156-215.71 Check Point Certified Security Administrator Exam Set 4

Which SmartConsole component can Administrators use to track remote administrative activities?


Options are :

  • WebUI
  • SmartView Tracker (Correct)
  • SmartView Monitor
  • Eventia Reporter

Answer : SmartView Tracker

Which type of R71 Security Server does not provide User Authentication?


Options are :

  • HTTP Security Server
  • SMTP Security Server (Correct)
  • HTTPS Security Server
  • FTP Security Server

Answer : SMTP Security Server

Your R71 security management server is installed on secure platform. You plan to schedule the security management server to run Log switch automatically every 48 hours. How do you create the schedule?


Options are :

  • Create time object, and add 48 hours as the interval. Open the primary security management object’s logs and master window, enable schedule log switch, and select the time object (Correct)
  • Create time object, and add 48 hours as the interval. Select the time object’s global properties >logs and master window, to schedule a log switch
  • Create time object, and add 48 hours as the interval. Open the security Gateway objects logs and masters window, enable schedule log switch, and select the time object
  • On a secure platform Security management Server, this can only the accomplished by configuring the fw logswitch command via the cron utility

Answer : Create time object, and add 48 hours as the interval. Open the primary security management object’s logs and master window, enable schedule log switch, and select the time object

The customer has small Checkpoint installation which includes one windows 2003 server as the SmartConsole and second server running SecurePlatform as both Management Server and Security Gateway. This is an example of a(n):


Options are :

  • Hybrid installation
  • Distributed installation (Correct)
  • Stand-Alone installation
  • Unsupported configuration

Answer : Distributed installation

156-315.77 Check Point Certified Security Expert Exam Set 5

An internal host initiates a session to www.google.com and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of __________.


Options are :

  • Destination NAT
  • Client side NAT
  • None of these
  • Source NAT (Correct)

Answer : Source NAT

You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interface and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.


Options are :

  • /etc/conf/route.C
  • /etc/sysconfig/network-scripts/ifcfg-ethx
  • /etc/sysconfig/network
  • /etc/sysconfig/netconf.C (Correct)

Answer : /etc/sysconfig/netconf.C

156-315.77 Check Point Certified Security Expert Exam Set 7

When carrying out a backup operation on R71, you will have to backup which of the following files?


Options are :

  • $FWDIR/conf/objects_5_0.C (Correct)
  • $FWDIR/database/control.map
  • $FWDIR/conf/rule.fws (Correct)
  • $FWDIR/database/fwauth.NDB*
  • $FWDIR/conf/rulebases_5_0.fws (Correct)

Answer : $FWDIR/conf/objects_5_0.C $FWDIR/conf/rule.fws $FWDIR/conf/rulebases_5_0.fws

Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?


Options are :

  • SAM - Block Intruder feature of SmartView Tracker
  • Change the Rule Base and install the Policy to all Security Gateways
  • Intrusion Detection System (IDS) Policy install
  • SAM - Suspicious Activity Rules feature of SmartView Monitor (Correct)

Answer : SAM - Suspicious Activity Rules feature of SmartView Monitor

Your organization has many Edge Gateways at various branch offices allowing users to access company resources. For security reasons, your organization's Security Policy requires all Internet traffic initiated behind the Edge Gateways first be inspected by your headquarters' R71 Security Gateway. How do you configure VPN routing in this star VPN Community?


Options are :

  • To Internet and other targets only
  • To center or through the center to other satellites, to Internet and other VPN targets (Correct)
  • To center and other satellites, through center
  • To center only

Answer : To center or through the center to other satellites, to Internet and other VPN targets

156-215.77 Check Point Certified Security Administrator Exam Set 3

When configuring objects in SmartMap, it helps if you________ the objects so that they may be used in a policy rule.


Options are :

  • Actualize (Correct)
  • Expand
  • Save
  • Physically connect to

Answer : Actualize

Certificates for Security Gateways are created during a simple initialization from______.


Options are :

  • SmartDashboard (Correct)
  • .The ICA management tool.
  • SmartUpdate
  • sysconfig

Answer : SmartDashboard

Which of the following is true regarding configuration of clustering nodes?


Options are :

  • Each cluster node must run exactly the same version of R71 (Correct)
  • You must install R71 as an enforcement module (only) on each node (Correct)
  • Cluster nodes do not have to run exactly the same version of CheckPoint package
  • Each cluster node must run exactly the same version of R71 (Correct)
  • Each node must have exactly the same set of packages as all the other nodes (Correct)

Answer : Each cluster node must run exactly the same version of R71 You must install R71 as an enforcement module (only) on each node Each cluster node must run exactly the same version of R71 Each node must have exactly the same set of packages as all the other nodes

156-315.13 Check Point Security Expert R76 (GAiA) Exam Set 1

Platforms IP290, IP390 and IP560 are flash-based, diskless platforms. And what do you have to do prior to upgrading their images to R71?


Options are :

  • .Do nothing
  • Backup their images
  • Delete old images (Correct)
  • Backup old images
  • Restore old images

Answer : Delete old images

If you were NOT using IKE aggressive mode for your IPSec tunnel, how many packets would you see for normal phase exchange?


Options are :

  • 3
  • 2
  • 6 (Correct)
  • 9

Answer : 6

156-315.13 Check Point Security Expert R76 (GAiA) Exam Set 1

The third shift administrator was updating security management server access setting in global properties. He managed to lock the entire Administrator out of their accounts. How should you unlock these accounts?


Options are :

  • Type fwm lock_admin –ua from the command line of the security management server (Correct)
  • Logging to smart dash board as special cpconfig_admin account. Right click on each administrator object and select Unlock.
  • Delete the file admin .lock in the sfwdir/ tmp/directory of the security managem,ent server.
  • Reinstall the security management Server and restore using upgrade _imort

Answer : Type fwm lock_admin –ua from the command line of the security management server

Which SmartView Tracker selection would most effectively show who installed a Security Policy blocking all traffic from the corporate network?


Options are :

  • Management Tab (Correct)
  • Active tab
  • Network and Endpoint tab
  • Custom filter

Answer : Management Tab

What do you use to view a R71 security Gateway’s status, including CPU use, amount of virtual memory, percent of free hard disk space, version?


Options are :

  • SmartUpdate
  • Only possible via command line tools
  • SmartView Monitor (Correct)
  • SmartView Tracker

Answer : SmartView Monitor

156-315.77 Check Point Certified Security Expert Exam Set 6

You are the security administrator in a large company called ABC. A Check point firewall is installed and is in use on secure platform. You are concerned. That the system might not be retaining your entries for the interfaces and routing configurations. You would like to verify your entries in the corresponding Files(s) on secure platform. Where can you view them? Give the best answer


Options are :

  • / etc / sysconfid / network
  • / etc / sysconfig / netconf .c (Correct)
  • / etc / conf /route . c
  • / ets / sysconfig / netconf-scripts / ifcfg-ethx

Answer : / etc / sysconfig / netconf .c

Select the correct statement about Secure Internal Communication (SIC) Certificates, SIC certificates?


Options are :

  • Uniquely identify the machines installed with check point software only. They have the same function as RSA Authentication Certificates.
  • Are for security Gateways created during the Security Management Server installation.
  • Can be used for Securing Internal Network Communication between the security gateway and an OPSEC device. (Correct)
  • Increase network security by securing administrative communication with a two factor challenge response authentication.

Answer : Can be used for Securing Internal Network Communication between the security gateway and an OPSEC device.

Which of the following is NOT supported with Office Mode?


Options are :

  • Endpoint Connect
  • SecureClient
  • SSL Network Extender
  • SecuRemote (Correct)

Answer : SecuRemote

156-315.77 Check Point Certified Security Expert Exam Set 5

What is the syntax for uninstalling a package using newpkg?


Options are :

  • –u (pathname of package)
  • –i (full pathname of package)
  • –s (pathname of package)
  • newpkg CANNOT be used to uninstall (Correct)

Answer : newpkg CANNOT be used to uninstall

Which of the following is viable consideration when determining rule base order?


Options are :

  • Grouping authentication rules with address translation rules
  • Grouping functionally related rules together (Correct)
  • Grouping rules by date of creation
  • Grouping reject and drop rules after the cleanup rule

Answer : Grouping functionally related rules together

Using the output below, what type of VPN Community is configured for fw-stlouis?


Options are :

  • Traditional
  • Star
  • Meshed (Correct)
  • Domain-Based

Answer : Meshed

Check Point Certified Security Expert Exam Set 9

The User Directory Software Blade is used to integrate which of the following with Security Gateway R71?


Options are :

  • RADIUS server
  • LDAP server (Correct)
  • Account management client server
  • User authority server

Answer : LDAP server

There are three options available for configuring a firewall policy on the SecureClient Mobile device. Which of the following is NOT an option?


Options are :

  • yes
  • No
  • Configured on endpoint client
  • Configured on server (Correct)

Answer : Configured on server

You are concerned that a message may have been intercepted and retransmitted, thus compromising the security of the communication. You attach a code to the electronically transmitted message that uniquely identifies the sender. This code is known as a(n):


Options are :

  • diffie-Helman verification
  • private key
  • AES flag
  • digital signature (Correct)

Answer : digital signature

156-315.77 Check Point Certified Security Expert Exam Set 9

How can we verify the policy version locally instead on the firewall?


Options are :

  • Fw sta (Correct)
  • Fw ver –k
  • Fw ctl iflist
  • Fw ver

Answer : Fw sta

What is the officially accepted diagnostic tool for IP appliance support?


Options are :

  • cpinfo
  • Uag-diag
  • CST (Correct)
  • Ipsinfo

Answer : CST

How do you recover communications between your security management server and security gateway if you “LOCK” yourself via a rule or policy mis-configuration?


Options are :

  • Fw unload policy
  • Cpstop
  • Fw delete all. all@local host
  • Fw unloadlocal (Correct)

Answer : Fw unloadlocal

Check Point Certified Security Expert Exam Set 10

You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?


Options are :

  • A group with generic user (Correct)
  • internet user group
  • LDAP account unit Group
  • All users

Answer : A group with generic user

How do you use Smartview monitor to compile traffic statistics for your campany’s internet activity during production hours?


Options are :

  • View total packets passed through the security gateway
  • Configure a suspicious activity rule which triggers an alert when HTTP traffic pass through gateway
  • Use the traffic counters setting and Smartview monitor to generate a graph showing the total HTTP traffic for the day (Correct)
  • Select the Tunnels view, and generate a report on the statistics

Answer : Use the traffic counters setting and Smartview monitor to generate a graph showing the total HTTP traffic for the day

Which authentication type permits five different sign-on methods in the authentication properties window?


Options are :

  • Session Authentication
  • Manual Authentication
  • User Authentication
  • Client Authentication (Correct)

Answer : Client Authentication

156-315.77 Check Point Certified Security Expert Exam Set 1

When you change an implicit rule’s order from last to first in global properties, how do you make the change take effect?


Options are :

  • Select install database from the policy menu
  • Select save from the file menu
  • Reinstall the security policy (Correct)
  • Run fw fetch from the security gateway

Answer : Reinstall the security policy

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions