Free 156-315.81.20 Sample Questions — Check Point Certified Security Expert - R81.20

Which of the following is NOT a component of a Distinguished Name?

• A. Common Name
• B. Country
• C. User container
• D. Organizational Unit

What are the three SecureXL Templates available in R81.10?

• A. Accept Templates, Drop Templates, NAT Templates
• B. PEP Templates, QoS Templates, VPN Templates
• C. Accept Templates, PDP Templates, PEP Templates
• D. Accept Templates, Drop Templates, Reject Templates

Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?

• A. cpd
• B. fwm
• C. logd
• D. fwd

Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

• A. Enable .exe bat protection in IPS Policy
• B. tecli advanced attributes set prohibited_file_types exe, bat
• C. create FW rule for particular protocol
• D. enable DLP and select .exe and .bat file type

What state is the Management HA in when both members have different policies/databases?

• A. Lagging
• B. Never been synchronized
• C. Collision
• D. Synchronized

Which command collects diagnostic data for analyzing a customer setup remotely?

• A. cpv
• B. cpinfo
• C. migrate export
• D. sysinfo

CPM process stores objects, policies, users, administrators, licenses and management data in a database. This database is:

• A. MySQL
• B. SOLR
• C. MarisDB
• D. PostgreSQL

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

• A. Endpoint Identity Agent and Browser-Based Authentication
• B. AD Query
• C. Terminal Servers Endpoint Identity Agent
• D. RADIUS and Account Logon

Under which file is the proxy arp configuration stored?

• A. $FWDIR/state/_tmp/proxy.arp on the security gateway
• B. $FWDIR/conf/local.arp on the management server
• C. $FWDIR/conf/local.arp on the gateway
• D. $FWDIR/state/proxy_arp.conf on the management server

Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

• A. Application Control
• B. Firewall
• C. Identity Awareness
• D. URL Filtering

Which command can you use to enable or disable multi-queue per interface?

• A. Cpmqueue set
• B. Set cpmq enable
• C. Cpmq config
• D. cpmq set

From SecureXL perspective, what are the three paths of traffic flow:

• A. Initial Path; Medium Path; Accelerated Path
• B. Firewall Path; Accept Path; Drop Path
• C. Layer Path; Blade Path; Rule Path
• D. Firewall Path; Accelerated Path; Medium Path

Which of the following Central Deployment is NOT a limitation in R81.20 SmartConsole?

• A. Security Gateways/Clusters is ClusterXL HA new mode
• B. Dedicated Log Server
• C. Security Gateway Clusters in Load Sharing mode
• D. Dedicated SmartEvent Server

Check Point Support in many cases asks you for a configuration summary of your Check Point system. This is also called:

• A. sysinfo
• B. cpsizeme
• C. cpinfo
• D. cpexport

Which User-mode process is responsible for the FW CLI commands?

• A. cpm
• B. cpd
• C. fwm
• D. fwd

What ports are used for SmartConsole to connect to the Security Management Server?

• A. CPMI (18190)
• B. ICA_Pull (18210), CPMI (18190) https (443)
• C. CPM (19009), CPMI (18190) https (443)
• D. CPM (19009), CPMI (18190) CPD (18191)

What is false regarding prerequisites for the Central Deployment usage?

• A. The Security Gateway must have a policy installed
• B. The administrator must have write permission on SmartUpdate
• C. No need to establish SIC between gateways and the management server, since the CDT tool will take care about SIC automatically
• D. Security Gateway must have the latest CPUSE Deployment Agent

Fill in the blank: RADIUS protocol uses ______ to communicate with the gateway.

• A. TDP
• B. CCP
• C. HTTP
• D. UDP

What is the command used to activate Multi-Version Cluster mode?

• A. set mvc on in Clish
• B. set cluster member mvc on in Clish
• C. set cluster mvc on in Expert Mode
• D. set cluster MVC on in Expert Mode

What command lists all interfaces using Multi-Queue?

• A. show interface all
• B. mq_mng –show
• C. show multiqueue all
• D. cpmq set