Check Point CCSA Quiz
Three-packet IKE Phase2 exchange is replaced by a six-packet
Three-packet IKE Phase 2 exchange is replaced by a two-packet exchange
Six-packet IKE Phase 1 exchange replaced by a three-packet exchange
Three-packet IKE phase 1 exchange is replaced by a six-packet exchange
Simplified mode Rule bases
Traditional mode Rule Bases
Secure platform WebUI users
SIC Certificates
Smartview Tracker audit logs
SmartView Tracker traffic logs
Implied Rules
IPS Profiles
Blocked Connections
Manual NAT rules
VPN Communities
Gateway Route table
Gateway licenses
SmartDashboard
SmartView Tracker
SmartUpdate
SmartView status
Upgrade_export
Manual backup
Snapshot
Backup
The Gateway retrieves a new CRL on startup, and then discards the old CRL as invalid
The gateway continues to use the old CRL, as long as it is valid
The gateway continues to use the old CRL even if it is not valid, until a new CRL is cached
The gateway issues a crl_zap on startup, which empties the cache and forces certificate
SmartUpdate GUI PC
SmartUpdate Repository SQL database Server
A Security gateway retrieving the new upgrade package
SmartUpdate installed Security Management Server PC
Blank field under Rule Number
Rule 0
Cleanup rule
Rule 1
Log Sites from blocked categories
Redirect users to a new URL
Block sites only once
Alert the administrator to block a suspicious site
Stand-Alone Installation
Unsupported configuration
Distributed Installation
Hybrid Installation
Place a static host route on the firewall for the valid IP address to the internal Web server.
Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.
Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
Login to SmartDashboard as the special cpconfig_admin user account, right click on administrator object and select Unlock.
Type fwm lock_admin -ua from the command line of the Security Manager server.
Reinstall the Security Management Server and restore using upgrade_import.
Delete the file admin.lock in the $fwDIR/tmp/ directory of the Security Management server.
Add a “temporary” rule using SmartDashboard and select hide rule.
Create a Suspicious Activity Rule in SmartView Monitor
Use dbedit to script the addition of a rule directly into the Rule Bases_5_0. fws configuration file.
Select block intruder from the tools menu in SmartView Tracker.
Session and Network layers
Application and Presentation layers
Physical and Data link layers
Network and Data link layers
Conditional
Sequential
Asymmetric
Symmetric
A license can be taken from one Security Management server and given to another Security Management Server.
Only one IP address is used for all licenses.
Licenses are automatically attached to their respective Security Gateways.
The license must be renewed when changing the IP address of security Gateway. Each module’s license has a unique IP address.
Asymmetric encryption
Symmetric encryption
Certificate-based encryption
Dynamic encryption
It defines the DMZ Interface since this information is necessary for Content Control.
Using restricted Gateways, this option automatically turns off the counting of IP Addresses originating from this interface
When selecting this option. Ann-Spoofing is configured automatically to this net.
Activating this option automatically turns this interface to External
HTTPS
FTP
SSH
Telnet
Rules 1 and 5 will be appear in the new package
Rules 1, 3.A and 5 will appear in the new package Rules 1, 3.A Rules 1, 3.A and 5 will appear in the new package
Rules 2, 3 and 4 will appear in the new package
NAT rules will be empty in the new package
Last policy that was installed
Default filter
Standard policy
Initial policy
One tunnel per subnet pair
One tunnel per Gateway pair
One tunnel per pair of hosts
One tunnel per VPN domain pair
(i), (ii), and (iii)
(i), and (ii)
(ii) and (iv)
Only (i)
FTP, HTTP, TELNET
FTP, TELNET
SMTP, FTP, HTTP, TELNET
SMTP, FTP, TELNET
Use Automatic NAT rules instead of Manual NAT rules whenever possible
Putting the least-used rule at the top of the Rule Base
Using groups within groups in the manual NAT Rule Base
Using domain objects in rules when possible
Automatic ARP must be unchecked in the Global Properties.
A static route must be added on the Security Gateway to the internal host.
Nothing else must be configured.
A static route for the NAT IP must be added to the Gateway's upstream router.
5, 4, 1, 2
2, 3, 1, 4
2, 5, 1, 4
3, 1, 4, 2
URI
CIFS
Telnet
FTP
514
256
257
258
3, 2, 5, 4
3, 5, 2, 4
1, 5, 2, 4
1, 2, 5, 4
Stealth
Cleanup
Reject
Anti-Spoofing
The plug-in is a package installed on the Security Gateway
A management plug-in interacts with a Security Management Server to provide new features and support for new products
Using a plug m offers full central management only if special licensing is applied to specific features of the plug-in
Installing a management plug-in is just like an upgrade process (It overwrites existing components )
2
4
3
None
Run the latest upgrade_export utility to export the configuration 2) Leave the exported - tgz file in %FWDIR\bin. 3) Install the primary security Management Server on top of the current installation 4) Run upgrade_import to Import the configuration.
Insert the R71 CD-ROM. and select the option to export the configuration into a . tgz file 2) Skip any upgrade verification warnings since you are not upgrading. 3) Transfer the. tgz file to another networked machine. 4) Download and run the cpclean utility and reboot. 5) Use the R71 CD_ROM to select the upgrade__import option to import the c
Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. 3) Uninstall all R71 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.
1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Transferee .tgz file to another network machine 3) Uninstall all R71 packages via Add/Remove Programs and reboot 4) Install again using the R71 CD ROM as a primary security management server 5) Reboot and than transfer the .tgz file back to the local\ tem p 6) Run upgcade_import to import the configuration.
Proxied, User, Dynamic, Session
Connection, User, Client
User, Client, Session
Connection, Proxied, Session
HTTPS
Telnet
FTP
HTTP
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.