NEW QUESTION 1
What happens if the identity of a user is known?

• A. If the user credentials do not match an Access Role, the system displays the Captive Portal.
• B. If the user credentials do not match an Access Role, the system displays a sandbox.
• C. If the user credentials do not match an Access Role, the traffic is automatically dropped.
• D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped basedon the defined action.

Answer: D

NEW QUESTION 2
Where is it necessary to configure historical records in SmartView Monitor to generate Express reports in SmartReporter?

• A. In SmartDashboard, the SmartView Monitor page in the R80 Security Gateway object
• B. In SmartReporter, under Express > Network Activity
• C. In SmartReporter, under Standard > Custom
• D. In SmartView Monitor, under Global Properties > Log and Masters

Answer: A

NEW QUESTION 3
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet.
What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?

• A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
• B. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address.
• C. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
• D. Place a static host route on the firewall for the valid IP address to the internal Web server.

Answer: B

NEW QUESTION 4
MultiCorp has bought company OmniCorp and now has two active AD domains. How would you deploy Identity Awareness in this environment?

• A. You must run an ADquery for every domain.
• B. Identity Awareness can only manage one AD domain.
• C. Only one ADquery is necessary to ask for all domains.
• D. Only Captive Portal can be used.

Answer: A

NEW QUESTION 5
To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?

• A. Action
• B. Source
• C. User
• D. Track

Answer: B

NEW QUESTION 6
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

• A. This is an example of Hide NAT.
• B. There is not enough information provided in the Wireshark capture to determine the NAT settings.
• C. This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.
• D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Answer: D

NEW QUESTION 7
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
What should John do when he cannot access the web server from a different personal computer?

• A. John should lock and unlock his computer
• B. Investigate this as a network connectivity issue
• C. The access should be changed to authenticate the user instead of the PC
• D. John should install the Identity Awareness Agent

Answer: C

NEW QUESTION 8
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

• A. TACACS
• B. Captive Portal
• C. Check Point Password
• D. Windows password

Answer: B

NEW QUESTION 9
Which command collects diagnostic data for analyzing customer setup remotely?

• A. cpinfo
• B. migrate export
• C. sysinfo
• D. cpview

Answer: A

Explanation: CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the time of execution and uploads it to Check Point servers (it replaces the standalone cp_uploader utility for uploading files to Check Point servers).
The CPInfo output file allows analyzing customer setups from a remote location. Check Point support engineers can open the CPInfo file in a demo mode, while viewing actual customer Security Policies and Objects. This allows the in-depth analysis of customer's configuration and environment settings.
References:

NEW QUESTION 10
Firewall policies must be configured to accept VRRP packets on the GAiA platform if it runs Firewall software. The Multicast destination assigned by the Internet Assigned Numbers Authority (IANA) for VRRP is:

• A. 224.0.0.18
• B. 224.0.0.5
• C. 224.0.0.102
• D. 224.0.0.22

Answer: A

Explanation: Topic 2, Exam Pool A

NEW QUESTION 11
You find that Gateway fw2 can NOT be added to the cluster object. What are possible reasons for that? Exhibit:

1) fw2 is a member in a VPN community.
2) ClusterXL software blade is not enabled on fw2.
3) fw2 is a DAIP Gateway.

• A. 2 or 3
• B. 1 or 2
• C. 1 or 3
• D. All

Answer: C

NEW QUESTION 12
When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?

• A. Leveraging identity in the application control blade
• B. Basic identity enforcement in the internal network
• C. Identity-based auditing and logging
• D. Identity-based enforcement for non-AD users (non-Windows and guest users)

Answer: D

NEW QUESTION 13
Which of the following tools is used to generate a Security Gateway R80 configuration report?

• A. fw cpinfo
• B. infoCP
• C. cpinfo
• D. infoview

Answer: C

NEW QUESTION 14
To stop acceleration on a GAiA Security Gateway, enter command:

Answer:

Explanation: fwaccel off

NEW QUESTION 15
Which of the following is NOT a valid way to view interface’s IP address settings in Gaia?

• A. Using the command sthtool in Expert Mode
• B. Viewing the file / config/ active
• C. Via the Gaia WebUl
• D. Via the command show configuration in CLISH

Answer: A

NEW QUESTION 16
Fill in the blank.

In Load Sharing Unicast mode, the internal cluster IP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2. Internal host 10.4.8.108 Pings 10.4.8.3, and receives replies. The following is the ARP table from the internal Windows host 10.4.8.108. Review the exhibit and type the IP address of the member serving as the pivot machine in the space below.

Answer:

Explanation: 10.4.8.2