QUESTION 48
Johnny works as a firewall administrator in ALPHA Corporation. He is also an Account Administrator in the Check Point UserCenter for his company. When searching through SecureKnowledge he found an article which can help him but he couldn’t access the article, because has no permission to access it. What could cause this problem?

QUESTION 49
Johnny has connectivity issues on datacenter firewall. His access to Finance department server suddenly stopped working. He is constantly redirected to Captive Portal and asked to login. After some research he gets information that the Windows administrator had to reinstall one of the DCs because of hardware failure. How can Johnny check what is causing connectivity problems between gateway and this DC?

QUESTION 50
Application Control and URL Filtering update files are located in which directory?

QUESTION 51
When running a debug with fw monitor, which parameter will create a more verbose output?

QUESTION 52
How many captures does the command “fw monitor -p all” take?

QUESTION 53
The Identity Awareness process that receives identity data from the identity sources and organizes it in tables before forwarding the data to the enforcement module is called

QUESTION 54
Which Threat Prevention daemon is the core Threat Emulation engine and responsible for emulation files and communications with Threat Cloud?

QUESTION 55
Which if the following is NOT an account user classification?

QUESTION 56
What would be the most likely response when attempting to use SmartConsole to connect to a management server with the wrong credentials?

QUESTION 57
What are the commands to verify the Smart Contracts on the Security Gateway?

QUESTION 58
Which is the correct ‘fw monitor syntax for creating a capture file for loading it into Wireshark?

QUESTION 59
What is a primary advantage of using the fw monitor tool?

QUESTION 60
Which of the following allows you to capture packets at four inspection points as they traverse a Check Point gateway?

QUESTION 61
Where would you look to find the error log file to investigate a logging issue on the Security Management Server?

QUESTION 62
For Threat Prevention, which process is enabled when the Policy Conversion process has debug turned on using the INTERNAL_POLICY_LOADING=.1 command?

QUESTION 63
You need to verify the license on Security Gateway. What command you can use from the command line?

QUESTION 64
What is true concerning fw monitor?

QUESTION 65
Which of the following is the most significant impact of not having a valid Policy Management license installed on a management server?

QUESTION 66
The tcpdump and fw monitor commands can both be used to capture packets on the security gateway.
While troubleshooting an issue one may choose to use fw monitor but not tcpdump?

QUESTION 67
After deploying a Hide NAT for a new network, users are unable to access the Internet.
What command would you use to check the internal NAT behavior?

QUESTION 68
After deploying a new Static NAT configuration, traffic is not getting through.
What command would you use to troubleshoot internal problems with the NAT traffic?

QUESTION 69
After successful policy installation, the gateway stores a copy of the most recently installed policy package in which location?

QUESTION 70
What is the most efficient way to view large fw monitor captures and run filters on the file?

QUESTION 71
Check Point’s self-service knowledge base of technical documents and tools covers everything from articles describing how to fix specific issues, understand error messages and to how to plan and perform product installation and upgrades. This knowledge base is called: