156-215.13 Check Point Certified Security Administrator Exam Set 7

The London Security Gateway Administrator has just installed the Security Gateway and Management Server. He has not changed any default settings. As he tries to configure the Gateway, he is unable to connect. Which troubleshooting suggestion will NOT help him?


Options are :

  • Check if some intermediate network device has a wrong routing table entry, VLAN assignment, duplex-mismatch, or trunk issue.
  • Test the IP address assignment and routing settings of the Security Management Server, Gateway, and console client
  • Verify the SIC initialization.
  • Verify that the Rule Base explicitly allows management connections (Correct)

Answer : Verify that the Rule Base explicitly allows management connections

156-215.70 Check Point Certified Security Administrator Exam Set 1

Which command displays the installed Security Gateway version?


Options are :

  • cpstat -gw
  • fw ver (Correct)
  • fw printver
  • fw stat

Answer : fw ver

Which of the following are available SmartConsole clients which can be installed from the R76 Windows CD? Read all answers and select the most complete and valid list.


Options are :

  • SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status
  • Security Policy Editor, Log Viewer, Real Time Monitor GUI
  • SmartView Tracker, CPINFO, SmartUpdate (Correct)
  • SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor

Answer : SmartView Tracker, CPINFO, SmartUpdate

Which of the following statements accurately describes the command upgrade_export?


Options are :

  • This command is no longer supported in GAiA.
  • Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the /conf directories for importing to a newer Security Gateway version. (Correct)
  • upgrade_export stores network-configuration data, objects, global properties, and the database revisions prior to upgrading the Security Management Server.
  • upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included or excluded before exporting.

Answer : Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the /conf directories for importing to a newer Security Gateway version.

156-315.77 Check Point Certified Security Expert Exam Set 8

Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass through the Gateway running on an IP Appliance running IPSO. What command do you need to run after stopping the firewall service?


Options are :

  • ipsofwd on admin (Correct)
  • fw load routed
  • fw fwd routing
  • ipsofwd slowpath

Answer : ipsofwd on admin

How can you recreate the Security Administrator account, which was created during initial Management Server installation on SecurePlatform?


Options are :

  • Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Administrator Account portion of the file. You will be prompted to create a new account.
  • Launch cpconfig and delete the Administrator's account. Recreate the account with the same name. (Correct)
  • Launch SmartDashboard in the User Management screen, and delete the cpconfig administrator.
  • Type cpm -a, and provide the existing Administrator's account name. Reset the Security Administrator's password.

Answer : Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

The customer has a small Check Point installation which includes one Windows 2008 server as SmartConsole and Security Management Server with a second server running SecurePlatform as Security Gateway. This is an example of a(n):


Options are :

  • Distributed Installation (Correct)
  • Stand-Alone Installation.
  • Unsupported configuration.
  • Hybrid Installation.

Answer : Distributed Installation

156-315.77 Check Point Certified Security Expert Exam Set 7

Where can you find the Check Point's SNMP MIB file?


Options are :

  • $FWDIR/conf/snmp.mib
  • $CPDIR/lib/snmp/chkpt.mib (Correct)
  • There is no specific MIB file for Check Point products.
  • It is obtained only by request from the TAC.

Answer : $CPDIR/lib/snmp/chkpt.mib

What is the syntax for uninstalling a package using newpkg?


Options are :

  • newpkg CANNOT be used to uninstall a package (Correct)
  • -s
  • -i
  • -u

Answer : newpkg CANNOT be used to uninstall a package

When Jon first installed his new security system, he forgot to configure DNS servers on his Security Gateway. How could Jon configure DNS servers now that his Security Gateway is in production?


Options are :

  • Login to the SmartDashboard, edit the firewall Gateway object, select the tab Interfaces > Domain Name Servers.
  • Login to the firewall using SSH and run fwm, then select System Configuration > Domain Name Servers.
  • Login to the firewall using SSH and run cpconfig, then select Domain Name Servers.
  • Login to the firewall using SSH and run sysconfig, then select Domain Name Servers. (Correct)

Answer : Login to the firewall using SSH and run sysconfig, then select Domain Name Servers.

156-215.75 Check Point Certified Security Administrator Exam Set 1

When restoring R76 using the command upgrade_import, which of the following items are NOT restored?


Options are :

  • Global properties
  • Licenses
  • Route tables (Correct)
  • SIC Certificates

Answer : Route tables

Which component functions as the Internal Certificate Authority for R76?


Options are :

  • Management Server (Correct)
  • Policy Server
  • Security Gateway
  • SmartLSM

Answer : Management Server

Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?


Options are :

  • Run the command revert to restore the snapshot, establish SIC, and install the Policy.
  • Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy. (Correct)
  • Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
  • Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.

Answer : Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now