Check Point Set-1
1. Before Security Gateways can exchange encryption keys and build VPN tunnels, they first need
to authenticate to each other. What are the types of
Ans. Certificates
2. Which command line interface utility allows the administrator to verify the name and
timestamp of the Security Policy currently instructed.
Ans. Fw stat
3. Which tool is used to control VPN tunnels?
Ans. vpn tu
4. How to check the mds server (provider -1) service status
Ans. Mdsstat
5. Secure communication from CMAs to the Security Gateways user which type of encryption?
Ans. 128-bit SSL encryption
6. What are the security measures are taken to ensure the safety of SIC?
Ans. 3DES for encryption
7. What are the components are available in the security rule.
1. Source IP
8. You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete,
the policy that will be installed is the
Ans. Initial policy
9. Your company's Security Policy forces users to authenticate to the Gateway explicitly, before
they can use any services. The Gateway does not allow Telnet service to itself from any location.
How would you set up the authentication method With.
Ans. Client Authentication rule using the manual sign-on method, using HTTP on port 900
10. Which of the applications in check point technology can be used to configure security objects?
1. Smart Dashboard 2. Smartview Monitor 3. Smartview Tracker 4. Smart Event Manager
11. Commands to configure the address resolution protocol (ARP).
12. Which of the following can be found in cpinfo from an enforcement point?
Ans. The complete file objects_5_0. C
13. Where are automatic NAT rules added to the Rule Base?
Ans. Last
14. All Check point products come with a 15-day trial-period license. How many CMAs can be
managed by an MDS Manager running with only.
Ans. 500
15. During which step in the installation process is it necessary to note the fingerprint for first-time
verification?
Ans. When configuring the Security Management Server using cpconfig
16. The revert operation allows you to revert to a previously saved version. Once you initiate the
revert operation, the selected version overwrites the current policy. The one type of information
that is not overwritten, is
Ans. Certificate Authority (CA) data
17. Which R77 SmartConsole tool would you use to verify the installed Security Policy name on a
Security Gateway?
, Ans. SmartView Tracker
18. which nat method allows you to external traffic to access internal resources.
Ans. Static
19. Which column in the Rule Base is used to define authentication parameters?
Ans. Action
20. The most recommended and manageable method for authentication among gateways and
remote clients is:
Ans. Digital certificates
Check Point Set-2
21. Which services are supported by VPN-1/Firewall-1 User Authentication?
Ans. Telnet, FTP, RLOGIN, HTTP, HTTPS
22. If you are experiencing LDAP issues, which of the following should you check?
Ans. Connectivity between the R75 Gateway and LDAP server
23. Which of the below is the MOST correct process to reset SIC from SmartDashboard?
Ans. Click the Communication button for the firewall object, then click Reset. Run
cpconfig and type a new activation key.
24. what method used to ensures that policy package is not mistakenly installed on any appropriate
target
Ans. Installation target
25. David wants to manage hundreds of gateways using a central management tool. What tool
would David use to accomplish his goal?
Ans. SmartBlade
26. how to fix the issue for firewall fwx_cache error
Ans. add the table size
27. The most recommended and manageable method for authentication among gateways and
remote clients is:
Ans. Digital certificates
28. SmartView Tracker logs the following Security Administrator activities, EXCEPT
Ans. Tracking SLA compliance.
29. How do you define a service object for a TCP port range?
Ans. Manage Services, New TCP, Provide name and define Port: x-y
30. what is the advantages of client authentication
Ans. Unlimited number of connections
31. how do you check the cluster status on the checkpoint firewall
Ans. Cphaprob stat
32. If a Security Gateway enforces three protections, LDAP Injection, Malicious Code Protector, and
Header Rejection, which Check Point license is required in SmartUpdate?
Ans. IPS
33. Which of the following is TRUE concerning unnumbered VPN Tunnel Interfaces (VTIs)?
Ans. Local IP addresses are not configured, remote IP addresses are configured
34. When you use the Global Properties’ default settings on R76, which type of traffic will be
dropped
if NO explicit rule allows the traffic?
Ans. RIP traffic
1. Before Security Gateways can exchange encryption keys and build VPN tunnels, they first need
to authenticate to each other. What are the types of
Ans. Certificates
2. Which command line interface utility allows the administrator to verify the name and
timestamp of the Security Policy currently instructed.
Ans. Fw stat
3. Which tool is used to control VPN tunnels?
Ans. vpn tu
4. How to check the mds server (provider -1) service status
Ans. Mdsstat
5. Secure communication from CMAs to the Security Gateways user which type of encryption?
Ans. 128-bit SSL encryption
6. What are the security measures are taken to ensure the safety of SIC?
Ans. 3DES for encryption
7. What are the components are available in the security rule.
1. Source IP
8. You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete,
the policy that will be installed is the
Ans. Initial policy
9. Your company's Security Policy forces users to authenticate to the Gateway explicitly, before
they can use any services. The Gateway does not allow Telnet service to itself from any location.
How would you set up the authentication method With.
Ans. Client Authentication rule using the manual sign-on method, using HTTP on port 900
10. Which of the applications in check point technology can be used to configure security objects?
1. Smart Dashboard 2. Smartview Monitor 3. Smartview Tracker 4. Smart Event Manager
11. Commands to configure the address resolution protocol (ARP).
12. Which of the following can be found in cpinfo from an enforcement point?
Ans. The complete file objects_5_0. C
13. Where are automatic NAT rules added to the Rule Base?
Ans. Last
14. All Check point products come with a 15-day trial-period license. How many CMAs can be
managed by an MDS Manager running with only.
Ans. 500
15. During which step in the installation process is it necessary to note the fingerprint for first-time
verification?
Ans. When configuring the Security Management Server using cpconfig
16. The revert operation allows you to revert to a previously saved version. Once you initiate the
revert operation, the selected version overwrites the current policy. The one type of information
that is not overwritten, is
Ans. Certificate Authority (CA) data
17. Which R77 SmartConsole tool would you use to verify the installed Security Policy name on a
Security Gateway?
, Ans. SmartView Tracker
18. which nat method allows you to external traffic to access internal resources.
Ans. Static
19. Which column in the Rule Base is used to define authentication parameters?
Ans. Action
20. The most recommended and manageable method for authentication among gateways and
remote clients is:
Ans. Digital certificates
Check Point Set-2
21. Which services are supported by VPN-1/Firewall-1 User Authentication?
Ans. Telnet, FTP, RLOGIN, HTTP, HTTPS
22. If you are experiencing LDAP issues, which of the following should you check?
Ans. Connectivity between the R75 Gateway and LDAP server
23. Which of the below is the MOST correct process to reset SIC from SmartDashboard?
Ans. Click the Communication button for the firewall object, then click Reset. Run
cpconfig and type a new activation key.
24. what method used to ensures that policy package is not mistakenly installed on any appropriate
target
Ans. Installation target
25. David wants to manage hundreds of gateways using a central management tool. What tool
would David use to accomplish his goal?
Ans. SmartBlade
26. how to fix the issue for firewall fwx_cache error
Ans. add the table size
27. The most recommended and manageable method for authentication among gateways and
remote clients is:
Ans. Digital certificates
28. SmartView Tracker logs the following Security Administrator activities, EXCEPT
Ans. Tracking SLA compliance.
29. How do you define a service object for a TCP port range?
Ans. Manage Services, New TCP, Provide name and define Port: x-y
30. what is the advantages of client authentication
Ans. Unlimited number of connections
31. how do you check the cluster status on the checkpoint firewall
Ans. Cphaprob stat
32. If a Security Gateway enforces three protections, LDAP Injection, Malicious Code Protector, and
Header Rejection, which Check Point license is required in SmartUpdate?
Ans. IPS
33. Which of the following is TRUE concerning unnumbered VPN Tunnel Interfaces (VTIs)?
Ans. Local IP addresses are not configured, remote IP addresses are configured
34. When you use the Global Properties’ default settings on R76, which type of traffic will be
dropped
if NO explicit rule allows the traffic?
Ans. RIP traffic
