VENOM-CHE

Which default Gaia user has full read/write access?. superuser. monitor. altuser. admin.

Which icon in the WebUI indicates that read/write access is enabled?. Eyeglasses. Pencil. Padlock. Book.

Which SmartConsole tab is used to monitor network and security performance?. Logs Monitor. Manage Settings. Security Policies. Gateway Servers.

Check Point Update Service Engine (CPUSE), also known as Deployment Agent [DA], is an advanced and intuitive mechanism for software deployment on Gaia OS. What software packages are supported for deployment?. It supports deployments of single HotFixes (HF), and of Major Versions. Blink Packages and HotFix Accumulators (Jumbo) are not supported. It supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), and of Major Versions. It supports deployments of Major Versions and Blink packages only. It supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), but not of Major Versions.

In SmartConsole, on which tab are Permissions and Administrators defined?. MANAGE & SETTINGS. SECURITY POLICIES. GATEWAYS & SERVERS. LOGS & MONITOR.

Which tool allows automatic update of Gaia OS and Check Point products installed on Gaia OS?. CPDAS - Check Point Deployment Agent Service. CPUSE - Check Point Upgrade Service Engine. CPASE - Check Point Automatic Service Engine. CPAUE - Check Point Automatic Update Engine.

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?. Verify and compile Security Policies. Display policies and logs on the administrator's workstation. Store firewall logs to hard drive storage. Store firewall logs to hard drive storage.

True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time. True, every administrator works on a different database that is independent of the other administrators. False, only one administrator can login with write permission. True, every administrator works in a session that is independent of the other administrators. False, this feature has to be enabled in the Global Properties.

What Check Point tool is used to automatically update Check Point products for the Gaia OS?. Check Point Update Engine. Check Point Upgrade Installation Service. Check Point Upgrade Service Engine (CPUSE). Check Point INSPECT Engine.

If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer. Delete older versions of database. Publish or discard the session. Revert the session. Save and install the Policy.

What are the two deployment options available for a security gateway?. Bridge and Switch. Local and Remote. Cloud and Router. Standalone and Distributed.

One of major features in SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?. AdminB sees a pencil icon next the rule that AdminB is currently editing. AdminA, AdminB and AdminC are editing three different rules at the same time. AdminA and AdminB are editing the same rule at the same time. AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.

Which one of the following is the preferred licensing model? Select the BEST answer. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway. Central licensing because it ties the package license to the MAC-address of the Security Management Server's Mgmt-interface and has no dependency on the gateway.

A Check Point Software license consists of two components, the Software Blade and the Software Container. There are _____ types of Software Containers: _____. Two; Security Management and Endpoint Security. Three; Security Management, Security Gateway, and Endpoint Security. Three; Security Gateway, Endpoint Security, and Gateway Management. Two; Endpoint Security and Security Gateway.

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?. Formal. Central. Local. Corporate.

Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made?. Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot. Tom will have to reboot his SmartConsole computer, clear the cache, and restore changes. Tom's changes will have been stored on the Management when he reconnects and he will not lose any of his work. Tom’s changes will be lost since he lost connectivity and he will have to start again.

In which deployment is the security management server and Security Gateway installed on the same appliance?. Switch. Standalone. Distributed. Remote.

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?. Data Awareness. Threat Emulation. Application Control. Identity Awareness.

DLP and Mobile Access Policy are examples of what type of Policy?. Shared Policies. Unified Policies. Inspection Policies. Standard Policies.

What is the default shell of Gaia CLI?. Read-only. Expert. Clish. Bash.

Which of the following is NOT a valid application navigation tab in SmartConsole?. WEBUI & COMMAND LINE. SECURITY POLICIES. GATEWAYS & SERVERS. LOGS & MONITOR.

What are two basic rules Check Point recommends for building an effective security policy?. Accept Rule and Drop Rule. Explicit Rule and Implied Rule. Cleanup Rule and Stealth Rule. NAT Rule and Reject Rule.

When dealing with policy layers, what two layer types can be utilized?. Inbound Layers and Outbound Layers. Ordered Layers and Inline Layers. Structured Layers and Overlap Layers. R81.X does not support Layers.

What are the three main components of Check Point security management architecture?. Smart Console, Standalone, Security Management Server. Policy-Client, Security Management Server, Security Gateway. SmartConsole, Security Policy Server, Logs & Monitoring. SmartConsole, Security Management Server, Security Gateway.

Which Check Point software blade provides protection from zero-day and undiscovered threats?. Threat Extraction. Threat Emulation. Firewall. Application Control.

What are the three types of UserCheck messages?. ask, block, and notify. block, action, and warn. action, inform, and ask. action, inform, and ask.

By default, which port is used to connect to the GAiA Portal?. 4434. 80. 8080. 443.

Choose what BEST describes a Session. Sessions ends when policy is pushed to the Security Gateway. Sessions locks the policy package for editing. Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out. Starts when an Administrator publishes all the changes made on SmartConsole.

Which command shows detailed information about VPN tunnels?. cat $FWDIR/conf/vpn.conf. vpn tu tlist. vpn tu. cpview.

After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?. Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server. Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server. The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server. The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.

Which of the following is a valid deployment option?. CloudSec deployment. Disliked deployment. Router only deployment. Standalone deployment.

Using the SmartConsole, which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?. Read Only All. Full Access. Editor. Super User.

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?. Logging and Status. Monitoring. Threat Emulation. Application Control.

Which type of Check Point license ties the package license to the IP address of the Security Management Server?. Formal. Corporate. Central. Local.

Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? Choose the BEST answer. Anti-Malware. Content Awareness. Anti-Virus. IPS.

URL Filtering cannot be used to: Control Data Security. Decrease legal liability. Improve organizational security. Control Bandwidth issues.

Which one of the following is TRUE?. One policy can be either inline or ordered, but not both. Inline layer can be defined as a rule action. Ordered policy is a sub-policy within another policy. Pre-R80 Gateways do not support ordered layers.

38. Fill in the blanks: A Check Point software license consists of a _____ and _____. Software container; software package. Software package; signature. Signature; software blade. Software blade; software container.

Which of the following is used to initially create trust between a Gateway and Security Management Server?. One-time Password. Token. Certificate. Internal Certificate Authority.