Question 1

Fill in the blanks: A security Policy is created in _________ , stored in the _________ , and Distributed to the various __________ .

Accepted Answer

A)  Rule base, Security Management Server, Security Gateways 
B)  SmartConsole, Security Gateway, Security Management Servers 
C)  SmartConsole, Security Management Server, Security Gateways 
D)  The Check Point database, SmartConsole, Security Gateways 
A)  Rule base, Security Management Server, Security Gateways 
B)  SmartConsole, Security Gateway, Security Management Servers 
C)  SmartConsole, Security Management Server, Security Gateways 
D)  The Check Point database, SmartConsole, Security Gateways

Question 2

Which of the following is a hash algorithm?

Accepted Answer

A)  3DES 
B)  IDEA 
C)  DES 
D)  MD5 
A)  3DES 
B)  IDEA 
C)  DES 
D)  MD5

Question 3

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.   What is the possible explanation for this?

Accepted Answer

A)  DNS Rule is using one of the new features of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important. 
B)  Another administrator is logged into the Management and currently editing the DNS Rule. 
C)  DNS Rule is a placeholder rule for a rule that existed in the past but was deleted. 
D)  This is normal behavior in R80 when there are duplicate rules in the Rule Base. 
A)  DNS Rule is using one of the new features of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important. 
B)  Another administrator is logged into the Management and currently editing the DNS Rule. 
C)  DNS Rule is a placeholder rule for a rule that existed in the past but was deleted. 
D)  This is normal behavior in R80 when there are duplicate rules in the Rule Base.

Question 4

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.

Accepted Answer

A)  False, log servers are configured on the Log Server General Properties 
B)  True, all Security Gateways will only forward logs with a SmartCenter Server configuration 
C)  True, all Security Gateways forward logs automatically to the Security Management Server 
D)  False, log servers are enabled on the Security Gateway General Properties 
A)  False, log servers are configured on the Log Server General Properties 
B)  True, all Security Gateways will only forward logs with a SmartCenter Server configuration 
C)  True, all Security Gateways forward logs automatically to the Security Management Server 
D)  False, log servers are enabled on the Security Gateway General Properties

Question 5

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

Accepted Answer

A)  SmartMonitor 
B)  SmartView Web Application 
C)  SmartReporter 
D)  SmartTracker 
A)  SmartMonitor 
B)  SmartView Web Application 
C)  SmartReporter 
D)  SmartTracker

Question 6

You work as a security administrator for a large company. The CSO of your company has attended a security conference where he has learned how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the right protections in place. Check Point has been selected for the security vendor. Which Check Point product protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users?

Accepted Answer

A)  IPS and Application Control 
B)  IPS, anti-virus and anti-bot 
C)  IPS, anti-virus and e-mail security 
D)  SandBlast 
A)  IPS and Application Control 
B)  IPS, anti-virus and anti-bot 
C)  IPS, anti-virus and e-mail security 
D)  SandBlast

Question 7

An identity server uses a ___________ for user authentication.

Accepted Answer

A)  Shared secret 
B)  Certificate 
C)  One-time password 
D)  Token 
A)  Shared secret 
B)  Certificate 
C)  One-time password 
D)  Token

Question 8

How many layers make up the TCP/IP model?

Accepted Answer

A)  2 
B)  7 
C)  6 
D)  4 
A)  2 
B)  7 
C)  6 
D)  4

Question 9

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Accepted Answer

A)  Distributed 
B)  Standalone 
C)  Bridge 
A)  Distributed 
B)  Standalone 
C)  Bridge

Question 10

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Accepted Answer

A)  Full 
B)  Light 
C)  Custom 
D)  Complete 
A)  Full 
B)  Light 
C)  Custom 
D)  Complete

Question 11

Which Check Point supported authentication scheme typically requires a user to possess a token?

Accepted Answer

A)  TACACS 
B)  SecurID 
C)  Check Point password 
D)  RADIUS 
A)  TACACS 
B)  SecurID 
C)  Check Point password 
D)  RADIUS

Question 12

In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Accepted Answer

A)  True, CLI is the preferred method for Licensing 
B)  False, Central Licenses are handled via Security Management Server 
C)  False, Central Licenses are installed via Gaia on Security Gateways 
D)  True, Central Licenses can be installed with CPLIC command on a Security Gateway 
A)  True, CLI is the preferred method for Licensing 
B)  False, Central Licenses are handled via Security Management Server 
C)  False, Central Licenses are installed via Gaia on Security Gateways 
D)  True, Central Licenses can be installed with CPLIC command on a Security Gateway

Question 13

Under which file is the proxy arp configuration stored?

Accepted Answer

A)  $FWDIR/state/proxy_arp.conf on the management server 
B)  $FWDIR/conf/local.arp on the management server 
C)  $FWDIR/state/_tmp/proxy.arp on the security gateway 
D)  $FWDIR/conf/local.arp on the gateway 
A)  $FWDIR/state/proxy_arp.conf on the management server 
B)  $FWDIR/conf/local.arp on the management server 
C)  $FWDIR/state/_tmp/proxy.arp on the security gateway 
D)  $FWDIR/conf/local.arp on the gateway

Question 14

You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the "Select additional profile that will be able edit this layer" you do not see anything. What is the most likely cause of this problem? Select the BEST answer.

Accepted Answer

A)  "Edit layers by Software Blades" is unselected in the Permission Profile 
B)  There are no permission profiles available and you need to create one first. 
C)  All permission profiles are in use. 
D)  "Edit layers by selected profiles in a layer editor" is unselected in the Permission profile. 
A)  "Edit layers by Software Blades" is unselected in the Permission Profile 
B)  There are no permission profiles available and you need to create one first. 
C)  All permission profiles are in use. 
D)  "Edit layers by selected profiles in a layer editor" is unselected in the Permission profile.

Question 15

The SIC Status "Unknown" means

Accepted Answer

A)  There is connection between the gateway and Security Management Server but it is not trusted. 
B)  The secure communication is established. 
C)  There is no connection between the gateway and Security Management Server. 
D)  The Security Management Server can contact the gateway, but cannot establish SIC. 
A)  There is connection between the gateway and Security Management Server but it is not trusted. 
B)  The secure communication is established. 
C)  There is no connection between the gateway and Security Management Server. 
D)  The Security Management Server can contact the gateway, but cannot establish SIC.

Question 16

Which option will match a connection regardless of its association with a VPN community?

Accepted Answer

A)  All Site-to-Site VPN Communities 
B)  Accept all encrypted traffic 
C)  All Connections (Clear or Encrypted) 
D)  Specific VPN Communities 
A)  All Site-to-Site VPN Communities 
B)  Accept all encrypted traffic 
C)  All Connections (Clear or Encrypted) 
D)  Specific VPN Communities

Question 17

In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Accepted Answer

A)  Command line of the Security Management Server or mgmt_cli.exe on any Windows computer. 
B)  SmartConsole and WebUI on the Security Management Server. 
C)  mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server. 
D)  SmartConsole or mgmt_cli on any computer where SmartConsole is installed. 
A)  Command line of the Security Management Server or mgmt_cli.exe on any Windows computer. 
B)  SmartConsole and WebUI on the Security Management Server. 
C)  mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server. 
D)  SmartConsole or mgmt_cli on any computer where SmartConsole is installed.

Question 18

Fill in the blank: Back up and restores can be accomplished through_________.

Accepted Answer

A)  SmartConsole, WebUI, or CLI 
B)  WebUI, CLI, or SmartUpdate 
C)  CLI, SmartUpdate, or SmartBackup 
D)  SmartUpdate, SmartBackup, or SmartConsole 
A)  SmartConsole, WebUI, or CLI 
B)  WebUI, CLI, or SmartUpdate 
C)  CLI, SmartUpdate, or SmartBackup 
D)  SmartUpdate, SmartBackup, or SmartConsole

Question 19

Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

Accepted Answer

A)  vpn tu 
B)  vpn ipsec remove -l 
C)  vpn debug ipsec 
D)  fw ipsec tu 
A)  vpn tu 
B)  vpn ipsec remove -l 
C)  vpn debug ipsec 
D)  fw ipsec tu

Question 20

If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

Accepted Answer

A)  Log Implied Rule was not selected on Global Properties. 
B)  Log Implied Rule was not set correctly on the track column on the rules base. 
C)  Track log column is set to none. 
D)  Track log column is set to Log instead of Full Log. 
A)  Log Implied Rule was not selected on Global Properties. 
B)  Log Implied Rule was not set correctly on the track column on the rules base. 
C)  Track log column is set to none. 
D)  Track log column is set to Log instead of Full Log.

Fill in the blanks: A security Policy is created in _____ , stored in the _ , and Distributed to the various ______ .

Which of the following is a hash algorithm?

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base. What is the possible explanation for this?

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

An identity server uses a ___________ for user authentication.

How many layers make up the TCP/IP model?

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Which Check Point supported authentication scheme typically requires a user to possess a token?

In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Under which file is the proxy arp configuration stored?

You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the "Select additional profile that will be able edit this layer" you do not see anything. What is the most likely cause of this problem? Select the BEST answer.

The SIC Status "Unknown" means

Which option will match a connection regardless of its association with a VPN community?

In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Fill in the blank: Back up and restores can be accomplished through_________.

Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

Check Point Certified Security Principles Associate (CCSPA)

Check Point Certified Security Expert - R80

Filters

Exam 2: Check Point Certified Security Administrator (CCSA R80)

Fill in the blanks: A security Policy is created in _________ , stored in the _________ , and Distributed to the various __________ .

Which of the following is a hash algorithm?

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base. What is the possible explanation for this?

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

An identity server uses a ___________ for user authentication.

How many layers make up the TCP/IP model?

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Which Check Point supported authentication scheme typically requires a user to possess a token?

In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Under which file is the proxy arp configuration stored?

You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the "Select additional profile that will be able edit this layer" you do not see anything. What is the most likely cause of this problem? Select the BEST answer.

The SIC Status "Unknown" means

Which option will match a connection regardless of its association with a VPN community?

In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Fill in the blank: Back up and restores can be accomplished through_________.

Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

Check Point Certified Security Principles Associate (CCSPA)

Check Point Certified Security Expert - R80

Filters

Fill in the blanks: A security Policy is created in _____ , stored in the _ , and Distributed to the various ______ .