Which encryption algorithm is the least secured?
A. AES-128
B. AES-256
C. DES
D. 3DES
Which command shows the current connections distributed by CoreXL FW instances?
A. fw ctl multik stat
B. fw ctl affinity -l
C. fw ctl instances -v
D. fw ctl iflist
Please choose correct command to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?
A. host name myHost12 ip-address 10.50.23.90
B. mgmt: add host name ip-address 10.50.23.90
C. add host name emailserver1 ip-address 10.50.23.90
D. mgmt: add host name emailserver1 ip-address 10.50.23.90
Explanation: The correct command to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI is mgmt: add host name emailserver1 ip-address 10.50.23.90. This command will create a new host object in the Security Management Server database, with the specified name and IP address. The mgmt: prefix indicates that the command is executed on the Security Management Server, and not on the local GAiA machine. The other commands are either missing the mgmt: prefix, or have incorrect syntax or parameters.
How do Capsule Connect and Capsule Workspace differ?
A. Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications.
B. Capsule Workspace can provide access to any application.
C. Capsule Connect provides Business data isolation.
D. Capsule Connect does not require an installed application at client.
What is the most recommended way to install patches and hotfixes?
A. CPUSE Check Point Update Service Engine
B. rpm -Uv
C. Software Update Service
D. UnixinstallScript
What is the port used for SmartConsole to connect to the Security Management Server?
A. CPMI port 18191/TCP
B. CPM port/TCP port 19009
C. SIC port 18191/TCP
D. https port 4434/TCP
Which of the following will NOT affect acceleration?
A. Connections destined to or originated from the Security gateway
B. A 5-tuple match
C. Multicast packets
D. Connections that have a Handler (ICMP, FTP, H.323, etc.)
Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?
A. enable DLP and select.exe and .bat file type
B. enable .exe & .bat protection in IPS Policy
C. create FW rule for particular protocol
D. tecli advanced attributes set prohibited_file_types exe.bat
Which of the following is NOT a component of Check Point Capsule?
A. Capsule Docs
B. Capsule Cloud
C. Capsule Enterprise
D. Capsule Workspace
Which directory below contains log files?
A. /opt/CPSmartlog-R81/log
B. /opt/CPshrd-R81/log
C. /opt/CPsuite-R81/fw1/log
D. /opt/CPsuite-R81/log
Which of the following describes how Threat Extraction functions?
A. Detect threats and provides a detailed report of discovered threats.
B. Proactively detects threats.
C. Delivers file with original content.
D. Delivers PDF versions of original files with active content removed.
Explanation: Threat Extraction is a software blade that delivers PDF versions of original files with active content removed. Active content, such as macros, scripts, or embedded objects, can be used by attackers to deliver malware or exploit vulnerabilities. Threat Extraction removes or sanitizes the active content from the files and converts them to PDF format, which is safer and more compatible. Threat Extraction can also work together with Threat Emulation to provide both clean and original files to the users. References: Check Point Security Expert R81 Course, Threat Extraction Administration Guide
SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?
A. Threat Emulation
B. Mobile Access
C. Mail Transfer Agent
D. Threat Cloud
| Page 11 out of 36 Pages |
| Previous |