156-215.13 Check Point Certified Security Administrator Exam Set 8

The customer has a small Check Point installation which includes one Windows 7 workstation as the SmartConsole, one GAiA device working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):


Options are :

  • Stand-Alone Installation
  • Distributed Installation
  • Unsupported configuration
  • Hybrid Installation

Answer : Distributed Installation

156-215.13 Check Point Certified Security Administrator Exam Set 9

The INSPECT engine inserts itself into the kernel between which two OSI model layers?


Options are :

  • Data link and Network
  • Physical and Data
  • Session and Transport
  • Presentation and Application

Answer : Data link and Network

What is the primary benefit of using the command upgrade_export over either backup or snapshot?


Options are :

  • upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
  • upgrade_export is operating system independent and can be used when backup or snapshot is not available
  • The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.
  • upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.

Answer : upgrade_export is operating system independent and can be used when backup or snapshot is not available

An Administrator without access to SmartDashboard installed a new IPSO-based R76 Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy?


Options are :

  • You first need to run the command fw unloadlocal on the R75 Security Gateway appliance in order to remove the restrictive default policy
  • An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance. Resolve by running the command fw unloadlocal on the local Security Gateway.
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server.
  • You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway's topology

Answer : You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway's topology

156-215.70 Check Point Certified Security Administrator Exam Set 1

UDP packets are delivered if they are ___________


Options are :

  • a valid response to an allowed request on the inverse UDP ports and IP
  • a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
  • referenced in the SAM related dynamic tables
  • bypassing the kernel by the forwarding layer of ClusterXL

Answer : a valid response to an allowed request on the inverse UDP ports and IP

Which of the following methods will provide the most complete backup of an R75 configuration?


Options are :

  • Copying the directories $FWDIR\conf and $CPDIR\conf to another server
  • Database Revision Control
  • Execute command upgrade_export
  • Policy Package Management

Answer : Execute command upgrade_export

Which of the following statements is TRUE about management plug-ins?


Options are :

  • The plug-in is a package installed on the Security Gateway
  • Installing a management plug-in is just like an upgrade process.
  • Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
  • A management plug-in interacts with a Security Management Server to provide new features and support for new products.

Answer : A management plug-in interacts with a Security Management Server to provide new features and support for new products.

156-215.70 Check Point Certified Security Administrator Exam Set 2

The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running SecurePlatform as both Security Management Server and the Security Gateway. This is an example of a(n):


Options are :

  • Hybrid Installation
  • Unsupported configuration
  • Distributed Installation
  • Stand-Alone Installation

Answer : Stand-Alone Installation

How can you most quickly reset Secure Internal Communications (SIC) between a Security Management Server and Security Gateway?


Options are :

  • Use SmartUpdate to retype the Security Gateway activation key. This will automatically sync SIC to both the Security Management Server and Gateway
  • From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
  • From the Security Management Server's command line, type fw putkey -p .
  • Run the command fwm sic_reset to reinitialize the Security Management Server Internal Certificate Authority (ICA). Then retype the activation key on the Security Gateway from SmartDashboard.

Answer : From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).

A snapshot delivers a complete SecurePlatform backup. The resulting file can be stored on servers or as a local file in /var/CPsnapshot/snapshots. How do you restore a local snapshot named MySnapshot.tgz?


Options are :

  • Reboot the system and call the start menu. Select the option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.
  • As expert user, type the command snapshot -r MySnapshot.tgz.
  • As expert user, type the command snapshot - R to restore from a local file. Then, provide the correct file name.
  • As expert user, type the command revert --file MySnapshot.tgz.

Answer : As expert user, type the command revert --file MySnapshot.tgz.

156-215.70 Check Point Certified Security Administrator Exam Set 3

What are you required to do before running the command upgrade_export?


Options are :

  • Close all GUI clients.
  • Run a cpstop on the Security Gateway
  • Run a cpstop on the Security Management Server.
  • Run cpconfig and set yourself up as a GUI client.

Answer : Close all GUI clients.

Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked. What can be done to unlock Peter's account? Give the BEST answer.


Options are :

  • You can unlock Peter's account by using the command fwm lock_admin -u Peter on the Security Management Server.
  • You can unlock Peter's account by using the command fwm unlock_admin -u Peter on the Security Gateway.
  • It is not possible to unlock Peter's account. You have to install the firewall once again or abstain from Peter's help.
  • You can unlock Peter's account by using the command fwm unlock_admin -u Peter on the Security Management Server

Answer : You can unlock Peter's account by using the command fwm lock_admin -u Peter on the Security Management Server.

Which of the following uses the same key to decrypt as it does to encrypt?


Options are :

  • Symmetric encryption
  • Dynamic encryption
  • Certificate-based encryption
  • Asymmetric encryption

Answer : Symmetric encryption

156-215.70 Check Point Certified Security Administrator Exam Set 4

Which of the following is a hash algorithm?


Options are :

  • DES
  • IDEA
  • 3DES
  • MD5

Answer : MD5

Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.


Options are :

  • Check Point GAiA and SecurePlatform, and Microsoft Windows
  • Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
  • Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows
  • Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO

Answer : Check Point GAiA and SecurePlatform, and Microsoft Windows

The customer has a small Check Point installation, which includes one SecurePlatform server working as the SmartConsole, and a second server running Windows 2008 as both Security Management Server and Security Gateway. This is an example of a(n):


Options are :

  • Unsupported configuration
  • Stand-Alone Installation
  • Distributed Installation
  • Hybrid Installation

Answer : Unsupported configuration

156-215.70 Check Point Certified Security Administrator Exam Set 5

You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? (i.e. the command cprestart is not sufficient.) 1. Adding a hot-swappable NIC to the Operating System for the first time. 2. Uninstalling the R75 Power/UTM package. 3. Installing the R75 Power/UTM package. 4. Re-establishing SIC to the Security Management Server. 5. Doubling the maximum number of connections accepted by the Security Gateway.


Options are :

  • 1, 2, 3, 4, and 5
  • 3 only
  • 2, 3 only
  • 3, 4, and 5 only

Answer : 2, 3 only

The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?


Options are :

  • Reinstall the Security Management Server and restore using upgrade_import.
  • Type fwm lock_admin -ua from the Security Management Server command line.
  • Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/
  • Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.

Answer : Type fwm lock_admin -ua from the Security Management Server command line.

Which SmartConsole component can Administrators use to track changes to the Rule Base?


Options are :

  • SmartReporter
  • SmartView Tracker
  • SmartView Monitor
  • WebUI

Answer : SmartView Tracker

156-215.70 Check Point Certified Security Administrator Exam Set 6

Your primary Security Gateway runs on SecurePlatform. What is the easiest way to back up your Security Gateway R76 configuration, including routing and network configuration files?


Options are :

  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • Run the pre_upgrade_verifier and save the .tgz file to the directory /temp
  • Using the native SecurePlatform backup utility from command line or in the Web based user interface.
  • Using the command upgrade_export.

Answer : Using the native SecurePlatform backup utility from command line or in the Web based user interface.

Which of the following commands can provide the most complete restoration of a R76 configuration?


Options are :

  • fwm dbimport -p
  • upgrade_import
  • cpinfo -recover
  • cpconfig

Answer : upgrade_import

Where is the IPSO Boot Manager physically located on an IP Appliance?


Options are :

  • In the directory /nvram
  • On the platform's BIOS
  • On built-in compact Flash memory
  • On an external jump drive

Answer : On built-in compact Flash memory

156-215.70 Check Point Certified Security Administrator Exam Set 7

Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?


Options are :

  • fw ctl pstat
  • cpstat fwd
  • fw ver
  • fw stat

Answer : fw stat

Several Security Policies can be used for different installation targets. The Firewall protecting Human Resources' servers should have its own Policy Package. These rules must be installed on this machine and not on the Internet Firewall. How can this be accomplished?


Options are :

  • A Rule Base can always be installed on any Check Point Firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install on Target.
  • A Rule Base is always installed on all possible targets. The rules to be installed on a Firewall are defined by the selection in the Rule Base row Install On.
  • In the menu of SmartDashboard, go to Policy > Policy Installation Targets and select the correct firewall via Specific Targets.
  • When selecting the correct Firewall in each line of the Rule Base row Install On, only this Firewall is shown in the list of possible installation targets after selecting Policy > Install on Target.

Answer : In the menu of SmartDashboard, go to Policy > Policy Installation Targets and select the correct firewall via Specific Targets.

The Security Gateway is installed on SecurePlatform R76 The default port for the Web User Interface is ____________.


Options are :

  • TCP 443
  • TCP 4433
  • TCP 18211
  • TCP 257

Answer : TCP 443

156-215.70 Check Point Certified Security Administrator Exam Set 8

How can you reset the Security Administrator password that was created during initial Security Management Server installation on SecurePlatform?


Options are :

  • Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password.
  • Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator.
  • As expert user Type fwm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.
  • Type cpm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.

Answer : As expert user Type fwm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.

The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?


Options are :

  • Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
  • Type fwm lock_admin -u from the Security Management Server command line.
  • Type fwm unlock_admin from the Security Management Server command line.
  • Type fwm unlock_admin -u from the Security Gateway command line.

Answer : Type fwm lock_admin -u from the Security Management Server command line.

Your bank's distributed R76 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?


Options are :

  • SmartUpdate
  • SmartView Tracker
  • SmartDashboard
  • SmartPortal

Answer : SmartUpdate

156-215.70 Check Point Certified Security Administrator Exam Set 9

When launching SmartDashboard, what information is required to log into R76?


Options are :

  • User Name, Management Server IP, certificate fingerprint file
  • Password, Management Server IP
  • User Name, Password, Management Server IP
  • Password, Management Server IP, LDAP Server IP

Answer : User Name, Password, Management Server IP

You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?


Options are :

  • SNX modifies the routing table to forward VPN traffic to the Security Gateway
  • An office mode address must be obtained by the client.
  • The SNX client application must be installed on the client.
  • Active-X must be allowed on the client

Answer : SNX modifies the routing table to forward VPN traffic to the Security Gateway

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions