Valentine Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Checkpoint 156-315.81 Check Point Certified Security Expert R81 Exam Practice Test

Page: 1 / 62
Total 617 questions

Check Point Certified Security Expert R81 Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$36  $119.99

PDF Study Guide

  • Product Type: PDF Study Guide
$31.5  $104.99
Question 1

What are the types of Software Containers?

Options:

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security Gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Question 2

Which NAT rules are prioritized first?

Options:

A.

Post-Automatic/Manual NAT rules

B.

Manual/Pre-Automatic NAT

C.

Automatic Hide NAT

D.

Automatic Static NAT

Question 3

GAiA Software update packages can be imported and installed offline in situation where:

Options:

A.

Security Gateway with GAiA does NOT have SFTP access to Internet

B.

Security Gateway with GAiA does NOT have access to Internet.

C.

Security Gateway with GAiA does NOT have SSH access to Internet.

D.

The desired CPUSE package is ONLY available in the Check Point CLOUD.

Question 4

When deploying SandBlast, how would a Threat Emulation appliance benefit from the integration of ThreatCloud?

Options:

A.

ThreatCloud is a database-related application which is located on-premise to preserve privacy of company-related data

B.

ThreatCloud is a collaboration platform for all the CheckPoint customers to form a virtual cloud consisting of a combination of all on-premise private cloud environments

C.

ThreatCloud is a collaboration platform for Check Point customers to benefit from VMWare ESXi infrastructure which supports the Threat Emulation Appliances as virtual machines in the EMC Cloud

D.

ThreatCloud is a collaboration platform for all the Check Point customers to share information about malicious and benign files that all of the customers can benefit from as it makes emulation of known files unnecessary

Question 5

What is the valid range for VRID value in VRRP configuration?

Options:

A.

1 - 254

B.

1 - 255

C.

0 - 254

D.

0 - 255

Question 6

What is the recommended number of physical network interfaces in a Mobile Access cluster deployment?

Options:

A.

4 Interfaces – an interface leading to the organization, a second interface leading to the internet, a third interface for synchronization, a fourth interface leading to the Security Management Server.

B.

3 Interfaces – an interface leading to the organization, a second interface leading to the Internet, a third interface for synchronization.

C.

1 Interface – an interface leading to the organization and the Internet, and configure for synchronization.

D.

2 Interfaces – a data interface leading to the organization and the Internet, a second interface for synchronization.

Question 7

What kind of information would you expect to see using the sim affinity command?

Options:

A.

The VMACs used in a Security Gateway cluster

B.

The involved firewall kernel modules in inbound and outbound packet chain

C.

Overview over SecureXL templated connections

D.

Network interfaces and core distribution used for CoreXL

Question 8

What command lists all interfaces using Multi-Queue?

Options:

A.

cpmq get

B.

show interface all

C.

cpmq set

D.

show multiqueue all

Question 9

Which Check Point software blade provides Application Security and identity control?

Options:

A.

Identity Awareness

B.

Data Loss Prevention

C.

URL Filtering

D.

Application Control

Question 10

You notice that your firewall is under a DDoS attack and would like to enable the Penalty Box feature, which command you use?

Options:

A.

sim erdos –e 1

B.

sim erdos – m 1

C.

sim erdos –v 1

D.

sim erdos –x 1

Question 11

To ensure that VMAC mode is enabled, which CLI command should you run on all cluster members?

Options:

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int vmac global param enabled; result of command should return value 1

C.

cphaprob-a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Question 12

What is the SandBlast Agent designed to do?

Options:

A.

Performs OS-level sandboxing for SandBlast Cloud architecture

B.

Ensure the Check Point SandBlast services is running on the end user’s system

C.

If malware enters an end user’s system, the SandBlast Agent prevents the malware from spreading with the network

D.

Clean up email sent with malicious attachments

Question 13

How many layers make up the TCP/IP model?

Options:

A.

2

B.

7

C.

6

D.

4

Question 14

Ken wants to obtain a configuration lock from other administrator on R81 Security Management Server. He can do this via WebUI or via CLI.

Which command should he use in CLI? (Choose the correct answer.)

Options:

A.

remove database lock

B.

The database feature has one command lock database override.

C.

override database lock

D.

The database feature has two commands lock database override and unlock database. Both will work.

Question 15

After the initial installation on Check Point appliance, you notice that the Management-interface and default gateway are incorrect.

Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Options:

A.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default nexthop gateway address 192.168.80.1 onsave config

B.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0. 0.0.0.0 gw 192.168.80.1 onsave config

C.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0set static-route 0.0.0.0. 0.0.0.0 gw 192.168.80.1 onsave config

D.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default nexthop gateway address 192.168.80.1 onsave config

Question 16

Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.

Which of the following statements correctly identify each product's capabilities?

Options:

A.

Workspace supports ios operating system, Android, and WP8, whereas Connect supports ios operating system and Android only

B.

For compliance/host checking, Workspace offers the MDM cooperative enforcement, whereas Connect offers both jailbreak/root detection and MDM cooperative enforcement.

C.

For credential protection, Connect uses One-time Password login support and has no SSO support, whereas Workspace offers both One-Time Password and certain SSO login support.

D.

Workspace can support any application, whereas Connect has a limited number of application types which it will support.

Question 17

Which command would you use to set the network interfaces’ affinity in Manual mode?

Options:

A.

sim affinity -m

B.

sim affinity -l

C.

sim affinity -a

D.

sim affinity -s

Question 18

Office mode means that:

Options:

A.

SecurID client assigns a routable MAC address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.

B.

Users authenticate with an Internet browser and use secure HTTPS connection.

C.

Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.

D.

Allows a security gateway to assign a remote client an IP address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.

Question 19

What CLI command compiles and installs a Security Policy on the target’s Security Gateways?

Options:

A.

fwm compile

B.

fwm load

C.

fwm fetch

D.

fwm install

Question 20

Please choose the path to monitor the compliance status of the Check Point R81.10 based management.

Options:

A.

Gateways & Servers --> Compliance View

B.

Compliance blade not available under R81.10

C.

Logs & Monitor --> New Tab --> Open compliance View

D.

Security & Policies --> New Tab --> Compliance View

Question 21

Fill in the blank: The “fw monitor” tool can be best used to troubleshoot ____________________.

Options:

A.

AV issues

B.

VPN errors

C.

Network traffic issues

D.

Authentication issues

Question 22

With SecureXL enabled, accelerated packets will pass through the following:

Options:

A.

Network Interface Card, OSI Network Layer, OS IP Stack, and the Acceleration Device

B.

Network Interface Card, Check Point Firewall Kernal, and the Acceleration Device

C.

Network Interface Card and the Acceleration Device

D.

Network Interface Card, OSI Network Layer, and the Acceleration Device

Question 23

What is the minimum amount of RAM needed for a Threat Prevention Appliance?

Options:

A.

6 GB

B.

8GB with Gaia in 64-bit mode

C.

4 GB

D.

It depends on the number of software blades enabled

Question 24

One of major features in R81 SmartConsole is concurrent administration.

Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?

Options:

A.

A lock icon shows that a rule or an object is locked and will be available.

B.

AdminA and AdminB are editing the same rule at the same time.

C.

A lock icon next to a rule informs that any Administrator is working on this particular rule.

D.

AdminA, AdminB and AdminC are editing three different rules at the same time.

Question 25

How many policy layers do Access Control policy support?

Options:

A.

2

B.

4

C.

1

D.

3

Question 26

Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.

Which details she need to fill in System Restore window before she can click OK button and test the backup?

Options:

A.

Server, SCP, Username, Password, Path, Comment, Member

B.

Server, TFTP, Username, Password, Path, Comment, All Members

C.

Server, Protocol, Username, Password, Path, Comment, All Members

D.

Server, Protocol, username Password, Path, Comment, Member

Question 27

Which is not a blade option when configuring SmartEvent?

Options:

A.

Correlation Unit

B.

SmartEvent Unit

C.

SmartEvent Server

D.

Log Server

Question 28

What is correct statement about Security Gateway and Security Management Server failover in Check Point R81.X in terms of Check Point Redundancy driven solution?

Options:

A.

Security Gateway failover is an automatic procedure but Security Management Server failover is a manual procedure.

B.

Security Gateway failover as well as Security Management Server failover is a manual procedure.

C.

Security Gateway failover is a manual procedure but Security Management Server failover is an automatic procedure.

D.

Security Gateway failover as well as Security Management Server failover is an automatic procedure.

Question 29

Which path below is available only when CoreXL is enabled?

Options:

A.

Slow path

B.

Firewall path

C.

Medium path

D.

Accelerated path

Question 30

Vanessa is firewall administrator in her company. Her company is using Check Point firewall on a central and several remote locations which are managed centrally by R77.30 Security Management Server. On central location is installed R77.30 Gateway on Open server. Remote locations are using Check Point UTM-1570 series appliances with R75.30 and some of them are using a UTM-1-Edge-X or Edge-W with latest available firmware. She is in process of migrating to R81.

What can cause Vanessa unnecessary problems, if she didn’t check all requirements for migration to R81?

Options:

A.

Missing an installed R77.20 Add-on on Security Management Server

B.

Unsupported firmware on UTM-1 Edge-W appliance

C.

Unsupported version on UTM-1 570 series appliance

D.

Unsupported appliances on remote locations

Question 31

What is not a purpose of the deployment of Check Point API?

Options:

A.

Execute an automated script to perform common tasks

B.

Create a customized GUI Client for manipulating the objects database

C.

Create products that use and enhance the Check Point solution

D.

Integrate Check Point products with 3rd party solution

Question 32

Which SmartConsole tab is used to monitor network and security performance?

Options:

A.

Manage Setting

B.

Security Policies

C.

Gateway and Servers

D.

Logs and Monitor

Question 33

In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

Options:

A.

Accounting

B.

Suppression

C.

Accounting/Suppression

D.

Accounting/Extended

Question 34

You can access the ThreatCloud Repository from:

Options:

A.

R81.10 SmartConsole and Application Wiki

B.

Threat Prevention and Threat Tools

C.

Threat Wiki and Check Point Website

D.

R81.10 SmartConsole and Threat Prevention

Question 35

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

Options:

A.

ThreatWiki

B.

Whitelist Files

C.

AppWiki

D.

IPS Protections

Question 36

During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

Options:

A.

Dropped without sending a negative acknowledgment

B.

Dropped without logs and without sending a negative acknowledgment

C.

Dropped with negative acknowledgment

D.

Dropped with logs and without sending a negative acknowledgment

Question 37

Which file gives you a list of all security servers in use, including port number?

Options:

A.

$FWDIR/conf/conf.conf

B.

$FWDIR/conf/servers.conf

C.

$FWDIR/conf/fwauthd.conf

D.

$FWDIR/conf/serversd.conf

Question 38

Which blades and or features are not supported in R81?

Options:

A.

SmartEvent Maps

B.

SmartEvent

C.

Identity Awareness

D.

SmartConsole Toolbars

Question 39

Which is NOT a SmartEvent component?

Options:

A.

SmartEvent Server

B.

Correlation Unit

C.

Log Consolidator

D.

Log Server

Question 40

What key is used to save the current CPView page in a filename format cpview_”cpview process ID”.cap”number of captures”?

Options:

A.

S

B.

W

C.

C

D.

Space bar

Question 41

Fill in the blank: The R81 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows then as prioritized security events.

Options:

A.

SmartMonitor

B.

SmartView Web Application

C.

SmartReporter

D.

SmartTracker

Question 42

What is UserCheck?

Options:

A.

Messaging tool used to verify a user’s credentials.

B.

Communication tool used to inform a user about a website or application they are trying to access.

C.

Administrator tool used to monitor users on their network.

D.

Communication tool used to notify an administrator when a new user is created.

Question 43

For best practices, what is the recommended time for automatic unlocking of locked admin accounts?

Options:

A.

20 minutes

B.

15 minutes

C.

Admin account cannot be unlocked automatically

D.

30 minutes at least

Question 44

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

Options:

A.

Security Gateway IP-address cannot be changed without re-establishing the trust.

B.

The Security Gateway name cannot be changed in command line without re-establishing trust.

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust.

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust.

Question 45

Which of the following statements is TRUE about R81 management plug-ins?

Options:

A.

The plug-in is a package installed on the Security Gateway.

B.

Installing a management plug-in requires a Snapshot, just like any upgrade process.

C.

A management plug-in interacts with a Security Management Server to provide new features and support for new products.

D.

Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.

Question 46

Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?

Options:

A.

Severity

B.

Automatic reactions

C.

Policy

D.

Threshold

Question 47

Which command is used to set the CCP protocol to Multicast?

Options:

A.

cphaprob set_ccp multicast

B.

cphaconf set_ccp multicast

C.

cphaconf set_ccp no_broadcast

D.

cphaprob set_ccp no_broadcast

Question 48

Which CLI command will reset the IPS pattern matcher statistics?

Options:

A.

ips reset pmstat

B.

ips pstats reset

C.

ips pmstats refresh

D.

ips pmstats reset

Question 49

SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser. What are the two modes of SNX?

Options:

A.

Application and Client Service

B.

Network and Application

C.

Network and Layers

D.

Virtual Adapter and Mobile App

Question 50

Which of the SecureXL templates are enabled by default on Security Gateway?

Options:

A.

Accept

B.

Drop

C.

NAT

D.

None

Question 51

Which of the following authentication methods ARE NOT used for Mobile Access?

Options:

A.

RADIUS server

B.

Username and password (internal, LDAP)

C.

SecurID

D.

TACACS+

Question 52

You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?

Options:

A.

restore_backup

B.

import backup

C.

cp_merge

D.

migrate import

Question 53

Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

Options:

A.

upgrade_import

B.

cpconfig

C.

fwm dbimport -p

D.

cpinfo –recover

Question 54

Connections to the Check Point R81 Web API use what protocol?

Options:

A.

HTTPS

B.

RPC

C.

VPN

D.

SIC

Question 55

Which command shows actual allowed connections in state table?

Options:

A.

fw tab –t StateTable

B.

fw tab –t connections

C.

fw tab –t connection

D.

fw tab connections

Question 56

If you needed the Multicast MAC address of a cluster, what command would you run?

Options:

A.

cphaprob –a if

B.

cphaconf ccp multicast

C.

cphaconf debug data

D.

cphaprob igmp

Question 57

Which command would disable a Cluster Member permanently?

Options:

A.

clusterXL_admin down

B.

cphaprob_admin down

C.

clusterXL_admin down-p

D.

set clusterXL down-p

Question 58

Which is NOT an example of a Check Point API?

Options:

A.

Gateway API

B.

Management API

C.

OPSC SDK

D.

Threat Prevention API

Question 59

Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .

Options:

A.

TCP Port 18190

B.

TCP Port 18209

C.

TCP Port 19009

D.

TCP Port 18191

Question 60

Which statement is true regarding redundancy?

Options:

A.

System Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob –f if command.

B.

ClusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast.

C.

Machines in a ClusterXL High Availability configuration must be synchronized.

D.

Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments.

Question 61

What is the correct command to observe the Sync traffic in a VRRP environment?

Options:

A.

fw monitor –e “accept[12:4,b]=224.0.0.18;”

B.

fw monitor –e “accept port(6118;”

C.

fw monitor –e “accept proto=mcVRRP;”

D.

fw monitor –e “accept dst=224.0.0.18;”

Question 62

Which features are only supported with R81.10 Gateways but not R77.x?

Options:

A.

Access Control policy unifies the Firewall, Application Control & URL Filtering, Data Awareness, and Mobile Access Software Blade policies.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

D.

Time object to a rule to make the rule active only during specified times.

Question 63

Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every

Options:

A.

15 sec

B.

60 sec

C.

5 sec

D.

30 sec

Question 64

Which statement is correct about the Sticky Decision Function?

Options:

A.

It is not supported with either the Performance pack of a hardware based accelerator card

B.

Does not support SPI’s when configured for Load Sharing

C.

It is automatically disabled if the Mobile Access Software Blade is enabled on the cluster

D.

It is not required L2TP traffic

Question 65

Which command can you use to enable or disable multi-queue per interface?

Options:

A.

cpmq set

B.

Cpmqueue set

C.

Cpmq config

D.

St cpmq enable

Question 66

The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?

Options:

A.

add host name ip-address

B.

add hostname ip-address

C.

set host name ip-address

D.

set hostname ip-address

Question 67

To fully enable Dynamic Dispatcher on a Security Gateway:

Options:

A.

run fw ctl multik set_mode 9 in Expert mode and then Reboot.

B.

Using cpconfig, update the Dynamic Dispatcher value to “full” under the CoreXL menu.

C.

Edit/proc/interrupts to include multik set_mode 1 at the bottom of the file, save, and reboot.

D.

run fw multik set_mode 1 in Expert mode and then reboot.

Question 68

On R81.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

Options:

A.

18210

B.

18184

C.

257

D.

18191

Question 69

You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

Options:

A.

Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.

B.

Create a separate Security Policy package for each remote Security Gateway.

C.

Create network objects that restricts all applicable rules to only certain networks.

D.

Run separate SmartConsole instances to login and configure each Security Gateway directly.

Question 70

What is not a component of Check Point SandBlast?

Options:

A.

Threat Emulation

B.

Threat Simulator

C.

Threat Extraction

D.

Threat Cloud

Question 71

Which statement is NOT TRUE about Delta synchronization?

Options:

A.

Using UDP Multicast or Broadcast on port 8161

B.

Using UDP Multicast or Broadcast on port 8116

C.

Quicker than Full sync

D.

Transfers changes in the Kernel tables between cluster members.

Question 72

Session unique identifiers are passed to the web api using which http header option?

Options:

A.

X-chkp-sid

B.

Accept-Charset

C.

Proxy-Authorization

D.

Application

Question 73

Which command will allow you to see the interface status?

Options:

A.

cphaprob interface

B.

cphaprob –I interface

C.

cphaprob –a if

D.

cphaprob stat

Question 74

Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

Options:

A.

50%

B.

75%

C.

80%

D.

15%

Question 75

Advanced Security Checkups can be easily conducted within:

Options:

A.

Reports

B.

Advanced

C.

Checkups

D.

Views

E.

Summary

Question 76

In R81 spoofing is defined as a method of:

Options:

A.

Disguising an illegal IP address behind an authorized IP address through Port Address Translation.

B.

Hiding your firewall from unauthorized users.

C.

Detecting people using false or wrong authentication logins

D.

Making packets appear as if they come from an authorized IP address.

Question 77

What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

Options:

A.

Anti-Bot is the only countermeasure against unknown malware

B.

Anti-Bot is the only protection mechanism which starts a counter-attack against known Command & Control Centers

C.

Anti-Bot is the only signature-based method of malware protection.

D.

Anti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command & Control Center.

Question 78

The Firewall kernel is replicated multiple times, therefore:

Options:

A.

The Firewall kernel only touches the packet if the connection is accelerated

B.

The Firewall can run different policies per core

C.

The Firewall kernel is replicated only with new connections and deletes itself once the connection times out

D.

The Firewall can run the same policy on all cores.

Question 79

To help SmartEvent determine whether events originated internally or externally you must define using the Initial Settings under General Settings in the Policy Tab. How many options are available to calculate the traffic direction?

Options:

A.

5 Network; Host; Objects; Services; API

B.

3 Incoming; Outgoing; Network

C.

2 Internal; External

D.

4 Incoming; Outgoing; Internal; Other

Question 80

In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

Options:

A.

Big l

B.

Little o

C.

Little i

D.

Big O

Question 81

Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?

Options:

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies ae sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Question 82

Which command lists all tables in Gaia?

Options:

A.

fw tab –t

B.

fw tab –list

C.

fw-tab –s

D.

fw tab -1

Question 83

You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Options:

A.

fw ctl multik dynamic_dispatching on

B.

fw ctl multik dynamic_dispatching set_mode 9

C.

fw ctl multik set_mode 9

D.

fw ctl multik pq enable

Question 84

How many images are included with Check Point TE appliance in Recommended Mode?

Options:

A.

2(OS) images

B.

images are chosen by administrator during installation

C.

as many as licensed for

D.

the newest image

Question 85

What has to be taken into consideration when configuring Management HA?

Options:

A.

The Database revisions will not be synchronized between the management servers

B.

SmartConsole must be closed prior to synchronized changes in the objects database

C.

If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections.

D.

For Management Server synchronization, only External Virtual Switches are supported. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.

Question 86

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

Options:

A.

Detects and blocks malware by correlating multiple detection engines before users are affected.

B.

Configure rules to limit the available network bandwidth for specified users or groups.

C.

Use UserCheck to help users understand that certain websites are against the company’s security policy.

D.

Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Question 87

What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

Options:

A.

Stateful Mode

B.

VPN Routing Mode

C.

Wire Mode

D.

Stateless Mode

Question 88

What Factor preclude Secure XL Templating?

Options:

A.

Source Port Ranges/Encrypted Connections

B.

IPS

C.

ClusterXL in load sharing Mode

D.

CoreXL

Question 89

What is the most recommended way to install patches and hotfixes?

Options:

A.

CPUSE Check Point Update Service Engine

B.

rpm -Uv

C.

Software Update Service

D.

UnixinstallScript

Question 90

When an encrypted packet is decrypted, where does this happen?

Options:

A.

Security policy

B.

Inbound chain

C.

Outbound chain

D.

Decryption is not supported

Question 91

Which directory below contains log files?

Options:

A.

/opt/CPSmartlog-R81/log

B.

/opt/CPshrd-R81/log

C.

/opt/CPsuite-R81/fw1/log

D.

/opt/CPsuite-R81/log

Question 92

What processes does CPM control?

Options:

A.

Object-Store, Database changes, CPM Process and web-services

B.

web-services, CPMI process, DLEserver, CPM process

C.

DLEServer, Object-Store, CP Process and database changes

D.

web_services, dle_server and object_Store

Question 93

SandBlast appliances can be deployed in the following modes:

Options:

A.

using a SPAN port to receive a copy of the traffic only

B.

detect only

C.

inline/prevent or detect

D.

as a Mail Transfer Agent and as part of the traffic flow only

Question 94

The following command is used to verify the CPUSE version:

Options:

A.

HostName:0>show installer status build

B.

[Expert@HostName:0]#show installer status

C.

[Expert@HostName:0]#show installer status build

D.

HostName:0>show installer build

Question 95

What is the benefit of “tw monitor” over “tcpdump”?

Options:

A.

“fw monitor” reveals Layer 2 information, while “tcpdump” acts at Layer 3.

B.

“fw monitor” is also available for 64-Bit operating systems.

C.

With “fw monitor”, you can see the inspection points, which cannot be seen in “tcpdump”

D.

“fw monitor” can be used from the CLI of the Management Server to collect information from multiple gateways.

Question 96

You need to see which hotfixes are installed on your gateway, which command would you use?

Options:

A.

cpinfo –h all

B.

cpinfo –o hotfix

C.

cpinfo –l hotfix

D.

cpinfo –y all

Question 97

What is the purpose of Priority Delta in VRRP?

Options:

A.

When a box up, Effective Priority = Priority + Priority Delta

B.

When an Interface is up, Effective Priority = Priority + Priority Delta

C.

When an Interface fail, Effective Priority = Priority – Priority Delta

D.

When a box fail, Effective Priority = Priority – Priority Delta

Question 98

Which GUI client is supported in R81?

Options:

A.

SmartProvisioning

B.

SmartView Tracker

C.

SmartView Monitor

D.

SmartLog

Question 99

You have existing dbedit scripts from R77. Can you use them with R81.10?

Options:

A.

dbedit is not supported in R81.10

B.

dbedit is fully supported in R81.10

C.

You can use dbedit to modify threat prevention or access policies, but not create or modify layers

D.

dbedit scripts are being replaced by mgmt_cli in R81.10

Question 100

You are investigating issues with to gateway cluster members are not able to establish the first initial cluster synchronization. What service is used by the FWD daemon to do a Full Synchronization?

Options:

A.

TCP port 443

B.

TCP port 257

C.

TCP port 256

D.

UDP port 8116

Question 101

Which one of the following is true about Threat Emulation?

Options:

A.

Takes less than a second to complete

B.

Works on MS Office and PDF files only

C.

Always delivers a file

D.

Takes minutes to complete (less than 3 minutes)

Question 102

Which Check Point daemon monitors the other daemons?

Options:

A.

fwm

B.

cpd

C.

cpwd

D.

fwssd

Question 103

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

Options:

A.

fwd

B.

fwm

C.

cpd

D.

cpwd

Question 104

How do Capsule Connect and Capsule Workspace differ?

Options:

A.

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications.

B.

Capsule Workspace can provide access to any application.

C.

Capsule Connect provides Business data isolation.

D.

Capsule Connect does not require an installed application at client.

Question 105

SmartEvent does NOT use which of the following procedures to identify events:

Options:

A.

Matching a log against each event definition

B.

Create an event candidate

C.

Matching a log against local exclusions

D.

Matching a log against global exclusions

Question 106

To add a file to the Threat Prevention Whitelist, what two items are needed?

Options:

A.

File name and Gateway

B.

Object Name and MD5 signature

C.

MD5 signature and Gateway

D.

IP address of Management Server and Gateway

Question 107

The Correlation Unit performs all but the following actions:

Options:

A.

Marks logs that individually are not events, but may be part of a larger pattern to be identified later.

B.

Generates an event based on the Event policy.

C.

Assigns a severity level to the event.

D.

Takes a new log entry that is part of a group of items that together make up an event, and adds it to an ongoing event.

Question 108

What component of R81 Management is used for indexing?

Options:

A.

DBSync

B.

API Server

C.

fwm

D.

SOLR

Question 109

What is considered Hybrid Emulation Mode?

Options:

A.

Manual configuration of file types on emulation location.

B.

Load sharing of emulation between an on premise appliance and the cloud.

C.

Load sharing between OS behavior and CPU Level emulation.

D.

High availability between the local SandBlast appliance and the cloud.

Question 110

When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?

Options:

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20GB

D.

At least 20GB

Question 111

Which of the following is NOT a component of Check Point Capsule?

Options:

A.

Capsule Docs

B.

Capsule Cloud

C.

Capsule Enterprise

D.

Capsule Workspace

Question 112

SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?

Options:

A.

Threat Emulation

B.

Mobile Access

C.

Mail Transfer Agent

D.

Threat Cloud

Question 113

: 156

VPN Link Selection will perform the following when the primary VPN link goes down?

Options:

A.

The Firewall will drop the packets.

B.

The Firewall can update the Link Selection entries to start using a different link for the same tunnel.

C.

The Firewall will send out the packet on all interfaces.

D.

The Firewall will inform the client that the tunnel is down.

Question 114

Traffic from source 192.168.1.1 is going to The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enabled which path is handling the traffic?

Options:

A.

Slow Path

B.

Medium Path

C.

Fast Path

D.

Accelerated Path

Question 115

For Management High Availability, which of the following is NOT a valid synchronization status?

Options:

A.

Collision

B.

Down

C.

Lagging

D.

Never been synchronized

Question 116

Please choose correct command to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

Options:

A.

host name myHost12 ip-address 10.50.23.90

B.

mgmt: add host name ip-address 10.50.23.90

C.

add host name emailserver1 ip-address 10.50.23.90

D.

mgmt: add host name emailserver1 ip-address 10.50.23.90

Question 117

SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?

Options:

A.

Analyzes each log entry as it arrives at the log server according to the Event Policy. When a threat pattern is identified, an event is forwarded to the SmartEvent Server.

B.

Correlates all the identified threats with the consolidation policy.

C.

Collects syslog data from third party devices and saves them to the database.

D.

Connects with the SmartEvent Client when generating threat reports.

Question 118

How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

Options:

A.

Install appliance TE250X on SpanPort on LAN switch in MTA mode.

B.

Install appliance TE250X in standalone mode and setup MTA.

C.

You can utilize only Check Point Cloud Services for this scenario.

D.

It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance.

Question 119

How do you enable virtual mac (VMAC) on-the-fly on a cluster member?

Options:

A.

cphaprob set int fwha_vmac_global_param_enabled 1

B.

clusterXL set int fwha_vmac_global_param_enabled 1

C.

fw ctl set int fwha_vmac_global_param_enabled 1

D.

cphaconf set int fwha_vmac_global_param_enabled 1

Question 120

An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?

Options:

A.

He can use the fw accel stat command on the gateway.

B.

He can use the fw accel statistics command on the gateway.

C.

He can use the fwaccel stat command on the Security Management Server.

D.

He can use the fwaccel stat command on the gateway

Question 121

Security Checkup Summary can be easily conducted within:

Options:

A.

Summary

B.

Views

C.

Reports

D.

Checkups

Question 122

After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?

Options:

A.

cvpnd_restart

B.

cvpnd_restart

C.

cvpnd restart

D.

cvpnrestart

Question 123

What API command below creates a new host with the name “New Host” and IP address of “192.168.0.10”?

Options:

A.

new host name “New Host” ip-address “192.168.0.10”

B.

set host name “New Host” ip-address “192.168.0.10”

C.

create host name “New Host” ip-address “192.168.0.10”

D.

add host name “New Host” ip-address “192.168.0.10”

Question 124

Which of the following is NOT a type of Check Point API available in R81.x?

Options:

A.

Identity Awareness Web Services

B.

OPSEC SDK

C.

Mobile Access

D.

Management

Question 125

Which one of the following is true about Threat Extraction?

Options:

A.

Always delivers a file to user

B.

Works on all MS Office, Executables, and PDF files

C.

Can take up to 3 minutes to complete

D.

Delivers file only if no threats found

Question 126

Which command shows detailed information about VPN tunnels?

Options:

A.

cat $FWDIR/conf/vpn.conf

B.

vpn tu tlist

C.

vpn tu

D.

cpview

Question 127

Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?

Options:

A.

$FWDIR/database/fwauthd.conf

B.

$FWDIR/conf/fwauth.conf

C.

$FWDIR/conf/fwauthd.conf

D.

$FWDIR/state/fwauthd.conf

Question 128

What is a best practice before starting to troubleshoot using the “fw monitor” tool?

Options:

A.

Run the command: fw monitor debug on

B.

Clear the connections table

C.

Disable CoreXL

D.

Disable SecureXL

Question 129

To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?

Options:

A.

Accept Template

B.

Deny Template

C.

Drop Template

D.

NAT Template

Question 130

What is mandatory for ClusterXL to work properly?

Options:

A.

The number of cores must be the same on every participating cluster node

B.

The Magic MAC number must be unique per cluster node

C.

The Sync interface must not have an IP address configured

D.

If you have “Non-monitored Private” interfaces, the number of those interfaces must be the same on all cluster members

Question 131

When setting up an externally managed log server, what is one item that will not be configured on the R81 Security Management Server?

Options:

A.

IP

B.

SIC

C.

NAT

D.

FQDN

Question 132

What is the protocol and port used for Health Check and State Synchronization in ClusterXL?

Options:

A.

CCP and 18190

B.

CCP and 257

C.

CCP and 8116

D.

CPC and 8116

Question 133

Alice knows about the Check Point Management HA installation from Bob and needs to know which Check Point Security Management Server is currently capable of issuing and managing certificate. Alice uses the Check Point command "cpconfig'' to run the Check Point Security Management Server configuration tool on both Check Point Management HA instances "Primary & Secondary" Which configuration option does she need to look for:

Options:

A.

Certificate's Fingerprint

B.

Random Pool

C.

CA Authority

D.

Certificate Authority

Question 134

Within the Check Point Firewall Kernel resides Chain Modules, which are individually responsible for the

inspection of a specific blade or feature that has been enabled in the configuration of the gateway. For Wire

mode configuration, chain modules marked with _______ will not apply.

Options:

A.

ffffffff

B.

00000001

C.

00000002

D.

00000003

Question 135

What is the purpose of the CPCA process?

Options:

A.

Monitoring the status of processes.

B.

Sending and receiving logs.

C.

Communication between GUI clients and the SmartCenter server.

D.

Generating and modifying certificates.

Question 136

You need to change the MAC-address on eth2 interface of the gateway. What is the correct way to change MAC-address in Check Point Gaia?

Options:

A.

In CLISH run: set interface eth2 mac-addr 11:11:11:11:11:11

B.

In expert-mode run ifconfig eth1 hw 11:11:11:11 11 11

C.

In CLISH run set interface eth2 hw-addr 11 11 11:11:11 11

D.

In expert-mode run: ethtool -4 eth2 mac 11 11:11:11:11:11

Question 137

What solution is multi-queue intended to provide?

Options:

A.

Improve the efficiency of traffic handling by SecureXL SNDs

B.

Reduce the confusion for traffic capturing in FW Monitor

C.

Improve the efficiency of CoreXL Kernel Instances

D.

Reduce the performance of network interfaces

Question 138

The back-end database for Check Point R81 Management uses:

Options:

A.

DBMS

B.

MongoDB

C.

PostgreSQL

D.

MySQL

Question 139

Bob is asked by Alice to disable the SecureXL mechanism temporary tor further diagnostic by their Check Point partner. Which of the following Check Point Command is true:

Options:

A.

fwaccel suspend

B.

fwaccel standby

C.

fwaccel off

D.

fwaccel templates

Question 140

To optimize Rule Base efficiency, the most hit rules should be where?

Options:

A.

Removed from the Rule Base.

B.

Towards the middle of the Rule Base.

C.

Towards the top of the Rule Base.

D.

Towards the bottom of the Rule Base.

Question 141

What are the available options for downloading Check Point hotfixes in Gala WebUI (CPUSE)?

Options:

A.

Manually, Scheduled, Automatic

B.

Manually, Automatic, Disabled

C.

Manually, Scheduled, Disabled

D.

Manually, Scheduled, Enabled

Question 142

SandBlast agent extends 0-day prevention to what part of the network?

Options:

A.

Web Browsers and user devices

B.

DMZ server

C.

Cloud

D.

Email servers

Question 143

In which deployment is the security management server and Security Gateway installed on the same appliance?

Options:

A.

Standalone

B.

Remote

C.

Distributed

D.

Bridge Mode

Question 144

What is the command to check the status of Check Point processes?

Options:

A.

top

B.

cptop

C.

cphaprob list

D.

cpwd_admin list

Question 145

Fill in the blanks: Gaia can be configured using the ______ or _____ .

Options:

A.

GaiaUI; command line interface

B.

WebUI; Gaia Interface

C.

Command line interface; WebUI

D.

Gaia Interface; GaiaUI

Question 146

What are the two ClusterXL Deployment options?

Options:

A.

Distributed and Full High Availability

B.

Broadcast and Multicast Mode

C.

Distributed and Standalone

D.

Unicast and Multicast Mode

Question 147

How is communication between different Check Point components secured in R81? As with all questions, select the BEST answer.

Options:

A.

By using IPSEC

B.

By using SIC

C.

By using ICA

D.

By using 3DES

Question 148

Which of the following is NOT an attribute of packet acceleration?

Options:

A.

Source address

B.

Protocol

C.

Destination port

D.

VLAN Tag

Question 149

When detected, an event can activate an Automatic Reaction. The SmartEvent administrator can create and configure one Automatic Reaction, or many, according to the needs of the system. Which of the following statement is false and NOT part of possible automatic reactions:

Options:

A.

Syslog

B.

SNMPTrap

C.

Block Source

D.

Mail

Question 150

How to can you make sure that the old logs will be available after updating the Management to version R81.10 using the Advanced Upgrade Method?

Options:

A.

Use the WebUI -> Maintenance > System Backup and store the backup on a remote FTP server

B.

The logs will be included running SFWDIR/scripts/migrate_server export -v R81.10

C.

Use the WebUI to save a snapshot before updating the Management -> Maintenance > Snapshot Management

D.

Use the migrate_server tool with the option '-I' for the logs and '-x' for the index

Question 151

Alice & Bob are going to use Management Data Plane Separation and therefore the routing separation needs to be enabled. Which of the following command is true for enabling the Management Data Plane Separation (MDPS):

Options:

A.

set mdps split brain on

B.

set mdps split plane on

C.

set mdps mgmt plane on

D.

set mdps data plane off

Question 152

The “MAC magic” value must be modified under the following condition:

Options:

A.

There is more than one cluster connected to the same VLAN

B.

A firewall cluster is configured to use Multicast for CCP traffic

C.

There are more than two members in a firewall cluster

D.

A firewall cluster is configured to use Broadcast for CCP traffic

Question 153

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to “None”?

Options:

A.

No, it will work independently. Hit Count will be shown only for rules Track option set as Log or alert.

B.

Yes it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway.

C.

No, it will not work independently because hit count requires all rules to be logged.

D.

Yes it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways.

Question 154

While using the Gaia CLI. what is the correct command to publish changes to the management server?

Options:

A.

json publish

B.

mgmt publish

C.

mgmt_cli commit

D.

commit

Question 155

What is the SOLR database for?

Options:

A.

Used for full text search and enables powerful matching capabilities

B.

Writes data to the database and full text search

C.

Serves GUI responsible to transfer request to the DLE server

D.

Enables powerful matching capabilities and writes data to the database

Question 156

What are possible Automatic Reactions in SmartEvent?

Options:

A.

Mail. SNMP Trap, Block Source. Block Event Activity, External Script

B.

Web Mail. Block Destination, SNMP Trap. SmartTask

C.

Web Mail, Block Service. SNMP Trap. SmartTask, Geo Protection

D.

Web Mail, Forward to SandBlast Appliance, SNMP Trap, External Script

Question 157

Which Check Point software blade provides protection from zero-day and undiscovered threats?

Options:

A.

Firewall

B.

Threat Emulation

C.

Application Control

D.

Threat Extraction

Question 158

You pushed a policy to your gateway and you cannot access the gateway remotely any more. What command should you use to remove the policy from the gateway by logging in through console access?

Options:

A.

"fw cpstop"

B.

"fw unloadlocal"

C.

"fwundo"

D.

"fw unloadpolicy''

Question 159

SmartEvent Security Checkups can be run from the following Logs and Monitor activity:

Options:

A.

Reports

B.

Advanced

C.

Checkups

D.

Views

Question 160

What is the default size of NAT table fwx_alloc?

Options:

A.

20000

B.

35000

C.

25000

D.

10000

Question 161

What mechanism can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources?

Options:

A.

The corresponding feature is new to R81.10 and is called "Management Data Plane Separation"

B.

The corresponding feature is called "Dynamic Dispatching"

C.

There is a feature for ensuring stable connectivity to the management server and is done via Priority Queuing.

D.

The corresponding feature is called "Dynamic Split"

Question 162

When performing a minimal effort upgrade, what will happen to the network traffic?

Options:

A.

All connections that were Initiated before the upgrade will be dropped, causing network downtime.

B.

All connections that were initiated before the upgrade will be handled by the active gateway

C.

All connections that were initiated before the upgrade will be handled normally

D.

All connections that were initiated before the upgrade will be handled by the standby gateway

Question 163

A user complains that some Internet resources are not available. The Administrator is having issues seeing it packets are being dropped at the firewall (not seeing drops in logs). What is the solution to troubleshoot the issue?

Options:

A.

run fw unloadlocal" on the relevant gateway and check the ping again

B.

run "cpstop" on the relevant gateway and check the ping again

C.

run ‘’fw log" on the relevant gateway

D.

run ‘’fw ctl zdebug drop" on the relevant gateway

Question 164

Main Mode in IKEv1 uses how many packages for negotiation?

Options:

A.

4

B.

depends on the make of the peer gateway

C.

3

D.

6

Question 165

To find records in the logs that shows log records from the Application & URL Filtering Software Blade where traffic was dropped, what would be the query syntax?

Options:

A.

blada: application control AND action:drop

B.

blade."application control AND action;drop

C.

(blade: application control AND action;drop)

D.

blade;"application control AND action:drop

Question 166

Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

Options:

A.

Both License (.lic) and Contract (.xml) files

B.

cp.macro

C.

Contract file (.xml)

D.

license File (.lic)

Question 167

According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory. Which process is true for receiving these Tiles;

Options:

A.

FWD

B.

CPD

C.

FWM

D.

RAD

Question 168

When using the Mail Transfer Agent, where are the debug logs stored?

Options:

A.

$FWDIR/bin/emaild.mta. elg

B.

$FWDIR/log/mtad elg

C.

/var/log/mail.mta elg

D.

$CPDIR/log/emaild elg

Question 169

You have used the SmartEvent GUI to create a custom Event policy. What is the best way to display the correlated Events generated by SmartEvent Policies?

Options:

A.

Open SmartView Monitor and select the SmartEvent Window from the main menu.

B.

In the SmartConsole / Logs & Monitor --> open the Logs View and use type:Correlated as query filter.

C.

In the SmartConsole / Logs & Monitor -> open a new Tab and select External Apps / SmartEvent.

D.

Select the Events tab in the SmartEvent GUI or use the Events tab in the SmartView web interface.

Question 170

When defining QoS global properties, which option below is not valid?

Options:

A.

Weight

B.

Authenticated timeout

C.

Schedule

D.

Rate

Question 171

Firewall polices must be configured to accept VRRP packets on the GAiA platform if it Firewall software. The Multicast destination assigned by the internet Assigned Number Authority (IANA) for VRRP is:

Options:

A.

224.0.0.18

B.

224 00 5

C.

224.0.0.102

D.

224.0.0.22

Question 172

If SecureXL is disabled which path is used to process traffic?

Options:

A.

Passive path

B.

Medium path

C.

Firewall path

D.

Accelerated path

Question 173

Which two Identity Awareness daemons are used to support identity sharing?

Options:

A.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

B.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

C.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

D.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Question 174

After having saved the Cllsh Configuration with the "save configuration config.txt* command, where can you find the config.txt file?

Options:

A.

You will find it in the home directory of your usef account (e.g. /home/admirV)

B.

You can locate the file via SmartConsole > Command Line.

C.

You have to launch the WebUl and go to "Config" -> "Export Conflg File" and specifly the destination directory of your local tile system

D.

You cannot locate the file in the file system sine© Clish does not have any access to the bash fie system

Question 175

What are the services used for Cluster Synchronization?

Options:

A.

256H-CP tor Full Sync and 8116/UDP for Delta Sync

B.

8116/UDP for Full Sync and Delta Sync

C.

TCP/256 for Full Sync and Delta Sync

D.

No service needed when using Broadcast Mode

Page: 1 / 62
Total 617 questions