Which of the following cannot be configured in an Access Role Object?
Answer : D
The verified answer is D) Time.
An Access Role object is a logical representation of a set of users, machines, or networks that can be used in the security policy1. An Access Role object can include the following components1:
Networks: IP addresses or network objects that define the source or destination of the traffic.
Machines: Specific hosts or machine groups that are identified by their MAC addresses or certificates.
Users: Specific users or user groups that are authenticated by one or more identity sources, such as Active Directory, LDAP, or Identity Awareness.
Time is not a component of an Access Role object, and it cannot be configured in it. Time is a separate object type that can be used to define the validity period of a rule or a policy2.
LDAP group vs Access role objects - Check Point CheckMates3
THE IMPORTANCE OF ACCESS ROLES - Check Point Software1
Time Objects - Check Point Software2
Which one of the following is true about Threat Extraction?
Answer : A
Threat Extraction is a software blade that always delivers a file to user. Threat Extraction removes or sanitizes the active content from the files and converts them to PDF format, which is safer and more compatible. Threat Extraction can also work together with Threat Emulation to provide both clean and original files to the users. Threat Extraction works on MS Office, PDF, and archive files, but not on executables. Threat Extraction can take up to 3 minutes to complete, depending on the file size and complexity. Reference:Check Point Security Expert R81 Course,Threat Extraction Administration Guide
Why would an administrator see the message below?

Answer : B
A Policy Package is a set of rules and settings that define how a Security Gateway enforces security on traffic that passes through it. A Policy Package can be created on either the Management Server or the Security Gateway, but it must be installed on both to take effect. When a new Policy Package is created on the Management Server, it must be installed on an existing Security Gateway that has a different Policy Package installed. The message below warns the administrator that installing a new Policy Package will overwrite the existing one on the Security Gateway.
https://www.bing.com/images/blob?bcid=qMoRhR0dzSkGmg
The message also advises the administrator to back up their existing configuration before proceeding with the installation.
Which of the following is NOT a component of Check Point Capsule?
Answer : C
Check Point Capsule is a suite of solutions designed to provide comprehensive mobile security and secure access. The components of Check Point Capsule include:
Capsule Docs (Option A): A component that secures document sharing and protects sensitive data.
Capsule Cloud (Option B): A component that provides cloud-based security services.
Capsule Workspace (Option D): A component that provides secure workspace on mobile devices.
Option C, 'Capsule Enterprise,' is not a recognized component of Check Point Capsule based on the available information. Therefore, it is the correct answer as the component that is NOT part of Check Point Capsule.
How can you see historical data with cpview?
Answer : C
To see historical data with cpview, you can use the cpview -t <timestamp> command, where <timestamp> is the date and time you want to view. For example, cpview -t Jan 01 2023 12:00:00 will show you the cpview data for January 1st, 2023 at noon. You can also enter a partial date, such as Jan 02, to see the data for the whole day.This feature is available in R77.10 and higher versions of Check Point software1.You can also access the historical data by pressing the ''t'' key while running cpview in live mode and entering the desired date and time1.The historical data is stored in the CPViewDB.dat file in the /var/log/CPView_history directory on your gateway2.You can export this file and import it into other tools for visualization, such as Grafana3.
Office mode means that:
Answer : D
Office mode is a feature that allows a security gateway to assign a remote client an IP address from a network that is protected by the security gateway. This way, the remote client can access resources on the internal network as if it was physically connected to it. The IP address is assigned to the remote client after the user authenticates for a tunnel, and it is routable, meaning that it can be reached by other hosts on the network.Office mode is useful for scenarios where the remote client needs to use applications that rely on IP addresses, such as VoIP or file sharing12.
What is the most ideal Synchronization Status for Security Management Server High Availability deployment?
Answer : B
The most ideal Synchronization Status for Security Management Server High Availability deployment isSynchronized. Security Management Server High Availability deployment is a feature that allows two or more Security Management Servers to provide redundancy and load balancing for managing security policies and logs. Synchronization Status is a parameter that indicates how up-to-date the databases of the Security Management Servers are with each other. Synchronization Status can have one of the following values: Synchronized, Lagging, Never been synchronized, or Collision. Synchronized means that the databases of all Security Management Servers are identical and have no conflicts. This is the most ideal status as it ensures consistency and reliability of security management. Lagging means that one or more Security Management Servers have not received all the updates from other Security Management Servers, and their databases are outdated. Never been synchronized means that one or more Security Management Servers have never synchronized their databases with other Security Management Servers, and their databases are independent.Collision means that one or more Security Management Servers have received conflicting updates from other Security Management Servers, and their databases have discrepancies.