Checkpoint Security MCQs

Checkpoint Security MCQs

These Checkpoint Security multiple-choice questions and their answers will help you strengthen your grip on the subject of Checkpoint Security. You can prepare for an upcoming exam or job interview with these 80 Checkpoint Security MCQs.
So scroll down and start answering.

1: Which SmartConsole application is used to manage the VPN-1 license?

A.   Smart Update

B.   Smart View Tracker

C.   Smart View Status

D.   Smart View Monitor

E.   Smart LSM

2: Which command will Eric use to fetch a policy from the SmartCenter server when he is unable to access it?

A.   fw install policy

B.   fw fetchpolicy

C.   fwm fetch

D.   fw fetch

3: Which command in Cluster is used to see the Active Member?

A.   cphaprob stat

B.   cphaprob list

C.   cpha prob stat

D.   cpha prob list

4:

What sequence is followed in the Rule Base Enforcement in VPN-1?


1. Security policy BEFORE-LAST rule

2. Administrator-defined rule base

3. IP Spoofing/IP options

4. Cleanup rule

5. Security Policy FIRST rule

6. NAT

A.  

156324 

B.  

632541 

C.  

125463 

D.  

125346 

E.  

365214 

5: Where will you place the Cleanup Rule in the Rule Base?

A.   At the top

B.   Anywhere

C.   At the bottom

D.   In the middle

6: Which application will Jenny use when she wants to apply security policies on the remote users while they connect their systems from home?

A.   SecuRemote

B.   SecureClient

C.   SmartLSM

D.   Enforcement Module

7: Which command is used to show the Multicast Routing table?

A.   show ip route

B.   show multicast table

C.   show ip mroute

D.   show ipm route

8:

The HTTP access is opened to one new system in the network.

When will a rule become effective in such a situation?

A.  

While installing the policy 

B.  

During cpstop

C.  

During cpstart

D.  

During cprestart

E.  

By saving the policy on SmartCenter server

9: Which of the following tools can be used for vulnerabilities?

A.   Ethereal

B.   Nessus

C.   TCPDUMP

D.   Snort

10:

What rule will Mary create in the rule base to implement the authentication when she wants to implement client authentication for an Internet_User Group for HTTP service?

A.  

Source:Internet_Users@Any; Dest:Any ; Service:HTTP ; Action:Client Authentication

B.  

Source:Internet_Users@Any; Dest:Any ; Service:Telnet; Action:Client Authentication

C.  

Source:Internet_Users@Any; Dest:Any ; Service:HTTP ; Action:Session Authentication.


D.  

Source:Internet_Users@Any; Dest:Any ; Service:HTTP ; Action:User Authentication

11: Which of the following are Security servers?

A.   URI

B.   SMTP

C.   FTP

D.   TCP

E.   CIFS

12: Which command is used to check the VPN-1 version on Gateway?

A.   fw ver

B.   fwmver

C.   fwm version

D.   fwm ver

13: Which are the different modes in High-Availability (HA)?

A.   Active-Active

B.   Active-Deactive

C.   Active-Passive

D.   Passive-Passive

E.   Deactive-Passive

14: Which one of the following is used to edit the Log file size switch settings?

A.   SmartView Status

B.   SmartView Tracker

C.   Checkpoint Gateway-->Logs and Masters

D.   Global policies-->Logs and Masters

E.   SmartLSM

15: Which SmartView application will Eric use when he wants to see the number of Remote user tunnels?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

16: Which command is used to configure the SPLAT operating system?

A.   ConUtilities

B.   CPutil

C.   CPconfig

D.   Sysconfig

17: How many log files can be opened at a time in the Smartview Tracker?

A.   1

B.   2

C.   3

D.   4

E.   5

18: After how much time does the Firewall Module send the logs to the Log Server?

A.   Instantly

B.   After 1 second

C.   After 0.5 second

D.   After 2 seconds

E.   After 3 seconds

19: Which of the following authenticated services can work with User-authentication?

A.   telnet

B.   https

C.   rlogin

D.   http

E.   ftp

20: What is the significance of SIC?

A.   It is used for secure communication between two gateways

B.   It is used for secure communication between a gateway and SmartCenter server

C.   It is used for authentication

D.   It is used for encryption in the VPN tunnels

21: Which SmartView application will you use when you want to see the concurrent number of connections?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

22:

Eric wants that a VPN rule should only be activated for a particular time.

How can that be done?

A.  

By specifying the time VPN object settings

B.  

By specifying the time in global settings  

C.  

By specifying the time in VPN rule 

23: How many NAT entries are created for automatic host/network object NAT?

A.   1

B.   2

C.   3

D.   None

24: What is VTI?

A.   VPN Tunnel Interface

B.   Virtual Tunnel Interface

C.   VPN Terminating Interface

D.   Virtual Terminating Interface

25: Which SmartView application will you use when you want to view the OS details and the Installed Package details?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

26: In which mode are the rules created automatically while configuring the VPN?

A.   Hybrid Mode

B.   None

C.   Traditional Mode

D.   Simplified Mode

27: How will you create a RADIUS server for authentication in VPN-1?

A.   File->New->RADIUS server

B.   Manage->Servers and OPSEC applications->New->RADIUS

C.   New->RADIUS Server

D.   Right click server->New RADIUS server

E.   Object->RADIUS server

28: Which port on Firewall should be opened for IPSec IKE?

A.   UDP 4500

B.   TCP 4500

C.   UDP 500

D.   TCP 500

E.   UDP 1818

29: At which port can you access the WUI of SPLAT?

A.   80

B.   443

C.   18181

D.   18110

E.   8080

30: Which OPSEC server will allow you to export the log files to the third party?

A.   CVP

B.   UFP

C.   ELA

D.   LEA

31: Which of the following OS is not supported by VPN-1 SecuRemote?

A.   Windows XP

B.   RedHat Linux 9

C.   MacOS X

D.   IPSO 4.0

32: Which port CVP security server is used for communication?

A.   18181

B.   18182

C.   18921

D.   18891

E.   18291

33: Which port on Firewall should be opened for IPSec NAT-Traversal?

A.   UDP 4500

B.   TCP 4500

C.   UDP 500

D.   TCP 500

E.   UDP 1818

34: How can you create a new Database Revision Control version?

A.   By selecting the option in Policy Package Management

B.   By selecting the option in Global properties

C.   By selecting the option after pushing the policy

D.   By selecting the option before pushing the policy

35: Which command is used to troubleshoot the VPN?

A.   vpn ike

B.   vpn tu

C.   vpn

D.   vpn securemote

36: What happens when you check the option 'Use Aggressive Mode'?

A.   The 6-packet IKE Phase 2 is replaced by the 3-packet exchange

B.   Nothing happens

C.   The 3-packet IKE Phase 1 is replaced by the 1-packet exchange

D.   The 6-packet IKE Phase 1 is replaced by the 3-packet exchange

37: Which command is used to check the routing information in SPLAT?

A.   Show IP route

B.   Show routing table

C.   netstat -nr

D.   cpstat

38: You want to see the logs for rule number 10. What could be the reason for not being able to see any logs in the SmartView Tracker?

A.   Logging is not enabled in Global Properties

B.   Logging is not enabled in Checkpoint Object

C.   Checking the logs in SmartView Monitor

D.   Logging is not enabled in rule number 10

39: Which of the following Checkpoint components require/s license?

A.   VPN-1

B.   SmartDefence

C.   LDAP

D.   SmartView Monitor

40:

 Which SmartView application will you use when your manager asks you to generate a report containing the number of bytes transferred per IP address in your network during the last month?

A.  

SmartView Status

B.  

SmartView Tracker

C.  

SmartUpdate

D.  

SmartView Monitor

E.  

Eventia Reporter 

41: Which command is used to inspect the translation tables?

A.   fw monitor

B.   fwm monitor

C.   fw mon

D.   fwm mon

42: How many administrators can be defined while installing the VPN-1 NGX?

A.   1

B.   2

C.   3

D.   4

E.   None

43: What is the function of DShield Storm Center in Checkpoint Security?

A.   It is a Hacking center

B.   It correlates world wide traffic profiles to detect attacks

C.   It is a DoS attack center

44: Which Checkpoint applications are supported by SPLAT?

A.   VPN-Pro

B.   SmartCenter

C.   Smart Clients

D.   Eventia Reporter

45: How many keys are there in PKI (Public Key Infrastructure)?

A.   1

B.   2

C.   3

D.   4

46: When you are generating Express reports in Eventia Reporter, where will you make queries for the data?

A.   Eventia Database

B.   SmartView Tracker

C.   SmartView Monitor

D.   Local Database

47: What is the extension of the audit log files?

A.   log

B.   auditlog

C.   alog

D.   adlog

48: Which VPN should be used when you want to allow only specific services to a SecuRemote user?

A.   Traditional mode

B.   Simplified mode

C.   Hybrid mode

D.   Encryption mode

49: In which type of 'attack' does 'packet' have the same sources, IP and port as destination?

A.   SmallPMTU

B.   Teardrop

C.   LAND

D.   Smurfattack

E.   Botnets

50: Which SmartConsole application will be used when you want to know how many packets are dropped per gateway?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

51: Which layer does the IPSec work on?

A.   Session Layer

B.   Data Link Layer

C.   Network Layer

D.   Application Layer

52: Which of the following is the default Smartdirectory (LDAP) profile for Microsoft AD?

A.   AD.Microsoft

B.   AD_Microsoft

C.   Microsoft_AD

D.   Microsoft.AD

53: Which network will Lea add in the VPN domain of ABC Gateway, when she has created a site-to-site VPN tunnel between ABC(172.16.0.0/24)and XYZ(10.1.0.0/24)?

A.   172.16.1.0/24

B.   10.1.0.1/24

C.   172.16.0.0/24

D.   172.16.0.0/16

E.   10.1.1.0/16

54: Which type of NAT should Adrian use to publish the server when he wants to publish a Web Server so that the external clients may be able to access the application?

A.   Static NAT

B.   Dynamic NAT

C.   Hide NAT

D.   NAT is not required

55: The Quick mode is completed __________.

A.   before Phase 1

B.   after Phase 1

C.   before Phase 2

D.   after Phase 2

56: Which SmartView application will you use when you want to see the number of connections per application?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

57: Which protocols can be scanned by the Anti-Virus engine of VPN-1?

A.   POP3

B.   HTTP

C.   SMTP

D.   IMAP

E.   HTTPS

F.   FTP

58: Which command is used to determine the route taken by a packet?

A.   netstat

B.   ipconfig

C.   ifconfig

D.   traceroute

59: Which SmartConsole application will Adrian use when he wants to see the CPU utilization and the memory of different gateways being managed from a single SmartCenter server?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

60: Which SmartConsole application will be used when you want to see which rule is dropping the traffic?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartUpdate

D.   SmartView Monitor

E.   SmartLSM

61: Which of the following Checkpoint package is installed on the Nokia box?

A.   Checkpoint NGX wrapper

B.   VPN-1 wrapper

C.   IPSO

D.   SecurePlatform

62: Which command in SPALT is used to schedule the backup?

A.   backup schedule

B.   backup --sched

C.   backup --schedule

D.   backup --shd

63: At which port will you telnet the gateway to use manual client authentication?

A.   258

B.   259

C.   260

D.   18181

64: Which command is used to know the active policy on the enforcement module?

A.   fw stat

B.   fwm stat

C.   fw statistics

D.   fwm statistics

E.   fw policy name

65: Which command is used to restore the VPN-1 configuration?

A.   upgrade_restore

B.   upgrade_import

C.   upgrade_export

D.   upgrade_import_restore

66: The Main mode is completed ___________.

A.   before Phase 1

B.   after Phase 1

C.   before Phase 2

D.   after Phase 2

67: Which command is used to add GUI clients?

A.   cpconfiguration

B.   cpconfig

C.   cputil

D.   add guiclients

68: Which of the following tools can be used to monitor the Packets?

A.   Ethereal

B.   Nessus

C.   TCPDUMP

D.   Snort

69:

Jeremy has to create 3 site-to-site VPNs. NJ is the central site and the remote sites are Bangalore and Dubai. Bangalore and Dubai can communicate with each other.

Which VPN topologies should he use to achieve it?

A.  

Star topology for Banglore and Dubai VPN and Mesh for NJ VPN  

B.  

Mesh topology for Banglore and Dubai VPN and Star for NJ VPN 

C.  

Mesh topology for Banglore and Dubai VPN and Mesh for NJ VPN

D.  

Star topology for Banglore and Dubai VPN and Star for NJ VPN

70:

Which feature will you use to manage the different security policies for different gateways when you are managing more than one Enforcement modules from the SmartCenter?

A.   Policy Package Management

B.   Policy Management

C.   Database revision control

D.   Backup tools

71: Where will you place the Stealth rule in the Rule Base?

A.   At the top

B.   Anywhere

C.   At the bottom

D.   In the middle

72: Which SmartConsole application will you use when you want to implement a new security policy for your network?

A.   SmartView Status

B.   SmartView Tracker

C.   SmartDashboard

D.   SmartView Monitor

E.   SmartLSM

73: How many TCP flags are there in the Checkpoint Security?

A.   3

B.   2

C.   5

D.   8

E.   6

74:

Which network will you add in the antispoofing settings when there are two networks(192.168.0.0/24,172.16.0.0/24) behind the VPN-1 gateway?

A.  

B.   172.16.0.0/24

C.   192.168.0.0/24 & 172.16.0.0/24

D.   192.168.0.0/16 & 172.16.0.0/16

75: What happens during the Tunnel Mode?

A.   It encrypts the entire packet

B.   It encrypts the data portion

C.   It encrypts the header portion

D.   No encryption occurs

76: Which of the following are included while taking the backup of the VPN-1 configuration? (Select all suitable options)

A.   Global properties

B.   Objects

C.   Rule base

D.   License

77: __________ TCP flag can launch a DoS attack.

A.   ACK

B.   FIN

C.   SYN

D.   SYN/ACK

E.   URG

78: Which of the following factors should be kept in mind to improve the performance of the Enforcement module? (Select all suitable options)

A.   Remove the unused rules

B.   Enable log for all the rules

C.   Keep the mostly used rules at the top

D.   Collate the rules

79: Which type of NAT will be used by Adrian during the creation of a VPN between two sites, 10.1.1.0/24 and 192.168.1.0/16?

A.   Static NAT

B.   Dynamic NAT

C.   Hide NAT

D.   None

80: Which of the following signs on methods are possible in the Client Authentication in VPN-1?

A.   Partial Automatic

B.   Fully Automatic

C.   Hybrid Login

D.   Encrypted Sign on

E.   Single Sign on

List of Checkpoint Security MC...

Related Checkpoint Security MCQs:

Unity3D MCQs

Bootstrap MCQs

Software Engineering MCQs

ASP.NET with SQL Server MCQs

NetBeans MCQs

Available in:

flag  Checkpoint Security MCQs

Latest MCQs:

Introduction to information Technology MCQs

Hard Drive MCQs

Central Processing Unit (CPU) MCQs

Data Storage MCQs

Data Transmission MCQs

Popular MCQs:

Unity3D MCQs

Bootstrap MCQs

Software Engineering MCQs

ASP.NET with SQL Server MCQs

NetBeans MCQs

Privacy Policy | Terms and Conditions | Contact Us

pinterest twitter youtube

© copyright 2024 by mcqss.com