- Email support@dumps4free.com
Which Check Point Software Wade provides visibility of users, groups and machines while also providing access control through identity-based policies?
A. Firewall
B. Identity Awareness
C. Application Control
D. URL Filtering
Explanation:
Identity Awareness is the Check Point software blade that provides visibility of users, groups and machines while also providing access control through identity-based policies. Identity Awareness enables administrators to define granular access rules based on user or machine identity, rather than just IP addresses. Identity Awareness also allows administrators to monitor user activity and generate reports based on user or machine identity.
In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?
A. SND is a feature to accelerate multiple SSL VPN connections
B. SND is an alternative to IPSec Main Mode, using only 3 packets
C. SND is used to distribute packets among Firewall instances
D. SND is a feature of fw monitor to capture accelerated packets
Explanation:
The Secure Network Distributor (SND) is a feature of the Security Gateway that is used to distribute packets among Firewall instances . It improves the performance and scalability of the Firewall by utilizing multiple CPU cores. The other options are not related to SND. References: [Check Point Security Gateway Architecture and Packet Flow], [Free Check Point CCSA Sample Questions and Study Guide]
The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?
A. The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.
B. No action is required if the firewall has internet access and a DNS server to resolve domain names.
C. Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.
D. The cpinfo command must be run on the firewall with the switch -online-license-activation.
Explanation:
The Online Activation method is available for Check Point manufactured appliances. The administrator uses the Online Activation method by using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts. This method requires internet access and a valid User Center account. References: [Check Point Licensing and Contract Operations User Guide], [Check Point R81 Gaia Installation and Upgrade Guide]
Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?
A. All Site-to-Site VPN Communities
B. Accept all encrypted traffic
C. All Connections (Clear or Encrypted)
D. Specific VPN Communities
Explanation:
The option that allows all encrypted and non-VPN traffic that matches the rule is Accept all encrypted traffic. This option enables you to allow traffic to any destination that is encrypted, regardless of whether it is part of a VPN community or not2. Therefore, the correct answer is B. Accept all encrypted traffic.
SmartEvent does NOT use which of the following procedures to identity events:
A. Matching a log against each event definition
B. Create an event candidate
C. Matching a log against local exclusions
D. Matching a log against global exclusions
Explanation:
The procedure that SmartEvent does not use to identify events is matching a log against local exclusions. Local exclusions are used to filter out logs that are not relevant for SmartLog, not SmartEvent12. SmartEvent uses the other procedures to identify events based on event definitions, event candidates, and global exclusions3 . References: SmartLog R81 Administration Guide, Check Point CCSA - R81: Practice Test & Explanation, SmartEvent R81 Administration Guide, [Free Check Point CCSA Sample Questions and Study Guide]
| Page 1 out of 6 Pages |