156-315.80 Sample Questions Answers

Cloud, Appliance and Private

Cloud, Appliance and Hybrid

Cloud, Smart-1 and Hybrid

Cloud, OpenServer and Vmware

Basic, Optimized, Strict

Basic, Optimized, Severe

General, Escalation, Severe

General, purposed, Strict

Stateful Mode

VPN Routing Mode

Wire Mode

Stateless Mode

Automatic proxy ARP configuration can be enabled

Translate Destination on Client Side should be configured

fw ctl proxy should be configured

local.arp file must always be configured

Accept Template

Deny template

Drop Template

NAT Template

Only when there is Multicast solution set up.

There is Load Sharing solution set up.

Only when there is Unicast solution set up.

There is High Availability solution set up.

Post-Automatic/Manual NAT rules

Manual/Pre-Automatic NAT

Automatic Hide NAT

Automatic Static NAT

To satellites through center only

To center only

To center and to other satellites through center

To center, or through the center to other satellites, to Internet and other VPN targets

Application Control

Threat Emulation

Anti-Virus

Advanced Networking Blade

WMI

Eventvwr

XML

Services.msc

1, 2, 3, 4

1, 4, 2, 3

3, 1, 2, 4

4, 3, 1, 2

Supports Dynamic Routing (Unicast and Multicast)

Supports Dynamic Routing (Unicast Only)

Supports Dynamic Routing (Multicast Only)

Does not support Dynamic Routing

1-254

1-255

0-254

0 – 255

There is a virus found. Traffic is still allowed but not accelerated.

The connection required a Security server.

Acceleration is not enabled.

The traffic is originating from the gateway itself.

SecurID client assigns a routable MAC address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.

Users authenticate with an Internet browser and use secure HTTPS connection.

Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.

Allows a security gateway to assign a remote client an IP address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.

Verification & Compilation, Transfer and Commit

Verification & Compilation, Transfer and Installation

Verification, Commit, Installation

Verification, Compilation & Transfer, Installation

Accept

Drop

NAT

None

Messaging tool used to verify a user’s credentials.

Communication tool used to inform a user about a website or application they are trying to access.

Administrator tool used to monitor users on their network.

Communication tool used to notify an administrator when a new user is created.

Gateway API

Management API

OPSC SDK

Threat Prevention API

fwd

cpwd

fwm

cpd

Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.

Create a separate Security Policy package for each remote Security Gateway.

Create network objects that restricts all applicable rules to only certain networks.

Run separate SmartConsole instances to login and configure each Security Gateway directly.

glba

cjis

soci

ncipa

For FTP connections – do not sync

Add a second interface to handle sync traffic

For short connections like http service – do not sync

For short connections like icmp service – delay sync for 2 seconds

Can only be changed for Load Sharing implementations

All connections are processed and synchronized by the pivot

Is configured using cpconfig

Is only relevant when using SecureXL

DBSync

API Server

fwm

SOLR

secondary Smartcenter

active SmartConsole

connect virtual IP of Smartcenter HA

primary Log Server

SmartUpdate

cpconfig

SmartConsole

sysconfig

Incoming

Internal

External

Outgoing

IPS, DLP, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

DLP, AntiVirus, QoS, AntiBot, Sandblast Threat Emulation/Extraction

IPS, AntiVirus, AntiBot

IPS, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

15 sec

60 sec

5 sec

30 sec

fw accel stat

fwaccel stat

fw acces stats

fwaccel stats

API key

session ID token

content-type

Request payload

$FWDIR/bin/emaild.mta. elg

$FWDIR/log/mtad elg

/var/log/mail.mta elg

$CPDIR/log/emaild elg

edit fwaffinity.conf; reboot required

cpconfig; reboot required

edit fwaffinity.conf; reboot not required

cpconfig; reboot not required

Expert

Clish

Admin

Normal

fwd via cpm

fwm via fwd

cpm via cpd

fwd via cpd

cphaprob stat

cphaprob -a if

cphaprob -I list

cphaprob all show stat

Execute an automated script to perform common tasks

Create a customized GUI Client for manipulating the objects database

Create products that use and enhance the Check Point solution

Integrate Check Point products with 3rd party solution

Tom’s changes will have been stored on the Management when he reconnects and he will not lose any of his work.

Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot.

Tom’s changes will be lost since he lost connectivity and he will have to start again.

Tom will have to reboot his SmartConsole computer, clear to cache, and restore changes.

Improve the efficiency of traffic handling by SecureXL SNDs

Reduce the confusion for traffic capturing in FW Monitor

Improve the efficiency of CoreXL Kernel Instances

Reduce the performance of network interfaces

Authentication requests

CPMI dbsync

Logs

Event Policy

Check Point Update Service Engine

Check Point Software Update Agent

Check Point Remote Installation Daemon (CPRID)

Check Point Software Update Daemon

Server, SCP, Username, Password, Path, Comment, Member

Server, TFTP, Username, Password, Path, Comment, All Members

Server, Protocol, Username, Password, Path, Comment, All Members

Server, Protocol, username Password, Path, Comment, Member

True, CLI is the prefer method for Licensing

False, Central License are handled via Security Management Server

False, Central Licenses are installed via Gaia on Security Gateways

True, Central License can be installed with CPLIC command on a Security Gateway

All UDP packets

All IPv6 Traffic

All packets that match a rule whose source or destination is the Outside Corporate Network

CIFS packets

By dropping traffic from websites identified through ThreatCloud Verification and URL Caching

By dropping traffic that is not proven to be from clean websites in the URL Filtering blade

By allowing traffic from websites that are known to run Antivirus Software on servers regularly

By matching logs against ThreatCloud information about the reputation of the website

No, only one can be connected

Yes, all administrators can modify a network object at the same time

Yes, every administrator has their own username, and works in a session that is independent of other administrators.

Yes, but only one has the right to write.

Disguising an illegal IP address behind an authorized IP address through Port Address Translation.

Hiding your firewall from unauthorized users.

Detecting people using false or wrong authentication logins

Making packets appear as if they come from an authorized IP address.

SmartEvent Server

Correlation Unit

Log Consolidator

Log Server

He can use the fw accel stat command on the gateway.

He can use the fw accel statistics command on the gateway.

He can use the fwaccel stat command on the Security Management Server.

He can use the fwaccel stat command on the gateway

Security policy

Inbound chain

Outbound chain

Decryption is not supported

Application Dictionary

AppWiki

Application Library

CPApp

Using UDP Multicast or Broadcast on port 8161

Using UDP Multicast or Broadcast on port 8116

Quicker than Full sync

Transfers changes in the Kernel tables between cluster members.

SecuRemote

Endpoint Security Suite

Endpoint Security VPN

Check Point Mobile

Manual configuration of file types on emulation location.

Load sharing of emulation between an on premise appliance and the cloud.

Load sharing between OS behavior and CPU Level emulation.

High availability between the local SandBlast appliance and the cloud.

Consolidation Policy

Correlation Unit

SmartEvent Policy

SmartEvent GUI

set web ssl-port

set Gaia-portal port

set Gaia-portal https-port

set web https-port

The connection is destined for a server within the network

The connection required a Security server

The packet is the second in an established TCP connection

The packets are not multicast

cpm status

api restart

api status

show api status

http:// /smartview

http:// :4434/smartview/

https:// /smartview/

https:// :4434/smartview/

Threat Cloud Intelligence

Threat Prevention Software Blade Package

Endpoint Total Protection

Traffic on port 25

In CLISH run: set interface eth2 mac-addr 11:11:11:11:11:11

In expert-mode run ifconfig eth1 hw 11:11:11:11 11 11

In CLISH run set interface eth2 hw-addr 11 11 11:11:11 11

In expert-mode run: ethtool -4 eth2 mac 11 11:11:11:11:11

Support for IPv6

Granular access control

Strong user authentication

Secure connectivity

Toni? AND 10.0.4.210 NOT 10.0.4.76

To** AND 10.0.4.210 NOT 10.0.4.76

Ton* AND 10.0.4.210 NOT 10.0.4.75

"Toni" AND 10.0.4.210 NOT 10.0.4.76

18191

18190

8983

19009

fw ctl sdstat

fw ctl affinity –l –a –r –v

fw ctl multik stat

cpinfo