156-215.77 Check Point Certified Security Administrator Exam Set 2

You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do?


Options are :

  • Create network objects that restrict all applicable rules to only certain networks.
  • Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
  • Create a separate Security Policy package for each remote Security Gateway. (Correct)
  • Run separate SmartConsole instances to login and configure each Security Gateway directly

Answer : Create a separate Security Policy package for each remote Security Gateway.

Check Point Certified Security Expert Exam Set 8

Which rules are not applied on a first-match basis?


Options are :

  • Session Authentication
  • Cleanup
  • User Authentication (Correct)
  • Client Authentication

Answer : User Authentication

To check the Rule Base, some rules can be hidden so they do not distract the administrator from the unhidden rules. Assume that only rules accepting HTTP or SSH will be shown. How do you accomplish this?


Options are :

  • In SmartDashboard menu, select Search > Rule Base Queries. In the window that opens, create a new Query, give it a name (e.g. “HTTP_SSH”?) and define a clause regarding the two services HTTP and SSH. When having applied this, define a second clause for the action Accept and combine them with the Boolean operator AND. (Correct)
  • Ask your reseller to get a ticket for Check Point SmartUse and deliver him the Security Management Server cpinfo file.
  • This cannot be configured since two selections (Service, Action) are not possible.
  • In SmartDashboard, right-click in the column field Service > Query Column. Then, put the services HTTP and SSH in the list. Do the same in the field Action and select Accept here.

Answer : In SmartDashboard menu, select Search > Rule Base Queries. In the window that opens, create a new Query, give it a name (e.g. “HTTP_SSH”?) and define a clause regarding the two services HTTP and SSH. When having applied this, define a second clause for the action Accept and combine them with the Boolean operator AND.

A Security Policy has several database versions. What configuration remains the same no matter which version is used?


Options are :

  • Objects_5_0.C
  • Rule Bases_5_0.fws
  • fwauth.NDB
  • Internal Certificate Authority (ICA) certificate (Correct)

Answer : Internal Certificate Authority (ICA) certificate

156-315.77 Check Point Certified Security Expert Exam Set 8

Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?


Options are :

  • A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
  • When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install
  • A Rule Base can always be installed on any Check Point firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install.
  • In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule. (Correct)

Answer : In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule.

A _______ rule is used to prevent all traffic going to the R77 Security Gateway.


Options are :

  • Cleanup
  • Stealth (Correct)
  • Reject
  • IPS

Answer : Stealth

You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the:


Options are :

  • Default filter.
  • Initial policy (Correct)
  • .Last policy that was installed.
  • .Standard policy

Answer : Initial policy

156-315.77 Check Point Certified Security Expert Exam Set 5

You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?


Options are :

  • Last (Correct)
  • Before Last
  • First
  • After Stealth Rule

Answer : Last

MegaCorp’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How do you apply the license?


Options are :

  • Using the remote Gateway's IP address, and applying the license locally with the command cplic put.
  • Using each of the Gateways’ IP addresses, and applying the licenses on the Security Management Server with the command.
  • Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate. (Correct)
  • Using the remote Gateway’s IP address, and attaching the license to the remote Gateway via SmartUpdate.

Answer : Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.

Identity Awareness is implemented to manage access to protected resources based on a user’s _____________.


Options are :

  • Application requirement
  • Identity (Correct)
  • Computer MAC address
  • Time of connection

Answer : Identity

156-215.70 Check Point Certified Security Administrator Exam Set 3

An advantage of using central instead of local licensing is:


Options are :

  • A license can be taken from one Security Management Server and given to another Security Management Server
  • Only one IP address is used for all licenses (Correct)
  • The license must be renewed when changing the IP address of a Security Gateway. Each module’s license has a unique IP address.
  • Licenses are automatically attached to their respective Security Gateways.

Answer : Only one IP address is used for all licenses

Check Point Certified Security Administrator Set 2

The Security Gateway is installed on GAiA R77 The default port for the Web User Interface is _______.


Options are :

  • TCP 18211
  • TCP 257
  • TCP 443 (Correct)
  • TCP 4433

Answer : TCP 443

How granular may an administrator filter an Access Role with identity awareness? Per:


Options are :

  • AD User (Correct)
  • Radius Group
  • Specific ICA Certificate
  • Windows Domain

Answer : AD User

You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? (i.e. the command cprestart is not sufficient.) 1.Adding a hot-swappable NIC to the Operating System for the first time. 2.Uninstalling the R77 Power/UTM package. 3.Installing the R77 Power/UTM package. 4.Re-establishing SIC to the Security Management Server. 5.Doubling the maximum number of connections accepted by the Security Gateway.


Options are :

  • 3, 4, and 5 only
  • .1, 2, 3, 4, and 5
  • 2, 3 only (Correct)
  • 3 only

Answer : 2, 3 only

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 11

Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?


Options are :

  • Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
  • Run the command revert to restore the snapshot, establish SIC, and install the Policy.
  • Reinstall the base operating system (i.e., GAiA). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy. (Correct)
  • Reinstall the base operating system (i.e., GAia). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.

Answer : Reinstall the base operating system (i.e., GAiA). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.

What command syntax would you use to see accounts the gateway suspects are service accounts?


Options are :

  • adlog check_accounts
  • adlog a service_accounts (Correct)
  • pdp check_log
  • pdp show service

Answer : adlog a service_accounts

Which command displays the installed Security Gateway version?


Options are :

  • fw stat
  • fw printver
  • cpstat –gw
  • fw ver (Correct)

Answer : fw ver

156-315.77 Check Point Certified Security Expert Exam Set 7

Which of the following statements accurately describes the command upgrade_export?


Options are :

  • Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the /conf directories for importing to a newer Security Gateway version. (Correct)
  • This command is no longer supported in GAiA.
  • upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included or excluded before exporting.
  • upgrade_export stores network-configuration data, objects, global properties, and the database revisions prior to upgrading the Security Management Server.

Answer : Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the /conf directories for importing to a newer Security Gateway version.

Before upgrading SecurePlatform to GAiA, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration. An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?


Options are :

  • The restore is not possible because the backup file does not have the same build number (version).
  • The restore can be done easily by the command restore and copying netconf.C from the production environment. (Correct)
  • A backup cannot be restored, because the binary files are missing.
  • The restore is done by selecting Snapshot Management from the boot menu of GAiA.

Answer : The restore can be done easily by the command restore and copying netconf.C from the production environment.

During which step in the installation process is it necessary to note the fingerprint for firsttime verification?


Options are :

  • When establishing SIC between the Security Management Server and the Gateway
  • When configuring the Gateway in the WebUI
  • When configuring the Security Gateway object in SmartDashboard
  • When configuring the Security Management Server using cpconfig (Correct)

Answer : When configuring the Security Management Server using cpconfig

156-315.77 Check Point Certified Security Expert Exam Set 7

Can you use Captive Portal with HTTPS?


Options are :

  • Yes (Correct)
  • No, it only works with FTP and HTTP
  • No, it only works with FTP
  • No, it only works with HTTP

Answer : Yes

You intend to upgrade a Check Point Gateway from R71 to R77. Prior to upgrading, you want to back up the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?


Options are :

  • database revision
  • snapshot
  • upgrade_export
  • backup (Correct)

Answer : backup

Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?


Options are :

  • cpstat fwd
  • .fw ver
  • fw stat (Correct)
  • fw ctl pstat

Answer : fw stat

Check Point Certified Security Administrator Set 5

You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway’s VPN domain?


Options are :

  • The SNX client application must be installed on the client
  • SNX modifies the routing table to forward VPN traffic to the Security Gateway. (Correct)
  • An office mode address must be obtained by the client.
  • Active-X must be allowed on the client.

Answer : SNX modifies the routing table to forward VPN traffic to the Security Gateway.

Your primary Security Gateway runs on GAiA. What is the easiest way to back up your Security Gateway R77 configuration, including routing and network configuration files?


Options are :

  • Run the pre_upgrade_verifier and save the .tgz file to the directory /temp.
  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location
  • Using the native GAiA backup utility from command line or in the Web based user interface. (Correct)
  • Using the command upgrade_export.

Answer : Using the native GAiA backup utility from command line or in the Web based user interface.

Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.


Options are :

  • Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
  • Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows
  • Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO
  • Check Point GAiA and SecurePlatform, and Microsoft Windows (Correct)

Answer : Check Point GAiA and SecurePlatform, and Microsoft Windows

Check Point Certified Security Expert Exam Set 7

Which of the following authentication methods can be configured in the Identity Awareness setup wizard?


Options are :

  • LDAP (Correct)
  • Windows password
  • TACACS
  • Check Point Password

Answer : LDAP

What command syntax would you use to turn on PDP logging in a distributed environment?


Options are :

  • pdp log=1
  • pdp logging on
  • pdp track=1
  • pdp tracker on (Correct)

Answer : pdp tracker on

You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation?


Options are :

  • Depends on the license installed on the Security Management Server
  • Only one with full access and one with read-only access
  • One (Correct)
  • As many as you want

Answer : One

Check Point Certified Security Expert Exam Set 1

Which of the following authentication methods can be configured in the Identity Awareness setup wizard?


Options are :

  • Check Point Password
  • TACACS
  • Captive Portal (Correct)
  • Windows password

Answer : Captive Portal

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions