Question1: You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?
Question2: What is the recommended number of physical network interfaces in a Mobile Access cluster deployment?
Question3: During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:
Question4: Which NAT rules are prioritized first?
Question5: Which tool is used to enable ClusterXL?
Question6: What is the difference between an event and a log?
Question7: Which of the following is true regarding the Proxy ARP feature for Manual NAT?
Question8: Which command can you use to enable or disable multi-queue per interface?
Question9: Which statement is true regarding redundancy?
Question10: In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?
Question11: Automation and Orchestration differ in that:
Question12: Which Check Point software blade provides Application Security and identity control?
Question13: What are the attributes that SecureXL will check after the connection is allowed by Security Policy?
Question14: When SecureXL is enabled, all packets should be accelerated, except packets that match the following conditions:
Question15: Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R81.20. Company's Developer Team is having random access issue to newly deployed Application Server in DMZ's Application Server Farm Tier and blames DMZ Security Gateway as root cause. The ticket has been created and issue is at Pamela's desk for an investigation. Pamela decides to use Check Point's Packet Analyzer Tool-fw monitor to iron out the issue during approved Maintenance window.
What do you recommend as the best suggestion for Pamela to make sure she successfully captures entire traffic in context of Firewall and problematic traffic?
Question16: In which scenario will an administrator need to manually define Proxy ARP?
Question17: SandBlast agent extends 0-day prevention to what part of the network?
Question18: Which two Identity Awareness daemons are used to support identity sharing?
Question19: Which 3 types of tracking are available for Threat Prevention Policy?
Question20: What is the amount of Priority Queues by default?
Question21: What is the best sync method in the ClusterXL deployment?
Question22: Which GUI client is supported in R81?
Question23: Besides fw monitor, what is another command that can be used to capture packets?
Question24: What are the main stages of a policy installations?
Question25: Alice & Bob are concurrently logged In via SSH on the same Check Point Security Gateway as user "admin* however Bob was first logged in and acquired the lock Alice Is not aware that Bob is also togged in to the same Security Management Server as she is but she needs to perform very urgent configuration changes - which of the following GAlAclish command is true for overriding Bobs configuration database lock:
Question26: fwssd is a child process of which of the following Check Point daemons?
Question27: Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?
Question28: In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?
Question29: Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system?
Question30: What is the purpose of the CPCA process?
Question31: The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
Question32: Which statement is false in respect of the SmartConsole after upgrading the management server to R81.20?
Question33: What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?
Question34: What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?
Question35: What is the purpose of Captive Portal?
Question36: Fill in the blank: The R81 utility fw monitor is used to troubleshoot ______________________.
Question37: Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway?
Question38: SmartEvent does NOT use which of the following procedures to identify events:
Question39: What does it mean if Deyra sees the gateway status? (Choose the BEST answer.)

Question40: Session unique identifiers are passed to the web api using which http header option?
Question41: You want to gather data and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?
Question42: Bob works for a big security outsourcing provider company and as he receives a lot of change requests per day he wants to use for scripting daily tasks the API services (torn Check Point for the GAIA API. Firstly he needs to be aware if the API services are running for the GAIA operating system. Which of the following Check Point Command is true:
Question43: Which Check Point software blade provides protection from zero-day and undiscovered threats?
Question44: To fully enable Dynamic Dispatcher on a Security Gateway:
Question45: After having saved the Cllsh Configuration with the "save configuration config.txt* command, where can you find the config.txt file?
Question46: On R81.20 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:
Question47: Fill in the blanks: Gaia can be configured using the ______ or _____ .
Question48: Please choose the path to monitor the compliance status of the Check Point R81.20 based management.
Question49: NAT rules are prioritized in which order?
1. Automatic Static NAT
2. Automatic Hide NAT
3. Manual/Pre-Automatic NAT
4. Post-Automatic/Manual NAT rules
Question50: How do you enable virtual mac (VMAC) on-the-fly on a cluster member?
Question51: To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:
Question52: What CLI utility runs connectivity tests from a Security Gateway to an AD domain controller?
Question53: You need to see which hotfixes are installed on your gateway, which command would you use?
Question54: You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?
Question55: John is using Management HA. Which Security Management Server should he use for making changes?
Question56: What are the two modes for SNX (SSL Network Extender)?
Question57: What is the minimum number of CPU cores required to enable CoreXL?
Question58: Which encryption algorithm is the least secured?
Question59: What does the "unknown" SIC status shown on SmartConsole mean?
Question60: Which web services protocol is used to communicate to the Check Point R81 Identity Awareness Web API?
Question61: Alice was asked by Bob to implement the Check Point Mobile Access VPN blade - therefore are some basic configuration steps required - which statement about the configuration steps is true?
Question62: What is not a purpose of the deployment of Check Point API?
Question63: The fwd process on the Security Gateway sends logs to the fwd process on the Management Server, where it is forwarded to___________via____________
Question64: What are the correct sleps upgrading a HA cluster (Ml is active. M2 is passive) using Multi-Version Cluster(MVC) Upgrade?
Question65: Under which file is the proxy arp configuration stored?
Question66: Which command can you use to verify the number of active concurrent connections?
Question67: Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?
Question68: What command is used to manually failover a cluster during a zero-downtime upgrade?
Question69: Bob has finished io setup provisioning a secondary security management server. Now he wants to check if the provisioning has been correct. Which of the following Check Point command can be used to check if the security management server has been installed as a primary or a secondary security management server?
Question70: What are the types of Software Containers?
Question71: Which Queue in the Priority Queue has the maximum priority?
Question72: You have existing dbedit scripts from R77. Can you use them with R81.20?
Question73: How is communication between different Check Point components secured in R81? As with all questions, select the BEST answer.
Question74: Which is NOT an example of a Check Point API?
Question75: Aaron is a Syber Security Engineer working for Global Law Firm with large scale deployment of Check Point Enterprise Appliances running GAiA R81.X The Network Security Developer Team is having an issue testing the API with a newly deployed R81.X Security Management Server Aaron wants to confirm API services are working properly. What should he do first?
Question76: What is the command switch to specify the Gaia API context?
Question77: Which one is not a valid upgrade method to R81.20?
Question78: Which command would you use to set the network interfaces' affinity in Manual mode?
Question79: SandBlast appliances can be deployed in the following modes:
Question80: In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?
Question81: DLP and Geo Policy are examples of what type of Policy?
Question82: Which Check Point daemon monitors the other daemons?
Question83: How can you grant GAiAAPI Permissions for a newly created user?
Question84: What is true about the IPS-Blade?
Question85: You have used the "set inactivity-timeout 120" command to prevent the session to be disconnected after 10 minutes of inactivity. However, the Web session is being disconnected after 10 minutes. Why?
Question86: Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
Question87: An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server.
While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret and cannot be enabled.
Why does it not allow him to specify the pre-shared secret?
Question88: Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?
Question89: What SmartEvent component creates events?
Question90: What ports are used for SmartConsole to connect to the Security Management Server?
Question91: You find one of your cluster gateways showing "Down" when you run the "cphaprob stat" command. You then run the "clusterXL_admin up" on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?
Question92: What kind of information would you expect to see when using the "sim affinity -I" command?
Question93: D18912E1457D5D1DDCBD40AB3BF70D5D
The system administrator of a company is trying to find out why acceleration is not working for the traffic.
The traffic is allowed according to the rule based and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?
Question94: Which Check Point process provides logging services, such as forwarding logs from Gateway to Log Server, providing Log Export API (LEA) & Event Logging API (EL-A) services.
Question95: What is the correct command to observe the Sync traffic in a VRRP environment?
Question96: What are the minimum open server hardware requirements for a Security Management Server/Standalone in R81?
Question97: When running a query on your logs, to find records for user Toni with machine IP of 10.0.4.210 but exclude her tablet IP of 10.0.4.76, which of the following query syntax would you use?
Question98: Which command is used to add users to or from existing roles?
Question99: What is the benefit of Manual NAT over Automatic NAT?
Question100: What are the two ClusterXL Deployment options?
Question101: In R81, how do you manage your Mobile Access Policy?
Question102: At what point is the Internal Certificate Authority (ICA) created?
Question103: How many layers make up the TCP/IP model?
Question104: For best practices, what is the recommended time for automatic unlocking of locked admin accounts?
Question105: Sieve is a Cyber Security Engineer working for Global Bank with a large scale deployment of Check Point Enterprise Appliances Steve's manager. Diana asks him to provide firewall connection table details from one of the firewalls for which he is responsible. Which of these commands may impact performance briefly and should not be used during heavy traffic times of day?
Question106: By default, how often does Threat Emulation update the engine on the Security Gateway?
Question107: Which CLI command will reset the IPS pattern matcher statistics?
Question108: Which method below is NOT one of the ways to communicate using the Management API's?
Question109: Which one of the following is true about Threat Emulation?
Question110: What happen when IPS profile is set in Detect Only Mode for troubleshooting?
Question111: Connections to the Check Point R81 Web API use what protocol?
Question112: What are the three components for Check Point Capsule?
Question113: After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?
Question114: The Correlation Unit performs all but the following actions:
Question115: What is NOT a Cluster Mode?
Question116: When attempting to start a VPN tunnel, in the logs the error "no proposal chosen" is seen numerous times. No other VPN-related entries are present.
Which phase of the VPN negotiations has failed?
Question117: According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory.
Which process is true for receiving these Tiles;
Question118: The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
Question119: Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?
Question120: What are the methods of SandBlast Threat Emulation deployment?
Question121: What is the command to show SecureXL status?
Question122: Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?
Question123: Using ClusterXL, what statement is true about the Sticky Decision Function?
Question124: What is the command to check the status of the SmartEvent Correlation Unit?
Question125: While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?
Question126: Firewall polices must be configured to accept VRRP packets on the GAiA platform if it Firewall software. The Multicast destination assigned by the internet Assigned Number Authority (IANA) for VRRP is:
Question127: Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?
Question128: What is the SOLR database for?
Question129: You plan to automate creating new objects using new R81 Management API. You decide to use GAIA CLI for this task.
What is the first step to run management API commands on GAIA's shell?
Question130: Mobile Access Gateway can be configured as a reverse proxy for Internal Web Applications Reverse proxy users browse to a URL that is resolved to the Security Gateway IP address. Which of the following Check Point command is true for enabling the Reverse Proxy:
Question131: Fill in the blank: The "fw monitor" tool can be best used to troubleshoot ____________________.
Question132: Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?
Question133: In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?
Question134: How can you see historical data with cpview?
Question135: What component of R81 Management is used for indexing?
Question136: When using CPSTAT, what is the default port used by the AMON server?
Question137: How does the Anti-Virus feature of the Threat Prevention policy block traffic from infected websites?
Question138: The back-end database for Check Point R81 Management uses:
Question139: What is the recommended configuration when the customer requires SmartLog indexing for 14 days and SmartEvent to keep events for 180 days?
Question140: Can Check Point and Third-party Gateways establish a certificate-based Site-to-Site VPN tunnel?
Question141: Which of the following will NOT affect acceleration?
Question142: Which of the completed statements is NOT true? The WebUI can be used to manage user accounts and:
Question143: You had setup the VPN Community VPN-Stores'with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways
Question144: SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
Question145: Which two of these Check Point Protocols are used by SmartEvent Processes?
Question146: Bob is asked by Alice to disable the SecureXL mechanism temporary tor further diagnostic by their Check Point partner. Which of the following Check Point Command is true:
Question147: Which command would disable a Cluster Member permanently?
Question148: What are the blades of Threat Prevention?
Question149: Which of the following is NOT a valid type of SecureXL template?
Question150: With MTA (Mail Transfer Agent) enabled the gateways manages SMTP traffic and holds external email with potentially malicious attachments. What is required in order to enable MTA (Mail Transfer Agent) functionality in the Security Gateway?
Question151: When setting up an externally managed log server, what is one item that will not be configured on the R81 Security Management Server?
Question152: One of major features in R81 SmartConsole is concurrent administration.
Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?
Question153: How many interfaces can you configure to use the Multi-Queue feature?
Question154: SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.
Question155: Which of the following is NOT an attribute of packet acceleration?
Question156: What is the port used for SmartConsole to connect to the Security Management Server?
Question157: What is the valid range for VRID value in VRRP configuration?
Question158: You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?
Question159: View the rule below. What does the lock-symbol in the left column mean? (Choose the BEST answer.)

Question160: What is the default size of NAT table fwx_alloc?
Question161: Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ____ all traffic.
However, in the Application Control policy layer, the default action is ______ all traffic.
Question162: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
Question163: When defining QoS global properties, which option below is not valid?
Question164: Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .
Question165: The Event List within the Event tab contains:
Question166: In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Stateful Mode configuration, chain modules marked with
__________________ will not apply.
Question167: Which one of the following is true about Capsule Connect?
Question168: To help SmartEvent determine whether events originated internally or externally you must define using the Initial Settings under General Settings in the Policy Tab. How many options are available to calculate the traffic direction?
Question169: By default, what type of rules in the Access Control rulebase allow the control connections?
Question170: SandBlast Mobile identifies threats in mobile devices by using on-device, network, and cloud-based algorithms and has four dedicated components that constantly work together to protect mobile devices and their data. Which component is NOT part of the SandBlast Mobile solution?
Question171: Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .
Question172: The admin is connected via ssh lo the management server. He wants to run a mgmt_dl command but got a Error 404 message. To check the listening ports on the management he runs netstat with the results shown below. What can be the cause for the issue?

Question173: What is the base level encryption key used by Capsule Docs?
Question174: What are the main stages of a policy installation?
Question175: Which VPN routing option uses VPN routing for every connection a satellite gateway handles?
Question176: Alice & Bob are going to use Management Data Plane Separation and therefore the routing separation needs to be enabled. Which of the following command is true for enabling the Management Data Plane Separation (MDPS):
Question177: Vanessa is a Firewall administrator. She wants to test a backup of her company's production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.
Which details she need to fill in System Restore window before she can click OK button and test the backup?
Question178: Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.
Question179: What is considered Hybrid Emulation Mode?
Question180: Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.
Which of the following statements correctly identify each product's capabilities?
Question181: What is the minimum amount of RAM needed for a Threat Prevention Appliance?
Question182: With Mobile Access enabled, administrators select the web-based and native applications that can be accessed by remote users and define the actions that users can perform the applications. Mobile Access encrypts all traffic using:
Question183: Which command collects diagnostic data for analyzing a customer setup remotely?
Question184: How many policy layers do Access Control policy support?
Question185: Alice & Bob are going to deploy Management Data Plane Separation (MDPS) for all their Check Point Security Gateway(s)/Cluster(s). Which of the following statement is true?
Question186: Which type of Endpoint Identity Agent includes packet tagging and computer authentication?
Question187: What does Backward Compatibility mean upgrading the Management Server and how can you check it?
Question188: An established connection is going to www.google.com. The Application Control Blade Is inspecting the traffic. If SecureXL and CoreXL are both enabled, which path is handling the traffic?
Question189: Can multiple administrators connect to a Security Management Server at the same time?
Question190: Which of the following is NOT an option to calculate the traffic direction?
Question191: What destination versions are supported for a Multi-Version Cluster Upgrade?
Question192: You have enabled "Full Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
Question193: Fill in the blank. Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is ________ .
Question194: Fill in the blank: Authentication rules are defined for ________ .
Question195: You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
Question196: What is the Implicit Clean-up Rule?
Question197: What is the least amount of CPU cores required to enable CoreXL?
Question198: CPM process stores objects, policies, users, administrators, licenses and management data in a database. The database is:
Question199: What must you do first if "fwm sic_reset" could not be completed?
Question200: What is the benefit of "tw monitor" over "tcpdump"?
Question201: Fill in the blank: A ________ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.
Question202: Which two Cluster Solutions are available under R81.20?
Question203: When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?
Question204: You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

Question205: Check Point security components are divided into the following components:
Question206: Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n)_____________ Server.
Question207: What is true about VRRP implementations?
Question208: What state is the Management HA in when both members have different policies/databases?
Question209: 
What can we infer about the recent changes made to the Rule Base?
Question210: What is the limitation of employing Sticky Decision Function?
Question211: What command lists all interfaces using Multi-Queue?
Question212: Is it possible to establish a VPN before the user login to the Endpoint Client?
Question213: Which of the following technologies extracts detailed information from packets and stores that information in state tables?
Question214: How do Capsule Connect and Capsule Workspace differ?
Question215: What mechanism can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources?
Question216: Which command is used to obtain the configuration lock in Gaia?
Question217: Which command lists all tables in Gaia?
Question218: Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?
Question219: Which statement is true about ClusterXL?
Question220: Which Check Point feature enables application scanning and the detection?
Question221: Both ClusterXL and VRRP are fully supported by Gaia R81.20 and available to all Check Point appliances.
Which the following command is NOT related to redundancy and functions?
Question222: When Configuring Endpoint Compliance Settings for Applications and Gateways within Mobile Access, which of the three approaches will allow you to configure individual policies for each application?
Question223: What is the command to check the status of Check Point processes?
Question224: When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
Question225: Which Correction mechanisms are available with ClusterXL under R81.20?
Question226: Which TCP port does the CPM process listen on?
Question227: Vanessa is firewall administrator in her company. Her company is using Check Point firewall on a central and several remote locations which are managed centrally by R77.30 Security Management Server. On central location is installed R77.30 Gateway on Open server. Remote locations are using Check Point UTM-1570 series appliances with R75.30 and some of them are using a UTM-1-Edge-X or Edge-W with latest available firmware. She is in process of migrating to R81.
What can cause Vanessa unnecessary problems, if she didn't check all requirements for migration to R81?
Question228: What is the protocol and port used for Health Check and State Synchronization in ClusterXL?
Question229: After finishing installation admin John likes to use top command in expert mode. John has to set the expert-password and was able to use top command. A week later John has to use the top command again, He detected that the expert password is no longer valid. What is the most probable reason for this behavior?
Question230: Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
Question231: Bob is going to prepare the import of the exported R81.20 management database. Now he wants to verify that the installed tools on the new target security management machine are able to handle the R81.20 release.
Which of the following Check Point command is true?
Question232: What are not possible commands to acquire the lock in order to make changes in Clish or Web GUI?
Question233: SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
Question234: Which command gives us a perspective of the number of kernel tables?
Question235: There are 4 ways to use the Management API for creating host object with R81 Management API. Which one is NOT correct?
Question236: You can access the ThreatCloud Repository from:
Question237: Fill in the blank: The R81 feature _____ permits blocking specific IP addresses for a specified time period.
Question238: Which of the following is NOT an alert option?
Question239: What component of Management is used tor indexing?
Question240: SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:
Question241: Which of the following statements is TRUE about R81 management plug-ins?
Question242: Which TCP-port does CPM process listen to?
Question243: SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?
Question244: In R81 spoofing is defined as a method of:
Question245: Which features are only supported with R81.20 Gateways but not R77.x?
Question246: Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?

Question247: To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?
Question248: In the R81 SmartConsole, on which tab are Permissions and Administrators defined?
Question249: Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .
Question250: Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________
.
Question251: How many users can have read/write access in Gaia at one time?
Question252: SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?
Question253: Within the Check Point Firewall Kernel resides Chain Modules, which are individually responsible for the inspection of a specific blade or feature that has been enabled in the configuration of the gateway. For Wire mode configuration, chain modules marked with _______ will not apply.
Question254: Which of the following statements about SecureXL NAT Templates is true?
Question255: Which of the following statements about Site-to-Site VPN Domain-based is NOT true?
Question256: Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic. The cpm process:
Question257: What is the command to see cluster status in cli expert mode?
Question258: Identify the API that is not supported by Check Point currently.
Question259: Which file gives you a list of all security servers in use, including port number?
Question260: Which one of the following is true about Threat Extraction?
Question261: What is the best method to upgrade a Security Management Server to R81.x when it is not connected to the Internet?
Question262: Kurt is planning to upgrade his Security Management Server to R81.X. What is the lowest supported version of the Security Management he can upgrade from?
Question263: By default how often updates are checked when the CPUSE Software Updates Policy is set to Automatic?
Question264: How can you switch the active log file?
Question265: When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:
Question266: Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
Question267: Which of the following links will take you to the SmartView web application?
Question268: Access roles allow the firewall administrator to configure network access according to:
Question269: Where is the license for Check Point Mobile users installed?
Question270: In R81.20 a new feature dynamic log distribution was added. What is this for?
Configure the Security Gateway to distribute logs between multiple active Log Servers to support a better rate of Logs and Log Servers redundancy.
In case of a Management High Availability the management server stores the logs dynamically on the member with the most available disk space in /var/log Synchronize the log between the primary and secondary management server in case of a Management High Availability To save disk space in case of a firewall cluster local logs are distributed between the cluster members.
Question271: When using the Mail Transfer Agent, where are the debug logs stored?
Question272: Which command shows the current connections distributed by CoreXL FW instances?
Question273: SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user's machine via the web browser. What are the two modes of SNX?
Question274: What is the mechanism behind Threat Extraction?
Question275: Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.
Question276: Which SmartConsole tab is used to monitor network and security performance?
Question277: What is a possible command to delete all of the SSH connections of a gateway?
Question278: What is the main objective when using Application Control?
Question279: What is the difference between SSL VPN and IPSec VPN?
Question280: Which of the following is NOT a component of Check Point Capsule?
Question281: In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?
Question282: The installation of a package via SmartConsole CANNOT be applied on
Question283: By default, the R81 web API uses which content-type in its response?
Question284: You have pushed policy to GW-3 and now cannot pass traffic through the gateway. As a last resort, to restore traffic flow, what command would you run to remove the latest policy from GW-3?
Question285: What processes does CPM control?
Question286: From SecureXL perspective, what are the three paths of traffic flow:
Question287: On R81.20 the IPS Blade is managed by:
Question288: Which is not a blade option when configuring SmartEvent?
Question289: To add a file to the Threat Prevention Whitelist, what two items are needed?