NEW QUESTION 1
Which of the following technologies extracts detailed information from packets and stores that information in state tables?

• A. INSPECT Engine
• B. Stateful Inspection
• C. Packet Filtering
• D. Application Layer Firewall

Answer: A

NEW QUESTION 2
When configuring SmartEvent Initial settings, you must specify a basic topology for SmartEvent to help it calculate traffic direction for events. What is this setting called and what are you defining?

• A. Network, and defining your Class A space
• B. Topology, and you are defining the Internal network
• C. Internal addresses you are defining the gateways
• D. Internal network(s) you are defining your networks

Answer: B

NEW QUESTION 3
What kind of information would you expect to see using the sim affinity command?

• A. The VMACs used in a Security Gateway cluster
• B. The involved firewall kernel modules in inbound and outbound packet chain
• C. Overview over SecureXL templated connections
• D. Network interfaces and core distribution used for CoreXL

Answer: D

NEW QUESTION 4
Which CLI command will reset the IPS pattern matcher statistics?

• A. ips reset pmstat
• B. ips pstats reset
• C. ips pmstats refresh
• D. ips pmstats reset

Answer: D

NEW QUESTION 5
Which command collects diagnostic data for analyzing customer setup remotely?

• A. cpinfo
• B. migrate export
• C. sysinfo
• D. cpview

Answer: A

Explanation:
CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the time of execution and uploads it to Check Point servers (it replaces the standalone cp_uploader utility for uploading files to Check Point servers).
The CPInfo output file allows analyzing customer setups from a remote location. Check Point support engineers can open the CPInfo file in a demo mode, while viewing actual customer Security Policies and Objects. This allows the in-depth analysis of customer's configuration and environment settings.

NEW QUESTION 6
What are the main stages of a policy installations?

• A. Verification & Compilation, Transfer and Commit
• B. Verification & Compilation, Transfer and Installation
• C. Verification, Commit, Installation
• D. Verification, Compilation & Transfer, Installation

Answer: B

NEW QUESTION 7
In ClusterXL Load Sharing Multicast Mode:

• A. only the primary member received packets sent to the cluster IP address
• B. only the secondary member receives packets sent to the cluster IP address
• C. packets sent to the cluster IP address are distributed equally between all members of the cluster
• D. every member of the cluster received all of the packets sent to the cluster IP address

Answer: D

NEW QUESTION 8
John is using Management HA. Which Smartcenter should be connected to for making changes?

• A. secondary Smartcenter
• B. active Smartenter
• C. connect virtual IP of Smartcenter HA
• D. primary Smartcenter

Answer: B

NEW QUESTION 9
What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

• A. Anti-Bot is the only countermeasure against unknown malware
• B. Anti-Bot is the only protection mechanism which starts a counter-attack against known Command & Control Centers
• C. Anti-Bot is the only signature-based method of malware protection.
• D. Anti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command & Control Center.

Answer: D

NEW QUESTION 10
Which one of the following is true about Threat Extraction?

• A. Always delivers a file to user
• B. Works on all MS Office, Executables, and PDF files
• C. Can take up to 3 minutes to complete
• D. Delivers file only if no threats found

Answer: A

NEW QUESTION 11
Which Check Point software blades could be enforced under Threat Prevention profile using Check Point R80.10 SmartConsole application?

• A. IPS, Anti-Bot, URL Filtering, Application Control, Threat Emulation.
• B. Firewall, IPS, Threat Emulation, Application Control.
• C. IPS, Anti-Bot, Anti-Virus, Threat Emulation, Threat Extraction.
• D. Firewall, IPS, Anti-Bot, Anti-Virus, Threat Emulation.

Answer: C

NEW QUESTION 12
What are the two high availability modes?

• A. Load Sharing and Legacy
• B. Traditional and New
• C. Active and Standby
• D. New and Legacy

Answer: D

Explanation:
ClusterXL has four working modes. This section briefly describes each mode and its relative advantages and disadvantages.

NEW QUESTION 13
You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

• A. Logging has disk space issue
• B. Change logging storage options on the logging server or Security Management Server properties and install database.
• C. Data Awareness is not enabled.
• D. Identity Awareness is not enabled.
• E. Logs are arriving from Pre-R80 gateways.

Answer: A

NEW QUESTION 14
You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?

• A. cphaprob –f register
• B. cphaprob –d –s report
• C. cpstat –f all
• D. cphaprob –a list

Answer: D

NEW QUESTION 15
On what port does the CPM process run?

• A. TCP 857
• B. TCP 18192
• C. TCP 900
• D. TCP 19009

Answer: D

NEW QUESTION 16
You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?

• A. restore_backup
• B. import backup
• C. cp_merge
• D. migrate import

Answer: D

NEW QUESTION 17
What are the different command sources that allow you to communicate with the API server?

• A. SmartView Monitor, API_cli Tool, Gaia CLI, Web Services
• B. SmartConsole GUI Console, mgmt_cli Tool, Gaia CLI, Web Services
• C. SmartConsole GUI Console, API_cli Tool, Gaia CLI, Web Services
• D. API_cli Tool, Gaia CLI, Web Services

Answer: B

NEW QUESTION 18
......