156-215.81.20 Online Practice Questions and Answers

Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?

A. 192.168.1.1 AND 172.26.1.1 AND drop

B. src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop

C. 192.168.1.1 OR 172.26.1.1 AND action:Drop

D. src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop

The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?

A. The cpinfo command must be run on the firewall with the switch -online-license-activation.

B. Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.

C. The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.

D. No action is required if the firewall has internet access and a DNS server to resolve domain names.

Which application is used for the central management and deployment of licenses and packages?

A. Deployment Agent

B. SmartLicense

C. SmartProvisioning

D. SmartUpdate

What type of NAT is a one-to-one relationship where each host is translated to a unique address?

A. Source

B. Destination

C. Hide

D. Static

What is the purpose of the CPCA process?

A. Monitoring the status of processes

B. Sending and receiving logs

C. Communication between GUI clients and the SmartCenter server

D. Generating and modifying certificates

Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?

A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.

B. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging.

C. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.

D. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.

MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How do you apply the license?

A. Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate.

B. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.

C. Using the remote Gateway's IP address, and applying the license locally with command cplic put.

D. Using each of the Gateway's IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.

What is the purpose of a Stealth Rule?

A. A rule used to hide a server's IP address from the outside world.

B. A rule that allows administrators to access SmartDashboard from any device.

C. To drop any traffic destined for the firewall that is not otherwise explicitly allowed.

D. A rule at the end of your policy to drop any traffic that is not explicitly allowed.

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

A. INSPECT Engine

B. Next-Generation Firewall

C. Packet Filtering

D. Application Layer Firewall

When configuring Anti-Spoofing, which tracking options can an Administrator select?

A. Log, Send SNMP Trap, Email

B. Drop Packet, Alert, None

C. Log, Alert, None

D. Log, Allow Packets, Email