156-215.71 Check Point Certified Security Administrator Exam Set 1

You have not performed software upgrade to NGX R71. You have upgraded your license and every time you try to run commands such as cplic print; cpstop, you receive all sort of errors. In order to resolve this you will have to:


Options are :

  • Re-upgrade the license to the version before the upgrade
  • Remove the software
  • Do nothing. The error will go away with time
  • Remove the upgraded license
  • Upgrade the software to version NGX

Answer : Upgrade the software to version NGX

156-215.71 Check Point Certified Security Administrator Exam Set 2

What's the difference between the SmartView Tracker Tool section in R71 and NGX R65?


Options are :

  • R71 adds a new option to send ICMP packets to the source/destination address of the log event
  • Tools section in R71 is exactly the same as the tools section in R65
  • Enable Warning Dialogs option is not available in R71
  • Using R71. You can choose a program to view captured packets.

Answer : Using R71. You can choose a program to view captured packets.

Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?


Options are :

  • SAM - Block Intruder feature of SmartView Tracker
  • SAM - Suspicious Activity Rules feature of SmartView Monitor
  • Change the Rule Base and install the Policy to all Security Gateways
  • Intrusion Detection System (IDS) Policy install

Answer : SAM - Suspicious Activity Rules feature of SmartView Monitor

Which of the following is true regarding configuration of clustering nodes?


Options are :

  • Cluster nodes do not have to run exactly the same version of CheckPoint package
  • Each cluster node must run exactly the same version of R71
  • Each node must have exactly the same set of packages as all the other nodes
  • Each cluster node must run exactly the same version of R71
  • You must install R71 as an enforcement module (only) on each node

Answer : Each cluster node must run exactly the same version of R71 Each node must have exactly the same set of packages as all the other nodes Each cluster node must run exactly the same version of R71 You must install R71 as an enforcement module (only) on each node

156-215.71 Check Point Certified Security Administrator Exam Set 3

When carrying out a backup operation on R71, you will have to backup which of the following files?


Options are :

  • $FWDIR/database/fwauth.NDB*
  • $FWDIR/conf/rulebases_5_0.fws
  • $FWDIR/conf/objects_5_0.C
  • $FWDIR/database/control.map
  • $FWDIR/conf/rule.fws

Answer : $FWDIR/conf/rulebases_5_0.fws $FWDIR/conf/objects_5_0.C $FWDIR/conf/rule.fws

Using the Backup and Restore operation on R71, it is possible to:


Options are :

  • Link the all cluster members for failover
  • Upgrade the SmartCenter Management Server
  • Upgrade the SmartDashboard
  • Maintain a backup of the SmartCenter Management Server to be used in case of failover
  • Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced

Answer : Upgrade the SmartCenter Management Server Maintain a backup of the SmartCenter Management Server to be used in case of failover Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced

What information is found in the SmartView Tracker Management log?


Options are :

  • Destination IP address
  • SIC revoke certificate event
  • Number of concurrent IKE negotiations
  • Most accessed Rule Base rule

Answer : SIC revoke certificate event

156-215.71 Check Point Certified Security Administrator Exam Set 4

You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?


Options are :

  • First
  • Before Last
  • Last
  • After Stealth Rule

Answer : Last

Certificates for Security Gateways are created during a simple initialization from______.


Options are :

  • .The ICA management tool.
  • SmartUpdate
  • sysconfig
  • SmartDashboard

Answer : SmartDashboard

You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interface and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.


Options are :

  • /etc/sysconfig/netconf.C
  • /etc/sysconfig/network
  • /etc/conf/route.C
  • /etc/sysconfig/network-scripts/ifcfg-ethx

Answer : /etc/sysconfig/netconf.C

156-215.75 Check Point Certified Security Administrator Exam Set 1

Which SmartConsole component can Administrators use to track remote administrative activities?


Options are :

  • SmartView Monitor
  • SmartView Tracker
  • WebUI
  • Eventia Reporter

Answer : SmartView Tracker

During which step in the installation process is it necessary to note the fingerprint for firsttime verification?


Options are :

  • When configuring the Security Management Server using cpconfig
  • When establishing SIC between the Security Management Server and the Gateway
  • When configuring the Gateway in the WebUl
  • When configuring the Security Gateway object in SmartDashboard

Answer : When configuring the Security Management Server using cpconfig

Platforms IP290, IP390 and IP560 are flash-based, diskless platforms. And what do you have to do prior to upgrading their images to R71?


Options are :

  • Backup their images
  • Restore old images
  • .Do nothing
  • Backup old images
  • Delete old images

Answer : Delete old images

156-215.75 Check Point Certified Security Administrator Exam Set 2

Which type of R71 Security Server does not provide User Authentication?


Options are :

  • HTTPS Security Server
  • SMTP Security Server
  • FTP Security Server
  • HTTP Security Server

Answer : SMTP Security Server

Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?


Options are :

  • upgrade_export/upgrade_import
  • .dbexport/dbimport
  • Database Revision Control
  • Policy Package management

Answer : Database Revision Control

Your organization has many Edge Gateways at various branch offices allowing users to access company resources. For security reasons, your organization's Security Policy requires all Internet traffic initiated behind the Edge Gateways first be inspected by your headquarters' R71 Security Gateway. How do you configure VPN routing in this star VPN Community?


Options are :

  • To Internet and other targets only
  • To center and other satellites, through center
  • To center or through the center to other satellites, to Internet and other VPN targets
  • To center only

Answer : To center or through the center to other satellites, to Internet and other VPN targets

156-215.75 Check Point Certified Security Administrator Exam Set 3

Your organizationís disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R71 installation. Your plan must meet the following required and desired objectives: Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours. Desired Objective: The R71 components that enforce the Security Polices should be blocked up at least once a week. Desired Objective: Back up R71 logs at least once a week Your disaster recovery plan is as follows: Use the cron utility to run the upgrade_ export command each night on the Security Management Servers. Configure the organization's routine backup software to back up the files created by the upgrade_ export command. Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night Use the cron utility to run the upgrade export: command each Saturday niqht on the log servers Configure an automatic, nightly loqswitch Configure the organization's routine backup software to back up the switched logs every night Upon evaluation, your plan:


Options are :

  • Meets the required objective but does not meet either desired objective.
  • Meets the required objective and only one desired objective.
  • Does not meet the required objective.
  • Meets the required objective and both desired objectives.

Answer : Meets the required objective and both desired objectives.

What two conditions must be met when you are manually adding CheckPoint appliances to an existing cluster?


Options are :

  • The IP address should be the real IP address of a cluster interface
  • The existing nodes must be running R71 and firewall monitoring is enabled on them
  • You must configure interfaces with IP addresses in each of the networks the cluster will connect to
  • R71 is running on the system you are adding
  • R71 is not running on the system you are adding

Answer : The existing nodes must be running R71 and firewall monitoring is enabled on them R71 is not running on the system you are adding

When configuring objects in SmartMap, it helps if you________ the objects so that they may be used in a policy rule.


Options are :

  • Actualize
  • Save
  • Expand
  • Physically connect to

Answer : Actualize

156-215.75 Check Point Certified Security Administrator Exam Set 4

Which of the following statements regarding SecureXL and CoreXL is TRUE?


Options are :

  • SecureXL is only available in R71.
  • CoreXL is included in SecureXL.
  • SecureXL is an application for accelerating connections
  • CoreXL enables multi-core processing for program interfaces.

Answer : SecureXL is an application for accelerating connections

You have not performed software upgrade to NGX R71. You have upgraded your license and every time you try to run commands such as cplic print; cpstop, you receive all sort of errors. In order to resolve this you will have to:


Options are :

  • Re-upgrade the license to the version before the upgrade
  • Remove the software
  • Do nothing. The error will go away with time
  • Remove the upgraded license
  • Upgrade the software to version NGX

Answer : Upgrade the software to version NGX

156-215.75 Check Point Certified Security Administrator Exam Set 5

What's the difference between the SmartView Tracker Tool section in R71 and NGX R65?


Options are :

  • R71 adds a new option to send ICMP packets to the source/destination address of the log event
  • Tools section in R71 is exactly the same as the tools section in R65
  • Enable Warning Dialogs option is not available in R71
  • Using R71. You can choose a program to view captured packets.

Answer : Using R71. You can choose a program to view captured packets.

Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?


Options are :

  • SAM - Block Intruder feature of SmartView Tracker
  • SAM - Suspicious Activity Rules feature of SmartView Monitor
  • Change the Rule Base and install the Policy to all Security Gateways
  • Intrusion Detection System (IDS) Policy install

Answer : SAM - Suspicious Activity Rules feature of SmartView Monitor

Which of the following is true regarding configuration of clustering nodes?


Options are :

  • Cluster nodes do not have to run exactly the same version of CheckPoint package
  • Each cluster node must run exactly the same version of R71
  • Each node must have exactly the same set of packages as all the other nodes
  • Each cluster node must run exactly the same version of R71
  • You must install R71 as an enforcement module (only) on each node

Answer : Each cluster node must run exactly the same version of R71 Each node must have exactly the same set of packages as all the other nodes Each cluster node must run exactly the same version of R71 You must install R71 as an enforcement module (only) on each node

156-215.75 Check Point Certified Security Administrator Exam Set 6

When carrying out a backup operation on R71, you will have to backup which of the following files?


Options are :

  • $FWDIR/database/fwauth.NDB*
  • $FWDIR/conf/rulebases_5_0.fws
  • $FWDIR/conf/objects_5_0.C
  • $FWDIR/database/control.map
  • $FWDIR/conf/rule.fws

Answer : $FWDIR/conf/rulebases_5_0.fws $FWDIR/conf/objects_5_0.C $FWDIR/conf/rule.fws

Using the Backup and Restore operation on R71, it is possible to:


Options are :

  • Link the all cluster members for failover
  • Upgrade the SmartCenter Management Server
  • Upgrade the SmartDashboard
  • Maintain a backup of the SmartCenter Management Server to be used in case of failover
  • Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced

Answer : Upgrade the SmartCenter Management Server Maintain a backup of the SmartCenter Management Server to be used in case of failover Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced

What information is found in the SmartView Tracker Management log?


Options are :

  • Destination IP address
  • SIC revoke certificate event
  • Number of concurrent IKE negotiations
  • Most accessed Rule Base rule

Answer : SIC revoke certificate event

156-215.75 Check Point Certified Security Administrator Exam Set 7

You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?


Options are :

  • First
  • Before Last
  • Last
  • After Stealth Rule

Answer : Last

Certificates for Security Gateways are created during a simple initialization from______.


Options are :

  • .The ICA management tool.
  • SmartUpdate
  • sysconfig
  • SmartDashboard

Answer : SmartDashboard

You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interface and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.


Options are :

  • /etc/sysconfig/netconf.C
  • /etc/sysconfig/network
  • /etc/conf/route.C
  • /etc/sysconfig/network-scripts/ifcfg-ethx

Answer : /etc/sysconfig/netconf.C

156-215.75 Check Point Certified Security Administrator Exam Set 8

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now