156-215.70 Check Point Certified Security Administrator Exam Set 8

Nancy has lost his connection to the SIC Security Gateway and he needs to return the SIC. What would be the correct order of the necessary steps for this task?


Options are :

  • None
  • 5, 1, 4, 2
  • 2, 3, 1, 4
  • 2, 5, 1, 4
  • 3, 1, 4, 2

Answer : 2, 5, 1, 4

You take the Hide NAT network object behind 10.1.1.0 Security Gateway external interface. You are looking at www.google.com host, 10.1.1.10 successfully. You take the log rule that allows 10.1.1.0 to leave the network. How many logs you can see the connection SmartView Tracker?


Options are :

  • Two, both outgoing, one of the real IP connection and a NAT IP connection
  • Only one, outgoing
  • None
  • Only one, the incoming
  • Two, one for outbound, inbound one

Answer : Only one, outgoing

156-215.70 Check Point Certified Security Administrator Exam Set 9

You installed Security Management Server computer Secure Platform in MegaCorp home office. You will use the IP address of 10.1.1.1. Tekin installed in the second security gateway Secure Platform computer that you plan to send another MegaCorp Administrator at the hub office. What is the correct order of pushing SIC Gateway certificates for transmission?


Options are :

  • 2, 3, 4, 5, 1
  • None
  • 2, 1, 3, 4, 5
  • 1, 3, 2, 4, 5
  • 2, 3, 4, 1, 5

Answer : 2, 1, 3, 4, 5

Choose the correct statement Secure Internal Communications (SIC) Certificates. SIC Certificates:


Options are :

  • For security gateways R70 arise during the Security Management Server installation.
  • None
  • Identify Checkpoint compatible machines; they have the same function as the VPN certificates.
  • Reduce network security by ensuring administrative connections Security Management Servers and Security Gateway.
  • Is used to protect the internal communication between the network SmartDashboard and Security Management Server.

Answer : Identify Checkpoint compatible machines; they have the same function as the VPN certificates.

below what the item would be enforced security first?


Options are :

  • Administrator defined in the rule base
  • None
  • address conversion
  • The first security rule
  • IP spoofing / IP options

Answer : IP spoofing / IP options

Since the pre-existing structural constraints set the manual NAT rules HTTP server. However, the FTP server and SMTP server are both automatic NAT rules. All traffic FTP and SMTP servers Security Gateway running with no problems, but the traffic on a network server drops to 0 due to anti-spoofing rule settings. What is causing this?


Options are :

  • The routing is not configured correctly.
  • Manual NAT rules are not configured correctly.
  • Allow the bidirectional NAT is checked Global Properties.
  • Rotates the object on the client side will not be scanned Global properties Manual NAT rules.
  • None

Answer : Rotates the object on the client side will not be scanned Global properties Manual NAT rules.

Which of the following is NOT useful to check whether the security gateway is active?


Options are :

  • None
  • FW CTL get a string active_secpol
  • Check the name of the appropriate Security Gateway SmartView Monitor.
  • cpstat FW -f policy
  • .fw stat

Answer : FW CTL get a string active_secpol

Where the system administrator defines the notification action if policy to install the time change?


Options are :

  • SmartDashboard> Policy Package Manager
  • SmartView Monitor> Gateway> Thresholds settings
  • None
  • SmartDashboard> Security Gateway object> Advanced tab,
  • SmartView Tracker> Audit log

Answer : SmartView Monitor> Gateway> Thresholds settings

You have found a possible intruder listed in the SmartView Tracker active pane. What is the fastest way to prevent an intruder from using this network indefinitely?


Options are :

  • In SmartDashboard Select IPS> Network Security> Denial of Service.
  • In the SmartView Tracker, select Tools> Block Intruder.
  • .In SmartView Monitor, select Tools> Rules for suspicious activity.
  • Edit rule base to drop these connections from the network.
  • None

Answer : In the SmartView Tracker, select Tools> Block Intruder.

What happens when you select File> Export menu SmartView Tracker?


Options are :

  • Fw.log logs are exported to a file that can be opened in Microsoft Excel.
  • None
  • Exported to the log data is not viewable in SmartView Tracker.
  • Current logs are exported to the new * .log file.
  • Let the log data is deleted fw.log

Answer : Fw.log logs are exported to a file that can be opened in Microsoft Excel.

156-215.71 Check Point Certified Security Administrator Exam Set 1

The main internal network 10.10.10.0/24 allows all traffic from the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel translates the source address 10.10.20.0 only when the network tries to access the Internet using HTTP, SMTP, and FTP services. Which of the following definitions Allow this network to access the Internet?


Options are :

  • Specifies one Manual Hide NAT rule for HTTP, FTP, and SMTP services network 10.10.20.0/24
  • None
  • To determine the three Manual Static NAT rules 10.10.20.0/24 network, one for each service class
  • .Configure Automatic Hide NAT network 10.10.20.0/24 and edit the Service column NAT rule base automatic rule
  • Configure Automatic Static NAT network 10.10.20.0/24

Answer : Specifies one Manual Hide NAT rule for HTTP, FTP, and SMTP services network 10.10.20.0/24

Every menu allows for verification of the name and date of installation Security is a Security Gateway?


Options are :

  • FW show policy
  • FW stat -l
  • FW ctl Pstat policy
  • FW ver -p
  • None

Answer : FW stat -l

You want to take the Static Destination NAT to external Internet users with internal Web Server, which is reserved (RFC 1918) IP-address. You have an unused valid IP address from the network security gateway and the ISP router. You can control the router, which sits on the external interface of the firewall and the Internet. What is the alternative configuration, if the proxy ARP can not be used for your security gateway?


Options are :

  • None
  • Publish a proxy ARP entry is the ISP router firewall in place of valid IP address
  • Set a static host route to the firewall valid IP address of the internal Web server
  • Set a static ARP entry ISP router to the correct IP address of the firewall's external address.
  • Publish a proxy ARP entry for embedded Web server instead of the firewall valid IP address.

Answer : Set a static ARP entry ISP router to the correct IP address of the firewall's external address.

You're talking about a security audit. While reviewing the installation files and logs, you'll find logs to accept POP3 traffic, but you do not see the rule allows POP3 traffic rule base. Which of the following is the most likely cause?


Options are :

  • None
  • POP3 is one of 3 services (POP3, IMAP and SMTP) to the default e-mail client of the object approved by R70.
  • POP3 is accepted Global Properties.
  • POP3 rule is not in use
  • POP3 is a hidden rule.

Answer : POP3 is a hidden rule.

When configuring the anti-spoofing is a Security Gateway object interfaces, which of the following is NOT a valid topology structure of R70?


Options are :

  • special
  • Not specified
  • Any
  • None
  • external

Answer : Any

You have worked with three other security administrators. Every Smart Console component can be used to monitor changes in the rules, or object properties by other webmasters?


Options are :

  • SmartView Tracker
  • SmartView Monitor
  • Eventia Tracker
  • Eventia Monitor
  • None

Answer : SmartView Tracker

156-215.71 Check Point Certified Security Administrator Exam Set 2

Every NAT NAT option is suitable for Automatic Manual applies to NAT as well?


Options are :

  • Automatic ARP configuration
  • Enable IP Pool NAT
  • None
  • Turn the target client-side
  • Allow bi-directional NAT

Answer : Turn the target client-side

R70 that feature or command allows security administrators to revert to earlier versions of an object without changing the security policy configurations?


Options are :

  • None
  • Policy Package management
  • upgrade_export / upgrade_import
  • FWM dbexport / four-wave mixing dbimport
  • Database version control system

Answer : Policy Package management

By default, when you choose File> Switch Active File SmartView Tracker Security Management Server:


Options are :

  • Cleansing the current log file, and asks for a new log mode.
  • Prompts you to enter a file name, and then save the log file.
  • Saves the current log file names of the log file date and time, and start a new log file.
  • Cleansing the current log file and starts a new log file.
  • None

Answer : Saves the current log file names of the log file date and time, and start a new log file.

In order to fully control, you decide to use NAT instead of manual entries Automatic NAT rules. Which of the following is not true?


Options are :

  • When using a static NAT, you must enter the Gateway ARP entries on all computers that use the NAT gateway Gateway's internal interface IP address.
  • When using a static NAT, you need to add a proxy ARP entries of all the hidden Gateway addresses.
  • When using Dynamic Hide NAT address that does not configure the Gateway interface, you need to add a proxy ARP entry to that address.
  • .If you chose Automatic NAT instead of all the required entries are made on your behalf.
  • None

Answer : When using a static NAT, you must enter the Gateway ARP entries on all computers that use the NAT gateway Gateway's internal interface IP address.

You have two rules, ten users, and two user groups is a security policy. You create a database of version 1 in this configuration. Then you remove the two existing users and add a new user group. You change one rule, and add two new rules Base rules. You save for Security Policy and create a database of version 2. After a while, you decide to cancel the version 1 uses the rule base, but you want to keep the user database. How can you do this?


Options are :

  • Restores the entire database, not only to the user database.
  • Run fwm_dbexport take the user to the database. Click to restore the entire database Database Revision of the screen. Then, run the fwm_dbimport.
  • None
  • Restores the entire database, not only to the user database, and then create a new user and user group.
  • .Move FWM dbexport -l file name. To restore the database. Then run the four-wave mixing dbimport -l filename to import users.

Answer : Restores the entire database, not only to the user database.

Marketing the company's networking team is trying to troubleshoot users' complaints concerning access to audio-streaming media from the Internet. Networking asking you to check the object and rule definitions perimeter security gateway. Every Smart Console application should be used to check these objects and rules?


Options are :

  • SmartDashboard
  • None
  • SmartView Tracker
  • SmartView Monitor
  • SmartView status

Answer : SmartDashboard

156-215.71 Check Point Certified Security Administrator Exam Set 3

FW Monitor utility would be best to troubleshoot which of the following problems?


Options are :

  • The error occurs when you edit a network object SmartDashboard.
  • Statically nated Web server behind the security gateway can not be reached from the Internet.
  • For an invalid ID error SmartView Tracker Phase 2 IKE key negotiation.
  • Viewing user database is corrupt
  • None

Answer : Statically nated Web server behind the security gateway can not be reached from the Internet.

The host on the Internet will begin operating in the static NAT IP Web server behind the security gateway. At default settings, in place of NAT, packet starting to turn _________.


Options are :

  • the source client side
  • the source server side
  • None
  • the destination client side
  • the destination server side

Answer : the destination client side

You want to show the log data includes information about a specific column in the SmartView Tracker. If you want to see entries, what action would you take?


Options are :

  • To the left column click Search> Add string> Apply Filter
  • None
  • Left clicking on a column, Particular> Add> Apply Filter
  • Right-click the search column> Add string> Apply Filter
  • Right-click a column Edit Filter> Special> Add> OK

Answer : Right-click a column Edit Filter> Special> Add> OK

FW Monitor utility is used to troubleshoot which of the following problems?


Options are :

  • None
  • .Log consolidation Engine
  • The user database corruption
  • address translation
  • Step two key negotiating

Answer : address translation

You take automatic Static NAT internal host node object has its own IP address 10.10.10.5, which is part of the Nat 216.216.216.5. (You can use the default settings Global Properties> NAT.) When using fw monitor R70 Security Gateway and then start a new HTTP connection to the host 10.10.10.5 browse the Internet, where you'll find the starting point of the monitor HTTP SYN-ACK back translated into 216.216.216.5 10.10.10.5?


Options are :

  • i = the incoming core, before the virtual machine
  • o = leaving the core, before the virtual machine
  • None
  • #NAME?
  • I = incoming core, the virtual machine

Answer : I = incoming core, the virtual machine

You have Security Administrator that is installed Security Gateway R70 on the web. You need to allow specific IP addresses of the partner site uses an intranet Web server. Partner to limit s access to HTTP and FTP only, did you do the following: Do the above regulations restrict Partner s use?


Options are :

  • Yeah. Both of these settings only apply to automatic NAT rules
  • Yeah. This will ensure that traffic represents only on especially configured for this traffic, and the traffic gateway translates accepting the packet.
  • No. The first option is not applicable. The second option reduces performance by turning the transport of the core closest to the intranet server.
  • No. The first option is only applicable to automatic NAT rules. The second option is necessary to ensure that there is no contradiction between NAT and anti-spoofing.
  • None

Answer : No. The first option is only applicable to automatic NAT rules. The second option is necessary to ensure that there is no contradiction between NAT and anti-spoofing.

156-215.71 Check Point Certified Security Administrator Exam Set 4

You use the Hide feature of the rule:


Options are :

  • Regulate the invisible incoming packets
  • Hide the rules SYN / ACK attack.
  • None
  • Hide the rules for read-only administrators.
  • View only a few rules, without disturbing others.

Answer : View only a few rules, without disturbing others.

Every R70 Smart Console tool would you use to check the name of the installed security policy is a security gateway?


Options are :

  • SmartView Monitor
  • SmartView status
  • Nothing, Smart Console applications just to communicate Security Management Server.
  • Smart Update
  • None

Answer : SmartView Monitor

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions