156-215.75 Check Point Certified Security Administrator Exam Set 2

You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? i.e. the command cprestart is not sufficient. 1. Adding a hot-swappable NIC to the Operating System for the first time. 2. Uninstalling the R75 Power/UTM package. 3. Installing the R75 Power/UTM package. 4. Re-establishing SIC to the Security Management Server. 5. Doubling the maximum number of connections accepted by the Security Gateway.


Options are :

  • 1, 2, 3, 4, and 5
  • 3 only
  • 3, 4, and 5 only
  • 2, 3 only (Correct)

Answer : 2, 3 only

156-515.65 Check Point Certified Security Expert Plus Exam Set 2

Which SmartConsole component can Administrators use to track remote administrative activities?


Options are :

  • SmartView Monitor
  • Eventia Reporter
  • SmartView Tracker (Correct)
  • WebUI

Answer : SmartView Tracker

You are a security architect and need to design a secure firewall, VPN and IPS solution. Where would be the best place to install IPS in the topology if the internal network is already protected?


Options are :

  • On the LAN is enough, the DMZ does not need to be protected.
  • On each network segment separately
  • In front of the firewall is enough.
  • On the firewall itself to protect all connected networks centrally. (Correct)

Answer : On the firewall itself to protect all connected networks centrally.

The command fw fetch causes the:


Options are :

  • Security Gateway to retrieve the compiled policy and inspect code from the Security Management Server and install it to the kernel. (Correct)
  • Security Management Server to retrieve the IP addresses of the target Security Gateway
  • Security Gateway to retrieve the user database information from the tables on the Security Management Server
  • Security Management Server to retrieve the debug logs of the target Security Gateway

Answer : Security Gateway to retrieve the compiled policy and inspect code from the Security Management Server and install it to the kernel.

156-315.77 Check Point Certified Security Expert Exam Set 22

Which of the following statements accurately describes the upgrade_export command?


Options are :

  • Upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included before exporting.
  • Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the conf directories for importing to a newer version of the Security Gateway. (Correct)
  • Used when upgrading the Security Gateway, upgrade_export includes modified files directory.
  • Upgrade_export stores network-configuration data, objects, global properties, and the data base revisions prior to upgrading the security Management Server.

Answer : Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the conf directories for importing to a newer version of the Security Gateway.

When Jon first installed the system, he forgot to configure DNS servers on his Security Gateway.How could Jon configure DNS servers now that his Security Gateway is in production?


Options are :

  • Login to the SmartDashboard, edit the firewall Gateway object, select the tab Interfaces, then Domain Name Servers
  • Login to the firewall using SSH and run cpconfig, then select Domain Name Servers.
  • Login to the firewall using SSH and run sysconfig, then select Domain Name Servers. (Correct)
  • Login to the firewall using SSH and run fwm, then select System Configuration and Domain Name Servers.

Answer : Login to the firewall using SSH and run sysconfig, then select Domain Name Servers.

Which utility is necessary for reestablishing SIC?


Options are :

  • sysconfig
  • fwm sic_reset
  • cplic
  • cpconfig (Correct)

Answer : cpconfig

156-215.13 Check Point Certified Security Administrator Exam Set 11

Your customer wishes to install the SmartConsole on a Windows system. What are the minimum hardware requirements for R75? Give the BEST answer.


Options are :

  • 1 GB Free disk space and 1 GB RAM
  • 512 MB Free disk space and 1 GB RAM
  • 1 GB Free disk space and 512 MB RAM
  • 500 MB Free disk space and 512 MB RAM (Correct)

Answer : 500 MB Free disk space and 512 MB RAM

You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.


Options are :

  • /etc/conf/route.C
  • /etc/sysconfig/netconf.C (Correct)
  • /etc/sysconfig/network-scripts/ifcfg-ethx
  • /etc/sysconfig/network

Answer : /etc/sysconfig/netconf.C

Which command displays the installed Security Gateway version?


Options are :

  • cpstat -gw
  • fw stat
  • tw printver
  • fw ver (Correct)

Answer : fw ver

Check Point Certified Security Expert Exam Set 2

The third shift administrator was updating security management server access setting in global properties. He managed to lock the entire Administrator out of their accounts. How should you unlock these accounts?


Options are :

  • Logging to smart dash board as special cpconfig_admin account. Right click on each administrator object and select Unlock.
  • Reinstall the security management Server and restore using upgrade _imort
  • Delete the file admin .lock in the sfwdir/ tmp/directory of the security managem,ent server.
  • Type fwm lock_admin –ua from the command line of the security management server (Correct)

Answer : Type fwm lock_admin –ua from the command line of the security management server

The customer has a small Check Point installation which includes one Windows 2003 server as SmartConsole and Security Management Server with a second server running SecurePlatform as Security Gateway. This is an example of a(n):


Options are :

  • Stand-Alone Installation.
  • Unsupported configuration.
  • Hybrid Installation.
  • Distributed Installation. (Correct)

Answer : Distributed Installation.

Which of the following statements about Bridge mode is TRUE?


Options are :

  • A bridge must be configured with a pair of interfaces (Correct)
  • When managing a Security Gateway in Bridge mode, it is possible to use a bridge interface for Network Address Translation.
  • All ClusterXL modes are supported.
  • Assuming a new installation, bridge mode requires changing the existing IP routing of the network.

Answer : A bridge must be configured with a pair of interfaces

156-315.71 Check Point Security Expert R71 Practice Exam Set 6

Amy is unsure that her nightly backup configured from the Check Point backup tool is working. If she logged into her Gateway using SSH, in which directory would she find her nightly backups?


Options are :

  • /var/backups
  • /var/CPbackup/backups (Correct)
  • /opt/backups
  • /backups

Answer : /var/CPbackup/backups

Where is the IPSO Boot Manager physically located on an IP Appliance?


Options are :

  • In the / nvram directory
  • On an external jump drive
  • On the platform’s BIOS
  • On built-in compact Flash memory (Correct)

Answer : On built-in compact Flash memory

Which utility allows you to configure the DHCP service on SecurePlatform from the command line?


Options are :

  • dhcp_cfg
  • sysconfig (Correct)
  • cpconfig
  • ifconfig

Answer : sysconfig

156-315.77 Check Point Certified Security Expert Exam Set 3

What is the primary benefit of using upgrade_export over either backup of snapshot?


Options are :

  • upgrade_export is operating system independent and can be used when backup or snapshot is not available. (Correct)
  • upgrade_export has an option to backup the system and SmartView tracker logs while back and snapshot will not.
  • upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
  • The backup and snapshot commands can take long time to run whereas upgrade_export will take a much shorter amount of time.

Answer : upgrade_export is operating system independent and can be used when backup or snapshot is not available.

ALL of the following options are provided by the SecurePlatform sysconfig utility, EXCEPT:


Options are :

  • DHCP Server configuration
  • Export setup
  • Time & Date
  • GUI Clients (Correct)

Answer : GUI Clients

Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?


Options are :

  • cpstat fwd
  • fw ctl pstat
  • fw ver
  • fw stat (Correct)

Answer : fw stat

156-215.77 Check Point Certified Security Administrator Exam Set 6

During which step in the installation process is it necessary to note the fingerprint for firsttime verification?


Options are :

  • When configuring the Security Management Server using cpconfig (Correct)
  • When configuring the Gateway in the WebUl
  • When establishing SIC between the Security Management Server and the Gateway
  • When configuring the Security Gateway object in SmartDashboard

Answer : When configuring the Security Management Server using cpconfig

You are creating an output file with the following command:fw monitor -e "accept (src=10.20.30.40 or dst=10.20.30.40);" -o ~/output Which tool do you use to analyze this file?


Options are :

  • You can analyze it with Wireshark or Ethereal. (Correct)
  • The output file format is CSV, so you can use MS Excel to analyze it.
  • You cannot analyze it with any tool as the syntax should be:fw monitor -e accept ([12,b]=10.20.30.40 or [16,b]=10.20.30.40); -o ~/output.
  • You can analyze the output file with any ASCI editor.

Answer : You can analyze it with Wireshark or Ethereal.

156-315.77 Check Point Certified Security Expert Exam Set 22

Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?


Options are :

  • Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
  • Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
  • Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install. (Correct)
  • In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.

Answer : Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.

For normal packet transmission of an accepted communication to a host protected by a Security Gateway, how many lines per packet are recorded on a packet analyzer like Wireshark using fw monitor?


Options are :

  • None
  • 2
  • 3
  • 4 (Correct)

Answer : 4

You issue the fw monitor command with no arguments. Which of the following inspection points will be displayed?


Options are :

  • All inspection points (Correct)
  • After the virtual machine, in the outbound direction
  • Before the virtual machine, in the inbound direction
  • Before the virtual machine, in the outbound direction

Answer : All inspection points

156-315.71 Check Point Security Expert R71 Practice Exam Set 5

Beginning with R75, Software Blades were introduced. One of the Software Blades is the IPS Software Blade as a replacement for SmartDefense. When buying or upgrading to a bundle, some blades are included, e.g. FW, VPN, IPS in SG103. Which statement is NOT true?


Options are :

  • The IPS Software Blade can be used for an unlimited time.
  • After one year, it is mandatory to renew the service contract for the IPS Software Blade because it has been bundled with the license when purchased. (Correct)
  • The license price includes IPS Updates for the first year.
  • There is no need to renew the service contract after one year.

Answer : After one year, it is mandatory to renew the service contract for the IPS Software Blade because it has been bundled with the license when purchased.

Which of the following statements regarding SecureXL and CoreXL is TRUE?


Options are :

  • SecureXL is an application for accelerating connections. (Correct)
  • CoreXL is included in SecureXL.
  • SecureXL is only available in R75
  • CoreXL enables multi-core processing for program interfaces.

Answer : SecureXL is an application for accelerating connections.

Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?


Options are :

  • The restore can be done easily by the command restore and selecting the appropriate backup file. (Correct)
  • A backup cannot be restored, because the binary files are missing.
  • The restore is done by selecting Snapshot Management from the boot menu of SecurePlatform.
  • The restore is not possible because the backup file does not have the same build number (version).

Answer : The restore can be done easily by the command restore and selecting the appropriate backup file.

156-215.77 Check Point Certified Security Administrator Test Set 6

Which of the following methods will provide the most complete backup of an R75 configuration?


Options are :

  • upgrade_export command (Correct)
  • Policy Package Management
  • Database Revision Control
  • Copying the $PWDIR\conf and $CPDIR\conf directories to another server

Answer : upgrade_export command

Where can you find the Check Point's SNMP MIB file?


Options are :

  • $FWDIR/conf/snmp.mib
  • There is no specific MIB file for Check Point products.
  • It is obtained only by request from the TAC.
  • $CPDIR/lib/snmp/chkpt.mib (Correct)

Answer : $CPDIR/lib/snmp/chkpt.mib

Which of the following is a CLI command for Security Gateway R75?


Options are :

  • fw tab -u (Correct)
  • fwm policy_print
  • fw shutdown
  • fw merge

Answer : fw tab -u

156-315.77 Check Point Certified Security Expert Exam Set 8

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions