156-215.77 Check Point Certified Security Administrator Exam Set 6

When launching SmartDashboard, what information is required to log into R77?


Options are :

  • User Name, Password, Management Server IP
  • User Name, Management Server IP, certificate fingerprint file
  • Password, Management Server IP, LDAP Server IP
  • Password, Management Server IP

Answer : User Name, Password, Management Server IP

You believe Phase 2 negotiations are failing while you are attempting to configure a site-tosite VPN with one of your firm’s business partners.Which SmartConsole application should you use to confirm your suspicions?


Options are :

  • SmartDashboard
  • SmartUpdate
  • SmartView Status
  • SmartView Tracker

Answer : SmartView Tracker

What is one potential downside or drawback to choosing the Standalone deployment option instead of the Distributed deployment option?


Options are :

  • Requires additional Check Point Appliances
  • Degrades performance as the Security Policy grows in size
  • .Increases cost
  • Requires additional software subscription

Answer : Degrades performance as the Security Policy grows in size

According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):


Options are :

  • Gateway
  • Interoperable Device
  • Network Node
  • Externally managed gateway

Answer : Externally managed gateway

156-215.77 Check Point Certified Security Administrator Exam Set 1

Which of the following is true of a Stealth Rule?


Options are :

  • The Stealth rule is required for proper firewall protection
  • The Stealth rule should be located just before the Cleanup rule
  • The Stealth rule must be the first rule in a policy
  • The Stealth rule should not be logged

Answer : The Stealth rule is required for proper firewall protection

Choose the correct statement regarding Implied Rules:


Options are :

  • You can directly edit the Implied rules by double-clicking on a specific Implicit rule
  • To edit Implied rules you go to: Launch Button > Policy > Global Properties > Firewall
  • Implied rules are fixed rules that you cannot change
  • You can edit the Implied rules but only if requested by Check Point support personnel.

Answer : To edit Implied rules you go to: Launch Button > Policy > Global Properties > Firewall

Choose the correct statement regarding Stealth Rules:


Options are :

  • The Stealth Rule is a default rule that always exists when using Check Point products
  • The Stealth Rule is a rule that hides your internal networks.
  • Check Point recommends you include a Stealth Rule as a best practice.
  • The Stealth Rule is part of the Implicit rules.

Answer : Check Point recommends you include a Stealth Rule as a best practice.

156-215.77 Check Point Certified Security Administrator Exam Set 2

Which R77 feature or command allows Security Administrators to revert to earlier Security Policy versions without changing object configurations?


Options are :

  • Database Revision Control
  • fwm dbexport/fwm dbimport
  • upgrade_export/upgrade_import
  • Policy Package management

Answer : Database Revision Control

156-215.77 Check Point Certified Security Administrator Exam Set 3

Which of the following uses the same key to decrypt as it does to encrypt?


Options are :

  • Dynamic encryption
  • Certificate-based encryption
  • Asymmetric encryption
  • Symmetric encryption

Answer : Symmetric encryption

Message digests use which of the following?


Options are :

  • SHA-1 and MD5
  • DES and RC4
  • SSL and MD4
  • IDEA and RC4

Answer : SHA-1 and MD5

The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?


Options are :

  • Type fwm lock_admin -u from the Security Management Server command line.
  • Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
  • Type fwm unlock_admin from the Security Management Server command line.
  • Type fwm unlock_admin -u from the Security Gateway command line.

Answer : Type fwm lock_admin -u from the Security Management Server command line.

156-215.77 Check Point Certified Security Administrator Exam Set 4

Which of the following is NOT useful to verify whether or not a Security Policy is active on a Gateway?


Options are :

  • fw stat
  • cpstat fw -f policy
  • Check the Security Policy name of the appropriate Gateway in SmartView Monitor.
  • fw ctl get string active_secpol

Answer : fw ctl get string active_secpol

Tom has been tasked to install Check Point R77 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?


Options are :

  • One machine
  • One machine, but it needs to be installed using SecurePlatform for compatibility purposes
  • Three machines
  • Two machines

Answer : Two machines

You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.


Options are :

  • /etc/sysconfig/network
  • /etc/sysconfig/network-scripts/ifcfg-ethx
  • /etc/sysconfig/netconf.C
  • /etc/conf/route.C

Answer : /etc/sysconfig/netconf.C

156-215.77 Check Point Certified Security Administrator Exam Set 5

You have a diskless appliance platform. How do you keep swap file wear to a minimum?


Options are :

  • A RAM drive reduces the swap file thrashing which causes fast wear on the device.
  • Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
  • Use PRAM flash devices, eliminating the longevity
  • The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.

Answer : A RAM drive reduces the swap file thrashing which causes fast wear on the device.

What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?


Options are :

  • Check the Log Implied Rules Globally box on the R77 Gateway object.
  • In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.
  • Define two log servers on the R77 Gateway object. Enable Log Implied Rules on the first log server. Enable Log Rule Base on the second log server. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.
  • Install the View Implicit Rules package using SmartUpdate.

Answer : In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.

When using GAiA, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?As expert user, issue these commands:


Options are :

  • Edit the file /etc/sysconfig/netconf.C and put the new MAC address in the field
  • # IP link set eth0 addr 00:0C:29:12:34:56
  • Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings.
  • As expert user, issue the command:

Answer : # IP link set eth0 addr 00:0C:29:12:34:56

156-215.77 Check Point Certified Security Administrator Exam Set 6

Which utility allows you to configure the DHCP service on GAiA from the command line?


Options are :

  • cpconfig
  • dhcp_cfg
  • ifconfig
  • sysconfig

Answer : sysconfig

The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running GAiA as both Security Management Server and the Security Gateway. This is an example of a(n):


Options are :

  • Distributed Installation
  • Stand-Alone Installation
  • Unsupported configuration
  • Hybrid Installation

Answer : Stand-Alone Installation

You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?


Options are :

  • SmartDashboard and SmartView Tracker
  • SmartView Monitor and SmartUpdate
  • SmartLSM and SmartUpdate
  • SmartView Tracker and SmartView Monitor

Answer : SmartView Monitor and SmartUpdate

156-215.77 Check Point Certified Security Administrator Exam Set 1

The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?


Options are :

  • Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
  • Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.
  • Reinstall the Security Management Server and restore using upgrade_import.
  • Type fwm lock_admin -ua from the Security Management Server command line.

Answer : Type fwm lock_admin -ua from the Security Management Server command line.

Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots.What occurs with the remote Gateway after reboot?


Options are :

  • The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.
  • Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
  • Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
  • Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.

Answer : The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions