156-215.75 Check Point Certified Security Administrator Exam Set 1

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?


Options are :

  • Security Gateway (Correct)
  • SmartConsole
  • None, Security Management Server would be installed by itself
  • SecureClient

Answer : Security Gateway

156-315.77 Check Point Certified Security Expert Exam Set 18

The Internal Certificate Authority (ICA) CANNOT be used for:


Options are :

  • Virtual Private Network (VPN) Certificates for gateways
  • NAT rules (Correct)
  • SIC connections
  • Remote-access users

Answer : NAT rules

The Check Point Security Gateway's virtual machine (kernel) exists between which two layers of the OSI model?


Options are :

  • Network and Datalink layers (Correct)
  • Physical and Datalink layers
  • Application and Presentation layers
  • Session and Network layers

Answer : Network and Datalink layers

The customer has a small Check Point installation which includes one Windows XP workstation as the SmartConsole, one Solaris server working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):


Options are :

  • Distributed Installation (Correct)
  • Stand-Alone Installation.
  • Hybrid Installation.
  • Unsupported configuration

Answer : Distributed Installation

156-515.65 Check Point Certified Security Expert Plus Exam Set 1

How can you reset the password of the Security Administrator that was created during initial installation of the Security Management Server on SecurePlatform?


Options are :

  • Type cpm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.
  • Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator.
  • Type fwm -a, and provide the existing administrator's account name. Reset the Security Administrator's password (Correct)
  • Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the "Password" portion of the file. Then log in to the account without a password. You will be prompted to assign a new password.

Answer : Type fwm -a, and provide the existing administrator's account name. Reset the Security Administrator's password

How can you recreate the account of the Security Administrator, which was created during initial installation of the Management Server on SecurePlatform?


Options are :

  • Launch cpconfig and delete the Administrator's account. Recreate the account with the same name. (Correct)
  • Type cpm -a, and provide the existing Administrator's account name. Reset the Security Administrator's password.
  • Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Administrator Account portion of the file. You will be prompted to create a new account.
  • Launch SmartDashboard in the User Management screen, and delete the cpconfig administrator.

Answer : Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

You are running the Security Gateway on SecurePlatform and configure SNX with default settings. The client fails to connect to the Security Gateway. What is wrong?


Options are :

  • The routing table on the client does not get modified
  • The client is configured incorrectly.
  • The client has Active-X blocked.
  • The SecurePlatform Web User Interface is listening on port 443 (Correct)

Answer : The SecurePlatform Web User Interface is listening on port 443

156-315.71 Check Point Security Expert R71 Practice Exam Set 4

An Administrator without access to SmartDashboard installed a new IPSO-based R75 Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy?


Options are :

  • You first need to run the fw unloadlocal command on the R75 Security Gateway appliance in order to remove the restrictive default policy.
  • An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance Resolve by running the tw unloadlocal command on the local Security Gateway.
  • You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway's topology. (Correct)
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server You must initialize SIC on the Security Management Server.

Answer : You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway's topology.

What are you required to do before running upgrade__ export?


Options are :

  • Run a cpstop on the Security Management Server
  • Run a cpstop on the Security Gateway.
  • Run cpconfig and set yourself up as a GUI client.
  • Close all GUI clients (Correct)

Answer : Close all GUI clients

Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?


Options are :

  • Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy. (Correct)
  • Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.
  • Run the revert command to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
  • Run the revert command to restore the snapshot, establish SIC, and install the Policy.

Answer : Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.

156-215.77 Check Point Certified Security Administrator Exam Set 2

R75's INSPECT Engine inserts itself into the kernel between which two layers of the OSI model?


Options are :

  • Session and Transport
  • Presentation and Application
  • Physical and Data
  • Data and Network (Correct)

Answer : Data and Network

Which of the following statements is TRUE about management plug-ins?


Options are :

  • Installing a management plug-in is just like an upgrade process. (It overwrites existing components.)
  • A management plug-in interacts with a Security Management Server to provide new features and support for new products. (Correct)
  • Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
  • The plug-in is a package installed on the Security Gateway.

Answer : A management plug-in interacts with a Security Management Server to provide new features and support for new products.

Once installed, the R75 kernel resides directly below which layer of the OSI model? Note:Application is the top and Physical is the bottom of the IP stack.


Options are :

  • Session
  • Data Link
  • Transport
  • Network (Correct)

Answer : Network

156-315.71 Check Point Security Expert R71 Practice Exam Set 2

Of the three mechanisms Check Point uses for controlling traffic, which enables firewalls to incorporate layer 4 awareness in packet inspection?


Options are :

  • Packet filtering
  • Application Intelligence
  • IPS
  • Stateful Inspection (Correct)

Answer : Stateful Inspection

The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?


Options are :

  • Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.
  • Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
  • Reinstall the Security Management Server and restore using upgrade_import
  • Type fwm lock_admin -ua from the Security Management Server command line. (Correct)

Answer : Type fwm lock_admin -ua from the Security Management Server command line.

How can you most quickly reset Secure Internal Communications (SIC) between a Security Management Server and Security Gateway?


Options are :

  • Run the command fwm sic-reset to initialize the Internal Certificate Authority (ICA) of the Security Management Server. Then retype the activation key on the Security Gateway from SmartDashboard.
  • From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC). (Correct)
  • Use SmartDashboard to retype the activation key on the Security Gateway. This will automatically Sync SIC to both the Security Management Server and Gateway.
  • From the Security Management Servers command line, Type fw putkey p < IP Address of security Gateway>.

Answer : From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).

156-315.77 Check Point Certified Security Expert Exam Set 3

What is the syntax for uninstalling a package using newpkg?


Options are :

  • newpkg CANNOT be used to uninstall (Correct)
  • s (pathname of package)
  • i (full pathname of package)
  • u (pathname of package)

Answer : newpkg CANNOT be used to uninstall

Several Security Policies can be used for different installation targets. The Firewall protecting Human Resources' servers should have its own Policy Package. These rules must be installed on this machine and not on the Internet Firewall. How can this be accomplished?


Options are :

  • A Rule Base is always installed on all possible targets. The rules to be installed on a Firewall are defined by the selection in the row Install On of the Rule Base.
  • In the menu of SmartDashboard, go to Policy / Policy Installation Targets and select the correct firewall via Specific Targets. (Correct)
  • A Rule Base can always be installed on any Check Point Firewall object. It is necessary to select the appropriate target directly after selecting Policy / Install on Target.
  • When selecting the correct Firewall in each line of the row Install On of the Rule Base, only this Firewall is shown in the list of possible installation targets after selecting Policy / Install on Target.

Answer : In the menu of SmartDashboard, go to Policy / Policy Installation Targets and select the correct firewall via Specific Targets.

Over the weekend, an Administrator without access to SmartDashboard installed a new R75 Security Gateway using SecurePlatform. You want to confirm communication between the Gateway and the Management Server by installing the Security Policy. What might prevent you from installing the Policy?


Options are :

  • You first need to initialize SIC in SmartUpdate.
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server. (Correct)
  • You first need to run the fw unloadlocal command on the new Security Gateway.
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on both the Security Gateway and the Management Server.

Answer : You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server.

156-215.77 Check Point Certified Security Administrator Exam Set 2

The Security Gateway is installed on SecurePlatform R75. The default port for the Web User Interface is _______.


Options are :

  • TCP 4433
  • TCP 257
  • TCP 18211
  • TCP 443 (Correct)

Answer : TCP 443

You are consulting with an Administrator who has locked himself out of SmartDashboard installed on a standalone SecurePlatform Security Gateway. Now, he cannot access the Security Management Server via SmartDashboard or any other SmartConsole tools. How can you get him reconnected to SmartDashboard?


Options are :

  • Run fw unlocklocal on the Security Management Server
  • Run fw uninstall localhost on the Security Gateway
  • Run fw unloadlocal on the Security Gateway. (Correct)
  • Delete the $fwdir/database/manage.lock file and run cprestart.

Answer : Run fw unloadlocal on the Security Gateway.

The customer has a small Check Point installation, which includes one Linux Enterprise 3.0 server working as the SmartConsole, and a second server running Windows 2003 as both Security Management Server running Windows 2003 as both Security Management Server and Security Gateway. This is an example of a(n).


Options are :

  • Distributed Installation
  • Hybrid Installation
  • Stand-Alone Installation
  • Unsupported configuration (Correct)

Answer : Unsupported configuration

156-315.77 Check Point Certified Security Expert Exam Set 12

Tom has been tasked to install Check Point R75 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does not include a SmartConsole machine in his calculations?


Options are :

  • Two machines (Correct)
  • One machine
  • Three machines
  • One machine, but it needs to be installed using SecurePlatform for compatibility purposes

Answer : Two machines

Which command is used to uninstall the Security Policy directly from the Security Gateway?


Options are :

  • fw unloadlocal (Correct)
  • cpstop
  • fwm unload.local
  • fwm load NULL

Answer : fw unloadlocal

The customer has a small Check Point installation which includes one Windows 2003 server as the SmartConsole and a second server running SecurePlatform as both Security Management Server and the Security Gateway. This is an example of a(n):


Options are :

  • Distributed Installation.
  • Stand-Alone Installation. (Correct)
  • Unsupported configuration.
  • Hybrid Installation

Answer : Stand-Alone Installation.

Check Point Certified Security Expert Exam Set 10

You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?


Options are :

  • Active-X must be allowed on the client.
  • An office mode address must be obtained by the client.
  • SNX modifies the routing table to forward VPN traffic to the Security Gateway (Correct)
  • The SNX client application must be installed on the client.

Answer : SNX modifies the routing table to forward VPN traffic to the Security Gateway

UDP packets are delivered if they are _________.


Options are :

  • A legal response to an allowed request on the inverse UDP ports and IP (Correct)
  • Reference in the SAM related Dynamic tables
  • Reference in the SAM related Dynamic tables
  • A Stateful ACK to a valid SYN-SYN-/ACK on the inverse UDP ports and IP

Answer : A legal response to an allowed request on the inverse UDP ports and IP

You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation?


Options are :

  • Only one with full access and one with read-only access
  • One (Correct)
  • Depends on the license installed on the Security Management Server
  • As many as you want

Answer : One

156-215.70 Check Point Certified Security Administrator Exam Set 9

A snapshot delivers a complete backup of SecurePlatform. The resulting file can be stored on servers or as a local file in /var/cpsnapshot/snapshots. How do you restore a local snapshot named MySnapshot.tgz?


Options are :

  • As expert user, type the command snapshot r MySnapshot.tgz.
  • As expert user, type the command revert --file MySnapshot.tgz. (Correct)
  • As expert user, type the command snapshot R to restore from a local file. Then, provide the correct name.
  • Reboot the system and call the start menu. Select the option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.

Answer : As expert user, type the command revert --file MySnapshot.tgz.

What would be the benefit of upgrading from SmartDefense to IPS R75?


Options are :

  • There is no difference - IPS R75 is the new name.
  • The SmartDefense is replaced by the technology of IPS-1.
  • The SmartDefense technology expands IPS-1 to IPS R75
  • Completely rewritten engine provides improved security performance and reporting. (Correct)

Answer : Completely rewritten engine provides improved security performance and reporting.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now