Which is a suitable command to check whether Drop Templates are activated or not?
B
Explanation:
The command fwaccel stat shows the status of SecureXL, including whether Drop Templates are
enabled or not1
. Reference:
Check Point SecureXL R81 Administration Guide
Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90
using GAiA management CLI?
D
Explanation:
The correct syntax for adding a host using GAiA management CLI is mgmt add host name <name> ip-
address <ip-address>2
. Reference:
Check Point GAiA R81 Command Line Interface Reference Guide
The CDT utility supports which of the following?
D
Explanation:
The CDT utility supports all upgrades, including major version upgrades, Jumbo HFA’s, and hotfixes3
.
Reference:
Check Point Upgrade Service Engine (CPUSE) - Gaia Deployment Agent
Using ClusterXL, what statement is true about the Sticky Decision Function?
A
Explanation:
The Sticky Decision Function (SDF) can only be changed for Load Sharing implementations, not for
High Availability implementations4
. Reference:
Check Point ClusterXL R81 Administration Guide
What command would show the API server status?
D
Explanation:
The command api status shows the API server status, including whether it is enabled or not, the port
number, and the API version1
. Reference:
Check Point R81 API Reference Guide
How Capsule Connect and Capsule Workspace differ?
A
Explanation:
Capsule Connect provides a Layer 3 VPN that allows users to access corporate resources securely
from their mobile devices2
.
Capsule Workspace provides a secure container on the mobile device
that isolates business data and applications from personal data and applications3
.
Capsule
Workspace also provides a desktop with usable applications such as email, calendar, contacts,
documents, and web applications3
. Reference:
Check Point Capsule Connect
,
Check Point Capsule
Workspace
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and
older?
D
Explanation:
Sub Policies are a new feature in R80.10 Gateway that allow creating and attaching sets of rules to
specific rules in the main policy4
.
Sub Policies are useful for delegating permissions, managing large
rule bases, and applying different inspection profiles4
. The other options are not new features in
R80.10 Gateway. Reference:
Check Point R80.10 Security Management Administration Guide
What are the three components for Check Point Capsule?
D
Explanation:
The three components for Check Point Capsule are Capsule Workspace, Capsule Docs, and Capsule
Cloud123
.
Capsule Workspace provides a secure container on the mobile device that isolates
business data and applications from personal data and applications2
.
Capsule Docs protects business
documents everywhere they go with encryption and access control1
.
Capsule Cloud provides cloud-
based security services to protect mobile users from threats3
. Reference:
Check Point Capsule
,
Check
Point Capsule Workspace
,
Mobile Secure Workspace with Capsule
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for
this?
B
Explanation:
The port used for full synchronization between cluster members is TCP port 2654
.
This port is used by
the Firewall Kernel to send and receive synchronization data, such as connection tables, NAT tables,
and VPN keys4
.
UDP port 8116 is used by the Cluster Control Protocol (CCP) for internal
communications between cluster members4
. Reference:
How does the Cluster Control Protocol
function in working and failure scenarios for gateway clusters?
What is true about the IPS-Blade?
A
Explanation:
In R80, IPS is managed by the Threat Prevention Policy567
.
The Threat Prevention Policy defines how
to protect the network from malicious traffic using IPS, Anti-Bot, Anti-Virus, and Threat Emulation
software blades5
.
The IPS layer in the Threat Prevention Policy allows configuring IPS protections and
actions for different network segments5
. The other options are not true about the IPS-Blade.
Reference:
Check Point IPS Datasheet
,
Check Point IPS Software Blade
,
Quantum Intrusion
Prevention System (IPS)
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a
new multicore CPU to replace the existing single core CPU. After installation, is the administrator
required to perform any additional tasks?
B
Explanation:
The correct answer is B because after installing a new multicore CPU, the administrator needs to
configure CoreXL to make use of the additional cores and reboot the Security Gateway.
Installing the
Security Policy is not necessary because it does not affect the CoreXL configuration1
.
Reference:
Check Point R81 Security Management Administration Guide
When installing a dedicated R80 SmartEvent server, what is the recommended size of the root
partition?
D
Explanation:
The correct answer is D because the recommended size of the root partition for a dedicated R80
SmartEvent server is at least 20GB2
. Any size, less than 20GB, or more than 10GB and less than 20GB
are not sufficient for the SmartEvent server. Reference:
Check Point R80.40 Installation and Upgrade
Guide
Which firewall daemon is responsible for the FW CLI commands?
A
Explanation:
The correct answer is A because the fwd daemon is responsible for the FW CLI commands3
. The fwm
daemon handles the communication between the Security Management server and the GUI clients.
The cpm daemon handles the communication between the Security Management server and
SmartConsole. The cpd daemon monitors the status of critical processes on the Security Gateway.
Reference:
Check Point Firewall Processes and Daemons
If the Active Security Management Server fails or if it becomes necessary to change the Active to
Standby, the following steps must be taken to prevent data loss. Providing the Active Security
Management Server is responsible, which of these steps should NOT be performed:
A
Explanation:
The correct answer is A because renaming the hostname of the Standby member to match exactly
the hostname of the Active member is not a recommended step to prevent data loss.
The hostname
of the Standby member should be different from the hostname of the Active member1
.
The other
steps are necessary to ensure a smooth failover and synchronization between the Active and Standby
Security Management Servers2
. Reference:
Check Point R81.20 Administration Guide
,
156-315.81
Checkpoint Exam Info and Free Practice Test
Using R80 Smart Console, what does a “pencil icon” in a rule mean?
A
Explanation:
The correct answer is A because a pencil icon in a rule means that you have changed this rule3
. The
pencil icon indicates that the rule has been modified but not published yet.
You can hover over the
pencil icon to see who made the change and when3
. The other options are not related to the pencil
icon. Reference:
Check Point Learning and Training Frequently Asked Questions (FAQs)