IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@dumpscafe.com
Support
If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at and our technical experts will provide support within 24 hours. support@dumpscafe.com
Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Topic 1, Exam Pool A
Question #:1 - (Exam Topic 1)
Which command is used to set the CCP protocol to Multicast?
cphaprob set_ccp multicast
cphaconf set_ccp multicast
cphaconf set_ccp no_broadcast
cphaprob set_ccp no_broadcast
Answer: B
Explanation
The cphaconf set_ccp multicast command is used to set the Cluster Control Protocol (CCP) to Multicast mode. This mode allows cluster members to communicate with each other using multicast packets. The other commands are either incorrect or set the CCP to Broadcast mode. References: ClusterXL Administration Guide
Question #:2 - (Exam Topic 1)
CoreXL is supported when one of the following features is enabled:
Route-based VPN
Overlapping NAT
Answer: B
Explanation
CoreXL is supported when one of the following features is enabled: IPS. CoreXL does not support Check Point Suite with these features: Route-based VPN, IPv6, Overlapping NAT, QoS, Content Awareness, Application Control, URL Filtering, Identity Awareness, HTTPS Inspection, DLP, Anti-Bot, Anti-Virus, Threat Emulation. References: CoreXL
Question #:3 - (Exam Topic 1)
Your manager asked you to check the status of SecureXL, and its enabled templates and features. What
command will you use to provide such information to manager?
A.
B. C.
D.
fw accel stat
fwaccel stat
fw acces stats
fwaccel stats
Answer: B
Explanation
The fwaccel stat command displays the status of SecureXL, and its enabled templates and features. The other commands are either incorrect or incomplete. References: [SecureXL Commands]
Topic 3, Exam Pool C
Question #:4 - (Exam Topic 3)
On what port does the CPM process run?
TCP 857
TCP 18192
TCP 900
TCP 19009
Answer: D
Explanation
The port that the CPM process runs on is . CPM stands for Check Point Management, and it is the TCP 19009 main process that runs on the Security Management Server and interacts with SmartConsole clients. CPM is responsible for managing policies, objects, logs, tasks, and other management functions. CPM listens on TCP port 19009 for incoming connections from SmartConsole clients. The other ports are either used by other processes or not related to CPM.
Question #:5 - (Exam Topic 3)
Which Check Point feature enables application scanning and the detection?
Application Dictionary AppWiki Application Library
Answer: B
Explanation
AppWiki is the Check Point feature that enables application scanning and the detection. AppWiki is an easy to use tool that lets you search and filter Check Point’s Web 2.0 Applications Database to find out information about internet applications, including social network widgets; filter by a category, tag, or risk level; and search for a keyword or application1. AppWiki helps you to identify and control the applications on your network, and to apply granular policies based on the application type, risk, and characteristics1. AppWiki is integrated with the Check Point Application Control Software Blade, which provides the industry’s strongest application security and identity control to organizations of all sizes1.
References: 1: AppWiki | Check Point Software
Question #:6 - (Exam Topic 3)
Check Point APIs allow system engineers and developers to make changes to their organization’s security policy with CLI tools and Web Services for all the following except:
Create new dashboards to manage 3rd party task
Create products that use and enhance 3rd party solutions
Execute automated scripts to perform common tasks
Create products that use and enhance the Check Point Solution
Answer: A
Explanation
Check Point APIs let system administrators and developers make changes to the security policy with CLI tools and web-services. You can use an API to:
• Use an automated script to perform common tasks
• Integrate Check Point products with 3rd party solutions
• Create products that use and enhance the Check Point solution
References:
Topic 4, Exam Pool D
Question #:7 - (Exam Topic 4)
Which software blade does NOT accompany the Threat Prevention policy?
Answer: D
Explanation
Which software blade does NOT accompany the Threat Prevention policy? Application Control and URL Filtering software blade does not accompany the Threat Prevention policy. The Threat Prevention policy is a unified policy that includes Anti-virus, IPS, Anti-bot, and Threat Emulation software blades. Application Control and URL Filtering software blade is part of the Access Control policy, which is a separate policy that controls network access based on users, applications, content, and other criteria. References: R81 Security Management Administration Guide, page 29.
Question #:8 - (Exam Topic 4)
Explanation
Main Mode in IKEv1 uses for negotiation1. Main Mode is the default mode for IKE phase I, six packets which establishes a secure channel between the peers. Main Mode performs the following steps2: The peers exchange their security policies and agree on a common set of parameters.
The peers generate a shared secret key using the Diffie-Hellman algorithm.
The peers authenticate each other using pre-shared keys, digital signatures, or public key encryption. Main Mode is partially encrypted, from the point at which the shared DH key is known to both peers2. Main Mode provides more security than Aggressive Mode, which uses only three packets for negotiation, but is faster and simpler2. References: Check Point gateways always send main IP address as IKE Main Mode ID - Check Point Software, IPsec and IKE - Check Point Software
Question #:9 - (Exam Topic 4)
What object type would you use to grant network access to an LDAP user group?
Access Role
Group Template
SmartDirectory Group
User Group
Answer: A
A.
B. C.
D.
Topic 2, Exam Pool B
Question #:10 - (Exam Topic 2)
When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?
Any size
Less than 20GB
More than 10GB and less than 20GB
At least 20GB
Answer: D
Explanation
At least 20GB is the recommended size of the root partition when installing a dedicated R81 SmartEvent server. The root partition is the primary partition that contains the operating system files and other essential files for booting and running the system. The SmartEvent server requires at least 20GB of free space on the root partition to install and operate properly. If the root partition size is less than 20GB, you may encounter errors or performance issues with SmartEvent. References: Check Point Security Expert R81 Course, SmartEvent Administration Guide
About dumpscafe.com
dumpscafe.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests.
We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.
View list of all certification exams: All vendors
We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below.
Sales: sales@dumpscafe.com
Feedback: feedback@dumpscafe.com
Support: support@dumpscafe.com
Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.