156-215.75 Check Point Certified Security Administrator Exam Set 3

Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass through the Gateway running on an IP Appliance running IPSO. What command do you need to run after stopping the firewall service?


Options are :

  • ipsofwd on admin
  • fw fwd routing
  • ipsofwd slowpath
  • fw load routed

Answer : ipsofwd on admin

Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates are created:


Options are :

  • And used for securing internal network communications between SmartView Tracker and an OPSEC device.
  • For Security Gateways during the Security Gateway installation.
  • To decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.
  • For the Security Management Server during the Security Management Server installation.

Answer : For the Security Management Server during the Security Management Server installation.

You are running a R75 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?


Options are :

  • upgrade_export
  • snapshot
  • manual backup
  • backup

Answer : snapshot

156-215.75 Check Point Certified Security Administrator Exam Set 4

How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out via a rule or policy mis-configuration?


Options are :

Answer : fw unloadlocal

Your primary Security Management Server runs on SecurePlatform. What is the easiest way to back up your Security Gateway R75 configuration, including routing and network configuration files?


Options are :

  • Run the pre_upgrade_verifier and save the .tgz file to the /temp directory.
  • Using the upgrade_export command.
  • Using the native SecurePlatform backup utility from command line or in the Web based user interface.
  • Copying the $FWDIR/conf and $FWDIR/lib directory to another location.

Answer : Using the native SecurePlatform backup utility from command line or in the Web based user interface.

John is the Security Administrator in his company. He needs to maintain the highest level of security on the firewalls he manages. He is using Check Point R75. Does he need the IPS Software Blade for achieving this goal?


Options are :

  • Yes, otherwise the firewall will pass all traffic unfiltered and unchecked.
  • No, all IPS protections are active, but cant be uploaded without the license like SmartDefense.
  • No, the Gateway will always be protected and the IPS checks cant be managed without a license.
  • Yes, otherwise no protections can be enabled.

Answer : Yes, otherwise no protections can be enabled.

156-215.75 Check Point Certified Security Administrator Exam Set 5

In previous versions, the full TCP three-way handshake was sent to the firewall kernel for inspection. How is this improved in the current version of IPSO Flows/SecureXL?


Options are :

  • Only the initial SYN packet is inspected. The rest are handled by IPSO
  • Resources are proactively assigned using predictive algorithmic techniques.
  • Packets are virtualized to a RAM drive-based FW VM.
  • Packets are offloaded to a third-party hardware card for near-line inspection.

Answer : Only the initial SYN packet is inspected. The rest are handled by IPSO

When restoring R75 using the command upgrade > Port. Which of the following items is NOT restored?


Options are :

  • Route tables
  • SIC Certificates
  • Global properties
  • Licenses

Answer : Route tables

Which command allows you to view the contents of an R75 table?


Options are :

  • fw tab -x
  • fw tab -a
  • fw tab -t
  • fw tab -s
  • Answer : fw tab -t

    156-215.75 Check Point Certified Security Administrator Exam Set 6

    Which of the following options is available with the SecurePlatform cpconfig utility?


    Options are :

    • Export setup
    • Time & Date
    • DHCP Server configuration
    • GUI Clients

    Answer : GUI Clients

    How is wear on the flash storage device mitigated on appliance diskless platforms?


    Options are :

    • Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
    • The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
    • A RAM drive reduces the swap file thrashing which causes fast wear on the device.
    • PRAM flash devices are used, eliminating the longevity.

    Answer : A RAM drive reduces the swap file thrashing which causes fast wear on the device.

    Your R75 enterprise Security Management Server is running abnormally on Windows 2003 Server. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?


    Options are :

    • 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.
    • 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Transferee .tgz file to another network machine 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Install again using the R75 CD ROM as a primary security management server 5) Reboot and than transfer the .tgz file back to the local\ tem p 6) Run upgcade_import to import the configuration.
    • 1) Insert the R75 CD-ROM. and select the option to export the configuration into a . tgz file 2) Skip any upgrade verification warnings since you are not upgrading. 3) Transfer the. tgz file to another networked machine. 4) Download and run the cpclean utility and reboot. 5) Use the R75 CD_ROM to select the upgrade__import option to import the c
    • 1) Run the latest upgrade_export utility to export the configuration 2) Leave the exported - tgz file in %FWDIR\bin. 3) Install the primary security Management Server on top of the current installation 4) Run upgrade_import to Import the configuration.

    Answer : 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.

    156-215.75 Check Point Certified Security Administrator Exam Set 7

    Which CLI command verifies the number of cores on your firewall machine?


    Options are :

    • fw ctl multik stat
    • fw ctl core stat
    • fw ctl pstat
    • cpstat fw -f core

    Answer : fw ctl multik stat

    John currently administers a network using single CPU single core servers for the Security Gateways and is running R75. His company is now going to implement VOIP and needs more performance on the Gateways. He is now adding more memory to the systems and also upgrades the CPU to a modern quad core CPU in the server. He wants to use CoreXL technology to benefit from the new performance benchmarks of this technology. How can he achieve this?


    Options are :

    • He needs to reinstall the Gateways because during the initial installation, it was a singlecore CPU but the wrong Linux kernel was installed. There is no other upgrade path available.
    • He just needs to go to cpconfig on the CLI and enable CoreXL. After the required reboot he will benefit from the new technology.
    • Nothing needs to be done. SecurePlatform recognized the change during reboot and adjusted all the settings automatically.
    • He just needs to go to cpconfig on the CLI and enable CoreXL. Only a restart of the firewall is required to benefit from CoreXL technology.

    Answer : He just needs to go to cpconfig on the CLI and enable CoreXL. After the required reboot he will benefit from the new technology.

    Your company is running Security Management Server R75 on SecurePlatform, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?


    Options are :

    • Using SmartDashboard, under Users, select Add New Administrator
    • Using SmartDashboard or cpconf ig
    • Using the Web console on SecurePlatform under Product configuration, select Administrators
    • Using cpconftg on the Security Management Server, choose Administrators

    Answer : Using SmartDashboard, under Users, select Add New Administrator

    156-215.75 Check Point Certified Security Administrator Exam Set 8

    If you run fw monitor without any parameters, what does the output display?


    Options are :

    • On the console
    • In / var/log/monitor. out
    • In /var/adm/monitor. Out
    • In /tmp/log/monitor out

    Answer : On the console

    Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:


    Options are :

    • Are for Security Gateways created during the Security Management Server installation.
    • Can be used for securing internal network communications between the Security Gateway and an OPSEC device.
    • Uniquely identify machines installed with Check Point software only. They have the same function as RSA Authentication Certificates.
    • Increase network security by securing administrative communication with a two-factor challenge response authentication.

    Answer : Can be used for securing internal network communications between the Security Gateway and an OPSEC device.

    You need to back up the routing, interface, and DNS configuration information from your R75 SecurePlatform Security Gateway. Which backup-and-restore solution do you use?


    Options are :

    • Manual copies of the $FWDIR/conf directory
    • upgrade_export and upgrade_import commands
    • Database Revision Control
    • SecurePlatform backup utilities

    Answer : SecurePlatform backup utilities

    156-215.77 Check Point Certified Security Administrator Exam Set 1

    Which of the following commands will completely remove the Security Policy from being enforced on a Security Gateway?


    Options are :

    • fw unload
    • fw unloadlocal
    • fw unload local
    • cpstop

    Answer : fw unloadlocal

    Which of the following commands identifies whether or not a Security Policy is installed or the Security Gateway is operating with the initial policy?


    Options are :

    • fw monitor
    • cp stat
    • fw stat
    • fw ctl pstat

    Answer : fw stat

    Which of the following tools is used to generate a Security Gateway R75 configuration report?


    Options are :

    • cpinfo
    • licview
    • infoview
    • ethereal

    Answer : cpinfo

    156-215.77 Check Point Certified Security Administrator Exam Set 2

    Which of the following commands can provide the most complete restoration of an R75 configuration?


    Options are :

    • Upgrade_import
    • Cpconfig
    • cpinfo -recover
    • fwm dbimport -p

    Answer : Upgrade_import

    How can you check whether IP forwarding is enabled on an IP Security Appliance?


    Options are :

    • ipsofwd list
    • echo 1 > /proc/sys/net/ipv4/ip_forwarding
    • cat/proc/sys/net/ipv4/ip_forward
    • clish c show routing active enable

    Answer : ipsofwd list

    You intend to upgrade a Check Point Gateway from R65 to R75. Prior to upgrading, you want to backup the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?


    Options are :

    • Database_revision
    • Backup
    • Upgrade_export
    • Snapshot

    Answer : Backup

    156-215.77 Check Point Certified Security Administrator Exam Set 3

    To monitor all traffic between a network and the Internet on a SecurePlatform Gateway, what is the BEST utility to use?


    Options are :

    • infoview
    • cpinfo
    • snoop
    • tcpdump

    Answer : tcpdump

    Which of the following statements accurately describes the snapshot command?


    Options are :

    • A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server.
    • snapshot stores only the system-configuration settings on the Gateway.
    • snapshot creates a full OS-level backup, including network-interface data, Check Point product information, and configuration settings during an upgrade of a SecurePlatform Security Gateway.
    • snapshot creates a full system-level backup of the Security Management Server on any OS

    Answer : snapshot creates a full OS-level backup, including network-interface data, Check Point product information, and configuration settings during an upgrade of a SecurePlatform Security Gateway.

    How can you view cpinfo on a SecurePlatform machine?


    Options are :

    • snoop i
    • infotab
    • Text editor, such as vi
    • tcpdump

    Answer : Text editor, such as vi

    156-215.77 Check Point Certified Security Administrator Exam Set 4

    Another administrator accidentally installed a Security Policy on the wrong firewall. Having done this, you are both locked out of the firewall that is called myfw1. What command would you execute on your system console on myfw1 in order for you to push out a new Security Policy?


    Options are :

    • cpstop
    • fw dbloadlocal
    • fw ctl filter
    • fw unloadlocal

    Answer : fw unloadlocal

    John currently administers a network using NGX R65.4 on the Security Management Server and NGX R65.2.100 (the VOIP release with the VOIP plug-ins enabled). He wants to upgrade to R75 to get the benefits of Check Point's Software Blades. What would be the best way of doing this?


    Options are :

    • Just insert the R75 CD-ROM and run the in-place upgrade.
    • Run upgrade_export on R65 management, then install R75 on this machine and run upgrade_import and re-license the systems to use software blades.
    • This is not supported today as currently the VOIP Software Blade and VOIP plug-in is not available in R75.
    • This can not be done yet as R75 can not manage NGX R65 Gateways due to SmartDefense and IPS mismatch problems.

    Answer : This is not supported today as currently the VOIP Software Blade and VOIP plug-in is not available in R75.

    What is the command used to view which policy is installed?


    Options are :

    • fw ctl install
    • fw stat
    • fwm stat
    • fw ctl pstat

    Answer : fw stat

    156-215.77 Check Point Certified Security Administrator Exam Set 5

    Comment / Suggestion Section
    Point our Mistakes and Post Your Suggestions