NEW QUESTION 1
Fill in the blank: A ____ is used by a VPN gateway to send traffic as if it were a physical interface.

• A. VPN Tunnel Interface
• B. VPN community
• C. VPN router
• D. VPN interface

Answer: A

Explanation: Route Based VPN
VPN traffic is routed according to the routing settings (static or dynamic) of the Security Gateway operating system. The Security Gateway uses a VTI (VPN Tunnel Interface) to send the VPN traffic as if it were a physical interface. The VTIs of Security Gateways in a VPN community connect and can support dynamic routing protocols.

NEW QUESTION 2
Which of the following is NOT a tracking option?

• A. Partial log
• B. Log
• C. Network log
• D. Full log

Answer: A

NEW QUESTION 3
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

• A. fwd
• B. fwm
• C. cpd
• D. cpwd

Answer: B

NEW QUESTION 4
You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

• A. XlateDst
• B. XlateSPort
• C. XlateDPort
• D. XlateSrc

Answer: B

NEW QUESTION 5
SmartEvent does NOT use which of the following procedures to identity events:

• A. Matching a log against each event definition
• B. Create an event candidate
• C. Matching a log against local exclusions
• D. Matching a log against global exclusions

Answer: C

NEW QUESTION 6
Identify the API that is not supported by Check Point currently.

• A. R80 Management API-
• B. Identity Awareness Web Services API
• C. Open REST API
• D. OPSEC SDK

Answer: C

NEW QUESTION 7
Which command can you use to enable or disable multi-queue per interface?

• A. cpmq set
• B. Cpmqueue set
• C. Cpmq config
• D. Set cpmq enable

Answer: A

NEW QUESTION 8
The CDT utility supports which of the following?

• A. Major version upgrades to R77.30
• B. Only Jumbo HFA’s and hotfixes
• C. Only major version upgrades to R80.10
• D. All upgrades

Answer: D

NEW QUESTION 9
Fill in the blanks: A High Availability deployment is referred to as a ____ cluster and a Load Sharing deployment is referred to as a _____ cluster.

• A. Standby/standby; active/active
• B. Active/active; standby/standby
• C. Active/active; active/standby;
• D. Active/standby; active/active

Answer: D

Explanation: In a High Availability cluster, only one member is active (Active/Standby operation).
ClusterXL Load Sharing distributes traffic within a cluster so that the total throughput of multiple members is increased. In Load Sharing configurations, all functioning members in the cluster are active, and handle network traffic (Active/Active operation).

NEW QUESTION 10
Which limitation of CoreXL is overcome by using (mitigated by) Multi-Queue?

• A. There is no traffic queue to be handled
• B. Several NICs can use one traffic queue by one CPU
• C. Each NIC has several traffic queues that are handled by multiple CPU cores
• D. Each NIC has one traffic queue that is handled by one CPU

Answer: C

NEW QUESTION 11
Which path below is available only when CoreXL is enabled?

• A. Slow path
• B. Firewall path
• C. Medium path
• D. Accelerated path

Answer: C

NEW QUESTION 12
Which of the following is a hash algorithm?

• A. 3DES
• B. IDEA
• C. DES
• D. MD5

Answer: D

NEW QUESTION 13
Where can administrator edit a list of trusted SmartConsole clients in R80?

• A. cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server.
• B. Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients.
• C. In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients.
• D. WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients, via cpconfig on a Security Gateway.

Answer: C

NEW QUESTION 14
What does it mean if Deyra sees the gateway status

Choose the BEST answer.

• A. SmartCenter Server cannot reach this Security Gateway
• B. There is a blade reporting a problem
• C. VPN software blade is reporting a malfunction
• D. Security Gateway s MGNT NIC card is disconnected

Answer: A

NEW QUESTION 15
What does it mean if Bob gets this result on an object search? Refer to the image below. Choose the BEST answer.

• A. Search detailed is missing the subnet mask.
• B. There is no object on the database with that name or that IP address.
• C. There is no object on the database with that IP address.
• D. Object does not have a NAT IP address.

Answer: B

NEW QUESTION 16
Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

• A. “Encrypt” action in the Rule Base
• B. Permanent Tunnels
• C. “VPN” column in the Rule Base
• D. Configuration checkbox “Accept all encrypted traffic”

Answer: A

Explanation: Migrating from Traditional Mode to Simplified Mode
To migrate from Traditional Mode VPN to Simplified Mode:
1. On the Global Properties > VPN page, select one of these options:
• Simplified mode to all new Firewall Policies
• Traditional or Simplified per new Firewall Policy
2. Click OK.
3. From the R80 SmartConsole Menu, select Manage policies. The Manage Policies window opens.
4. Click New.
The New Policy window opens.
5. Give a name to the new policy and select Access Control.
In the Security Policy Rule Base, a new column marked VPN shows and the Encrypt option is no longer available in the Action column. You are now working in Simplified Mode.

NEW QUESTION 17
Which of the following is TRUE about the Check Point Host object?

• A. Check Point Host has no routing ability even if it has more than one interface installed.
• B. When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.
• C. Check Point Host is capable of having an IP forwarding mechanism.
• D. Check Point Host can act as a firewall.

Answer: A

Explanation: A Check Point host is a host with only one interface, on which Check Point software has been installed, and which is managed by the Security Management server. It is not a routing mechanism and is not capable of IP forwarding.

NEW QUESTION 18
Which message indicates IKE Phase 2 has completed successfully?

• A. Quick Mode Complete
• B. Aggressive Mode Complete
• C. Main Mode Complete
• D. IKE Mode Complete

Answer: A

NEW QUESTION 19
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address 10.0.0.19 via DHCP.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
John plugged in his laptop to the network on a different network segment and he is not able to connect. How does he solve this problem?

• A. John should install the identity Awareness Agent
• B. The firewall admin should install the Security Policy
• C. John should lock and unlock the computer
• D. Investigate this as a network connectivity issue

Answer: C

NEW QUESTION 20
Choose what BEST describes users on Gaia Platform.

• A. There is one default user that cannot be deleted.
• B. There are two default users and one cannot be deleted.
• C. There is one default user that can be deleted.
• D. There are two default users that cannot be deleted and one SmartConsole Administrator.

Answer: B

Explanation: These users are created by default and cannot be deleted:
admin — Has full read/write capabilities for all Gaia features, from the WebUI and the CLI. This user
has a User ID of 0, and therefore has all of the privileges of a root user.
monitor — Has read-only capabilities for all features in the WebUI and the CLI, and can change its own password. You must give a password for this user before the account can be used.