156-315.13 Check Point Security Expert R76(GAiA) Exam Set 1

Your primary Security Management Server runs on GAiA. What is the easiest way to back up your Security Gateway R76 configuration, including routing and network configuration files?


Options are :

  • Run the command pre_upgrade_verifier and save the file *.tgz to the directory c:/temp.
  • Using the nativeGAiAback up utility from command line or in the Web-based user interface. (Correct)
  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • Using the command upgrade_export.

Answer : Using the nativeGAiAback up utility from command line or in the Web-based user interface.

156-315.77 Check Point Certified Security Expert Exam Set 14

When upgrading Check Point products in a distributed environment, in which order should you upgrade these components? 1 GUI Client 2 Security Management Server 3 Security Gateway


Options are :

  • 1,2,3
  • 3,1,2
  • 2,3,1 (Correct)
  • 3,2,1

Answer : 2,3,1

Typically, when you upgrade the Security Management Server, you install and configure a fresh R76 installation on a new computer and then migrate the database from the original machine. What is the correct order of the steps below to successfully complete this procedure? 1) Export databases from source. 2) Connect target to network. 3) Prepare the source machine for export. 4) Import databases to target. 5) Install new version on target. 6) Test target deployment.


Options are :

  • 3, 1, 5, 4, 2, 6
  • 6, 5, 3, 1, 4, 2
  • 5, 2, 6, 3, 1, 4
  • 3, 5, 1, 4, 6, 2 (Correct)

Answer : 3, 5, 1, 4, 6, 2

Typically, when you upgrade the Security Management Server, you install and configure a fresh R76 installation on a new computer and then migrate the database from the original machine.When doing this, what is required of the two machines? They must both have the same:


Options are :

  • State.
  • Interfaces configured
  • Products installed. (Correct)
  • Patch level.

Answer : Products installed.

156-315.77 Check Point Certified Security Expert Exam Set 7

In a "zero downtime" scenario, which command do you run manually after all cluster members are upgraded?


Options are :

  • cphaconf set_ccp multicast (Correct)
  • cphaconf set mc_relod
  • cphaconf set_ccp broadcast
  • cphaconf set clear_subs

Answer : cphaconf set_ccp multicast

You have pushed a policy to your firewall and you are not able to access the firewall. What command will allow you to remove the current policy from the machine?


Options are :

  • fw fetch policy
  • fw purge active
  • fw purge policy
  • fw unload local (Correct)

Answer : fw unload local

True or false? After creating a snapshot of a Windows 2003 SP2 Security Management Server, you can restore it on a SecurePlatform R76 Security Management Server, except you must load interface information manually.


Options are :

  • True, but only when the snapshot file is restored to a SecurePlatform system runningR76.10.
  • False, you cannot run the Check Point snapshot utility on a Windows gateway (Correct)
  • False, all configuration information conveys to the new system, including the interface configuration settings.
  • True, but only when the snapshot file is restored to a SecurePlatform system runningR76.20.

Answer : False, you cannot run the Check Point snapshot utility on a Windows gateway

156-315.77 Check Point Certified Security Expert Exam Set 7

Security server configuration settings are stored in _______________ .


Options are :

  • $FWDIR/conf/fwauthd.conf (Correct)
  • $FWDIR/conf/AMT.conf
  • $FWDIR/conf/fwopsec.conf
  • $FWDIR/conf/fwrl.conf

Answer : $FWDIR/conf/fwauthd.conf

You configure a Check Point QoS Rule Base with two rules: an HTTP rule with a weight of 40, and the Default Rule with a weight of 10. If the only traffic passing through your QoS Module is HTTP traffic, what percent of bandwidth will be allocated to the HTTP traffic?


Options are :

  • 100% (Correct)
  • 80%
  • 50%
  • 40%

Answer : 100%

Anytime a client initiates a connection to a server, the firewall kernel signals the FWD process using a trap. FWD spawns the ________ child service, which runs the security server.


Options are :

  • FWSSD (Correct)
  • FWSD
  • In.httpd
  • FWD

Answer : FWSSD

156-315.71 Check Point Security Expert R71 Practice Exam Set 4

When restoring R76 using the command upgrade_import, which of the following items are NOT restored?


Options are :

  • SIC Certificates
  • Licenses
  • Route tables (Correct)
  • Global properties

Answer : Route tables

User definitions are stored in ________________ .


Options are :

  • $FWDIR/conf/users.NDB
  • $FWDIR/conf/fwmuser
  • $FWDIR/conf/fwusers.conf
  • $FWDIR/conf/fwauth.NDB (Correct)

Answer : $FWDIR/conf/fwauth.NDB

What are you required to do before running upgrade_export?


Options are :

  • Close all GUI clients. (Correct)
  • Run a cpstop on the Security Management Server.
  • Run cpconfig and set yourself up as a GUI client.
  • Run a cpstop on the Security Gateway.

Answer : Close all GUI clients.

156-215.70 Check Point Certified Security Administrator Exam Set 9

Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment. Which back up method does Check Point recommend anytime outside a maintenance window?


Options are :

  • backup
  • backup_export
  • migrate export (Correct)
  • snapshot

Answer : migrate export

John is upgrading a cluster from NGX R65 to R76. John knows that you can verify the upgrade process using the pre-upgrade verifier tool. When John is running Pre-Upgrade Verification, he sees the warning message:Title: Incompatible pattern.What is happening?


Options are :

  • The actual configuration contains user defined patterns in IPS that are not supported inR76. If the patterns are not fixed after upgrade, they will not be used withR76Security Gateways. (Correct)
  • R76uses a new pattern matching engine. Incompatible patterns should be deleted before upgrade process to complete it successfully.
  • Pre-Upgrade Verification process detected a problem with actual configuration and upgrade will be aborted.
  • Pre-Upgrade Verification tool only shows that message but it is only informational.

Answer : The actual configuration contains user defined patterns in IPS that are not supported inR76. If the patterns are not fixed after upgrade, they will not be used withR76Security Gateways.

You are running a R76 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?


Options are :

  • manual backup
  • upgrade_export
  • backup
  • snapshot (Correct)

Answer : snapshot

156-215.75 Check Point Certified Security Administrator Exam Set 6

Which command would you use to save the routing information before upgrading a SecurePlatform Gateway?


Options are :

  • cp /etc/sysconfig/network.C [location] (Correct)
  • netstat rn > [filename].txt
  • ifconfig > [filename].txt
  • ipconfig a > [filename].txt

Answer : cp /etc/sysconfig/network.C [location]

The process ________ is responsible for Policy compilation.


Options are :

  • CPD
  • Fwcmp
  • CPLMD
  • FWM (Correct)

Answer : FWM

Which of the following is NOT a feature of ClusterXL?


Options are :

  • Enhanced throughput in all ClusterXL modes (2 gateway cluster compared with 1 gateway
  • Zero downtime for mission-critical environments with State Synchronization (Correct)
  • Transparent upgrades
  • Transparent failover in case of device failures

Answer : Zero downtime for mission-critical environments with State Synchronization

Check Point Certified Security Expert Exam Set 5

Restoring a snapshot-created file on one machine that was created on another requires which of the following to be the same on both machines?


Options are :

  • State, SecurePlatform version, and objects database
  • Windows version, objects database, patch level, and interface configuration
  • Windows version, interface configuration, and patch level
  • State, SecurePlatform version, and patch level (Correct)

Answer : State, SecurePlatform version, and patch level

Which of the following is NOT part of the policy installation process?


Options are :

  • Validation (Correct)
  • Code compilation
  • Code generation
  • Initiation

Answer : Validation

_________ is the called process that starts when opening SmartView Tracker application.


Options are :

  • FWM
  • CPLMD (Correct)
  • fwlogd
  • logtrackerd

Answer : CPLMD

156-515.65 Check Point Certified Security Expert Plus Exam Set 1

You intend to upgrade a Check Point Gateway from R65 to R76. To avoid problems, you decide to back up the Gateway. Which approach allows the Gateway configuration to be completely backed up into a manageable size in the least amount of time?


Options are :

  • upgrade_export (Correct)
  • backup
  • database revision
  • snapshot

Answer : upgrade_export

If Bob wanted to create a Management High Availability configuration, what is the minimum number of Security Management servers required in order to achieve his goal?


Options are :

  • Two
  • One (Correct)
  • Four
  • Three

Answer : One

How do you verify the Check Point kernel running on a firewall?


Options are :

  • fw ctl get kernel
  • fw kernel
  • fw ctl pstat
  • fw ver -k (Correct)

Answer : fw ver -k

Check Point Certified Security Expert Exam Set 5

Which command would you use to save the interface information before upgrading a GAiA Gateway?


Options are :

  • cp /etc/sysconfig/network.C [location]
  • ifconfig > [filename].txt (Correct)
  • ipconfig a > [filename].txt
  • netstat rn > [filename].txt

Answer : ifconfig > [filename].txt

What process is responsible for transferring the policy file from SmartCenter to the Gateway?


Options are :

  • CPD (Correct)
  • FWM
  • CPRID
  • FWD

Answer : CPD

Which command provides cluster upgrade status?


Options are :

  • cphaprob tablestat
  • cphaprob status
  • cphaprob ldstat
  • cphaprob fcustat (Correct)

Answer : cphaprob fcustat

Check Point Certified Security Expert Exam Set 2

If no flags are defined during a back up on the Security Management Server, where does the system store the *.tgz file?


Options are :

  • /var/backups
  • /var/tmp/backups
  • /var/CPbackup/backups (Correct)
  • /var/opt/backups

Answer : /var/CPbackup/backups

The process ___________ is responsible for all other security server processes run on the Gateway.


Options are :

  • FWM
  • FWD (Correct)
  • CPD
  • CPLMD

Answer : FWD

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions