Check Point Certified Security Expert - R81.20 v1.0

Page:    1 / 11   
Exam contains 164 questions

What is the name of the secure application for Mail/Calendar for mobile devices?

  • A. Secure Workspace
  • B. Capsule Mail
  • C. Capsule Workspace
  • D. Capsule VPN


Answer : C

What is the difference between SSL VPN and IPSec VPN?

  • A. SSL VPN requires installation of a resilient VPN client
  • B. SSL VPN and IPSec VPN are the same
  • C. IPSec VPN does not require installation of a resident VPN client
  • D. IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser


Answer : D

Which Remote Access Client does not provide an Office-Mode Address?

  • A. Endpoint Security Suite
  • B. Check Point Mobile
  • C. SecuRemote
  • D. Endpoint Security VPN


Answer : C

Which feature allows Remote-access VPN users to access resources across a site-to-site VPN tunnel?

  • A. Mobile Access VPN Domain
  • B. Community Specific VPN Domain
  • C. Remote Access VPN Switch
  • D. Network Access VPN Domain


Answer : B

SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser. What are the two modes of SNX?

  • A. Network and Layers
  • B. Application and Client Service
  • C. Network and Application
  • D. Virtual Adapter and Mobile App


Answer : C

Which one of the following is true about Capsule Connect?

  • A. It is a full layer 3 VPN client
  • B. It is supported only on iOS phones and Windows PCs
  • C. It offers full enterprise mobility management
  • D. It does not support all VPN authentication methods


Answer : A

Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?

  • A. Check Point Capsule Workspace
  • B. Check Point Capsule Remote
  • C. Check Point Mobile Web Portal
  • D. Check Point Remote User


Answer : A

Which Mobile Access Solution is clientless?

  • A. Mobile Access Portal
  • B. Checkpoint Mobile
  • C. Endpoint Security Suite
  • D. SecuRemote


Answer : A

The Log server sends what to the Correlation Unit?

  • A. Authentication requests
  • B. Event Policy
  • C. Logs
  • D. CPMI dbsync


Answer : C

What is the recommended configuration when the customer requires SmartLog indexing for 14 days and SmartEvent to keep events for 180 days?

  • A. Choose different setting for log storage and SmartEvent db
  • B. It is not possible
  • C. Install Management and SmartEvent on different machines
  • D. Use Multi-Domain Management Server


Answer : A

What are the two types of tests when using the Compliance blade?

  • A. Tests conducted based on the IoC XML file and analysis of SOLR documents
  • B. Access Control policy analysis and Threat Prevention policy analysis
  • C. Policy-based tests and Global properties
  • D. Global tests and Object-based tests


Answer : D

Which of the following statements about SecureXL NAT Templates is true?

  • A. NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if Accept Templates are disabled.
  • B. NAT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are enabled by default and work only if Accept Templates are enabled.
  • C. ACCEPT Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if NAT Templates are disabled.
  • D. DROP Templates are generated to achieve high session rate for NAT. These templates store the NAT attributes of connections matched by rulebase so that similar new connections can take advantage of this information and do NAT without the expensive rulebase lookup. These are disabled by default and work only if NAT Templates are disabled.


Answer : B

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

  • A. SND is used to distribute packets among Firewall instances
  • B. SND is a feature to accelerate multiple SSL VPN connections
  • C. SND is a feature of fw monitor to capture accelerated packets
  • D. SND is an alternative to IPSec Main Mode, using only 3 packets.


Answer : A

Which statement is most correct regarding about “CoreXL Dynamic Dispatcher’?

  • A. The CoreXL FW instances assignment mechanism is based on IP Protocol type.
  • B. The CoreXL FW instances assignment mechanism is based on the utilization of CPU cores
  • C. The CoreXL FW instances assignment mechanism is based on Source MAC addresses, Destination MAC addresses
  • D. The CoreXL FW instances assignment mechanism is based on Source IP addresses, Destination IP addresses, and the IP ‘Protocol’ type.


Answer : D

What kind of information would you expect to see when using the “sim affinity –I” command?

  • A. Overview over SecureXL templated connections
  • B. The VMACs used in a Security Gateway cluster
  • C. Affinity Distribution
  • D. The involved firewall kernel modules in inbound and outbound packet chain


Answer : C

Page:    1 / 11   
Exam contains 164 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy