Examen de filosofia

What two ordered layers make up the Access Control Policy Layer?. URL Filtering and Network. Network and Threat Prevention. Application Control and URL Filtering. Network and Application Control.

Fill the blank. IT is Best Practice to have a ________ rule at the end of each policy layer. Explicit Drop. Implied Drop. Explicit Cleanup. Implicit Drop.

How many sessions can be opened on the Management Server at the same time?. Unlimited, one per each licensed gateway. One. Unlimited, multiple per administrator. Unlimited, one per administrator.

To view statistics on detected threats, which Threat Tool would an administrator use?. Protections. IPS Protections. Profiles. ThreatWiki.

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?. All Site-to-Site VPN Communities. Accept all encrypted traffic. All Connections (Clear or Encrypted). Specific VPN Communities.

How do you manage Gaia?. Through CLI and WebUI. Through CLI only. Through SmartDashboard only. Through CLI, WebUI, and SmartDashboard.

What licensing feature automatically verifies current licenses and activates new licenses added to the License and Contracts repository?. Verification tool. Verification licensing. Automatic licensing. Automatic licensing and Verification tool.

Which of the following is used to enforce changes made to a Rule Base?. Publish database. Save changes. Install policy. Activate policy.

Which of the following is NOT a valid deployment option for R80?. All-in-one (stand-alone). Log server. SmartEvent. Multi-domain management server.

Which option will match a connection regardless of its association with a VPN community?. All Site-to-Site VPN Communities. Accept all encrypted traffic. All Connections (Clear or Encrypted). Specific VPN Communities.

Which of the following is NOT a tracking log option in R80.x?. Full Log. Detailed Log. Extended Log. Log.

Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?. file attributes. application information. destination port. data type information.

Where is the “Hit Count” feature enabled or disabled in SmartConsole?. On the Policy Package. On each Security Gateway. On the Policy layer. In Global Properties for the Security Management Server.

Examine the sample Rule Base. What will be the result of a verification of the policy from SmartConsole?. No errors or Warnings. Verification Error: Empty Source-List and Service-List in Rule 5 (Mail Inbound). Verification Error: Rule 4 (Web Inbound) hides Rule 6 (Webmaster access). Verification Error: Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule.

Which of the following technologies extracts detailed information from packets and stores that information in state tables?. INSPECT Engine. Next-Generation Firewall. Packet Filtering. Application Layer Firewall.

What object type would you use to grant network access to an LDAP user group?. Access Role. User Group. SmartDirectory Group. Group Template.

Which of the following commands is used to monitor cluster members?. show cluster state. show active cluster. show clusters. show running cluster.

Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?. Both License (.lic) and Contract (.xml) files. cp.macro. Contract file (.xml). license File (.lie).

Security Gateway software blades must be attached to what?. Security Gateway. Security Gateway container. Management server. Management container.

Choose what BEST describes users on Gaia Platform. There is one default user that cannot be deleted. There are two default users and one cannot be deleted. There is one default user that can be deleted. There are two default users and neither can be deleted.

When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, what does that indicate?. The gateway is not powered on. Incorrect routing to reach the gateway. The Admin would need to login to Read-Only mode. Another Admin has made an edit to that object and has yet to publish the change.

A SAM rule Is implemented to provide what function or benefit?. Allow security audits. Handle traffic as defined in the policy. Monitor sequence activity. Block suspicious activity.

Is it possible to have more than one administrator connected to a Security Management Server at once?. Yes, but only if all connected administrators connect with read-only permissions. Yes, but objects edited by one administrator will be locked for editing by others until the session is published. No, only one administrator at a time can connect to a Security Management Server. Yes, but only one of those administrators will have write-permissions. All others will have read-only permission.

Choose what BEST describes the reason why querying logs now is very fast. New Smart-1 appliances double the physical memory install. Indexing Engine indexes logs for faster search results. SmartConsole now queries results directly from the Security Gateway. The amount of logs being stored is less than the usual in older versions.

What default layers are included when creating a new policy layer?. Application Control, URL Filtering and Threat Prevention. Access Control, Threat Prevention and HTTPS Inspection. Firewall, Application Control and IPSec VPN. Firewall, Application Control and IPS.

Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware?. Anti-Bot. None - both Anti-Virus and Anti-Bot are required for this. Anti-Virus. None - both URL Filtering and Anti-Virus are required for this.

There are four policy types available for each policy package. What are those policy types?. Access Control, Threat Prevention, Mobile Access and HTTPS Inspection. Access Control, Custom Threat Prevention, Autonomous Threat Prevention and HTTPS Inspection. There are only three policy types: Access Control, Threat Prevention and NAT. Access Control, Threat Prevention, NAT and HTTPS Inspection.

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?. Enterprise Network Security Appliances. Rugged Appliances. Scalable Platforms. Small Business and Branch Office Appliances.

URL Filtering cannot be used to: Control Bandwidth issues. Control Data Security. Improve organizational security. Decrease legal liability.

Which of the following is used to extract state related information from packets and stores that information in state tables?. STATE Engine. TRACK Engine. RECORD Engine. INSPECT Engine.

A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?. Anti-Bot protection. Anti-Malware protection. Policy-based routing. Suspicious Activity Monitoring (SAM) rules.

To increase security, the administrator has modified the Core protection 'Host Port Scan' from 'Medium' to 'High' Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes?. The Access Control and Threat Prevention Policies. The Access Control Policy. The Access Control & HTTPS Inspection Policy. The Threat Prevention Policy.

Which of the following is used to enforce changes made to a Rule Base 2?. Publish database. Save changes. Install policy. Activate policy.

What is the main objective when using Application Control?. To filter out specific content. To assist the firewall blade with handling traffic. To see what users are doing. Ensure security and privacy of information.

When a gateway requires user information for authentication, what order does it query servers for user information?. First - Internal user database, then LDAP servers in order of priority, finally the generic external user profile. First the Internal user database, then generic external user profile, finally LDAP servers in order of priority. First the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile. The external generic profile, then the internal user database, finally the LDAP servers in order of priority.

SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following: Security Policy Management and Log Analysis. Security Policy Management, Log Analysis, System Health Monitoring, Multi-Domain Security Management. Security Policy Management, Log Analysis and System Health Monitoring. Security Policy Management, Threat Prevention rules, System Health Monitoring and Multi-Domain Security Management.

Which of the following is NOT a type of Endpoint Identity Agent?. Custom. Terminal. Full. Light.

An administrator wishes to use Application objects in a rule in their policy, but there are no Application objects listed as options to add when clicking the "+" to add new items to the "Services & Applications" column of a rule. What should be done to fix this?. The administrator should drag-and-drop the needed Application objects from the Object Explorer into the new rule. The "Application Control" blade should be enabled on a gateway. "Applications & URL Filtering" should first be enabled on the policy layer where the rule is being created. The administrator should first create some applications to add to the rule.

Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?. Windows Management Instrumentation (WMI). Hypertext Transfer Protocol Secure (HTTPS). Lightweight Directory Access Protocol (LDAP). Remote Desktop Protocol (RDP).

A layer can support different combinations of blades. What are the supported blades: Firewall, URLF, Content Awareness and Mobile Access. Firewall (Network Access Control), Application & URL Filtering, Content Awareness and Mobile Access. Firewall, NAT, Content Awareness and Mobile Access. Firewall (Network Access Control), Application & URL Filtering and Content Awareness.

What technologies are used to deny or permit network traffic?. Stateful Inspection, Firewall Blade, and URL/Application Blade. Packet Filtering, Stateful Inspection, and Application Layer Firewall. Firewall Blade, URL/Application Blade, and IPS. Stateful Inspection, URL/Application Blade, and Threat Prevention.

If an administrator wants to restrict access to a network resource only allowing certain users to access it, and only when they are on a specific network what is the best way to accomplish this?. Create an inline layer where the destination is the target network resource Define sub-rules allowing only specific sources to access the target resource. Use a "New Legacy User at Location", specifying the LDAP user group that the users belong to, at the desired location. Create a rule allowing only specific source IP addresses access to the target network resource. Create an Access Role object, with specific users or user groups specified, and specific networks defined Use this access role as the "Source" of an Access Control rule.

What are the software components used by Autonomous Threat Prevention Profiles in R81.20 and higher?. Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, IPS, File and URL Reputation. IPS, Threat Emulation and Threat Extraction. Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS. IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction.

Which command shows detailed information about VPN tunnels?. cat $FWDIR/conf/vpn.conf. vpn tu tlist. vpn tu. cpview.

Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in: Since they both are logged in on different interfaces, they will both be able to make changes. When Joe logs in, Bob will be logged out automatically. The database will be locked by Bob and Joe will not be able to make any changes. Bob will receive a prompt that Joe has logged in.