Complete list of current Q & A>> Download Check Point Certified Security Expert (CCSE) (156-315) – Quiz 1 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 1. From SecureXL perspective, what are the three paths of traffic flow: A. Initial Path; Medium Path; Accelerated Path B. Layer Path; Blade Path; Rule Path C. Firewall Path; Accelerated Path; Medium Path D. Firewall Path; Accept Path; Drop Path 2 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 2. When synchronizing clusters, which of the following statements is FALSE? A. The state of connections using resources is maintained in a Security Server, so their connections cannot be synchronized. B. Only cluster members running on the same OS platform can be synchronized. C. In the case of a failover, accounting information on the failed member may be lost despite a properly working synchronization. D. Client Authentication or Session Authentication connections through a cluster member will be lost if the cluster member fails. 3 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 3. Which Check Point daemon invokes and monitors critical processes and attempts to restart them if they fail? A. fwm B. cpd C. cpwd D. cpm 4 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 4. Packet acceleration (SecureXL) identifies connections by several attributes- Which of the attributes is NOT used for identifying connection? A. Source Address B. Destination Address C. TCP Acknowledgment Number D. Source Port 5 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 5. What is the purpose of extended master key extension/session hash? A. UDP VOIP protocol extension B. In case of TLS1.x it is a prevention of a Man-in-the-Middle attack/disclosure of the client-server communication C. Special TCP handshaking extension D. Supplement DLP data watermark 6 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 6. VPN Link Selection will perform the following when the primary VPN link goes down? A. The Firewall will drop the packets. B. The Firewall can update the Link Selection entries to start using a different link for the same tunnel. C. The Firewall will send out the packet on all interfaces. D. The Firewall will inform the client that the tunnel is down. 7 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 7. What is the command to see cluster status in cli expert mode? A. fw ctl stat B. clusterXL stat C. clusterXL status D. cphaprob stat 8 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 8. Which of these is an implicit MEP option? A. Primary-backup B. Source address based C. Round robin D. Load Sharing 9 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 9. How do Capsule Connect and Capsule Workspace differ? A. Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications. B. Capsule Workspace can provide access to any application. C. Capsule Connect provides Business data isolation. D. Capsule Connect does not require an installed application at client. 10 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 10. When deploying SandBlast, how would a Threat Emulation appliance benefit from the integration of ThreatCloud? A. ThreatCloud is a database-related application which is located on-premise to preserve privacy of company-related data B. ThreatCloud is a collaboration platform for all the CheckPoint customers to form a virtual cloud consisting of a combination of all on-premise private cloud environments C. ThreatCloud is a collaboration platform for Check Point customers to benefit from VMWare ESXi infrastructure which supports the Threat Emulation Appliances as virtual machines in the EMC Cloud D. ThreatCloud is a collaboration platform for all the Check Point customers to share information about malicious and benign files that all of the customers can benefit from as it makes emulation of known files unnecessary 11 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 11. In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log? A. Accounting B. Suppression C. Accounting/Suppression D. Accounting/Extended 12 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 12. Check Point APIs allow system engineers and developers to make changes to their organizations security policy with CLI tools and Web Services for all the following except: A. Create new dashboards to manage 3rd party task B. Create products that use and enhance 3rd party solutions B. Create products that use and enhance 3rd party solutions D. Create products that use and enhance the Check Point Solution 13 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 13. What is true of the API server on R81.10? A. By default the API-server is activated and does not have hardware requirements. B. By default the API-server is not active and should be activated from the WebUI. C. By default the API server is active on management and stand-alone servers with 16GB of RAM (or more). D. By default, the API server is active on management servers with 4 GB of RAM (or more) and on stand-alone servers with 8GB of RAM (or more). 14 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 14. In the Firewall chain mode FFF refers to: A. Stateful Packets B. No Match C. All Packets D. Stateless Packets 15 / 15 Category: Check Point Certified Security Expert (CCSE) (156-315) 15. What is the default size of NAT table fwx_alloc? A. 20000 B. 35000 C. 25000 D. 10000 Your score is 0% Restart quiz Send feedback
