only D. Bash

Answer: A

The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method? A. The Smartlicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically. B. No action is required if the firewall has internet access and a DNS server to resolve domain names. C. Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts. D. The cpinfo command must be run on the firewall with the switch -online-license-activation.

Answer: C

In which scenario will an administrator need to manually define Proxy ARP? A. When they configure an "Automatic Static NAT" which translates to an IP address that does not belong to one of the firewall's interfaces. B. When they configure an "Automatic Hide NAT" which translates to an IP address that does not belong to one of the firewall's interfaces. C. When they configure a "Manual Static NAT" which translates to an IP address that does not belong to one of the firewall's interfaces. D. When they configure a "Manual Hide NAT" which translates to an IP address that belongs to one of the firewall's interfaces.

Answer: C

Which Threat Prevention profile uses sanitization technology? A. Cloud/Data Center B. Perimeter C. Sandbox D. Guest Network

Answer: B

Which two Identity Awareness daemons are used to support identity sharing? A. Policy Activation Point (PAP) and Policy Decision Point (PDP) B. Policy Manipulation Point (PMP) and Policy Activation Point (PAP) C. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP) D. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Answer: D

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices? A. SmartDashboard B. SmartEvent C. SmartView Monitor D. SmartUpdate

Answer: B

To provide updated malicious data signatures to all Threat Prevention blades, the Threat Prevention gateway does what with the data? A. Cache the data to speed up its own function. B. Share the data to the ThreatCloud for use by other Threat Prevention blades. C. Log the traffic for Administrator viewing. D. Delete the data to ensure an analysis of the data is done each time.

Answer: B

Which policy type is used to enforce bandwidth and traffic control rules? A. Access Control B. Threat Emulation C. Threat Prevention D. QoS

Answer: D

When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take? A. SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required. B. The policy type SAM must be added to the Policy Package and a new SAM rule must be applied. Simply Publishing the changes applies the SAM rule on the firewall. C. The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters. D. The administrator should open the LOGS & MONITOR view and find the relevant log. Right-clicking on the log entry will show the Create New SAM rule option.

Answer: A

Fill in the blank: An Endpoint identity agent uses a __ for user authentication. A. Token B. Username/password or Kerberos Ticket C. Shared secret D. Certificate

Answer: B

Fill in the blanks: The __ collects logs and sends them to the __. A. Log server; Security Gateway B. Log server; security management server C. Security management server; Security Gateway D. Security Gateways; log server

Answer: D

Which of the following is NOT an advantage to using multiple LDAP servers? A. You achieve a faster access time by placing LDAP servers containing the database at remote sites. B. You achieve compartmentalization by allowing a large number of users to be distributed across several servers. C. Information on a user is hidden, yet distributed across several servers. D. You gain High Availability by replicating the same information on several servers.

Answer: C

Fill in the blanks: The Application Layer Firewalls inspect traffic through the __ layer(s) of the TCP/IP model and up to and including the __ layer. A. Upper; Application B. First two; Internet C. Lower; Application D. First two; Transport

Answer: C

When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, what does that indicate? A. The gateway is not powered on. B. Incorrect routing to reach the gateway. C. The Admin would need to log in to Read-Only mode. D. Another Admin has made an edit to that object and has yet to publish the change.

Answer: D

DLP and Geo Policy are examples of what type of Policy? A. Inspection Policies B. Shared Policies C. Unified Policies D. Standard Policies

Answer: B

Fill in the blanks: In __ NAT, only the __ is translated. A. Static; source B. Simple; source C. Hide; destination D. Hide; source

Answer: D

Which of the following is considered a "Subscription Blade," requiring renewal every 1-3 years? A. IPS blade B. IPSEC VPN Blade C. Identity Awareness Blade D. Firewall Blade

Answer: A

In large organizations where there are a number of managed Check Point firewalls that generate a lot of logs, it is recommended to install the Log Server on a dedicated computer. Which statement is FALSE? A. The dedicated Log Server must be the same version as the Security Management Server. B. More than one Log Server can be installed. C. A Log Server has a SIC certificate which allows secure communication with the SMS and Security Gateways. D. A dedicated SmartEvent server is required for a separate Log Server to be deployed in the SmartEvent server.

Answer: D

In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.) A. SmartConsole and WebUI on the Security Management Server. B. SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed. C. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer. D. mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.

Answer: B

A SAM rule is implemented to provide what function or benefit? A. Allow security audits. B. Handle traffic as defined in the policy. C. Monitor sequence activity. D. Block suspicious activity.

Answer: D

Is it possible to have more than one administrator connected to a Security Management Server at once? A. Yes, but only if all connected administrators connect with read-only permissions. B. Yes, but objects edited by one administrator will be locked for editing by others until the session is published. C. No, only one administrator at a time can connect to a Security Management Server. D. Yes, but only one of those administrators will have write permissions. All others will have read-only permission.

Answer: D

Which default Gaia user has full read/write access? A. admin B. superuser C. monitor D. altuser

Answer: A

Which is a main component of the Check Point security management architecture? A. Identity Collector B. Endpoint VPN client C. SmartConsole D. Proxy Server

Answer: C

When using Automatic Hide NAT, what is enabled by default? A. Source Port Address Translation (PAT) B. Static NAT C. Static Route D. HTTPS Inspection

Answer: A

Which of the following cannot be configured in an Access Role Object? A. Networks B. Users C. Time D. Machines

Answer: C

What are the two types of NAT supported by the Security Gateway? A. Source and Destination B. Static and Source C. Hide and Static D. Destination and Hide

Answer: C

In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway? A. Logging & Monitoring B. None - the data is available by default C. Monitoring Blade D. SNMP

Answer: C

What is UserCheck? A. Administrator tool used to monitor users on their network. B. Communication tool used to notify an administrator when a new user is created. C. Messaging tool used to verify a user's credentials. D. Communication tool used to inform a user about a website or application they are trying to access.

Answer: D

What is the default shell for the command line interface? A. Clish B. Admin C. Normal D. Expert

Answer: A

When configuring Anti-Spoofing, which tracking options can an Administrator select? A. Log, Alert, None B. Log, Allow Packets, Email C. Drop Packet, Alert, None D. Log, Send SNMP Trap, Email

Answer: A

Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? (Choose the best answer.) A. IPS B. Anti-Virus C. Anti-Malware D. Content Awareness

Answer: B

Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1? A. src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop B. src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop C. 192.168.1.1 AND 172.26.1.1 AND drop D. 192.168.1.1 OR 172.26.1.1 AND action:Drop

Answer: B

Which of the following licenses are considered temporary? A. Plug-and-play (Trial) and Evaluation B. Perpetual and Trial C. Evaluation and Subscription D. Subscription and Perpetual

Answer: A

Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) __ Server. A. SecureID B. LDAP C. NT domain D. SMTP

Answer: B

In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms? A. Different computers or appliances. B. The same computer or appliance. C. Both on virtual machines or both on appliances but not mixed. D. In Azure and AWS cloud environments.

Answer: A

Core Protections are installed as part of what Policy? A. Access Control Policy. B. Desktop Firewall Policy. C. Mobile Access Policy. D. Threat Prevention Policy.

Answer: A

A Check Point Software license consists of two components, the Software Blade and the Software Container. There are __ types of Software Containers: A. Two; Security Management and Endpoint Security B. Two; Endpoint Security and Security Gateway C. Three; Security Management, Security Gateway, and Endpoint Security D. Three; Security Gateway, Endpoint Security, and Gateway Management

Answer: C

In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule? A. "Inspect", "Bypass" B. "Inspect", "Bypass", "Categorize" C. "Inspect", "Bypass", "Block" D. "Detect", "Bypass"

Answer: A

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using __. A. Captive Portal and Transparent Kerberos Authentication B. UserCheck C. User Directory D. Captive Portal

Answer: A

With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis? A. The complete communication is sent for inspection. B. The IP address of the source machine. C. The end user credentials. D. The host portion of the URL.

Answer: D

Choose what BEST describes the reason why querying logs now are very fast. A. The amount of logs being stored is less than previous versions. B. New Smart-1 appliances double the physical memory install. C. Indexing Engine indexes logs for faster search results. D. SmartConsole now queries results directly from the Security Gateway.

Answer: C

Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system? A. Centos Linux B. Gaia embedded C. Gaia D. Red Hat Enterprise Linux version 5

Answer: B

What is the main difference between Static NAT and Hide NAT? A. Static NAT only allows incoming connections to protect your network. B. Static NAT allows incoming and outgoing connections. Hide NAT only allows outgoing connections. C. Static NAT only allows outgoing connections. Hide NAT allows incoming and outgoing connections. D. Hide NAT only allows incoming connections to protect your network.

Answer: B

Which application is used for the central management and deployment of licenses and packages? A. SmartProvisioning B. SmartLicense C. SmartUpdate D. Deployment Agent

Answer: C

Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud? A. Firewall B. Application Control C. Anti-spam and Email Security D. Anti-Virus

Answer: D

Why is a Central License the preferred and recommended method of licensing? A. Central Licensing is actually not supported with Gaia. B. Central Licensing is the only option when deploying Gaia C. Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed. D. Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes.

Answer: D

Which of the following technologies extracts detailed information from packets and stores that information in state tables? A. Next-Generation Firewall B. Application Layer Firewall C. INSPECT Engine D. Packet Filtering

Answer: C

What default layers are included when creating a new policy layer? A. Application Control, URL Filtering and Threat Prevention B. Access Control, Threat Prevention and HTTPS Inspection C. Firewall, Application Control and IPSec VPN D. Firewall, Application Control and IPS

Answer: B

When changes are made to a Rule base, it is important to __________ to enforce changes. A. Publish database B. Activate policy C. Install policy D. Save changes

Answer: C

After a new Log Server is added to the environment and the SIC trust has been established with the SMS, what will the gateways do? A. The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers. B. Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server. C. The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server. D. Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server.

Answer: D

Secure Internal Communication (SIC) is handled by what process? A. CPM B. HTTPS C. FWD D. CPD

Answer: D

To increase security, the administrator has modified the Core protection 'Host Port Scan' from 'Medium' to 'High' Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes? A. The Access Control and Threat Prevention Policies. B. The Access Control Policy. C. The Access Control & HTTPS Inspection Policy. D. The Threat Prevention Policy.

Answer: B

Name the utility that is used to block activities that appear to be suspicious. A. Penalty Box B. Drop Rule in the rulebase C. Suspicious Activity Monitoring (SAM) D. Stealth rule

Answer: C

When should you generate new licenses? A. When the existing license expires, the license is upgraded, or the IP address associated with the license changes. B. After a device upgrade. C. Before installing contract files. D. Only when the license is upgraded.

Answer: A

When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service? A. The URL and server certificate are sent to the Check Point Online Web Service B. The full URL, including page data, is sent to the Check Point Online Web Service C. The host part of the URL is sent to the Check Point Online Web Service D. The URL and IP address are sent to the Check Point Online Web Service

Answer: C

Which deployment adds a Security Gateway to an existing environment without changing IP routing? A. Remote B. Standalone C. Distributed D. Bridge Mode

Answer: D

Name the pre-defined Roles included in Gaia OS. A. AdminRole, and MonitorRole B. ReadWriteRole, and ReadyOnly Role C. AdminRole, cloningAdminRole, and Monitor Role D. AdminRole

Answer: A

Gaia has two default user accounts that cannot be deleted. What are those user accounts? A. Admin and Default B. Expert and Clish C. Control and Monitor D. Admin and Monitor

Answer: D

Name the authentication method that requires token authenticator. A. SecureID B. Radius C. DynamicID D. TACACS

Answer: A

Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware? A. Anti-Bot B. None - both Anti-Virus and Anti-Bot are required for this C. Anti-Virus D. None - both URL Filtering and Anti-Virus are required for this

Answer: C

Log query results can be exported to what file format? A. Word Document (docx) B. Comma Separated Value (csv) C. Portable Document Format (pdf) D. Text (txt)

Answer: B

There are four policy types available for each policy package. What are those policy types? A. Access Control, Threat Prevention, Mobile Access and HTTPS Inspection B. Access Control, Custom Threat Prevention, Autonomous Threat Prevention and HTTPS Inspection C. There are only three policy types: Access Control, Threat Prevention and NAT. D. Access Control, Threat Prevention, NAT and HTTPS Inspection

Answer: B

Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS? A. CPASE - Check Point Automatic Service Engine B. CPAUE - Check Point Automatic Update Engine C. CPDAS - Check Point Deployment Agent Service D. CPUSE - Check Point Upgrade Service Engine

Answer: D

The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways. Which statement best describes this Secure Internal Communication (SIC)? A. After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA. B. Secure Internal Communications authenticates the security gateway to the SMS before HTTP communications are allowed. C. A SIC certificate is automatically generated on the gateway because the gateway hosts a subordinate CA to the SMS ICA. D. New firewalls can easily establish the trust by using the expert password defined on the SMS and the SMS IP address.

Answer: A

Fill in the blank: SmartConsole, SmartEvent GUI client, and __________ allow viewing of billions of consolidated logs and shows them as prioritized security events. A. SmartView Web Application B. SmartTracker C. SmartMonitor D. SmartReporter

Answer: A

What kind of NAT enables Source Port Address Translation by default? A. Automatic Static NAT B. Manual Hide NAT C. Automatic Hide NAT D. Manual Static NAT

Answer: C

Application Control/URL filtering database library is known as: A. Application database B. AppWiki C. Application-Forensic Database D. Application Library

Answer: B

What are the types of Software Containers? A. Smart Console, Security Management, and Security Gateway B. Security Management, Security Gateway, and Endpoint Security C. Security Management, Log & Monitoring, and Security Policy D. Security Management, Standalone, and Security Gateway

Answer: B

Stateful Inspection compiles and registers connections where? A. Connection Cache B. State Cache C. State Table D. Network Table

Answer: C

Security Zones do not work with what type of defined rule? A. Application Control rule B. Manual NAT rule C. IPS bypass rule D. Firewall rule

Answer: B

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)? A. Enterprise Network Security Appliances B. Rugged Appliances C. Scalable Platforms D. Small Business and Branch Office Appliances

Answer: C

Which of the following is NOT a valid deployment option? A. All-in-one (stand-alone) B. CloudGuard C. Bridge Mode D. Distributed

Answer: B

Which of the following is NOT a method used by Identity Awareness for acquiring identity? A. Remote Access B. Cloud IdP (Identity Provider) C. Active Directory Query D. RADIUS

Answer: B

What Check Point tool is used to automatically update Check Point products for the Gaia OS? A. Check Point Update Engine B. Check Point Upgrade Service Engine (CPUSE) C. Check Point Upgrade Installation Service D. Check Point INSPECT Engine

Answer: B

What are the advantages of a "shared policy"? A. Allows the administrator to share a policy between all the users identified by the Security Gateway. B. Allows the administrator to share a policy so that it is available to use in another Policy Package. C. Allows the administrator to share a policy between all the administrators managing the Security Management Server. D. Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway.

Answer: B

URL Filtering cannot be used to: A. Control Bandwidth issues B. Control Data Security C. Improve organizational security D. Decrease legal liability

Answer: B

Which SmartConsole application shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns? A. SmartEvent B. SmartView Tracker C. SmartLog D. SmartView Monitor

Answer: A

Which of the following is used to extract state related information from packets and store that information in state tables? A. STATE Engine B. TRACK Engine C. RECORD Engine D. INSPECT Engine

Answer: D

Which part of SmartConsole allows administrators to add, edit, delete, and clone objects? A. Object Browser B. Object Editor C. Object Navigator D. Object Explorer

Answer: D

For Automatic Hide NAT rules created by the administrator what is a TRUE statement? A. Source Port Address Translation (PAT) is enabled by default. B. Automatic NAT rules are supported for Network objects only. C. Automatic NAT rules are supported for Host objects only. D. Source Port Address Translation (PAT) is disabled by default.

Answer: A

Which of the following is true about Stateful Inspection? A. Stateful Inspection looks at both the headers of packets, as well as deeply examining their content. B. Stateful Inspection requires that a server reply to a request, in order to track a connection's state. C. Stateful Inspection requires two rules, one for outgoing traffic and one for incoming traffic. D. Stateful Inspection tracks connections only based on port numbers.

Answer: B

What is the user ID of a user that have all the privileges of a root user? A. User ID 1 B. User ID 2 C. User ID 0 D. User ID 99

Answer: C

What are the two elements of address translation rules? A. Original packet and translated packet B. Manipulated packet and original packet C. Translated packet and untranslated packet D. Untranslated packet and manipulated packet

Answer: A

Fill in the blanks: A _____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway. A. Formal; corporate B. Local; central C. Local; formal D. Central; local

Answer: D

Fill in the blank: RADIUS protocol uses _____ to communicate with the gateway. A. UDP B. CCP C. TCP D. HTTP

Answer: A

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine? A. Application Control B. Threat Emulation C. Data Awareness D. Identity Awareness

Answer: D

Which one of the following is TRUE? A. One policy can be either inline or ordered, but not both. B. Inline layer can be defined as a rule action. C. Ordered policy is a sub-policy within another policy. D. Pre-R80 Gateways do not support ordered layers.

Answer: B

You have discovered suspicious activity in your network. What is the BEST immediate action to take? A. Contact your ISP to request them to block the traffic. B. Wait until traffic has been identified before making any changes. C. Create a new policy rule to block the traffic. D. Create a Suspicious Activity Monitoring (SAM) rule to block that traffic.

Answer: D

Which of the following is NOT an identity source used for Identity Awareness? A. Remote Access B. UserCheck C. RADIUS D. AD Query

Answer: B

Which statement describes what Identity Sharing is in Identity Awareness? A. Users can share identities with other users. B. Management servers can acquire and share identities with Security Gateways. C. Administrators can share identities with other administrators. D. Security Gateways can acquire and share identities with other Security Gateways.

Answer: D

What is the order of NAT priorities? A. IP pool NAT, static NAT, hide NAT B. Static NAT, hide NAT, IP pool NAT C. Static NAT, IP pool NAT, hide NAT D. Static NAT, automatic NAT, hide NAT

Answer: C

Which Security Blade needs to be enabled in order to sanitize and remove potentially malicious content from files, before those files enter the network? A. Threat Emulation B. Anti-Malware C. Anti-Virus D. Threat Extraction

Answer: D

What are the three essential components of the Check Point Security Management Architecture? A. WebUI, SmartConsole, Security Gateway B. SmartConsole, Security Management Server, Security Gateway C. SmartConsole, SmartUpdate, Security Gateway D. Security Management Server, Security Gateway, Command Line Interface

Answer: B

A layer can support different combinations of blades. What are the supported blades? A. Firewall, URLF, Content Awareness, and Mobile Access B. Firewall (Network Access Control), Application & URL Filtering, Content Awareness, and Mobile Access C. Firewall, NAT, Content Awareness, and Mobile Access D. Firewall (Network Access Control), Application & URL Filtering, and Content Awareness

Answer: B

What type of NAT is a one-to-one relationship where each host is translated to a unique address? A. Hide B. Source C. Destination D. Static

Answer: D

Which option in tracking allows you to see the amount of data passed in the connection? A. Data B. Accounting C. Logs D. Advanced

Answer: B

If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? (Choose the BEST answer.) A. Save and install the Policy. B. Delete older versions of the database. C. Revert the session. D. Publish or discard the session.

Answer: D

Which of the following is NOT an alert option? A. User-defined alert B. Mail C. SNMP D. High alert

Answer: D

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers? A. RADIUS and Account Login B. AD Query C. Endpoint Identity Agent and Browser-Based Authentication D. Terminal Servers Endpoint Identity Agent

Answer: C

Which Check Point software blade provides protection from zero-day and undiscovered threats? A. Threat Emulation B. Firewall C. Application Control D. Threat Extraction

Answer: A

Which options are given on features, when editing a Role on Gaia Platform? A. Read/Write, None B. Read/Write, Read Only, None C. Read/Write, Read Only D. Read Only, None

Answer: B

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a lock icon on a rule? (Choose the BEST answer.) A. Rule is locked by AdminA and will be made available if the session is published. B. Rule is locked by AdminA because the rule is currently being edited. C. Rule is locked by AdminA and if the session is saved, the rule will be made available. D. Rule is locked by AdminA because the save button has not been pressed.

Answer: B

Fill in the blanks: A Security Policy is created in __, stored in the __, and distributed to the various __. A. Rule base, Security Management Server, Security Gateways B. The Check Point database, SmartConsole, Security Gateways C. SmartConsole, Security Gateway, Security Management Servers D. SmartConsole, Security Management Server, Security Gateways

Answer: D

What is NOT an advantage of Stateful Inspection? A. Good Security B. Transparency C. No Screening above Network Layer D. High Performance

Answer: C

Fill in the blank: Once a license is activated, a __ should be installed. A. Security Gateway Contract file B. Service Contract file C. License Management file D. License Contract file

Answer: B

Where is the "Hit Count" feature enabled or disabled in SmartConsole? A. On the Policy layer. B. On each Security Gateway. C. In Global Properties. D. On the Policy Package.

Answer: C

Fill in the blank: The __ is used to obtain identification and security information about network users. A. User index B. UserCheck C. User Directory D. User server

Answer: C

When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored? A. SmartConsole installed device B. Check Point user center C. Security Management Server D. Security Gateway

Answer: C

By default, which port does the WebUI listen on? A. 8080 B. 80 C. 4434 D. 443

Answer: D

True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway. A. False, Central Licenses are handled via Security Management Server. B. True, CLI is the preferred method for Licensing. C. False, Central Licenses are installed via Gaia on Security Gateways. D. True, Central Licenses can be installed with CPLIC command on a Security Gateway.

Answer: D

Fill in the blanks: A Check Point software license consists of a __ and __. A. Software blade; software container B. Software package; signature C. Signature; software blade D. Software container; software package

Answer: A

SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following: A. Security Policy Management and Log Analysis. B. Security Policy Management, Log Analysis, System Health Monitoring, Multi-Domain Security Management. C. Security Policy Management, Log Analysis, and System Health Monitoring. D. Security Policy Management, Threat Prevention rules, System Health Monitoring, and Multi-Domain Security Management.

Answer: B

Which of the following is NOT a tracking log option in R81.x? A. Full Log B. Detailed Log C. Log D. Extended Log

Answer: A

Fill in the blank: To create a policy for traffic to or from a specific geographical location, use the __. A. HTTPS Inspection B. Data Loss Prevention (DLP) shared policy C. Mobile Access software blade D. Geo Policy shared policy

Answer: D

Where can alerts be viewed? A. Alerts can be seen in SmartView Monitor. B. Alerts can be seen in the Threat Prevention policy. C. Alerts can be seen in SmartUpdate. D. Alerts can be seen from the CU of the gateway.

Answer: A

Which of the following is NOT a valid application navigation tab in SmartConsole? A. Manage and Command Line B. Logs and Monitor C. Gateway and Servers D. Security Policies

Answer: A

Fill in the blank: An identity server uses a __ to trust a Terminal Server Identity Agent. A. One-time password B. Shared secret C. Certificate D. Token

Answer: B

John is the administrator of a Security Management server managing a Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John's changes available to other administrators before installing a policy, what should John do? A. File > Save B. Install database. C. Logout of the session. D. Publish the session.

Answer: D

What technologies are used to deny or permit network traffic? A. Stateful Inspection, Firewall Blade, and URL/Application Blade B. Packet Filtering, Stateful Inspection, and Application Layer Firewall C. Firewall Blade, URL/Application Blade, and IPS D. Stateful Inspection, URL/Application Blade, and Threat Prevention

Answer: B

When connected to the Check Point Management Server using the SmartConsole, the first administrator to connect has a lock on: A. Only the objects being modified in his session of the Management Database, and other administrators can connect to make changes using different sessions. B. The entire Management Database, and other administrators can connect to make changes only if the first administrator switches to Read-only. C. The entire Management Database and all sessions, and other administrators can connect only as Read-only. D. Only the objects being modified in the Management Database, and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network.

Answer: D

Using AD Query, the security gateway connects to the Active Directory Domain Controllers using what protocol? A. Windows Management Instrumentation (WMI) B. Hypertext Transfer Protocol Secure (HTTPS) C. Lightweight Directory Access Protocol (LDAP) D. Remote Desktop Protocol (RDP)

Answer: C

Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI, and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in: A. Since they both are logged in on different interfaces, they will both be able to make changes. B. When Joe logs in, Bob will be logged out automatically. C. The database will be locked by Bob, and Joe will not be able to make any changes. D. Bob will receive a prompt that Joe has logged in.

Answer: C

If there is an Accept Implied Policy set to "First," what is the reason Jorge cannot see any logs? A. Log Implied Rule was not set correctly on the track column on the rules base. B. Track log column is set to Log instead of Full Log. C. Track log column is set to None. D. Log Implied Rule was not selected on Global Properties.

Answer: D

Which Threat Prevention Software Blade provides comprehensive protection against malicious and unwanted network traffic, focusing on application and server vulnerabilities? A. IPS B. Anti-Virus C. Anti-Spam D. Anti-Bot

Answer: A

What is the purpose of a Stealth Rule? A. A rule that allows administrators to access SmartConsole from any device. B. To drop any traffic destined for the firewall that is not otherwise explicitly allowed. C. A rule at the end of your policy to drop any traffic that is not explicitly allowed. D. A rule used to hide a server's IP address from the outside world.

Answer: B

Which one of the following is the preferred licensing model? (Choose the best answer.) A. Local licensing because it ties the package license to the IP address of the gateway and has no dependency on the Security Management Server. B. Central licensing because it ties the package license to the IP address of the Security Management Server and has no dependency on the gateway. C. Central licensing because it ties the package license to the MAC address of the Security Management Server's Mgmt interface and has no dependency on the gateway. D. Local licensing because it ties the package license to the MAC address of the gateway management interface and has no Security Management Server dependency.

Answer: B

Fill in the blanks: Default port numbers for an LDAP server are __ for standard connections and __ for SSL connections. A. 636; 8080 B. 290; 3389 C. 389; 636 D. 443; 389

Answer: C

Identity Awareness allows the Security Administrator to configure network access based on which of the following? A. Identity of the machine, username, and certificate B. Network location, identity of a user, and identity of a machine C. Name of the application, identity of the user, and identity of the machine D. Browser-Based Authentication, identity of a user, and network location

Answer: B

Using the SmartConsole, which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them? A. Full Access B. Read Only All C. Super User D. Editor

Answer: B

If an administrator wants to restrict access to a network resource, only allowing certain users to access it, and only when they are on a specific network, what is the best way to accomplish this? A. Create an inline layer where the destination is the target network resource. Define sub-rules allowing only specific sources to access the target resource. B. Use a "New Legacy User At Location," specifying the LDAP user group that the users belong to, at the desired location. C. Create a rule allowing only specific source IP addresses access to the target network resource. D. Create an Access Role object, with specific users or user groups specified, and specific networks defined. Use this access role as the "Source" of an Access Control rule.

Answer: D

Which command shows the installed licenses in Expert mode? A. print cplic B. show licenses C. fwlic print D. cplic print

Answer: D

Which type of attack can a firewall NOT prevent? A. Buffer Overflow B. SYN Flood C. SQL Injection D. Network Bandwidth Saturation

Answer: D

What object type would you use to grant network access to an LDAP user group? A. User Group B. SmartDirectory Group C. Access Role D. Group Template

Answer: C

In the Check Point Security Management Architecture, which component(s) can store logs? A. Security Management Server B. SmartConsole and Security Management Server C. SmartConsole D. Security Management Server and Security Gateway

Answer: D

Choose what BEST describes a Session. A. Sessions end when policy is pushed to the Security Gateway. B. Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out. C. Sessions lock the policy package for editing. D. Ends when an Administrator publishes all the changes made on SmartConsole.

Answer: D

Which Check Point Application Control feature enables application scanning and detection? A. CPApp B. AppWiki C. Application Library D. Application Dictionary

Answer: B

Fill in the blank: In order to install a license, it must first be added to the __. A. License and Contract repository B. Package repository C. Download Center Web site D. User Center

Answer: A

Which software blade does NOT accompany the Threat Prevention policy? A. IPS B. Application Control and URL Filtering C. Threat Emulation D. Anti-virus

Answer: B

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server? A. Display policies and logs on the administrator's workstation. B. Processing and sending alerts such as SNMP traps and email notifications. C. Verify and compile Security Policies. D. Store firewall logs to hard drive storage.

Answer: A

Which of the following is an authentication method used for Identity Awareness? A. RSA B. PKI C. Captive Portal D. SSL

Answer: C

Fill in the blank: RADIUS Accounting gets ____ data from requests generated by the accounting client. A. Location B. Payload C. Destination D. Identity

Answer: D

When a gateway requires user information for authentication, what order does it query servers for user information? A. First: Internal user database, then LDAP servers in order of priority, finally the generic external user profile. B. First the Internal user database, then generic external user profile, finally LDAP servers in order of priority. C. First the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile. D. The external generic profile, then the internal user database, finally the LDAP servers in order of priority.

Answer: A

Which Threat Tool within SmartConsole provides a list of trusted files for the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed? A. AppWiki B. ThreatWiki C. JPS Protections D. Whitelist Files

Answer: D

What is the Transport layer of the TCP/IP model responsible for? A. It deals with all aspects of the physical components of network connectivity and connects with different network types. B. It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer. C. It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application. D. It transports packets as datagrams along different routes to reach their destination.

Answer: C

Which of the completed statements is NOT true? The WebUI can be used to manage Operating System user accounts and: A. add users to your Gaia system. B. assign privileges to users. C. assign user rights to the directory structure in the Security Management Server. D. edit the home directory of the user.

Answer: C

An administrator wishes to enable Identity Awareness on the Check Point firewalls. However, they allow users to use company-issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company? A. AD Query B. Browser-Based Authentication C. Identity Agents D. Terminal Servers Agent

Answer: B

Which Check Point supported authentication scheme typically requires a user to possess a token? A. RADIUS B. Check Point password C. TACACS D. SecurID

Answer: D

Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies? A. Firewall B. Identity Awareness C. Application Control D. URL Filtering

Answer: B

Fill in the blank: Backup and restores can be accomplished through _ A. SmartUpdate, SmartBackup, or SmartConsole B. WebUI, CLI, or SmartUpdate C. CLI, SmartUpdate, or SmartBackup D. SmartConsole, WebUI, or CLI

Answer: D

Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices? A. Logs Monitor B. Security Policies C. Manage Settings D. Gateway Servers

Answer: A

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic? A. Open SmartEvent to see why they are being blocked. B. Open SmartMonitor and connect remotely to the wireless controller C. From SmartConsole, go to the Log & Monitor tab and filter for the IP address of the tablet. D. Open SmartUpdate and review the logs tab.

Answer: C

While enabling the Identity Awareness blade, the Identity Awareness wizard does not automatically detect the Windows domain. Why does it not detect the Windows domain? A. SmartConsole machine is not part of the domain B. Security Gateway is not part of the Domain C. Identity Awareness is not enabled on Global properties D. Security Management Server is not part of the domain

Answer: A

In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category? A. Custom Application/Site B. IP Address C. Network Object D. Limit

Answer: B

What is the purpose of the Stealth Rule? A. To make the gateway visible to the Internet. B. To prevent users from directly connecting to a Security Gateway. C. To reduce the amount of logs for performance issues. D. To reduce the number of rules in the database.

Answer: B

Identity Awareness lets an administrator easily configure network access and auditing based on three items. Choose the correct statement. A. Network location, the identity of a user, and the active directory membership. B. Network location, the identity of a user, and the identity of a machine. C. Network location, the telephone number of a user, and the UID of a machine. D. Geographical location, the identity of a user, and the identity of a machine.

Answer: B

Which SmartConsole tab is used to monitor network and security performance? A. Security Policies B. Logs Monitor C. Manage Settings D. Gateway Servers

Answer: B

From the Gaia web interface, which of the following operations CANNOT be performed on a Security Management Server? A. Add a static route B. Verify a Security Policy C. Open a terminal shell D. View Security Management GUI Clients

Answer: B

The SIC Status "Unknown" means: A. There is no connection between the gateway and Security Management Server. B. The Security Management Server can contact the gateway, but cannot establish SIC. C. The secure communication is established. D. There is a connection between the gateway and Security Management Server, but it is not trusted.

Answer: A

Fill in the blank: Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is __. A. Sent to the Security Administrator. B. Stored on the Certificate Revocation List. C. Sent to the Internal Certificate Authority. D. Stored on the Security Management Server.

Answer: B

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis? A. Anti-Virus B. Threat Emulation C. Application Control D. Advanced Networking Blade

Answer: D

Which of the following situations would not require a new license to be generated and installed? A. The IP address of the Security Management or Security Gateway has changed. B. The license is upgraded. C. The Security Gateway is upgraded. D. The existing license expires.

Answer: C

What does the "unknown" SIC status shown on SmartConsole mean? A. The management can contact the Security Gateway but cannot establish Secure Internal Communication. B. SIC activation key requires a reset. C. Administrator input the wrong SIC key. D. There is no connection between the Security Gateway and Security Management Server.

Answer: D

Fill in the blank: A(n) __ rule is created by an administrator and configured to allow or block traffic based on specified criteria. A. Inline B. Explicit C. Implicit accept D. Implicit drop

Answer: B

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently? A. SmartManager B. SmartConsole C. Security Gateway D. Security Management Server

Answer: D

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed? A. Distributed B. Standalone C. Bridge Mode D. Targeted

Answer: A

Which of the following is NOT a type of Endpoint Identity Agent? A. Terminal B. Light C. Full D. Custom

Answer: A

What are two basic rules Check Point recommends for building an effective security policy? A. Accept Rule and Drop Rule B. Cleanup Rule and Stealth Rule C. Explicit Rule and Implied Rule D. NAT Rule and Reject Rule

Answer: B

Which command is used to add users to or from existing roles? A. Add rba user roles B. Add rba user C. Add user roles D. Add user

Answer: A

What licensing feature automatically verifies current licenses and activates new licenses added to the License and Contracts repository? A. Verification tool B. Verification licensing C. Automatic licensing D. Automatic licensing and Verification tool

Answer: C

At what point is the Internal Certificate Authority (ICA) created? A. During the primary Security Management Server installation process B. Upon creation of a certificate C. When an administrator decides to create one D. When an administrator initially logs into SmartConsole

Answer: A

What is NOT an advantage of Packet Filtering? A. Low Security and No Screening above Network Layer B. Application Independence C. High Performance D. Scalability

Answer: A

Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers? A. UserCheck B. Active Directory Query C. Account Unit Query D. User Directory Query

Answer: B

Which information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option? A. File attributes B. Application information C. Destination port D. Data type information

Answer: A

Which icon in the WebUI indicates that read/write access is enabled? A. Eyeglasses B. Pencil C. Padlock D. Book

Answer: B

Which command shows detailed information about VPN tunnels? A. cat $FWDIR/conf/vpn.conf B. vpn tu tlist C. vpn tu D. cpview

Answer: C

Check Point Update Service Engine (CPUSE), also known as Deployment Agent [DA], is an advanced and intuitive mechanism for software deployment on Gaia OS. What software packages are supported for deployment? A. It supports deployments of single HotFixes (HF), and of Major Versions. Blink Packages and HotFix Accumulators (Jumbo) are not supported. B. It supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), and of Major Versions. C. It supports deployments of Major Versions and Blink packages only. D. It supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), but not of Major Versions.

Answer: B

DLP and Mobile Access Policy are examples of what type of Policy? A. Shared Policies B. Unified Policies C. Inspection Policies D. Standard Policies

Answer: A

What are the two deployment options available for a security gateway? A. Bridge and Switch B. Local and Remote C. Cloud and Router D. Standalone and Distributed

Answer: D

Which of the following is a valid deployment option? A. CloudSec deployment B. Disliked deployment C. Router only deployment D. Standalone deployment

Answer: D

The VPN Link Selection will perform the following if the primary VPN link goes down? A. The Firewall will send out the packet on all interfaces B. The Firewall will inform the client that the tunnel is down C. The Firewall can update the Link Selection entries to start using a different link for the same tunnel D. The Firewall will drop the packets

Answer: C

Which of the following is NOT a tracking log option in R81.x? A. Full Log B. Log C. Detailed Log D. Extended Log

Answer: A

Main Mode in iKEv1 uses how many packages for negotiation? A. 3 B. depends on the make of the peer gateway C. 6 D. 4

Answer: C

What is required for a certificate-based VPN tunnel between two gateways with separate management systems? A. Shared Secret Passwords B. Unique Passwords C. Shared User Certificates D. Mutually Trusted Certificate Authorities

Answer: D

Which encryption algorithm is the least secured? A. 3DES B. AES-128 C. DES D. AES-256

Answer: C

What is required for a site-to-site VPN tunnel that does not use certificates? A. Unique Passwords B. Pre-Shared Secret C. SecureID D. RSA Token

Answer: B

What are the software components used by Autonomous Threat Prevention Profiles in R81.20 and higher? A. Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, IPS, File and URL Reputation B. IPS, Threat Emulation and Threat Extraction C. Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS D. IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

Answer: A

What are valid authentication methods for mutual authenticating the VPN gateways? A. Pre-shared Secret and PKI Certificates B. PKI Certificates and Kerberos Tickets C. Pre-Shared Secrets and Kerberos Ticket D. PKI Certificates and DynamicID OTP

Answer: A

Which Autonomous Threat Prevention profile uses sanitization technology? A. Cloud/data Center B. Guest Network C. Sandbox D. Perimeter

Answer: D

Fill in the blanks: A _____ license requires an administrator to designate a gateway for attachment whereas a license is automatically attached to a Security Gateway. A. Local; formal B. Central; local C. Formal; corporate D. Local; central

Answer: B

In large organizations where there are a number of managed Check Point firewalls that generate a lot of logs it is recommended to install the Log Server on a dedicated computer. Which statement is FALSE? A. The dedicated Log Server must be the same version as the Security Management Server. B. A Log Server has a SIC certificate which allows secure communication with the SMS and Security Gateways. C. More than one Log Server can be installed. D. A dedicated SmartEvent server is required for a separate Log Server to be deployed in the SmartEvent server.

Answer: A

Fill in the blanks: The Application Layer Firewalls inspect traffic through the _____ layer(s) of the TCP/IP model and up to and including the _____ layer. A. Upper; Application B. Lower; Application C. First two; Internet D. First two; Transport

Answer: B

A layer can support different combinations of blades. What are the supported blades: A. Firewall, NAT, Content Awareness and Mobile Access B. Firewall, URLF, Content Awareness and Mobile Access C. Firewall (Network Access Control), Application & URL Filtering and Content Awareness D. Firewall (Network Access Control), Application & URL Filtering, Content Awareness and Mobile Access

Answer: D

If there is an Accept Implied Policy set to “First”, what is the reason Jorge cannot see any logs? A. Track log column is set to Log instead of Full Log. B. Log Implied Rule was not selected on Global Properties. C. Track log column is set to none. D. Log Implied Rule was not set correctly on the track column on the rules base.

Answer: B

Fill in the blank: The position of an Implied rule is manipulated in the _____ window. A. Firewall B. Object Explorer C. Global Properties D. NAT

Answer: C

Which of the completed statements is NOT true? The GAiA Portal (WebUI) can be used to manage Operating System user accounts and: A. assign privileges to users. B. assign user rights to the directory structure on the Security Management Server. C. add more users to the Gaia operating system. D. change the home directory of the user.

Answer: B

Which of the following statements about Site-to-Site VPN Domain-based is NOT true? A. Route-based- The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. B. Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway. C. Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway. D. Domain-based- VPN domains are pre-defined for all VPN Gateways.When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways.

Answer: A

Which of the following is considered a “Subscription Blade”, requiring renewal every 1-3 years? A. IPS blade B. IPSEC VPN Blade C. Firewall Blade D. Identity Awareness Blade

Answer: A

What is the BEST command to view configuration details of all interfaces in Gaia CLISH? A. ifconfig -a B. show interfaces all C. show interfaces detail D. show configuration interface

Answer: B

If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed: A. Rename the hostname of the Standby member to match exactly the hostname of the Active member. B. Change the Standby Security Management Server to Active. C. Change the Active Security Management Server to Standby. D. Manually synchronize the Active and Standby Security Management Servers.

Answer: A

To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use? A. Protections B. IPS Protections C. Profiles D. ThreatWiki

Answer: B

Which tool is used to enable ClusterXL? A. SmartUpdate B. cpconfig C. SmartConsole D. sysconfig

Answer: B

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration. A. False, log servers are configured on the Log Server General Properties B. True, all Security Gateways will only forward logs with a SmartCenter Server configuration C. True, all Security Gateways forward logs automatically to the Security Management Server D. False, log servers are enabled on the Security Gateway General Properties

Answer: B

Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management? A. Microsoft Publisher B. JSON C. Microsoft Word D. RC4 Encryption

Answer: B

Which method below is NOT one of the ways to communicate using the Management API’s? A. Typing API commands using the “mgmt_cli” command B. Typing API commands from a dialog box inside the SmartConsole GUI application C. Typing API commands using Gaia’s secure shell (clish) D. Sending API commands over an http connection using web-services

Answer: D

Session unique identifiers are passed to the web api using which http header option? A. X-chkp-sid B. Accept-Charset C. Proxy-Authorization D. Application

Answer: A

Which back up method uses the command line to create an image of the OS? A. System backup B. Save Configuration C. Migrate D. snapshot

Answer: D

Which of the following commands is used to monitor cluster members? A. cphaprob state B. cphaprob status C. cphaprob D. cluster state

Answer: A

What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties? A. A host route to route to the destination IP B. Use the file local.arp to add the ARP entries for NAT to work C. Nothing, the Gateway takes care of all details necessary D. Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Answer: C

Which statement is NOT TRUE about Delta synchronization? A. Using UDP Multicast or Broadcast on port 8161 B. Using UDP Multicast or Broadcast on port 8116 C. Quicker than Full sync D. Transfers changes in the Kernel tables between cluster members

Answer: A

In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log? A. Accounting B. Suppression C. Accounting/Suppression D. Accounting/Extended

Answer: C

What is a reason for manual creation of a NAT rule? A. In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules. B. Network Address Translation of RFC1918-compliant networks is needed to access the Internet. C. Network Address Translation is desired for some services, but not for others. D. The public IP-address is different from the gateway’s external IP

Answer: D

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware. A. Next Generation Threat Prevention B. Next Generation Threat Emulation C. Next Generation Threat Extraction D. Next Generation Firewall

Answer: B

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer. A. fw ctl set int fwha vmac global param enabled B. fw ctl get int fwha vmac global param enabled; result of command should return value 1 C. cphaprob -a if D. fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Answer: B

What is the most recommended installation method for Check Point appliances? A. SmartUpdate installation B. DVD media created with Check Point ISOMorphic C. USB media created with Check Point ISOMorphic D. Cloud based installation

Answer: C

What is the BEST method to deploy Identity Awareness for roaming users? A. Use Office Mode B. Use identity agents C. Share user identities between gateways D. Use captive portal

Answer: B

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition? A. Any size B. Less than 20GB C. More than 10GB and less than 20 GB D. At least 20GB

Answer: D

Which of the following is the most secure means of authentication? A. Password B. Certificate C. Token D. Pre-shared secret

Answer: B

Which of the following describes how Threat Extraction functions? A. Detect threats and provides a detailed report of discovered threats B. Proactively detects threats C. Delivers file with original content D. Delivers PDF versions of original files with active content removed

Answer: D

What is the difference between SSL VPN and IPSec VPN? A. IPSec VPN does not require installation of a resident VPN client B. SSL VPN requires installation of a resident VPN client C. SSL VPN and IPSec VPN are the same D. IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

Answer: D

Which is a suitable command to check whether Drop Templates are activated or not? A. fw ctl get int activate_drop_templates B. fwaccel stat C. fwaccel stats D. fw ctl templates -d

Answer: B

The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement? A. Add tcpdump to CLISH using add command. Create a new access role. Add tcpdump to the role. Create new user with any UID and assign role to the user. B. Add tcpdump to CLISH using add command. Create a new access role. Add tcpdump to the role. Create new user with UID 0 and assign role to the user. C. Create a new access role. Add expert-mode access to the role. Create new user with UID 0 and assign role to the user. D. Create a new access role. Add expert-mode access to the role. Create new user with any UID and assign role to the user.

Answer: A

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this? A. UDP port 265 B. TCP port 265 C. UDP port 256 D. TCP port 256

Answer: B

How are the backups stored in Check Point appliances? A. Saved as*.tar under /var/log/CPbackup/backups B. Saved as*.tgz under /var/CPbackup C. Saved as*tar under /var/CPbackup D. Saved as*.tgz under /var/log/CPbackup/backups

Answer: D

What SmartEvent component creates events? A. Consolidation Policy B. Correlation Unit C. SmartEvent Policy D. SmartEvent GUI

Answer: B

Which GUI tool can be used to view and apply Check Point licenses? A. cpconfig B. Management Command Line C. SmartConsole D. SmartUpdate

Answer: D

What protocol is specifically used for clustered environments? A. Clustered Protocol B. Synchronized Cluster Protocol C. Control Cluster Protocol D. Cluster Control Protocol

Answer: D

Using ClusterXL, what statement is true about the Sticky Decision Function? A. Can only be changed for Load Sharing implementations B. All connections are processed and synchronized by the pivot C. Is configured using cpconfig D. Is only relevant when using SecureXL

Answer: A

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server? A. fwd B. fwm C. cpd D. cpwd

Answer: B

An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret? A. The Gateway is an SMB device B. The checkbox “Use only Shared Secret for all external members” is not checked C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS D. Pre-shared secret is already configured in Global Properties

Answer: C

Which SmartConsole tab shows logs and detected security threats, providing a centralized display of potential attack patterns from all network devices? A. LOGS & MONITOR B. SECURITY POLICIES C. GATEWAYS & SERVERS D. MANAGE & SETTINGS

Answer: A

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade? A. Detects and blocks malware by correlating multiple detection engines before users are affected. B. Configure rules to limit the available network bandwidth for specified users or groups. C. Use UserCheck to help users understand that certain websites are against the company’s security policy. D. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Answer: A

Can Check Point and Third-party Gateways establish a certificate-based Site-to-Site VPN tunnel? A. No, Certificate based VPNs are only possible between Check Point devices B. No, they cannot share certificate authorities C. Yes, but they have to have a pre-shared secret key D. Yes, but they need to have a mutually trusted certificate authority

Answer: D

What makes log queries faster? A. Size of physical memory on the log server. B. Logs are stored in the management server instead of a separate log server. C. Indexing Engine indexes logs for faster search results. D. Optimized log query where SmartConsole queries logs directly from the Security Gateway.

Answer: C

You had setup the VPN Community ‘VPN-Stores’ with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways. A. action:”Key Install” AND 1.1.1.1 AND Quick Mode B. Blade:”VPN” AND VPN-Stores AND Main Mode C. action:”Key Install” AND 1.1.1.1 AND Main Mode D. Blade:”VPN” AND VPN-Stores AND Quick Mode

Answer: D

Which of the following is TRUE regarding Gaia command line? A. Configuration changes should be done in mgmt_cli and use clish for monitoring. Expert mode is used only for OS level tasks. B. Configuration changes should be done in mgmt_cli and use expert mode for OS-level tasks. C. Configuration changes should be done in expert mode and clish is used for monitoring. D. All configurations should be done through clish and expert mode should be used for Linux commands or remaining tasks.

Answer: D

Aggressive Mode in iKEv1 uses how many packages for negotiation? A. 3 B. depends on the make of the peer gateway C. 6 D. 5

Answer: A

You want to set up a VPN tunnel to an external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway. A. Create a new VPN community and configure specific encryption domains for the two gateways B. Define a dedicated VPN community for the tunnel and use a VPN domain with only the relevant subnets C. Configure domain-based VPN with the default VPN domain and rely on routing to limit Phase 2 D. Use route-based VPN and static routes only, without changing the VPN domain

Answer: B

Which of the following technologies extracts detailed information from packets and stores that information in different tables? A. Application Layer Firewall B. Packet Filtering C. Next-Generation Firewall D. Stateful Inspection

Answer: D

When a Security Gateway communicates about its status to an IP address other than its own, which deployment option was chosen? A. Targeted B. Bridge Mode C. Distributed D. Standalone

Answer: C

You want to set up a VPN tunnel to an external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway. A. In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDIR/conf/user.def.FW1 file -> subnet_for_range_and_peer = { }; B. In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies /Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column. C. In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to 'User defined' and put in the local network. D. In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FW1 file -> subnet_for_range_and_peer = { };

Answer: C

Topic CCSA Flashcards

CCSA (301 cards)