Check Point CCMS

Check Point CCMS

Check Point CCMS - R81

Imagem de perfil user: Murilo Ruiz
Murilo Ruiz
1

SmartEvent Servers that are expected to receive logs from gateways managed by multiple domains should have ____________________

A domain object associated whit it a and SIC relationship established with the each Domain Management Server
A host object associated with it and a SIC relationship established with each Domain Log Server
A global object associated with it a and SIC relationship established with the Multi-Domain Management Server
Global object associated whit it a and SIC relationship established with the MultiDomain Log Server
2

What command is used to stop a specific domain server?

mdsstop_customer <Domain IP/name>
stop_domain <Domain IP/name>
mdsstop <Domain IP/name>
mdsstop <name/Domain IP>
3

Is it possible to have more than one Global Policy per Multi-Domain Server?

No, you can only configure one Global Policy per Multi-Domain Server. If this does not comply with your needs, you must install another Mutli-Domain Server.
Yes, you could configure as many Global Policies as needed, however, you can only assign one Global Policy to a Domain Management Server
No, you can only configure one Global per Multi-Domain Server and as far as you have configured this Global Policy, it is mandatory that evey Domain Management Server is associate this Policy
Yes, you could configure as many Global Policies as needed, and you can assign multiple Global Policies to a Domain Management Server at any time
4

All Multi-Domain Server must contain at least one interface with a routable IP address and be able to query a DNS Server to resolve the IP address of other host machine names. What type of address or addresses can you use?

You can use IPV4 and IPV6 address. Both addresses must always be defined.
You can use only IPV4 address and it must always be defined
You can use IPV4 and/or IPV6 address. IPV4 address must always be defined.
You can use IPV4 and/or IPV6 address. One of the address (IPV4or IPV6) must always e defined
5

Which of the following is not a predefined permission profile?

Multi-Domain Superuser
Domain Manager
Global Manager
Global Superuser
6

The Global Domain is a collection of rules, objects and settings shared with all Domains or with specific Domains. How is the Global Domain created?

It is created manually after the installation of Multi-Domain Management using the mdsconfig utility
It is created manually after the installation of the Multi-Domain Management in SmartConsole
It is created automatically when you create first domain in Multi-Domain Management
It is created automatically when you install Multi-Domain Management
7

What is the command to view the SIC status of the Domain Management Servers to their corresponding Virtual Systems?

mdsstat -vsx
vsxconfig ->show sic status
cp_conf show sic to vsx
vsx stat -v
8

Name the complete list of MDSM system processes and daemons.

CPM,FWM,FWD,CPHAMCSET,CPCA
CPM,FWM,FWD,CPD and CPCA
FWM,FWD,CPF CPHAMCSET,CPCA
CPM,FMW,FWD,CPD and CPHAMCSET
9

Which command needs to be executed for opening the MDSM Server configuration?

mdsconfig
ldsconfig
cpconfig
msconfig
10

What is the purpose of a Multi-Domain Log Server?

A Multi-Domain Log Server function as a container for Domain Log Servers
A Multi-Domain Log Server functions as the destination Log Server for each particular Virtual System in a VSX environment
To comply with SOX, a Multi-Domain Log Server is a Log Server which servers as a Log Server for multiple Multi-Domain Servers
A Multi-Domain Log Server is a Log server which has the capability to convert to Check Point logs into the open LOGSEC format
11

Which type of synchronization is NOT supported?

Automatic Synchronization
Initial synchronization
Periodic Synchronization
Manual Synchronization
12

Which command is used to view status information about the MDSM Server and specific domain servers running on it?

mdsutil
mdsstat
mds
mdsconfig
13

Domain Servers Availability is a _____________________

Redundancy and load sharing solution
Redundancy solution only
Redundancy or load sharing solution
Load sharing solution only
14

Which of these is a predefined profile in the Multi-Domain Management?

Multi-Domain Log Manager
Multi-Domain Superuser
Global Superuser
Multi-Domain Manager
15

When VSX is managed with as MDSM, VSX gateways are managed by a Domain Management Server commonly referred to as the ___________________________

Secondary Security Management Server
Primary Domain Management Server
Main Domain Management Server
VSX Management Server
16

Which servers generate Audit Logs?

Domain Management Servers and Multi-Domain Management Servers
The administrator can configure this settings
Domain Management Servers, Multi-Domain Management Servers and MultiDomains Logs Servers
Only Domain Management Servers
17

For a Security Gateway to log a Domain Log Server, it must __________________________

Be configured to forward logs to the Domain Log Server
Be unable to contact the SmartEvent Server
Be in the same geographic location as the Domain Log Server
Be unable to contact the Domain Management Server
18

VSX (Virtual System Extension) technology is based on the following technology?

hypervisor based
container based
content based
context based
19

Primary Multi-Domain Server can host:

Primary or Secondary Domain Management Servers or Domain Log Servers
No Domain Servers, only MDSM database, administrators and permissions, and audit logs
Primary Domain Management Servers only
Only primary or secondary Domain Management Servers, no Domain Log Servers
20

What kind of database is on the MDSM server?

MariaDB
QuintaDB
MySQL
PostgresSQL
21

Administrators with the Global Manager profile can perform which the following functions?

Manage all users for the Multi-Domain Server
Manager the Multi-Domain server
Manage all domain management servers in all domain
Manage global rules and assignments
22

Which of the following is one of the three main components of the Check Point MDSM environment?

Domain Web Server
Domain Name Server
Domain Log Server
Domain Smartcenter Server
23

Which of the following statements is about the Global Policy Management is correct/true?

The Global Domain is automatically created when a MDLS Server is installed
The Global Domain is automatically created when a MDSM Server is installed
The Global Domain is automatically deleted when a MDLS Server is installed
The Global System Domain is manually created when a MDSM Server is installed
24

What is the default settings for Domain Log Servers in an MDSM environment?

Each Domain has one Domain Log Server on a Multi-Domain Server
Each Domain keeps its Domain Log Servers on one or more Multi-Domain Log Servers
Each setting must be configured by logging manually
Each Domain Security Gateway works as the Log Server for its own logs
25

How can a Domain Log Server be deployed?

It is mandatory to have a Domain Log Server in every MDS Server installation
Each Domain can have its own Domain Log Server
Each Domain can have multiple independent Domain Log Server, each one per Software Blade
Multiple Domains can share one Domain Log Server
26

In an MDSM environment, a Domain Log Server can be hosted on:

A Domain Log Server is a part of Domain Management Server and it cannot be hosted separately
A Domain Log Server can be hosted only an a Multi-Domain Server that hosts the Primary Domain Management Server for that Domain
Primary/Secondary Multi-Domain Server or Multi-Domain Log Server
Only on a Multi-Domain Log Server
27

Which Servers can be housed in a Secondary MDS?

Secondary MDS replicate whatever servers are in a primary MDS
Only Secondary Domain Management Servers and Domain Log Servers
Primary or Secondary Domain Management Servers and Domain Log Servers
Only Secondary Domain Management Servers
28

The Global Domain contains a collection of:

Global rules, Global objects, Global configuration settings
Global rules, Domain objects, Global configuration settings
Domain rules, Domain objects, Domain configuration settings
Domain rules, Global objects, Domain configuration settings
29

Which component of MDSM solution is responsible for housing Domain Servers, Security Policies, system data and the Multi-Domain Management system software?

All the above
Domain Server
Domain Log Server
Multi-Domain Server
30

You need to debug a specific daemon on the Alpha-Domain-Server inside MultiDomain Server.What command will you use to achieve it?

Change context to domain server: mdsenv Alpha-Domain-Server. Then start debugging asa usual
Use usual debug commands with -ds switch to specify Alpha-Domain-Server. For example: fw debug fwd on -ds fwd -d Alpha-Domain-Server
Use mdsdebug with -d switch to specify Alpha-Domain-Server. For example: mdsdebug fwd -d Alpha-Domain-Server
Use usual debug commands (for example: fw debug fwd on TDERROR_ALL_ALL=5). Then use grep to search debug file for Alpha-DomainServer entries
31

Global Policies are assigned in the following manner:

There is only one Global Policy which is automatically assigned to all the domains and all policies within then. There is no option to remove this assignment
A Global Policy is automatically merged with all the policies in all domains. These are disable by default and administrators of each domain have the option to enable required rules.
A Global Policy is installed on security gateway taken over by the global domain. Once the takeover is done, the original domain cannot control the security gateway
Administrators can assign a Global Policy to specific domain and to specific policies within domains
32

How many virtual systems can be hosted on a single VSX Gateway machine?

250
256
252
254
33

Which of the statements is true regarding Global Access Control Policy?

The Global Access Control Policy contains global rules that control access to network resources. This is includes Firewall, Application Control, URL Filtering and IPSEC VPN rules
The Global Access Control Policy contains collections of local rules that control access to network resources globally. This includes Hide NAT, Port Address Translation, Mobile Access, and Identity Awareness rules
The Global Access Control Policy contains global rules that control access to network resources. This is includes Global Properties, Mobile Access, NAT and IPSEC VPN rules.
The Global Access Control Policy contains a collections of individual local rules that control access to network resource globally. This is includes Identity Awareness, Threat Emulation, Desktop Security, and IPSEC VPN rules
34

Which of the following is not part of the Multi-Domain Server database (mdsdb)?

Administrators and Permissions
Domain Server
Security Gateways and their installed applications
The Global Domain
35

Which is a difference between Periodic and Manual Synchronization in a MDSM HA environment?

Changes are synchronized from the Active Domain Server to the Standby Domain Management Server
They don't occur automatically when a new Secondary DMS is created
Unplublished sessions are not synchronized
Clients are disconnected during synchronization
36

Which of the following is the correct Management HA feature of the MDSM solution?

Multi-Domain Server HA is Active/Standby solution where there is one active MultiDomain Server that hosts all active Domain Server
HA is only available at the Domain Server level. For Multi-Domain Servers, backup file can be used
Management HA is completely Active/Active at the Multi-Domain Server and Domain Server leve
Multi-Domain Server HA is Active/Active whereas in Domain Management Servers, one domain servers is active and the others are standby
37

When considering logs from a Security Gateway ____________________________

Each gateway must be configured to send logs to a log server
Each gateway automatically sends logs to the Primary Domain Management Server
The Global Policy overrides the gateway log server configuration
Each gateway automatically sends logs to any log servers in the domain
38

You are using the Single Site Deployment of MDSM solution. What is the recommended way to protect such a type of deployment from failures?

Use Management HA for each domain in the MDSM environment
Use Management HA for each domain server in MDSM environment
Use a backup solution to save system databases and settings
Use the secondary Multi-Domain Server to synchronize system databases and settings
39

What are two different deployment types for MDSM?

Standalone Deployment and High-Availability Deployment for Failover clustering the MDS Server
SmartEvent Deployment and SmartReporter Deployment in conjunction with MDSM
Standalone Deployment and Distributed Deployment
Single-Site- Deployment and Multi-Site Deployment
40

Which type of server is a container that can host several individual virtual Log Servers inside of it?

Domain Server
Domain Log Server
Multi-Domain Log Server
Multi-Domain Server
41

Fill in the blank. Multi-Domain Management Server High Availability is an _____________________________ redundancy solution and Domain Management Server High Availability is an ___________________ redundancy solution.

Active/Active and Active/Active
Active/Standby and Active/Standby
Active/Standby and Active/Active
Active/Active and Active/Standby
42

Where are audit logs saved in a distributed environment with the multiple MDSM and MDLS

To all servers in the environment
To the MDLS
In the respective container
To the Primary MDSM
43

When a new Domain Log Server is configured and deployed, ______________________________

The Security Gateway must be configured to send its logs to the server
The Security Gateway will automatically start to send logs to it
It must be manually synchronized to a Domain Log Server
The Primary MDSM Server will automatically connect to the new server
44

The mdsstop -m commands is used to stop ________________

everything except the Multi-Domain Security Management
everything on the Multi-Domain Security Management
the Global Domain Management Server
Only the Multi-Domain Security Management
45

The difference between Multi-Domain Log Server and Domain Log Server is:

A Multi-Domain Log Server stores logs from all domains into a single repository and it replaces the Domain Logs Server which us used for storing logs from a single domain SMS
There is not difference, they are both the same
Domain Log Server is one that received logs from devices in a domain. A MultiDomain Log Server is one that receives logs only from Multi-Domain Servers (Primary and Secondary)
A Domain Log Servers received logs from the devices in the single domain. The Multi-Domain Log Server is a container that hosts one or more such Domain Log Servers
46

The Check Point MDSM environment consists of which components?

The Multi-Domain Server, Domain Servers, and Domain Log Servers
The Multi-Domain GUI, the VSX Gateway and the CMAs
The Multi-Domain Server, the VSX Gateways, and the Virtual Systems
The Multi-Domain Server, the global CA, the MDG license
47

Multi-Domain Log Servers manage and house __________________________

SmartEvent Servers for each domain
Domain Management Servers and Domain Log Servers
Logs from all of the Gateways in a domain
Domain Logs Servers for each domain
48

What is a Domain Server?

It is a log server that holds log files generated by the Windows and Linux Servers with installed SandBlast Agents for checking system-related events
It is a log server that holds log files generated by the Global security gateways for a Global Domain
It is a log server that holds log files generated by security gateways for all the Domain
It is a log server that holds log files generated by security gateways for a specific Domain
49

Authentication requests sent from cpm to fwm of the MDSM and the Domain are established on which port?

9009
18191
19009
18190
50

You are migrating from a single server to MDSM solution. You successfully exported configuration. You also created a Domain Management Server. Now you need to import configuration to the newly created Domain Server. What command is used to import configuration?

cma_import
migrate_import
migrate import
mdsstat
51

Which process requires only one instance to handle all transactions with all Domain Servers?

fwm
cpca
cpd
cpm
52

Which component of MDSM solution receives status notifications and real-time monitoring data from its Security Gateways and, if requested, also receives logs from gateways?

Multi-Domain Server
Multi-Domain Log Server
Domain Server
Domain Log Server
53

Which of the following is not contained in the Global Domain?

Global Objects
Global Policy Push
Global Rules
Global Configuration Settings
54

Global Rules and global objects ___________________________

cannot be modified once configured
can be modified in the Domain Server level of SmartConsole
can be modified in the both the Global Access and Threat Prevention policies
can only be modified in the Global Domain
55

You want to change a leading interface on a Multi-Domain Server after installation. What command will you use?

ifconfig
ethtool
mdsconfig
cpconfig
56

What is considered as a 'Domain' in the Check Point Multi-Domain Security Management solution?

The part of a URL that comes in between the protocol and the path of the resource
A domain is an identification string that defines a realm of administrative autonomy, authority or control within the Internet
A domain is a virtual object that defines a network or a collection of networks related to an entity, such as a company, branch location, or business unit
A domain is a distinct subset of the Internet with addresses sharing a common suffix or under the control of a particular organization or individual
57

Which of the following is not one of the three types of synchronization which occur during normal operations?

Periodic Synchronization
Automatic Synchronization
Initial Synchronization
Manual Synchronization
58

Which of the following is one of the numerous benefits of Check Point MDSM?

Separate Certificate Authority for each management domain
One global CA for all DMS
One IPSEC VPN configuration for all of the Management Domains based on a placeholder object representing the individual gateway object
HA configuration with different operating systems (Gaia&IPSO) within its configuration
59

What is one of the benefits of Multi-Domain Security Management?

Centralized license management
Centralized certificate authority
Centralized security logging
Centralized complaince monitoring
60

Your customer asks you to create Global NAT rules for all his domain. Where can you do this?

Global Access Control Policy - Create NAT Rule Base
Global Domain - Create NAT Rule Base
Global Objects - Use NAT settings for required objects
You cannot define global NAT settings
61

The default log server for the Gateways in a Domain is the __________________

Primary Domain Management Server
Primary Domain Log Server
SmartEvent Server
Secondary Domain Management Server
62

What is the port used by the SmartConsole to connect to the CPM process of the Security Management Server?

18190/TCP
19009/UDP
19009/TCP
18191/TCP
63

Which of the following commands will instruct the system to stop the MDSM Server and allow the domain servers to continue to run as normal?

mdsstop
mdsstop_customer <domain server IP>
mdsstop -m
mdsstop <MDSM server IP>
64

When an Active Domain Management Server fails in a MSDM HA environment:

Administrators must manually changes a Standby Domain Server to the Active state to make changes to objects and policy
The Secondary Domain Management Server automatically functions servers as the Active Server
The system will automatically select a Standby Domain Server to be the Active Domain Server
The Standby Domain Server automatically changes to Active state and administrators must manually synchronize the policy
65

67-Which of the following are features of the Check Point MDSM solution: i) Multiple management domains ii) Centralized security management and monitoring iii) Global Security Policy functionality iv) Granular role-based administration v) Multi-Domain log server vi) Domain High Availability

Only - i, ii and vi
Only - i and v
Only - i, ii, v and vi
All - i, ii, iii,iv,v,vi
66

Which of the following is not included in Global Threat Prevention Policy?

IPS
Anti-Ransomware
Anti-Virus
Anti-Bot
67

When working with VSX on a Multi-Domain Server it is best to manage___________________

VSX Gateways and Virtual Systems in the same domain
VSX Gateways and Physical Gateways in the separate domain
All Gateways in the same domain
VSX Gateways and Virtual Systems in separate domains
68

How many domains can a Multi-Domain Management Server host?

up to 250
up to 252
up to 254
up to 256
69

The Global Domain is a permanent, automatically generated Domain on every MDSM that _________________________________

Manages Global firewalls
Secures the Multi-Domain Server
Manages Global objects and rules
Logs all traffic in the Multi-Domain Environment
70

How many Internal Certificate Authorities are used by a Domain in a MDSM System?

The Primary MDS Certificate Authority handles all certificate needs in the MDSM system
The administrator can select whether to use the Primary MDS Certificate Authority or individual internal Certificate Authorities
Every Domain has an Internal Certificate Authority and an External Certificate Authority for use with communication with the Multi-Domain server
Each Domain has its own Internal Certificate Authority that is suborndinate to the Primary MDS Certificate Authority
71

The Global Domain Database contains:

Information about all Domain Servers and Domain Log Servers
All rules, objects and settings for all domains
Rules, objects and settings which are shared with each domain or with specified domains
Records of all domain administrators
72

Which of the following types is NOT used in a typical VSX configuration?

Hyperlinks
Warp links
Physical interfaces
Virtual (VLAN) Interface
73

When considering Global Assignments of Policies _______________________

A Global Access Policy can be assigned to all policies inside a domain or to a specified domain policy
Global Access Policy are automatically assigned to all domain policies
A Global Access Policy is assigned to all policies inside a domain
A Global Access Policy can only be assigned to one specific domain policy at a time
74

Administrators can back-up Multi-Domain management servers using Snapshots, System Backups and ____________________

migrate export
mdsstat
mds_backup
save configuration
75

Which of the following Processes is not displayed in the mdsstat

cpd
fwm
cpm
fwd
Quizur Logo

Siga nossas redes sociais:

Incorporar

Para incorporar este quiz ao seu site copie e cole o código abaixo.