Checkpoint Security MCQs

Checkpoint Security MCQs

These Checkpoint Security multiple-choice questions and their answers will help you strengthen your grip on the subject of Checkpoint Security. You can prepare for an upcoming exam or job interview with these 80 Checkpoint Security MCQs.
So scroll down and start answering.

1: Which SmartConsole application is used to manage the VPN-1 license?

A.   Smart Update

B.   Smart View Tracker

C.   Smart View Status

D.   Smart View Monitor

E.   Smart LSM

2: Which command will Eric use to fetch a policy from the SmartCenter server when he is unable to access it?

A.   fw install policy

B.   fw fetchpolicy

C.   fwm fetch

D.   fw fetch

3: Which command in Cluster is used to see the Active Member?

A.   cphaprob stat

B.   cphaprob list

C.   cpha prob stat

D.   cpha prob list

4:

What sequence is followed in the Rule Base Enforcement in VPN-1?


1. Security policy BEFORE-LAST rule

2. Administrator-defined rule base

3. IP Spoofing/IP options

4. Cleanup rule

5. Security Policy FIRST rule

6. NAT

A.  

156324 

B.  

632541 

C.  

125463 

D.  

125346 

E.  

365214 

5: Where will you place the Cleanup Rule in the Rule Base?

A.   At the top

B.   Anywhere

C.   At the bottom

D.   In the middle

6: Which application will Jenny use when she wants to apply security policies on the remote users while they connect their systems from home?

A.   SecuRemote

B.   SecureClient

C.   SmartLSM

D.   Enforcement Module

7: Which command is used to show the Multicast Routing table?

A.   show ip route

B.   show multicast table

C.   show ip mroute

D.   show ipm route

8:

The HTTP access is opened to one new system in the network.

When will a rule become effective in such a situation?

A.  

While installing the policy 

B.  

During cpstop

C.  

During cpstart

D.  

During cprestart

E.  

By saving the policy on SmartCenter server

9: Which of the following tools can be used for vulnerabilities?

A.   Ethereal

B.   Nessus

C.   TCPDUMP

D.   Snort

10:

What rule will Mary create in the rule base to implement the authentication when she wants to implement client authentication for an Internet_User Group for HTTP service?

A.  

Source:Internet_Users@Any; Dest:Any ; Service:HTTP ; Action:Client Authentication

B.  

Source:Internet_Users@Any; Dest:Any ; Service:Telnet; Action:Client Authentication

C.  

Source:Internet_Users@Any; Dest:Any ; Service:HTTP ; Action:Session Authentication.


D.  

Source:Internet_Users@Any; Dest:Any ; Service:HTTP ; Action:User Authentication

11: Which of the following are Security servers?

A.   URI

B.   SMTP

C.   FTP

D.   TCP

E.   CIFS

12: Which command is used to check the VPN-1 version on Gateway?

A.   fw ver

B.   fwmver

C.   fwm version

D.   fwm ver

13: Which are the different modes in High-Availability (HA)?

A.   Active-Active

B.   Active-Deactive

C.   Active-Passive

D.   Passive-Passive

E.   Deactive-Passive

14: Which one of the following is used to edit the Log file size switch settings?

A.   SmartView Status

B.   SmartView Tracker

C.   Checkpoint Gateway-->Logs and Masters

D.   Global policies-->Logs and Masters

E.   SmartLSM

15: Which SmartView application will Eric use when he wants to see the number of Remote user tunnels?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

16: Which command is used to configure the SPLAT operating system?

A.   ConUtilities

B.   CPutil

C.   CPconfig

D.   Sysconfig

17: How many log files can be opened at a time in the Smartview Tracker?

A.   1

B.   2

C.   3

D.   4

E.   5

18: After how much time does the Firewall Module send the logs to the Log Server?

A.   Instantly

B.   After 1 second

C.   After 0.5 second

D.   After 2 seconds

E.   After 3 seconds

19: Which of the following authenticated services can work with User-authentication?

A.   telnet

B.   https

C.   rlogin

D.   http

E.   ftp

20: What is the significance of SIC?

A.   It is used for secure communication between two gateways

B.   It is used for secure communication between a gateway and SmartCenter server

C.   It is used for authentication

D.   It is used for encryption in the VPN tunnels

21: Which SmartView application will you use when you want to see the concurrent number of connections?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

22:

Eric wants that a VPN rule should only be activated for a particular time.

How can that be done?

A.  

By specifying the time VPN object settings

B.  

By specifying the time in global settings  

C.  

By specifying the time in VPN rule 

23: How many NAT entries are created for automatic host/network object NAT?

A.   1

B.   2

C.   3

D.   None

24: What is VTI?

A.   VPN Tunnel Interface

B.   Virtual Tunnel Interface

C.   VPN Terminating Interface

D.   Virtual Terminating Interface

25: Which SmartView application will you use when you want to view the OS details and the Installed Package details?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

26: In which mode are the rules created automatically while configuring the VPN?

A.   Hybrid Mode

B.   None

C.   Traditional Mode

D.   Simplified Mode

27: How will you create a RADIUS server for authentication in VPN-1?

A.   File->New->RADIUS server

B.   Manage->Servers and OPSEC applications->New->RADIUS

C.   New->RADIUS Server

D.   Right click server->New RADIUS server

E.   Object->RADIUS server

28: Which port on Firewall should be opened for IPSec IKE?

A.   UDP 4500

B.   TCP 4500

C.   UDP 500

D.   TCP 500

E.   UDP 1818

29: At which port can you access the WUI of SPLAT?

A.   80

B.   443

C.   18181

D.   18110

E.   8080

30: Which OPSEC server will allow you to export the log files to the third party?

A.   CVP

B.   UFP

C.   ELA

D.   LEA

31: Which of the following OS is not supported by VPN-1 SecuRemote?

A.   Windows XP

B.   RedHat Linux 9

C.   MacOS X

D.   IPSO 4.0

32: Which port CVP security server is used for communication?

A.   18181

B.   18182

C.   18921

D.   18891

E.   18291

33: Which port on Firewall should be opened for IPSec NAT-Traversal?

A.   UDP 4500

B.   TCP 4500

C.   UDP 500

D.   TCP 500

E.   UDP 1818

34: How can you create a new Database Revision Control version?

A.   By selecting the option in Policy Package Management

B.   By selecting the option in Global properties

C.   By selecting the option after pushing the policy

D.   By selecting the option before pushing the policy

35: Which command is used to troubleshoot the VPN?

A.   vpn ike

B.   vpn tu

C.   vpn

D.   vpn securemote

36: What happens when you check the option 'Use Aggressive Mode'?

A.   The 6-packet IKE Phase 2 is replaced by the 3-packet exchange

B.   Nothing happens

C.   The 3-packet IKE Phase 1 is replaced by the 1-packet exchange

D.   The 6-packet IKE Phase 1 is replaced by the 3-packet exchange

37: Which command is used to check the routing information in SPLAT?

A.   Show IP route

B.   Show routing table

C.   netstat -nr

D.   cpstat

38: You want to see the logs for rule number 10. What could be the reason for not being able to see any logs in the SmartView Tracker?

A.   Logging is not enabled in Global Properties

B.   Logging is not enabled in Checkpoint Object

C.   Checking the logs in SmartView Monitor

D.   Logging is not enabled in rule number 10

39: Which of the following Checkpoint components require/s license?

A.   VPN-1

B.   SmartDefence

C.   LDAP

D.   SmartView Monitor

40:

 Which SmartView application will you use when your manager asks you to generate a report containing the number of bytes transferred per IP address in your network during the last month?

A.  

SmartView Status

B.  

SmartView Tracker

C.  

SmartUpdate

D.  

SmartView Monitor

E.  

Eventia Reporter 

41: Which command is used to inspect the translation tables?

A.   fw monitor

B.   fwm monitor

C.   fw mon

D.   fwm mon

42: How many administrators can be defined while installing the VPN-1 NGX?

A.   1

B.   2

C.   3

D.   4

E.   None

43: What is the function of DShield Storm Center in Checkpoint Security?

A.   It is a Hacking center

B.   It correlates world wide traffic profiles to detect attacks

C.   It is a DoS attack center

44: Which Checkpoint applications are supported by SPLAT?

A.   VPN-Pro

B.   SmartCenter

C.   Smart Clients

D.   Eventia Reporter

45: How many keys are there in PKI (Public Key Infrastructure)?

A.   1

B.   2

C.   3

D.   4

46: When you are generating Express reports in Eventia Reporter, where will you make queries for the data?

A.   Eventia Database

B.   SmartView Tracker

C.   SmartView Monitor

D.   Local Database

47: What is the extension of the audit log files?

A.   log

B.   auditlog

C.   alog

D.   adlog

48: Which VPN should be used when you want to allow only specific services to a SecuRemote user?

A.   Traditional mode

B.   Simplified mode

C.   Hybrid mode

D.   Encryption mode

49: In which type of 'attack' does 'packet' have the same sources, IP and port as destination?

A.   SmallPMTU

B.   Teardrop

C.   LAND

D.   Smurfattack

E.   Botnets

50: Which SmartConsole application will be used when you want to know how many packets are dropped per gateway?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM