156-215.77 Check Point Certified Security Administrator Exam Set 3

What is the syntax for uninstalling a package using newpkg?


Options are :

  • -u
  • -S
  • -i
  • newpkg CANNOT be used to uninstall a package

Answer : newpkg CANNOT be used to uninstall a package

How can you recreate the Security Administrator account, which was created during initial Management Server installation on GAiA?


Options are :

  • Launch SmartDashboard in the User Management screen, and delete the cpconfig administrator.
  • Type cpm -a, and provide the existing Administratorís account name. Reset the Security Administratorís password.
  • Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Administrator Account portion of the file. You will be prompted to create a new account.
  • Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

Answer : Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

156-215.77 Check Point Certified Security Administrator Exam Set 4

What gives administrators more flexibility when configuring Captive Portal instead of LDAP query for Identity Awareness authentication?


Options are :

  • Captive Portal is more transparent to the user
  • Nothing, LDAP query is required when configuring Captive Portal
  • Captive Portal works with both configured users and guests
  • Captive Portal is more secure than standard LDAP

Answer : Captive Portal works with both configured users and guests

You are running a R77 Security Gateway on GAiA. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What back up method could be used to quickly put the secondary firewall into production?


Options are :

  • upgrade_export
  • manual backup
  • snapshot
  • backup

Answer : snapshot

How can you reset the Security Administrator password that was created during initial Security Management Server installation on GAiA?


Options are :

  • As expert user Type fwm -a, and provide the existing administratorís account name. Reset the Security Administratorís password.
  • Type cpm -a, and provide the existing administratorís account name. Reset the Security Administratorís password.
  • Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password.
  • Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator.

Answer : As expert user Type fwm -a, and provide the existing administratorís account name. Reset the Security Administratorís password.

156-215.77 Check Point Certified Security Administrator Exam Set 5

What command with appropriate switches would you use to test Identity Awareness connectivity?


Options are :

  • test_ad
  • test_ad_connectivity
  • test_ldap
  • test_ldap_connectivity

Answer : test_ad_connectivity

A snapshot delivers a complete GAiA backup. The resulting file can be stored on servers or as a local file in /var/CPsnapshot/snapshots. How do you restore a local snapshot named MySnapshot.tgz?


Options are :

  • As expert user, type the command snapshot - R to restore from a local file. Then, provide the correct file name.
  • .Reboot the system and call the start menu. Select the option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.
  • As expert user, type the command snapshot -r MySnapshot.tgz.
  • As expert user, type the command revert --file MySnapshot.tgz.

Answer : As expert user, type the command revert --file MySnapshot.tgz.

How can you most quickly reset Secure Internal Communications (SIC) between a Security Management Server and Security Gateway?


Options are :

  • Run the command fwm sic_reset to reinitialize the Security Management Server Internal Certificate Authority (ICA). Then retype the activation key on the Security Gateway from SmartDashboard.
  • From the Security Management Serverís command line, type fw putkey -p .
  • From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
  • Use SmartUpdate to retype the Security Gateway activation key. This will automatically sync SIC to both the Security Management Server and Gateway.

Answer : From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).

156-215.77 Check Point Certified Security Administrator Exam Set 6

What are you required to do before running the command upgrade_export?


Options are :

  • Run a cpstop on the Security Gateway.
  • Run a cpstop on the Security Management Server.
  • Run cpconfig and set yourself up as a GUI client.
  • Close all GUI clients.

Answer : Close all GUI clients.

An Administrator without access to SmartDashboard installed a new IPSO-based R77 Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy?


Options are :

  • An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance. Resolve by running the command fw unloadlocal on the local Security Gateway.
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server.
  • You first need to run the command fw unloadlocal on the R77 Security Gateway appliance in order to remove the restrictive default policy.
  • You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gatewayís topology.

Answer : You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gatewayís topology.

Which of the following statements is TRUE about management plug-ins?


Options are :

  • The plug-in is a package installed on the Security Gateway.
  • Installing a management plug-in is just like an upgrade process.
  • Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
  • A management plug-in interacts with a Security Management Server to provide new features and support for new products.

Answer : A management plug-in interacts with a Security Management Server to provide new features and support for new products.

156-215.77 Check Point Certified Security Administrator Exam Set 1

In which Rule Base can you implement an Access Role?


Options are :

  • Mobile Access
  • IPS
  • Firewall
  • DLP

Answer : Firewall

You are running the license_upgrade tool on your GAiA Gateway. Which of the following can you NOT do with the upgrade tool?


Options are :

  • View the status of currently installed licenses
  • Perform the actual license-upgrade process
  • Simulate the license-upgrade process
  • View the licenses in the SmartUpdate License Repository

Answer : View the licenses in the SmartUpdate License Repository

Which of the following is NOT defined by an Access Role object?


Options are :

  • Source User
  • Source Server
  • Source Machine
  • Source Network

Answer : Source Server

156-215.77 Check Point Certified Security Administrator Exam Set 2

Where do you verify that UserDirectory is enabled?


Options are :

  • Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
  • Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
  • Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
  • Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

Answer : Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

Over the weekend, an Administrator without access to SmartDashboard installed a new R77 Security Gateway using GAiA. You want to confirm communication between the Gateway and the Management Server by installing the Security Policy. What might prevent you from installing the Policy?


Options are :

  • You first need to run the command fw unloadlocal on the new Security Gateway.
  • You first need to initialize SIC in SmartUpdate.
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server.
  • You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on both the Security Gateway and the Management Server.

Answer : You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server.

To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?


Options are :

  • Source
  • User
  • Track
  • Action

Answer : Source

156-215.77 Check Point Certified Security Administrator Exam Set 3

Access Role objects define users, machines, and network locations as:


Options are :

  • One object
  • Linked objects
  • Credentialed objects
  • Separate objects

Answer : One object

What is the primary benefit of using the command upgrade_export over either backup or snapshot?


Options are :

  • upgrade_export is operating system independent and can be used when backup or snapshot is not available.
  • upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.
  • The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.
  • upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.

Answer : upgrade_export is operating system independent and can be used when backup or snapshot is not available.

You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?


Options are :

  • GAiA back up utilities
  • Database Revision Control
  • Manual copies of the directory $FWDIR/conf
  • .upgrade_export and upgrade_import commands

Answer : GAiA back up utilities

156-215.77 Check Point Certified Security Administrator Exam Set 4

You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a platform using GAiA. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used in CLISH to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.


Options are :

  • .ifconfig -a
  • ethtool
  • set interface
  • mii_tool

Answer : set interface

156-215.77 Check Point Certified Security Administrator Exam Set 5

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.


Options are :

  • Users must use the SecuRemote Client, to use the User Authentication Rule.
  • You checked the cache password on desktop option in Global Properties.
  • Another rule that accepts HTTP without authentication exists in the Rule Base.
  • You have forgotten to place the User Authentication Rule before the Stealth Rule.

Answer : Another rule that accepts HTTP without authentication exists in the Rule Base.

Where are SmartEvent licenses installed?


Options are :

  • Security Management Server
  • SmartEvent server
  • Log Server
  • Security Gateway

Answer : SmartEvent server

Which command enables IP forwarding on IPSO?


Options are :

  • .ipsofwd on admin
  • echo 1 > /proc/sys/net/ipv4/ip_forward
  • clish -c set routing active enable
  • echo 0 > /proc/sys/net/ipv4/ip_forward

Answer : .ipsofwd on admin

156-215.77 Check Point Certified Security Administrator Exam Set 6

You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?


Options are :

  • Create a Suspicious Activity Rule in SmartView Monitor.
  • Select Block intruder from the Tools menu in SmartView Tracker.
  • Add a temporary rule using SmartDashboard and select hide rule.
  • Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.

Answer : Create a Suspicious Activity Rule in SmartView Monitor.

Which of the following options is available with the GAiA cpconfig utility on a Management Server?


Options are :

  • GUI Clients
  • Export setup
  • Time & Date
  • DHCP Server configuration

Answer : GUI Clients

How do you use SmartView Monitor to compile traffic statistics for your companyís Internet Web activity during production hours?


Options are :

  • View total packets passed through the Security Gateway.
  • Configure a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway.
  • Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.
  • Select Tunnels view, and generate a report on the statistics.

Answer : Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.

156-215.77 Check Point Certified Security Administrator Test Set 1

Which authentication type requires specifying a contact agent in the Rule Base?


Options are :

  • User Authentication
  • Session Authentication
  • Client Authentication with Manual Sign On
  • Client Authentication with Partially Automatic Sign On

Answer : Session Authentication

A third-shift Security Administrator configured and installed a new Security Policy early this morning. When you arrive, he tells you that he has been receiving complaints that Internet access is very slow. You suspect the Security Gateway virtual memory might be the problem. Which SmartConsole component would you use to verify this?


Options are :

  • Eventia Analyzer
  • This information can only be viewed with the command fw ctl pstat from the CLI.
  • SmartView Tracker
  • SmartView Monitor

Answer : SmartView Monitor

Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?


Options are :

  • A group with a generic user
  • LDAP group
  • All Users
  • External-user group

Answer : LDAP group

156-215.77 Check Point Certified Security Administrator Test Set 2

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions