- Email support@dumps4free.com
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?
A. Application Control
B. Firewall
C. Identity Awareness
D. URL Filtering
When a packet arrives at the gateway, the gateway checks it against the rules in the hop Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?
A. If the Action is Accept, the gateway allows the packet to pass through the gateway.
B. If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
C. If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
D. If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.
Explanation: When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches the packet. The order of rule enforcement depends on the action of the matching rule. If the action is Accept, the gateway allows the packet to pass through the gateway, but also continues to check rules in the next Policy Layer down. If the action is Drop, Reject, or Encrypt, the gateway applies that action to the packet and stops checking rules in that Policy Layer and any subsequent Policy Layers. If there is no matching rule in a Policy Layer, the gateway applies the Implicit Clean-up Rule for that Policy Layer, which is usually Drop.
After replacing a faulty Gateway the admin installed the new Hardware and want to push the policy. Installing the policy using the SmartConsole he got an Error for the Threat Prevention Policy. There is no error for the Access Control Policy. What will be the most common cause for the issue?
A. The admin forgot to reestablish the SIC for the new hardware. That is typically the case when configure only the interfaces of the replacement hardware instead restoring a backup.
B. The IPS Protection engine on the replacement hardware is too old. Before pushing the Threat Prevention Policy use SmartConsole -> Security Policies -> Updates -> IPS 'Update Now' to update the engine.
C. The admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing.
D. The Threat Prevention Policy can't be installed on a Gateway without an already installed Access Control Policy. First install only the Access Control Policy.
Explanation: The most common cause for the issue is that the admin forgot to apply the new license. The Access Control license is included by default but the service subscriptions for the Threat Prevention Blades are missing. Without a valid license, the Threat Prevention Policy cannot be installed on the new hardware. The admin should check the license status on the SmartConsole -> Gateways & Servers -> Licenses & Contracts and apply the appropriate license for the replacement hardware. References: Check Point Certified Security Expert R81.20 Course Overview, sk171213: Threat Prevention policy installation reports failure in SmartConsole with this error: “Policy installation had failed due to an internal error.”
What is "Accelerated Policy Installation"?
A. Starting R81, the Desktop Security Policy installation process is accelerated thereby reducing the duration of the process significantly
B. Starting R81, the QoS Policy installation process is accelerated thereby reducing the duration of the process significantly
C. Starting R81, the Access Control Policy installation process is accelerated thereby reducing the duration of the process significantly
D. Starting R81, the Threat Prevention Policy installation process is accelerated thereby reducing the duration of the process significantly
Which command is used to obtain the configuration lock in Gaia?
A. Lock database override
B. Unlock database override
C. Unlock database lock
D. Lock database user
Explanation: Which command is used to obtain the configuration lock in Gaia? The command that is used to obtain the configuration lock in Gaia is lock database override. This command allows a user to take over the configuration lock from another user who is currently logged in with read/write access. The other user will be forced to logout and will lose any unsaved changes. This command should be used with caution and only when necessary. References: Gaia Administration Guide R81, page 15.
| Page 18 out of 85 Pages |
| Previous |