What Is the difference between Updatable Objects and Dynamic Objects
A. Dynamic Objects ate maintained automatically by the Threat Cloud. Updatable Objects are created and maintained locally. In both cases there is no need to install policy for the changes to take effect.
B. Updatable Objects is a Threat Cloud Service. The provided Objects are updated automatically. Dynamic Objects are created and maintained locally For Dynamic Objects there is no need to install policy for the changes to take effect.
C. Updatable Objects is a Threat Cloud Service. The provided Objects are updated automatically. Dynamic Objects are created and maintained locally In both cases there is no need to install policy for the changes to take effect.
D. Dynamic Objects are maintained automatically by the Threat Cloud. For Dynamic Objects there rs no need to install policy for the changes to take effect. Updatable Objects are created and maintained locally.
Explanation: Updatable Objects are a Threat Cloud Service that provides network objects that represent external services, such as Office 365, AWS, GEO locations, and more. These objects are updated automatically by Check Point and do not require policy installation for the changes to take effect. Dynamic Objects are created and maintained locally by the administrator and can be used to define temporary or changing network objects, such as IP addresses, ports, or ranges. Dynamic Objects also do not require policy installation for the changes to take effect. References: Updatable Objects, Updateable Objects and NAT, R80.20 Updatable Domain Objects and CLI Commands.
What are possible Automatic Reactions in SmartEvent?
A. Mail. SNMP Trap, Block Source. Block Event Activity, External Script
B. Web Mail. Block Destination, SNMP Trap. SmartTask
C. Web Mail, Block Service. SNMP Trap. SmartTask, Geo Protection
D. Web Mail, Forward to SandBlast Appliance, SNMP Trap, External Script
Which Check Point daemon invokes and monitors critical processes and attempts to restart them if they fail?
A. fwm
B. cpd
C. cpwd
D. cpm
Explanation: The Check Point WatchDog daemon (cpwd) invokes and monitors critical processes and attempts to restart them if they fail. The cpwd daemon is responsible for starting processes such as cpd, cpm, fwm, fwd, and others. The cpd daemon is the Check Point Management daemon that handles communication between SmartConsole applications and Security Management Servers. The cpm daemon is the Check Point Management Server daemon that handles database operations and policy installation. The fwm daemon is the Firewall Management daemon that handles communication between Security Gateways and Security Management Servers. References: : Check Point Software, Getting Started, WatchDog Daemon; : Check Point Software, Getting Started, Processes.
Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .
A. Firewall policy install
B. Threat Prevention policy install
C. Anti-bot policy install
D. Access Control policy install
The customer has about 150 remote access user with a Windows laptops. Not more than 50 Clients will be connected at the same time. The customer want to use multiple VPN Gateways as entry point and a personal firewall. What will be the best license for him?
A. He will need Capsule Connect using MEP (multiple entry points).
B. Because the customer uses only Windows clients SecuRemote will be sufficient and no additional license is needed
C. He will need Harmony Endpoint because of the personal firewall.
D. Mobile Access license because he needs only a 50 user license, license count is per concurrent user.
Explanation: Harmony Endpoint is a solution that provides comprehensive protection for endpoint devices against cyber threats. Harmony Endpoint includes a personal firewall that controls the network traffic to and from the endpoint device, based on predefined rules and policies. Harmony Endpoint also integrates with Check Point’s VPN solutions to provide secure remote access to corporate resources1. Therefore, the customer will need Harmony Endpoint because of the personal firewall requirement.
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?
A. Application Control
B. Firewall
C. Identity Awareness
D. URL Filtering
When a packet arrives at the gateway, the gateway checks it against the rules in the hop Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?
A. If the Action is Accept, the gateway allows the packet to pass through the gateway.
B. If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
C. If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
D. If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.
Explanation: When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches the packet. The order of rule enforcement depends on the action of the matching rule. If the action is Accept, the gateway allows the packet to pass through the gateway, but also continues to check rules in the next Policy Layer down. If the action is Drop, Reject, or Encrypt, the gateway applies that action to the packet and stops checking rules in that Policy Layer and any subsequent Policy Layers. If there is no matching rule in a Policy Layer, the gateway applies the Implicit Clean-up Rule for that Policy Layer, which is usually Drop.
After replacing a faulty Gateway the admin installed the new Hardware and want to push the policy. Installing the policy using the SmartConsole he got an Error for the Threat Prevention Policy. There is no error for the Access Control Policy. What will be the most common cause for the issue?
A. The admin forgot to reestablish the SIC for the new hardware. That is typically the case when configure only the interfaces of the replacement hardware instead restoring a backup.
B. The IPS Protection engine on the replacement hardware is too old. Before pushing the Threat Prevention Policy use SmartConsole -> Security Policies -> Updates -> IPS 'Update Now' to update the engine.
C. The admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing.
D. The Threat Prevention Policy can't be installed on a Gateway without an already installed Access Control Policy. First install only the Access Control Policy.
Explanation: The most common cause for the issue is that the admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing. Without a valid license, the Threat Prevention Policy cannot be installed on the new hardware. The admin should check the license status on the SmartConsole -> Gateways & Servers -> Licenses & Contracts and apply the appropriate license for the replacement hardware. References: Check Point Certified Security Expert R81.20 Course Overview, sk171213: Threat Prevention policy installation reports failure in SmartConsole with this error: “Policy installation had failed due to an internal error.”
What is "Accelerated Policy Installation"?
A. Starting R81, the Desktop Security Policy installation process is accelerated thereby reducing the duration of the process significantly
B. Starting R81, the QoS Policy installation process is accelerated thereby reducing the duration of the process significantly
C. Starting R81, the Access Control Policy installation process is accelerated thereby reducing the duration of the process significantly
D. Starting R81, the Threat Prevention Policy installation process is accelerated thereby reducing the duration of the process significantly
Which command is used to obtain the configuration lock in Gaia?
A. Lock database override
B. Unlock database override
C. Unlock database lock
D. Lock database user
Explanation: Which command is used to obtain the configuration lock in Gaia? The command that is used to obtain the configuration lock in Gaia is lock database override. This command allows a user to take over the configuration lock from another user who is currently logged in with read/write access. The other user will be forced to logout and will lose any unsaved changes. This command should be used with caution and only when necessary. References: Gaia Administration Guide R81, page 15.
| Page 9 out of 43 Pages |
| Previous |
Copyright © - All Rights Reserved