156-215.71 Check Point Certified Security Administrator Exam Set 3

When using an encryption algorithm, which is generally considered the best encryption method?


Options are :

  • CAST cipher
  • AES
  • DES
  • Triple DES

Answer : AES

156-215.71 Check Point Certified Security Administrator Exam Set 4

VPN routing provides a way of controlling how VPN traffic is directed. There are two methods for doing this. Which of these two methods will Route VPN traffic based on the encryption domain behind each Gateway in the community?


Options are :

  • Routing Based VPN
  • Domain Based VPN
  • Static Based VPN
  • Route Based VPN
  • Dynamic Based VPN

Answer : Domain Based VPN

Spoofing is a method of:


Options are :

  • Disguising an illegal IP address behind an authorized IP address through port address Translation.
  • Hiding your firewall from unauthorized users
  • Making packets appear as if they come from an authorized IP address
  • Detecting people using false or wrong authentication logins.

Answer : Making packets appear as if they come from an authorized IP address

You administer a large, geographically distributed network. The Internet connection at a remote site failed during the weekend, and the Security Gateway logged locally for over 48 hours. It is possible that the logs may have consumed most of the free space on the Gateway's hard disk. Which SmartConsole application displays the percent of free harddisk space on the remote Security Gateway?


Options are :

  • Eventia Analyzer
  • SmartView Monitor
  • This information can only be viewed with fw ctl pstat command from the CLI
  • SmartView Tracker

Answer : SmartView Monitor

156-215.75 Check Point Certified Security Administrator Exam Set 1

Fill in the blank: When you want to create a VPN community where all participating gateways are able to connect to each other, you need to set up a ___________ community.


Options are :

  • Meshed
  • SSL VPN
  • Remote Access
  • Star

Answer : Meshed

When you use the Global Properties default settings on R71. Which type of traffic will be dropped?


Options are :

  • Smart Update connections
  • Outgoing traffic originating from the Security Gateway
  • RIP traffic
  • Firewall logging and ICA key-exchange information

Answer : RIP traffic

You are the Security Administrate for university The Universityís FTP servers have old hardware and software. Certain FTP command causes the FTP servers to malfunction Upgrading the FTP servers is not an optional this time. Where you can define blocked FTP commands passing through the Security Gateway protecting the FTP servers?


Options are :

  • Rule Base > Service Field > Edit Properties
  • Global Properties > Firewall > Security Server > Allowed FTP Commands
  • IPS > Protections > By Protocol > IPS Software Blade > Application Intelligence > FTP > FTP advanced protections>FTP Commands
  • FTP Service Object > Advanced > Blocked FTP Commands

Answer : IPS > Protections > By Protocol > IPS Software Blade > Application Intelligence > FTP > FTP advanced protections>FTP Commands

156-215.75 Check Point Certified Security Administrator Exam Set 2

Your company was unable to obtain more than four legal internet IP addresses from your ISP, and as an administrator you decide to use a single IP address for internet access. What will you implement to allow all your internal users to access the internet with a single IP address?


Options are :

  • Static NAT
  • Source Destination NAT
  • Source Static NAT
  • Undynamic NAT
  • Hide NAT

Answer : Hide NAT

URL Filtering Policy ran make exceptions for specific sites by being enforced?


Options are :

  • For all traffic, except on specific sources and destinations
  • Only for specific sources and destinations
  • For all traffic, except blocked sites
  • For all traffic, There are no exceptions

Answer : Only for specific sources and destinations

Which of the following are external authentication scheme that are supported by R71? Select all the correct answers.


Options are :

  • RADIUS
  • TACACS
  • SecurID
  • Check Point Password
  • Operating System Password

Answer : RADIUS TACACS SecurID

156-215.75 Check Point Certified Security Administrator Exam Set 3

You plan to migrate a Windows NG with Application Intelligence (AI) R55 SmartCener server to R71. You also plan to upgrade four VPN-1 pro Gateways at remote offices and one local VPN-1 pro gateway at your companyís head quarter to R71. The management server configuration must be migrated. What is the correct procedure to migrate the configuration?


Options are :

  • 1. From the R71 CD-ROM on the security management server, select Upgrade 2. Reboot after installation and upgrade all licenses via SmartUpdate 3. Reinstall all gateways using R 70 and install a policy
  • D.1. From the R71 CD- ROM in the security management server, select export 2.Install R 70 on a new PC using the option installation using imported configuration 3.Reboot after installation and update all licenses via smartUpdate 4.Upgrade software on all five remote Gateway via SmartUpdate
  • 1. Copy the $PWDIR\ conf directory from the security management server 2. Save directory contents to another file server 3. Uninstall the security management server, and install anew security management server 4. Move the saved directory contents to $ PWDIR\conf replacing the default installation files 5. Reinstall all gateways using R71 and install a security policy
  • 1. Upgrade the remote gateway via smartUpdate. 2. upgrade the security management server, using the R71 CD

Answer : D.1. From the R71 CD- ROM in the security management server, select export 2.Install R 70 on a new PC using the option installation using imported configuration 3.Reboot after installation and update all licenses via smartUpdate 4.Upgrade software on all five remote Gateway via SmartUpdate

A rule_______ is designed to log and drop nil other communication that does not match another rule.


Options are :

  • Reject
  • Ann-Spoor
  • Stealth
  • Cleanup

Answer : Cleanup

The default cluster administrator user name is:


Options are :

  • Adminstrator
  • clusterAdmin
  • cadmin
  • Admin
  • Supervisor

Answer : cadmin

156-215.75 Check Point Certified Security Administrator Exam Set 4

You currently do not have a Check Point software subscription for one of your products. What will happen if you attempt to upgrade the license for this product?


Options are :

  • .It is deleted
  • The license is not upgraded
  • It is upgraded with new available features, but cannot be activated
  • The license will be upgraded with a warning

Answer : The license is not upgraded

NAT can be implemented on which of the following lists of objects?


Options are :

  • Host network
  • Network, Dynamic Object
  • Host user
  • Domain network

Answer : Host network

Central license management allows a Security Administrator to perform which of the following functions? 1) Check for expired licenses. 2) Sort licenses and view license properties 3) Attach both R71 Central and Local licenses to a remote module 4) Delete both R71 Local licenses and Central licenses from a remote module 5) Add or remove a license to or from the license repository 6) Attach and/or delete only R71 Central licenses to a remote module (not local licenses)


Options are :

  • 1, 2, 3, 4, & 5
  • 2, 3, 4, & 5
  • 1, 2, 5, & 6
  • 2, 5, & 6

Answer : 1, 2, 3, 4, & 5

156-215.75 Check Point Certified Security Administrator Exam Set 5

Which of the following explanations best describes the command fw logswitch [-h target] [+ | -] [oldlog]?


Options are :

  • Display protocol Hosts
  • Control Kernel
  • Create a new Log file. The old log has moved
  • Display a remote machineís log-file list.

Answer : Create a new Log file. The old log has moved

How are cached usernames and passwords cleared from the memory of a R71 Security Gateway?


Options are :

  • By installing a Security Policy
  • By retrieving LDAP user information using the command fw fetchldap
  • Usernames and password only clear from memory after they time out
  • By using the Clear User Cache button in Smart Dashboard

Answer : By installing a Security Policy

You have an NGX R65 Gateway running on SecurePlatform. The Gateway also serves as a Policy Server. When you run patch add CD from the Security Gateway R71 CD-ROM, what does this command allow you to upgrade?


Options are :

  • Both the operating system and all Check Point products
  • All products, except the Policy Server
  • Only the patch utility is upgraded using this command
  • Only the R71 Security Gateway

Answer : Both the operating system and all Check Point products

156-215.75 Check Point Certified Security Administrator Exam Set 6

When john first installed the system, he forgets to configure DNS servers on the security Gateway. How could John configure DNS servers now that his security gateway is in production?


Options are :

  • Login to the firewall using SSH and run cpconfig, than select domain name servers
  • Login to the firewall using SSH and run sysconfig, then select domain name servers.
  • Login to the firewall using SSH and run fwn, than select system configuration and domain name servers.
  • Login to the smart dashboard, edit the firewall gate object, select the tab interface, than domain name servers

Answer : Login to the firewall using SSH and run sysconfig, then select domain name servers.

You have not performed software upgrade to NGX R71. You have upgraded your license and every time you try to run commands such as cplic print; cpstop, you receive all sort of errors. In order to resolve this you will have to:


Options are :

  • Remove the software
  • Upgrade the software to version NGX
  • Remove the upgraded license
  • Re-upgrade the license to the version before the upgrade
  • Do nothing. The error will go away with time

Answer : Upgrade the software to version NGX

156-215.75 Check Point Certified Security Administrator Exam Set 7

During which step in the installation process is it necessary to note the fingerprint for firsttime verification?


Options are :

  • When configuring the Security Gateway object in SmartDashboard
  • When establishing SIC between the Security Management Server and the Gateway
  • When configuring the Gateway in the WebUl
  • When configuring the Security Management Server using cpconfig

Answer : When configuring the Security Management Server using cpconfig

What two conditions must be met when you are manually adding CheckPoint appliances to an existing cluster?


Options are :

  • You must configure interfaces with IP addresses in each of the networks the cluster will connect to
  • R71 is running on the system you are adding
  • R71 is not running on the system you are adding
  • The existing nodes must be running R71 and firewall monitoring is enabled on them
  • The IP address should be the real IP address of a cluster interface

Answer : R71 is not running on the system you are adding The existing nodes must be running R71 and firewall monitoring is enabled on them

What information is found in the SmartView Tracker Management log?


Options are :

  • Most accessed Rule Base rule
  • Number of concurrent IKE negotiations
  • Destination IP address
  • SIC revoke certificate event

Answer : SIC revoke certificate event

156-215.75 Check Point Certified Security Administrator Exam Set 8

Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?


Options are :

  • Database Revision Control
  • .dbexport/dbimport
  • upgrade_export/upgrade_import
  • Policy Package management

Answer : Database Revision Control

What's the difference between the SmartView Tracker Tool section in R71 and NGX R65?


Options are :

  • Tools section in R71 is exactly the same as the tools section in R65
  • Using R71. You can choose a program to view captured packets.
  • R71 adds a new option to send ICMP packets to the source/destination address of the log event
  • Enable Warning Dialogs option is not available in R71

Answer : Using R71. You can choose a program to view captured packets.

Using the Backup and Restore operation on R71, it is possible to:


Options are :

  • Upgrade the SmartCenter Management Server
  • Link the all cluster members for failover
  • Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced
  • Maintain a backup of the SmartCenter Management Server to be used in case of failover
  • Upgrade the SmartDashboard

Answer : Upgrade the SmartCenter Management Server Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced Maintain a backup of the SmartCenter Management Server to be used in case of failover

156-215.75 Check Point Certified Security Administrator Exam Set 1

Your organizationís disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R71 installation. Your plan must meet the following required and desired objectives: Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours. Desired Objective: The R71 components that enforce the Security Polices should be blocked up at least once a week. Desired Objective: Back up R71 logs at least once a week Your disaster recovery plan is as follows: Use the cron utility to run the upgrade_ export command each night on the Security Management Servers. Configure the organization's routine backup software to back up the files created by the upgrade_ export command. Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night Use the cron utility to run the upgrade export: command each Saturday niqht on the log servers Configure an automatic, nightly loqswitch Configure the organization's routine backup software to back up the switched logs every night Upon evaluation, your plan:


Options are :

  • Does not meet the required objective.
  • Meets the required objective but does not meet either desired objective.
  • Meets the required objective and only one desired objective.
  • Meets the required objective and both desired objectives.

Answer : Meets the required objective and both desired objectives.

You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?


Options are :

  • After Stealth Rule
  • Last
  • First
  • Before Last

Answer : Last

Which of the following statements regarding SecureXL and CoreXL is TRUE?


Options are :

  • SecureXL is only available in R71.
  • CoreXL enables multi-core processing for program interfaces.
  • SecureXL is an application for accelerating connections
  • CoreXL is included in SecureXL.

Answer : SecureXL is an application for accelerating connections

156-215.75 Check Point Certified Security Administrator Exam Set 2

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions