156-215.75 Check Point Certified Security Administrator Exam Set 2

You are reviewing the Security Administrator activity for a bank and comparing it to the change log. How do you view Security Administrator activity?


Options are :

  • SmartView Tracker in Management Mode (Correct)
  • SmartView Tracker in Network and Endpoint Mode
  • SmartView Tracker cannot display Security Administrator activity: instead, view the system logs on the Security Management Server's Operating System
  • SmartView Tracker in Active Mode

Answer : SmartView Tracker in Management Mode

Check Point Certified Security Expert Exam Set 7

Identify the correct step performed by SmartUpdate to upgrade a remote Security Gateway. After selecting Packages / Distribute and Install Selected Package and choosing the target Gateway, the:


Options are :

  • selected package is copied from the Package Repository on the Security Management Server to the Security Gateway and the installation IS performed. (Correct)
  • SmartUpdate wizard walks the Administrator through a distributed installation.
  • selected package is copied from the CD-ROM of the SmartUpdate PC directly to the Security Gateway and the installation IS performed.
  • selected package is copied from the Package Repository on the Security Management Server to the Security Gateway but the installation IS NOT performed.

Answer : selected package is copied from the Package Repository on the Security Management Server to the Security Gateway and the installation IS performed.

Which tool CANNOT be launched from SmartUpdate R75?


Options are :

  • cpinfo
  • snapshot (Correct)
  • IP Appliance Voyager
  • SecurePlatform WebUI

Answer : snapshot

What action can be performed from SmartUpdate R75?


Options are :

  • remote_uninstall_verifier
  • cpinfo (Correct)
  • fw stat -l
  • upgrade_export

Answer : cpinfo

156-315.77 Check Point Certified Security Expert Exam Set 4

Central license management allows a Security Administrator to perform which of the following functions? 1)Check for expired licenses. 2)Sort licenses and view license properties 3)Attach both R75 Central and Local licenses to a remote module 4)Delete both R75 Local licenses and Central licenses from a remote module 5)Add or remove a license to or from the license repository 6)Attach and/or delete only R75 Central licenses to a remote module (not local licenses)


Options are :

  • 1, 2, 3, 4, & 5 (Correct)
  • 1, 2, 5, & 6
  • 2, 5, & 6
  • 2, 3, 4, & 5

Answer : 1, 2, 3, 4, & 5

Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with SecurePlatform, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so?


Options are :

  • She needs to run sysconfig and restart the SSH process.
  • She needs to run cpconfig to enable the ability to SCP files.
  • She needs to edit /etc/scpusers and add the Standard Mode account. (Correct)
  • She needs to edit /etc/SSHd/SSHd_config and add the Standard Mode account.

Answer : She needs to edit /etc/scpusers and add the Standard Mode account.

You currently do not have a Check Point software subscription for one of your products. What will happen if you attempt to upgrade the license for this product?


Options are :

  • It is upgraded with new available features, but cannot be activated
  • The license will be upgraded with a warning
  • The license is not upgraded (Correct)
  • It is deleted

Answer : The license is not upgraded

156-215.71 Check Point Certified Security Administrator Exam Set 4

How do you view a Security Administrator's activities with SmartConsole?


Options are :

  • SmartView Tracker in the Management tab (Correct)
  • SmartView Monitor using the Administrator Activity filter
  • SmartView Tracker in the Network and Endpoint tabs
  • Eventia Suite

Answer : SmartView Tracker in the Management tab

Which of the following statements about service contracts, i.e., Certificate, software subscription, or support contract, is FALSE?


Options are :

  • A service contract can apply only for a single set of Security Gateways managed by the same Security Management Server.
  • Most software-subscription contracts are permanent, and need not be renewed after a certain time passes. (Correct)
  • The contract file is stored on the Security Management Server and downloaded to all Security Gateways during the upgrade process.
  • Service Contracts can apply for an entire User Center account

Answer : Most software-subscription contracts are permanent, and need not be renewed after a certain time passes.

You are trying to save a custom log query in R75 SmartView Tracker, but getting the following error "Could not save 'query-name' (Error Database is Read only). Which of the following is a likely explanation for this?


Options are :

  • You have read-only rights to the Security Management Server database (Correct)
  • Another administrator is currently connected to the Security Management Server with read/write permissions which impacts your ability to save custom log queries to the Security Management Server.
  • You do not have OS write permissions on the local SmartView Tracker PC in order to save the custom query locally
  • You do not have the explicit right to save a custom query in your administrator permission profile under SmartConsole customization

Answer : You have read-only rights to the Security Management Server database

Check Point Certified Security Expert Exam Set 7

Which command gives an overview of your installed licenses?


Options are :

  • cplic print (Correct)
  • cplicense
  • showlic
  • lic print

Answer : cplic print

What port is used for communication to the User Center with SmartUpdate?


Options are :

  • CPMI 200
  • TCP 8080
  • HTTP 80
  • HTTPS 443 (Correct)

Answer : HTTPS 443

You plan to migrate a Windows NG with Application Intelligence (AI) R55 SmartCenter Server to R75. You also plan to upgrade four VPN-1 Pro Gateways at remote offices, and one local VPN-1 Pro Gateway at your company's headquarters to R75. The Management Server configuration must be migrated. What is the correct procedure to migrate the configuration?


Options are :

  • 1. From the R75 CD- ROM in the security management server, select export 2.Install R 70 on a new PC using the option installation using imported configuration 3.Reboot after installation and update all licenses via smartUpdate 4.Upgrade software on all five remote Gateway via SmartUpdate (Correct)
  • 1. Upgrade the remote gateway via smartUpdate. 2. upgrade the security management server, using the R75 CD
  • 1. From the R75 CD-ROM on the security management server, select Upgrade 2.Reboot after installation and upgrade all licenses via SmartUpdate 3.Reinstall all gateways using R 70 and install a policy
  • 1. Copy the $PWDIR\ conf directory from the security management server 2.Save directory contents to another file server 3.Uninstall the security management server, and install anew security management server 4.Move the saved directory contents to $ PWDIR\conf replacing the default installation files 5.Reinstall all gateways using R75 and install a security policy

Answer : 1. From the R75 CD- ROM in the security management server, select export 2.Install R 70 on a new PC using the option installation using imported configuration 3.Reboot after installation and update all licenses via smartUpdate 4.Upgrade software on all five remote Gateway via SmartUpdate

156-215.75 Check Point Certified Security Administrator Exam Set 2

Where do you enable popup alerts for IPS settings that have detected suspicious activity?


Options are :

  • In SmartDashboard, edit the Gateway object, and select IPS / Alerts
  • In SmartView Tracker, select Tools / Custom Commands
  • In SmartDashboard, select Global Properties / Log and Alert / Alert Commands
  • In SmartView Monitor, select Tools / Alerts (Correct)

Answer : In SmartView Monitor, select Tools / Alerts

What physical machine must have access to the User Center public IP address when checking for new packages with smartUpdate?


Options are :

  • SmartUpdate Repository SQL database Server
  • A Security Gateway retrieving the new upgrade package
  • SmartUpdate installed Security Management Server PC
  • SmartUpdate GUI PC (Correct)

Answer : SmartUpdate GUI PC

If a SmartUpdate upgrade or distribution operation fails on SecurePlatfom, how is the system recovered?


Options are :

  • The Administrator must remove the rpm packages manually, and re-attempt the upgrade.
  • The Administrator must reinstall the last version via the command cprinstall revert
  • The Administrator can only revert to a previously created snapshot (if there is one) with the command cprinstall snapshot .
  • SecurePlatform will reboot and automatically revert to the last snapshot version prior to upgrade. (Correct)
  • Answer : SecurePlatform will reboot and automatically revert to the last snapshot version prior to upgrade.

    156-315.77 Check Point Certified Security Expert Exam Set 1

    Identify the correct step performed by SmartUpdate to upgrade a remote Security Gateway. After selecting Packages Select / Add from CD, the:


    Options are :

    • selected package is copied to the packages directory on the selected remote Security Gateway
    • selected package is copied to the Package Repository on the Security Management Server. (Correct)
    • entire contents of the CD-ROM arc copied to the packages directory on the selected remote Security Gateway
    • entire contents of the CD-ROM are copied to the Package Repository on the Security Management Server

    Answer : selected package is copied to the Package Repository on the Security Management Server.

    Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?


    Options are :

    • Intrusion Detection System (IDS) Policy install
    • Block Intruder feature of SmartView Tracker (Correct)
    • Change the Rule Base and install the Policy to all Security Gateways
    • SAM - Suspicious Activity Rules feature of SmartView Monitor

    Answer : Block Intruder feature of SmartView Tracker

    Which of the following R75 SmartView Tracker views will display a popup warning about performance implications on the Security Gateway?


    Options are :

    • All Records Query
    • Active Tab (Correct)
    • Account Query
    • Audit Tab

    Answer : Active Tab

    156-215.77 Check Point Certified Security Administrator Exam Set 3

    Where are SmartEvent licenses installed?


    Options are :

    • Security Gateway
    • SmartEvent server (Correct)
    • Security Management Server
    • Log Server

    Answer : SmartEvent server

    John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19. John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator: 1)Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy. 2)Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location. John plugged in his laptop to the network on a different network segment and he is not able to connect. How does he solve this problem?


    Options are :

    • Investigate this as a network connectivity issue
    • The firewall admin should install the Security Policy (Correct)
    • John should lock and unlock the computer
    • John should install the Identity Awareness Agent

    Answer : The firewall admin should install the Security Policy

    Check Point Certified Security Expert Exam Set 5

    What action CANNOT be run from SmartUpdate R75?


    Options are :

    • Reboot Gateway
    • Fetch sync status (Correct)
    • Get all Gateway Data
    • Preinstall verifier

    Answer : Fetch sync status

    To qualify as an Identity Awareness enabled rule, which columns may include an Access Role?


    Options are :

    • User
    • Source (Correct)
    • Track
    • Action

    Answer : Source

    Captive Portal may be used with HTTPS:


    Options are :

    • No, it only works with FTP
    • Yes (Correct)
    • No, it only works with HTTP
    • No, it only works with FTP and HTTP

    Answer : Yes

    156-115 Check Point Certified Security Master Practice Test Set 8

    What type of traffic can be re-directed to the Captive Portal?


    Options are :

    • SMTP
    • HTTP (Correct)
    • FTP
    • All of the above

    Answer : HTTP

    Identity Awareness is implemented to manage access to protected resources based on a user's _____________.


    Options are :

    • Application requirement
    • Computer MAC address
    • Identity (Correct)
    • Time of connection

    Answer : Identity

    How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface?


    Options are :

    • Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces.
    • Change the gateway settings to allow Captive Portal access via an external interface. (Correct)
    • Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface.
    • No action is necessary. This access is available by default.

    Answer : Change the gateway settings to allow Captive Portal access via an external interface.

    156-315.77 Check Point Certified Security Expert Exam Set 5

    How can you activate the SNMP daemon on a Check Point Security Gateway?


    Options are :

    • Using the command line, enter snmp_install.
    • From cpconfig, select Activate SNMP extensions.. (Correct)
    • In SmartDashboard, right-click a Check Point object and select Activate SNMP.
    • Any of these options will work.

    Answer : From cpconfig, select Activate SNMP extensions..

    The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?


    Options are :

    • Leveraging identity for Data Center protection
    • Protecting highly sensitive servers
    • Identity based enforcement for non-AD users (non-Windows and guest users) (Correct)
    • When accuracy in detecting identity is crucial

    Answer : Identity based enforcement for non-AD users (non-Windows and guest users)

    Identity Awareness can be deployed in which of the following modes?


    Options are :

    • Lode Sharing
    • Router
    • High Availability
    • Detect (Correct)

    Answer : Detect

    156-315.77 Check Point Certified Security Expert Exam Set 1

    Comment / Suggestion Section
    Point our Mistakes and Post Your Suggestions