156-726

Go back to CheckPoint

Example Questions

Who is best able to provide the justification for allowing access to some higher risk applications? You want to view application traffic logs in real-time. Which tool would be BEST to use? Which software blades are characteristic to a Secure Web Gateway? What component allows the security administrator to discover the underlying reasons for accessing applications? Application Control is centrally managed. What Application Control component allows you to view user online behavior? After you enable Application Control, where can you see application-related logs? In: For troubleshooting purposes, Shira needs to check the currently identified users on the gateway. Which CLI command shows all users/machines and all the activity records associated with them? How can cached usernames and passwords be cleared from the memory of a security gateway? Which parameters may be defined in an Access Role? When your Application Control license expires, what happens? In setting up your first Application Control Policy for discovery, what is the BEST Rule Action to choose? UserCheck is a way to improve security in the company and to raise the Awareness of the users. Which interaction modes can a firewall administrator choose when configuring UserCheck for a given rule? In setting up your first Application Control Policy for discovery. What is the best Rule Track to choose? Your company needs to allow contractor access on the network, but for security reasons they need to be authenticated, before they can access the Internet. How would you configure Identity Awareness on the firewall to meet this requirement? Enable Identity Awareness, turn on: What is the first step in implementing Application Control? Using Event Viewer in SmartEvent, a Security Administrator discovers that the Application Blade has detected three applications: YouTube, Tor, and PC in IE. Of these three applications, which would be considered the most dangerous? An Administrator would like to control access to applications and network widgets? What Check Point blades would be needed to address these requirements? A Security Administrator has put a rule in place to block YouTube. What Application field tag blocks all media applications like YouTube in this rule? Which of the following actions applies to a Risk Level of 5 ­ Critical? An Administrator would like to protect a network from Microsoft application vulnerability exploits. What Check Point blades would be needed to address this requirement? During the Application Control Discovery process, what is the best source of information for decisions on blocking or not blocking an application? Check Point Secure Web Gateway can perform SSL packet inspection? A __________ is malicious software that invades your computer, taking control of it and connecting with criminal operations? In what places can an access role be used? Mafiawars is a game that can be accessed from the Facebook Website. Although the firewall administrator has set up a rule to block Facebook games, Bob is able to access Mafiawars from the internal network. Why? If you wanted to chart all Application Control and URL Filtering traffic by the number of events, what tool would you use? A user complains that he cannot access the Internet. You check the logs and find that he is not authenticated. Next, you check the firewall to see if the user is a known identity. What command would you use? Which of these statements describes the Check Point URL Filtering software blade? Which of the following phrases describes a Botnet? Which of these statements describes the Check Point Application Control software blade? To update both the Management Server and the Security Gateways with the latest Application Control data and applications, you must: As an Administrator, you must enforce IP spoofing protection on your endpoints. What Identity Awareness solution allows packet tagging? An Administrator would like to control access to malware and phishing websites. Which Check Point blades would be needed to address these requirements? Which of these mechanisms does a gateway configured with Identity Awareness and LDAP initially use to communicate with a Windows 2003 or 2008 server? Consider the setting: "Local Network Widgets detection will consult with the Check Point Online Web Service." Which of these statements concerning this setting is TRUE? Which of the following actions applies to a Risk Level of 4 ­ High? True or false, SmartEvent and SmartReporter can be installed together on the same machine. As a Security Administrator, if you wanted to make rules that apply to an access role as well as an application, what would need to be enabled on the Security Gateway? What is the correct order for these Application Control implementation steps? A newly created Account Unit does not work as expected. What should you check first? When the Application Control Blade discovers an application, it will provide information on that application's simple properties. Which is an example of a simple property? Dangerous websites are offering encrypted connections using HTTPS. The Chief Information Officer in your company decided to start inspecting such traffic. What step needs to be done in order to avoid SSL error messages when accessing sites? What are the possible options to configure the Identity Sources (user identification methods with Identity Awareness)? Which explanation of an Account Unit is INCORRECT? Which of the following statement is true regarding SmartEvent Intro? SmartEvent Intro: When analyzing Application Control data with SmartEvent, using the predefined queries, how are the events grouped? In order of: Which of these statements describes the Check Point ThreatCloud? Which of the following is not a SmartEvent component? What is the correct order that a log flows in order to be processed by SmartEvent components? When the Application Control Blade discovers an application, it will provide information on that application's properties, simple and complex. Which is an example of a complex property?