156-115 Check Point Certified Security Master - Final Exam Set 1

Secure Your Platform configuration must be set up manually a static NAT entry. After the creation of the correct NAT rule, what stage is to be completed?


Options are :

  • Edit the file netconf.conf.
  • None
  • Edit or create a file discntd.if.
  • No further action is required.
  • Edit or create a file local.arp. (Correct)

Answer : Edit or create a file local.arp.

156-315.77 Check Point Certified Security Expert Exam Set 2

What command would give you a summary of all available tables in the kernel firewall?


Options are :

  • FW tab -h
  • FW tab
  • FW tab -o
  • None
  • FW tab -S (Correct)

Answer : FW tab -S

Where FW monitor output you would see the source address translation occur in cases of automatic Hide NAT?


Options are :

  • and between
  • Hide NAT does not adjust the source IP
  • and between
  • None
  • and between (Correct)

Answer : and between

Which commands are properly set the debug level to maximum, and then run a policy to install the debugging mode policy Standard Gateway-GW from R77 Gaia Management Server?


Options are :

  • export TDERROR_ALL_ALL = 5 FWM A load-GW standard
  • None
  • setenv TDERROR_ALL_ALL = 5fwm load GW-A Standard
  • setenv TDERROR_ALL_ALL = 5 FWM Constant A load-GW
  • export TDERROR_ALL_ALL = 5 FWM Standard A load-GW (Correct)

Answer : export TDERROR_ALL_ALL = 5 FWM Standard A load-GW

156-215.70 Check Point Certified Security Administrator Exam Set 4

In carrying out the FWM debug, which directory the logs are written?


Options are :

  • $ FWDIR / log
  • $ CPDIR / log / fwm.elg
  • None
  • $ FWDIR / conf / fwm.elg
  • $ FWDIR / log / fwm.elg (Correct)

Answer : $ FWDIR / log / fwm.elg

What command would you use to look at which debugs set the current working environment?


Options are :

  • cat / proc / etc
  • to take
  • FW ctl debug all
  • None
  • env and FW debug ctl (Correct)

Answer : env and FW debug ctl

While troubleshooting DHCP problem, you have a fw ctl zdebug drop and see the following output :; [Cpu_1] [fw_0]; fw_log_drop: Packet proto = 17 10.216.14.108:67> 172.31.2.1:67 decreased fw_handle_first_packet Cause: fwconn_init_links (incoming) failed; Where 10.216.14.108 is the IP address of the DHCP server, and 172.31.2.1 is a VIP Cluster. What is the most likely cause for this drop?


Options are :

  • Outgoing due to the collision rule base to check, and fell to incorrectly specifying the DHCP firewall policy.
  • None
  • Link to the collision due to multiple NAT symbolic link is created links coming back from a DHCP server back to the cluster VIP. (Correct)
  • Incoming collision due to pre-existing table of links check connections.
  • Link to a collision, because more than one NAT symbolic link is created for outbound connections to the DHCP server.

Answer : Link to the collision due to multiple NAT symbolic link is created links coming back from a DHCP server back to the cluster VIP.

156-315.77 Check Point Certified Security Expert Exam Set 4

Which process should debug SmartDashboard when authentication is rejected?


Options are :

  • cpd
  • FWM (Correct)
  • fwd
  • DAService
  • None

Answer : FWM

Which of the following best describes the command FW CTL chain function?


Options are :

  • Find out if the VPN Security Associations are being established.
  • None
  • And incoming and outgoing of the core modules and the order in which they are used. (Correct)
  • View the connections established connections in the table.
  • To see how CoreXL distributes traffic among the firewall kernel instances.

Answer : And incoming and outgoing of the core modules and the order in which they are used.

When you run the installation status window of the database is filled with large amounts of text. What could be the reason?


Options are :

  • There is an active debug is the Smart Console.
  • It is an environment variable set TDERROR_ALL_ALL gateway.
  • There is an active debug is a four-wave mixing process. (Correct)
  • None
  • It is active in the FW running on the screen.

Answer : There is an active debug is a four-wave mixing process.

156-315.77 Check Point Certified Security Expert Exam Set 1

When troubleshooting, and try to understand the chain of causes of the problem is the security gateway, use the command:


Options are :

  • FW ctl zdebug drop
  • FW tab connections
  • FW ctl chain
  • FW follow -e "to accept;" -p all (Correct)
  • None

Answer : FW follow -e "to accept;" -p all

What is a VPN limited number of directions, which can be configured in one rule?


Options are :

  • None
  • It is limited to the amount of the communities present in the dashboard.
  • You may assign one direction towards the rule.
  • There is no limit. (Correct)
  • Once you have set up ten you will need to use a standard two-way shape.

Answer : There is no limit.

Remote VPN can initiate connections to internal hosts, but the internal hosts can not initiate connections to remote VPN, even if the policy is configured to allow it. Do you think this is due to NAT. What command can be run whether NAT is scheduled package?


Options are :

  • FW ctl Pstat
  • Remote VPN can initiate connections to internal hosts, but the internal hosts can not initiate connections to remote VPN, even if the policy is configured to allow it. Do you think this is due to NAT. What command can be run whether NAT is scheduled package?
  • fwaccel Statistics MISP
  • None
  • fw ctl debug -m + fw total packet drop xlate xltrc nat (Correct)

Answer : fw ctl debug -m + fw total packet drop xlate xltrc nat

Check Point Certified Security Administrator Set 5

The command FW CTL kdebug <parameter> is used:


Options are :

  • None
  • list of enabled debug parameters.
  • read debug the kernel buffer to obtain the debug messages. (Correct)
  • select certain core modules error correction.
  • allow the kernel debugger.

Answer : read debug the kernel buffer to obtain the debug messages.

There are debugging session, and you have set the debug environment TDERROR_ALL_ALL = 5 command to export TDERROR_ALL_ALL = 5. How to restore the error correction value of the default values?


Options are :

  • w ctl debug 0x1ffffe0
  • FW debug 0x1ffffe0
  • unset TDERROR_ALL_ALL (Correct)
  • None
  • export TDERROR_ALL_ALL

Answer : unset TDERROR_ALL_ALL

The command FW p follow all the displays what kind of information?


Options are :

  • #NAME?
  • None
  • It records all points of the chain packet passes through the firewall core. (Correct)
  • This is not a valid command.
  • It will capture the firewall to monitor all the interfaces.

Answer : It records all points of the chain packet passes through the firewall core.

Check Point Certified Security Expert Exam Set 2

What the directory below includes URL filtering engine update info? Here you can also go to see the status of URL filtering and application control update


Options are :

  • $ FWDIR / father-in / urlf
  • $ FWDIR / father-in / update (Correct)
  • $ FWDIR / update / father in law
  • None
  • $ FWDIR / urlf / update

Answer : $ FWDIR / father-in / update

You are trying to create an FTP session, a computer and a remote server, but it was not successful. Do you think the problem may be due to IPS. Viewing SmartView Tracker shows no drops. How to confirm if the traffic is actually being dropped by the gateway?


Options are :

  • Run fw monitor packet capture gateway.
  • None
  • Look at the SmartView Monitor partly understand why itâ € YS without interruption.
  • Use the links table in this regard.
  • Run FW CTL zdebug drop gateway. (Correct)

Answer : Run FW CTL zdebug drop gateway.

How Targeted Targeted Enforcement Enforcement Rule is used only for the first packet of the connection, such as packages in the opposite direction.manage later Packet Inspection?


Options are :

  • Directed Implementation is planned trusted traffic and therefore have not been inspected
  • Directed Enforcement shall apply for all packages.
  • None
  • Directed Enforcementâ € applies only to the first packet of the connection, but does not include packets in the opposite direction.
  • Directional Enforcement is used only for the first packet of the connection, including the packets in the opposite direction. (Correct)

Answer : Directional Enforcement is used only for the first packet of the connection, including the packets in the opposite direction.

156-215.70 Check Point Certified Security Administrator Exam Set 5

Which of the following does not belong to columns of chain modules?


Options are :

  • Incoming / Outgoing chain (Correct)
  • module location
  • function Pointer
  • None
  • chain place

Answer : Incoming / Outgoing chain

When you are finished running the management server debug command debug FW four-wave mixing on how to debug this off?


Options are :

  • FWM debug off
  • FW debug FWM off (Correct)
  • None
  • FW debug ctl off
  • FW debug off

Answer : FW debug FWM off

What Causes Early SIP NAT chain module to appear in the chain?


Options are :

  • SIP is configured IPS.
  • None
  • VOIP domain name is configured.
  • SIP traffic trying to pass through the firewall.
  • By default, the SIP service used rule base. (Correct)

Answer : By default, the SIP service used rule base.

156-315.77 Check Point Certified Security Expert Exam Set 9

Every ticket FW monitor command is used to print the status of the core chain?


Options are :

  • #NAME? (Correct)
  • None
  • #NAME?
  • #NAME?
  • -C

Answer : #NAME?

John is responsible for the safety of the unit Check Point's platform. He has the right composition of matter, which indicates the rule base. To get information on the matter, John passes the command:


Options are :

  • FW kdebug FWM on and check the file fw.elg.
  • None
  • FW debug FWM on and check the file fwm.elg. (Correct)
  • FW FW debug on and check the file fwm.elg.
  • FW kdebug FWM on and check the file fwm.elg.

Answer : FW debug FWM on and check the file fwm.elg.

Where FW monitor output you would see the destination address translation occur in cases of incoming automatic static NAT?


Options are :

  • and between
  • and between (Correct)
  • Static NAT does not adjust the destination IP
  • None
  • and between

Answer : and between

156-315.77 Check Point Certified Security Expert Exam Set 2

What are the IP settings Strip representing less than FW chain output?


Options are :

  • IP settings Strip copy the header information to forward the data to the IPS inspection.
  • None
  • IP settings Strip remove the IP packet header is transmitted before the other core functions. (Correct)
  • IP settings Strip is used only when the VPN is involved
  • IP settings Strip is not a valid chain FW output.

Answer : IP settings Strip remove the IP packet header is transmitted before the other core functions.

FW tab ___________ command to display the NAT


Options are :

  • fwx_alloc (Correct)
  • tablist
  • loglist
  • None
  • Conns

Answer : fwx_alloc

The command lists the firewall kernel modules is Security Gateway is:


Options are :

  • FW ctl core chain
  • FW list of modules
  • FW debug ctl -m (Correct)
  • None
  • FW list of kernel modules

Answer : FW debug ctl -m

156-315.77 Check Point Certified Security Expert Exam Set 1

As the transition to the ISP network termination notice that the outgoing static NAT connections fail. _________ with the command to debug the problem.


Options are :

  • FW ctl Pstat
  • FW CTL debug m + FW NAT drop (Correct)
  • FW tab -t -x fwx_alloc
  • fwaccel Statistics MISP
  • None

Answer : FW CTL debug m + FW NAT drop

URL filtering Cloud is R 75 and above, which table is used to contain a URL filtering cache values?


Options are :

  • url_scheme_tab
  • urlf_blade_on_gw
  • urlf_cache_tbl
  • urlf_cache_table (Correct)
  • None

Answer : urlf_cache_table

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions