156-215.70 Check Point Certified Security Administrator Exam Set 3

What is the difference between standard and specific methods for check-in?


Options are :

  • Standard check-in allows the user to automatically permission to all services that the rule allows. Special check-in requires the user to re-authenticate each service window defined separately for specific actions Properties.
  • Standard check-in requires the user to re-authenticate each service and each host to which he is trying to establish. Specific check allows the user to sign a particular IP address.
  • None
  • Standard check-in allows the user to automatically permission to all services that the rule allows. Special check-in requires the user to re-authenticate each service and each host to which he is trying to establish. (Correct)
  • Standard check-in allows the user to automatically permission to all services that the rule allows, but re-authenticate each host to which he is trying to connect. Special check-in requires the user to re-authenticate each service.

Answer : Standard check-in allows the user to automatically permission to all services that the rule allows. Special check-in requires the user to re-authenticate each service and each host to which he is trying to establish.

Technical and consultation is a requirement to use the intranet server. When configuring User Authentication rule to achieve, which of the following would you remember?


Options are :

  • You can limit the authentication attempts in the Authentication tab of the User Properties screen.
  • You can only use the rule Telnet, FTP, SMTP, and rlogin services.
  • None
  • When a user is first authenticated, the user is prompted to authenticate again until check-out.
  • Security gateway will first check if there is any rule that does not require authentication for this type of connection prior to relying on the Security Authentication Server. (Correct)

Answer : Security gateway will first check if there is any rule that does not require authentication for this type of connection prior to relying on the Security Authentication Server.

Identify the ports to which the Client Authentication daemon listens by default.


Options are :

  • 80, 256
  • None
  • 256, 600
  • 8080, 529
  • 259, 900 (Correct)

Answer : 259, 900

How to manage the maximum number of email messages the spool directory?


Options are :

  • In the Gateway object's SMTP settings on the Advanced Settings window (Correct)
  • None
  • server window Security Council Global Properties
  • Moon smtp.conf file Security Management Server
  • IPS SMTP settings

Answer : In the Gateway object's SMTP settings on the Advanced Settings window

Every OPSEC server can be used to prevent users from accessing certain web sites?


Options are :

  • UFP (Correct)
  • LEA
  • AMON
  • None
  • CVP

Answer : UFP

Which of the following features encrypting data and messages Check Point VPN?


Options are :

  • None
  • digital signatures
  • symmetric encryption (Correct)
  • cryptographic checksum
  • asymmetric encryption

Answer : symmetric encryption

Check Point Certified Security Expert Exam Set 8

For information safely travel between the Security Management Server and the other component of Check Point, which would not be necessary?


Options are :

  • Communication is proven.
  • The component is up to date and in sync Security Management Server.
  • None
  • The communication is encrypted.
  • The communication is used for two-factor or biometric authentication. (Correct)

Answer : The communication is used for two-factor or biometric authentication.

Security Check Unit has stated that unpatched Web application server have access to the SQL server. Which IP setting allows Security Gateway prevent this error from the page displaying information about SQL Server DMZ?


Options are :

  • Web Intelligence> General> HTTP Protocol Inspection, the only answer to ASCII headers
  • Web Intelligence> http protocol inspection, check the box to strict HTTP response parsing
  • Application Intelligence> Fingerprint Scrambling> Web Apps, select the Mix error messages check box
  • None
  • Web Intelligence> Information Disclosure> debugging (Correct)

Answer : Web Intelligence> Information Disclosure> debugging

What happens in relation to the CRL cache after cpstop and cpstart has been launched?


Options are :

  • Gateway searching for a new CRL at startup, and then rejects the old CRL is valid.
  • Gateway continues to use the old CRL even if it is not valid until a new CRL is cached.
  • None
  • Gateway issues the start crl_zap, which clears the cache memory and to force the certificate retrieval.
  • Gateway continues to use the old CRL, as long as it is valid (Correct)

Answer : Gateway continues to use the old CRL, as long as it is valid

To view the current state of the customer's VPN, including those who are down and destroyed. Every Smart Console application will give you this information?


Options are :

  • SmartView Monitor (Correct)
  • SmartView Tracker
  • Smart Update
  • None
  • SmartView status

Answer : SmartView Monitor

User Directory Software Blade, you can create a user-R70 definitions of a (n) _________ Server.


Options are :

  • Rain
  • None
  • NT Domain
  • SecureID
  • LDAP (Correct)

Answer : LDAP

What is the size of the hash produced by the SHA-1?


Options are :

  • 56
  • None
  • 40
  • 160 (Correct)
  • 128

Answer : 160

Check Point Certified Security Expert Exam Set 9

As the Security Administrator, you must create a user authentication. When creating a user authentication, data is stored _____________.


Options are :

  • user database (Correct)
  • None
  • rules Database
  • object-oriented database
  • Smart Update in the archives

Answer : user database

Which of the following objects is a valid source of an authentication?


Options are :

  • .User_group @ Network (Correct)
  • Any user @
  • User @ Network
  • @ Host any
  • None

Answer : .User_group @ Network

To define the IKE VPN two R70 Security Gateway, protecting the two networks. The Network Gateway is behind one of 10.15.0.0/16, and the network 192.168.9.0/24 is behind the peer Gateway. What type of Address Translation should be used to ensure access to the two networks to each other via a VPN tunnel?


Options are :

  • Hide NAT
  • None
  • Nothing (Correct)
  • static NAT
  • manual NAT

Answer : Nothing

Every authentication type allows for five different types of authentication methods, sign-on feature of the window?


Options are :

  • None
  • user authentication
  • Manual Authentication
  • client authentication (Correct)
  • session authentication

Answer : client authentication

What are the rules to send log information when Dshield.org Storm Center is set?


Options are :

  • The specified Web Intelligence, assembly: the disclosure of the data is determined; rules set up user-defined alarms, or SNMP
  • None
  • Determined Global Properties Composition: Logs defined in the Log and Messages section, follow the rules be held liable or SNMP trap
  • Determine the IPS, Dshield Storm Center Configuration: Security Management Server to send logs to follow the rules set in either Alert or of a particular user-defined alarms (Correct)
  • Determined Dshield Storm Center Recognition Regulation Logs and Masters of Security Management Server objects: tracing rules set or Log None

Answer : Determine the IPS, Dshield Storm Center Configuration: Security Management Server to send logs to follow the rules set in either Alert or of a particular user-defined alarms

If you have any questions about LDAP, which of the following should check out?


Options are :

  • None
  • Overlapping VPN Domains
  • Secure Internal Communications (SIC)
  • R70 connection between the Gateway and LDAP (Correct)
  • domain name resolution

Answer : R70 connection between the Gateway and LDAP

156-215.70 Check Point Certified Security Administrator Exam Set 8

If the check box Use the Properties dialog box, IKE aggressive standard:


Options are :

  • exchange of two packets to three packets in the IKE phase 2 exchange is replaced.
  • three packets in the IKE phase 2 exchange is replaced by a six-packet exchange.
  • None
  • 1 the exchange of the IKE phase of the three packet is replaced by a six-packet exchange.
  • six-pack IKE phase 1 will be replaced with exchange of three packets. (Correct)

Answer : six-pack IKE phase 1 will be replaced with exchange of three packets.

The public keys and digital certificates do not provide which of the following?


Options are :

  • data integrity
  • None
  • Authentication
  • Non-repudiation
  • Availability (Correct)

Answer : Availability

With the introduction of the Secure Client, you have defined the policy, you enter the traffic encrypted domain. But when mobile users move out of the company, they often can not use the Secure Client because they first have to sign up (ie, hotel and conference facilities). How do I solve this problem?


Options are :

  • None
  • Allow encrypted traffic outside the domain
  • Allows users to turn off the Secure Client
  • Contact Hot Spot / Hotel registration (Correct)
  • Allow unencrypted traffic

Answer : Contact Hot Spot / Hotel registration

Which of these features would be a critical site-to-site VPN?


Options are :

  • strong encryption (Correct)
  • centralized management
  • None
  • strong authentication
  • Scalability to accommodate groups of users

Answer : strong encryption

Marc is a Security Administrator set up the VPN tunnel to his site and partner site. He just created the destination and community partners in the firewall. In an attempt to increase the Community firewalls only his firewall can be selected. City Partner firewall is not visible. What is the possible cause of the problem?


Options are :

  • Only Check Point Gateway could be added to the Community.
  • City Partner Gateway acts as a VPN-1 NG AI.
  • IPSec VPN Software Blade is a partner in the target firewall is not enabled. (Correct)
  • None
  • City Partner firewall object was created as an interoperable device.

Answer : IPSec VPN Software Blade is a partner in the target firewall is not enabled.

Using IPS, how to inform the Security Administrator, the malware scan specific ports? By enabling:


Options are :

  • Undesirable Code Protector
  • Sweep Scan Protection (Correct)
  • Malware Protection Amendment
  • None
  • The host port scan

Answer : Sweep Scan Protection

156-315.77 Check Point Certified Security Expert Exam Set 2

Which of the following commands can be used to remove site-to-site IPsec Security Association (SA)?


Options are :

  • FW IPSec tu
  • IPSec VPN
  • IPSec VPN debug
  • VPN tu (Correct)
  • None

Answer : VPN tu

Which of the following activities will be carried IKE Phase 2 is the Perfect Forward Secrecy use?


Options are :

  • The symmetric keys are generated in IPsec. (Correct)
  • DH public keys are exchanged.
  • Each of the security gateway generates a private Diffie-Hellman (DH) key random pools.
  • Peers authenticate using certificates or pre-shared secrets.
  • None

Answer : The symmetric keys are generated in IPsec.

What links the following is TRUE supervision of Security Management Server and VPN Gateway Community? The control connections are:


Options are :

  • .encrypted using SIC, and re-encrypted in the community without a VPN domain configuration.
  • SIC is encrypted. (Correct)
  • encrypted community.
  • is not encrypted, authenticated only.
  • None

Answer : SIC is encrypted.

How to prevent some of the seldom-used FTP commands, such as CWD, and to find the doorway Gateway?


Options are :

  • Configure limited FTP commands Security Servers Global Properties screen.
  • Enable FTP Bounce checking Protocol Application Intelligence protections IPS tab.
  • None
  • More limited commands aftpd.conf file Security Management Server
  • Edit the desired profile in the FTP commands IPS protection details tab. (Correct)

Answer : Edit the desired profile in the FTP commands IPS protection details tab.

IKE phase in which the IPsec SA negotiation?


Options are :

  • step 4
  • None
  • step 3
  • .Phase 1
  • step 2 (Correct)

Answer : step 2

What is the manual server authentication TELNET port?


Options are :

  • 259 (Correct)
  • 264
  • 23
  • None
  • 900

Answer : 259

Check Point Certified Security Expert Exam Set 5

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions