156-560 Online Practice Questions and Answers

Check Point's Public Cloud model is described as the following

A. A Security Matrix Model

B. A Hub and Spoke Model

C. An Advanced Threat Tunnel Model

D. A Borderless Model

When using Data Center Objects in a policy and the objects are not updating, what are two steps we can check?

A. 1. Verify process is running with `cloudguard on' and

2. restart the api process with `api restart'

B. 1. Verify process is running with `cloudguard on' and

2. `test communication' button the Data Center Server object

C. 1. Reboot the Security Management Server and

2. restart the cloudguard process with `cloudguard on'

D. 1. Reboot the Security Management Server and

2. restart the api process with `api restart'

Which of these Cloud Platforms support User Defined Route (UDR) to force traffic destined for spoke networks to go through a network virtual appliance

A. Amazon AWS

B. Google Cloud Platform

C. Amazon AWS and Google Cloud Platform

D. Microsoft Azure

In a CloudGuard deployment, what does the acronym IAM stand for?

A. Information and Adaptability Measures

B. IP Address Management

C. Identity and Access Management

D. Instant Access Management

The best practice for CloudGuard Network deployments utilizes the Hub and Spokes Model. Which of these statements is the most correct for this model.

A. All the security components including SMS, Northbound and Southbound Security Gateways and East-West VPN Gateways will be deployed in one Hub.

B. A Spoke can ONLY consist of a single virtual machine in a dedicated subnet shared between the VM and the Hub.

C. All traffic that enters and exits each spoke must travel through a hub

D. The Hub and Spoke model is applicable ONLY to multi-cloud environments. The Hub includes all the Security Gateways in all cloud environment. Each Spoke includes all resources of a Data Center in a single Cloud Environment.

Cloud Security Posture Management operational modes for cloud accounts are:

A. Read Only, Full Protection. Region Lock

B. Read Only, Read/Write. Region Lock

C. Read Only, Read/Write. Full Protection

D. Read/Write, Partial Protection, Full Protection

The Administrators ability to protect data, systems, and assets While taking advantage of cloud technologies is commonly called

A. Cost Optimization

B. Security

C. Operational Excellence

D. Performance Efficiency

When choosing PAYG (Pay As You Go) licensing in AWS, it is provided:

A. Via specific dedicated channels

B. Directly with Check Point

C. At the marketplace

D. Through the regular Check Point channels

Cloud Security Posture Management (CSPM) operates as which type of service based platform?

A. CaaS

B. SaaS

C. PaaS

D. laaS

Can you configure NAT for internal VM's on the Check Point Gateway in AWS?

A. Yes, you can add public IP's to the Check Point

B. No. ail the NAT is being done by the ELB

C. No, the public IPs are defined directly on the in

D. Yes, the NAT is only defined for internal LB

CloudGuard uses several management tools to create and manage Security Policies. Which is NOT one of those tools?

A. Gaia Portal

B. CloudGuard Controller

C. SmartConsole

D. CLI

Which solution delivers a software platform for public cloud security and compliance orchestration?

A. CloudGuard Network Public

B. CloudGuard Network Private

C. CloudGuard SaaS

D. Cloud Security Posture Management

How is CloudGuard for Azure licensed in PAYG (Pay As You Go) mode?

A. Per hour based on resources consumed

B. Per Gateway

C. Per Socket

D. Per vCore

Cloud Security Posture Management uses which of the following to integrate with cloud accounts?

A. IAM account credentials

B. Security Objects

C. SDDC

D. CloudGuard Controller

A utility that allows integration between SMS, the CloudGuard Network Solution, and CSPs, allowing the SMS to monitor and control scaling solutions in their associated cloud environments is called

A. CloudGuard Management Extension (CME)

B. CloudGuard Controller and Enforcer (CCE)

C. CloudGuard Scanner and Enforcer (CSE)

D. CloudGuard Controller (CC)