Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in:
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.
Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.
When configuring Anti-Spoofing, which tracking options can an Administrator select?
After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.
How can the changes made by an administrator before publishing the session be seen by a superuser administrator?
Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?
An administrator wishes to use Application objects in a rule in their policy but there are no Application objects listed as options to add when clicking the"+" to add new items to the "Services & Applications" column of a rule. What should be done to fix this?
When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?
Fill in the bank: In Office mode, a Security Gateway assigns a remote client to an IP address once___________.
Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?
While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain Why does it not detect the windows domain?
When configuring LDAP User Directory integration, Changes applied to a User Directory template are:
Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?
After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?
Fill in the blank: An identity server uses a ___________ for user authentication.
Is it possible to have more than one administrator connected to a Security Management Server at once?
You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?
When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:
Fill in the blank: In order to install a license, it must first be added to the ____________.
Fill in the blank: SmartConsole, SmartEvent GUI client, and ___________ allow viewing of billions of consolidated logs and shows them as prioritized security events.
True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.
Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components?
What is the BEST command to view configuration details of all interfaces in Gaia CLISH?
Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?
Fill in the blank: A(n)_____rule is created by an administrator and configured to allow or block traffic based on specified criteria.
You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?
In which deployment is the security management server and Security Gateway installed on the same appliance?
Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?
If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:
When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?
In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?
The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands?
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
John is using Management HA. Which Smartcenter should be connected to for making changes?
True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.
Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?
Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?
You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?
When configuring LDAP with User Directory integration, changes applied to a User Directory template are:
What is required for a certificate-based VPN tunnel between two gateways with separate management systems?
Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.
What is the most likely reason?
Which is a suitable command to check whether Drop Templates are activated or not?
Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?
Consider the Global Properties following settings:
The selected option “Accept Domain Name over UDP (Queries)” means:
Which Security Blade needs to be enabled in order to sanitize and remove potentially malicious content from files, before those files enter the network?
What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?
Which Check Point supported authentication scheme typically requires a user to possess a token?
Identity Awareness lets an administrator easily configure network access and auditing based on three items Choose the correct statement.
Which is NOT an encryption algorithm that can be used in an IPSEC Security Association (Phase 2)?
Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?
There are four policy types available for each policy package. What are those policy types?
In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.)
You want to set up a VPN tunnel to a external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.
How many users can have read/write access in Gaia Operating System at one time?
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?
To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?
Fill in the blank: The_____is used to obtain identification and security information about network users.
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.