Correct Answer: A

The port used for SmartConsole to connect to the Security Management Server is CPMI port 18191/TCP. CPMI stands for Check Point Management Interface, which is a proprietary protocol that enables secure communication between the SmartConsole and the Security Management Server. CPMI uses SSL encryption and authentication to protect the data exchange. References: Check Point Security Expert R81 Course, SK52421 - Ports used by Check Point software

Correct Answer: D

When configuring SmartEvent Initial settings, you must specify a basic topology for SmartEvent to help it calculate traffic direction for events. This setting is called Internal network(s) and you are defining your networks. You can specify one or more networks or IP addresses that are considered internal for SmartEvent. This helps SmartEvent to determine the direction of the traffic (inbound, outbound, or internal) and generate events accordingly. References: [SmartEvent Administration Guide]

Correct Answer: D

How long may verification of one file take for SandBlast Threat Emulation? Verification of one file may take up to 3 minutes for SandBlast Threat Emulation. SandBlast Threat Emulation is a software blade that provides protection against malicious files by emulating them in a virtual sandbox and analyzing their behavior. The emulation time depends on various factors, such as file size, file type, emulation mode, etc. The default emulation time limit is 180 seconds, but it can be changed in the Threat Prevention policy settings. References: [R81 Threat Prevention Administration Guide], page 39.

Correct Answer: A

The hostname of the Standby member should not be changed to match the hostname of the Active member, as this would cause a conflict in the network. The correct procedure is to change the hostname of the Active member to a different name, and then change the Standby member to the original hostname of the Active member1. References: 1: Check Point Resource Library, Certified Security Expert (CCSE) R81.20 Course Overview, page 9.

Correct Answer: B

The biggest benefit of policy layers is that they enable flexible control over the security policy. Policy layers and sub-policies allow administrators to break one policy into several virtual policies, each with its own set of rules and actions. Policy layers can be ordered, shared, and reused across different policies. Policy layers can also include Threat Prevention as a sub-policy for the firewall policy. References: [Check Point R81 Security Management Guide]