156-315.77 Check Point Certified Security Expert Exam Set 3

Choose the ClusterXL process that is defined be default as a critical device?


Options are :

  • fwm
  • fwd
  • cpp
  • assld

Answer : fwd

156-315.77 Check Point Certified Security Expert Exam Set 4

Which of the following log files contains only information about the negotiation process for encryption?


Options are :

  • iked.elg
  • vpnd.elg
  • vpn.elg
  • ike.elg

Answer : ike.elg

Lilly has generated an IKE debug on her Security Gateway. She has asked Jack to transfer the file to Support. Where is the file located?


Options are :

  • $FWDIR/log/ike.elg
  • $FWDIR/opt/ike.elg
  • $FWDIR/opt/vpnd.elg
  • $FWDIR/log/vpnd.elg

Answer : $FWDIR/log/ike.elg

Which Check Point ClusterXL mode is used to synchronize the physical interface IP and MAC addresses on all clustered interfaces.


Options are :

  • Legacy Mode HA
  • Multicast Mode Load Sharing
  • New Mode HA
  • Pivot Mode Load Sharing

Answer : New Mode HA

156-315.77 Check Point Certified Security Expert Exam Set 5

MicroCorp experienced a security appliance failure. (LEDs of all NICs are off.) The age of the unit required that the RMA-unit be a different model. Will a revert to an existing snapshot bring the new unit up and running?


Options are :

  • Yes. Everything is dynamically updated at reboot.
  • There is no dynamic update at reboot
  • No. The revert will most probably not match to hard disk.
  • No. At installation the necessary hardware support is selected. The snapshot saves this state.

Answer : No. At installation the necessary hardware support is selected. The snapshot saves this state.

Katie has enabled User Directory and applied the license to Security Management Server, Green. Her supervisor has asked her to configure the Password Strength options of the least one digit, one symbol, 8 characters long and include an uppercase character. How should she accomplish this?


Options are :

  • Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, Password must include a symbol and change the password length to 8 characters.
  • Open the SmartDashboard, Select Global properties, select User Authority; check the boxes for Password must include an upper character, Password must include a digit and Password must include a symbol.
  • Open the SmartDashboard, Select Global properties, select Identity Awareness; check the boxes for Password must include an upper character, Password must include a digit, Password must include a symbol and change the password length to 8 characters.
  • Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, and Password must include a symbol.

Answer : Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, Password must include a symbol and change the password length to 8 characters.

Which components allow you to reset a VPN tunnel?


Options are :

  • SmartView monitor only
  • vpn tunnelutil or delete vpn ike sa command
  • vpn tu command or SmartView monitor
  • delete vpn ike sa or vpn shell command

Answer : delete vpn ike sa or vpn shell command

156-315.77 Check Point Certified Security Expert Exam Set 6

Frank is concerned with performance and wants to configure the affinities settings. His gateway does not have the Performance pack running. What would Frank need to perform in order configure those settings?


Options are :

  • Edit affinity.conf and change the settings
  • Run fw affinity and change the settings
  • Run sim affinity and change the settings
  • Edit $FWDIR/conf/fwaffinity.conf and change the settings

Answer : Edit $FWDIR/conf/fwaffinity.conf and change the settings

In GAiA, if one is unsure about a possible command, what command lists all possible commands.


Options are :

  • get all commands
  • show all |grep commands
  • show configuration
  • show commands

Answer : show commands

Which type of VPN routing relies on a VPN Tunnel Interface (VTI) to route traffic?


Options are :

  • Host-based VPN
  • Subnet-based VPN
  • Route-based VPN
  • .Domain-based VPN

Answer : Route-based VPN

156-315.77 Check Point Certified Security Expert Exam Set 7

Which of the following log files contains verbose information regarding the negotiation process and other encryption failures?


Options are :

  • vpn.elg
  • vpnd.elg
  • ike.elg
  • iked.elg

Answer : vpnd.elg

What utility would you use to configure route-based VPNs?


Options are :

  • vpn shell
  • vpn sw_topology
  • vpn set_slim_server
  • vpn tu

Answer : vpn shell

When configuring a Permanent Tunnel between two gateways in a Meshed VPN community, in what object is the tunnel managed?


Options are :

  • Only the local Security Gateway object
  • VPN Community object
  • Security Management Server
  • Each participating Security Gateway object

Answer : VPN Community object

156-315.77 Check Point Certified Security Expert Exam Set 8

You have pushed a policy to your firewall and you are not able to access the firewall. What command will allow you to remove the current policy from the machine?


Options are :

  • fw unloadlocal
  • fw fetch policy
  • fw purge policy
  • fw purge active

Answer : fw unloadlocal

CPD is a core Check Point process that does all of the following EXCEPT:


Options are :

  • SIC (Secure Internal Communication) functions
  • Management High Availability (HA) sync
  • Policy installation
  • AMON status pull from the Gateway

Answer : Management High Availability (HA) sync

Which of the following is NOT an internal/native Check Point command?


Options are :

  • fwaccel on
  • fw ctl debug
  • tcpdump
  • cphaprob

Answer : tcpdump

156-315.77 Check Point Certified Security Expert Exam Set 1

Which graded parameters help determine the protections to activate for security and which can be safely deactivated? Select the most correct answer


Options are :

  • Severity, Confidence level, Performance impact, Protection type.
  • Type, Severity, Confidence level, Performance impact.
  • Type, Severity, Confidence level, Performance impact, Protection type.
  • Type, Severity, Confidence level, Performance impact, Geo information.

Answer : Type, Severity, Confidence level, Performance impact, Protection type.

Remote clients are using IPSec VPN to authenticate via LDAP server to connect to the organization. Which gateway process is responsible for the authentication?


Options are :

  • cvpnd
  • vpnd
  • fwm
  • fwd

Answer : vpnd

How do you verify the Check Point kernel running on a firewall?


Options are :

  • fw ctl pstat
  • fw kernel
  • fw ver -k
  • fw ctl get kernel

Answer : fw ver -k

156-315.77 Check Point Certified Security Expert Exam Set 10

How does Check Point recommend that you secure the sync interface between gateways?


Options are :

  • Use a dedicated sync network
  • Encrypt all sync traffic between cluster members.
  • Secure each sync interface in a cluster with Endpoint.
  • Configure the sync network to operate within the DMZ.

Answer : Use a dedicated sync network

What is the most common cause for a Quick mode packet 1 failing with the error “No Proposal Chosen” error?


Options are :

  • The encryption strength and hash settings of one peer does not match the other
  • There is a network connectivity issue.
  • The OS and patch level of one gateway does not match the other
  • The previously established Permanent Tunnel has failed.

Answer : The encryption strength and hash settings of one peer does not match the other

Which command will erase all CRL?s?


Options are :

  • cpstop/cpstart
  • vpn flush
  • vpn crl_zap
  • vpn crladmin

Answer : vpn crl_zap

156-315.77 Check Point Certified Security Expert Exam Set 11

You have three Gateways in a mesh community. Each gateway?s VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway based on Topology information.You want to test the route-based VPN, so you created VTIs among the Gateways and created static route entries for the VTIs. However, when you test the VPN, you find out the VPN still go through the regular domain IPsec tunnels instead of the routed VTI tunnels.What is the problem and how do you make the VPN use the VTI tunnels?


Options are :

  • Domain VPN takes precedence over the route-based VTI. To make the VPN go through VTI, remove the Gateways out of the mesh community and replace with a star community
  • Domain VPN takes precedence over the route-based VTI. To make the VPN go through VTI, use an empty group object as each Gateway?s VPN Domain
  • Route-based VTI takes precedence over the Domain VPN. Troubleshoot the static route entries to insure that they are correctly pointing to the VTI gateway IP
  • Route-based VTI takes precedence over the Domain VPN. To make the VPN go through VTI, use dynamic-routing protocol like OSPF or BGP to route the VTI address to the peer instead of static routes

Answer : Domain VPN takes precedence over the route-based VTI. To make the VPN go through VTI, use an empty group object as each Gateway?s VPN Domain

What does the command vpn crl_zap do?


Options are :

  • Nothing, it is not a valid command
  • Erases VPN certificates from cache
  • Erases CRL?s from the management server cache
  • Erases all CRL?s from the gateway cache

Answer : Erases all CRL?s from the gateway cache

In Gaia, the operating system can be changed to 32-bit or 64-bit, provided the processor supports 64-bit. What command toggles to 64-bit.


Options are :

  • configure edition 64-bit
  • set bitrate 64
  • set edition default 64
  • set edition default 64-bit

Answer : configure edition 64-bit

156-315.77 Check Point Certified Security Expert Exam Set 12

A Threat Prevention profile is a set of configurations based on the following. Select the right answer.


Options are :

  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings.
  • Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings, HTTPS inspection settings
  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings
  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings, HTTPS inspection settings.

Answer : Anti-Virus settings, Anti-Bot settings, Threat Emulation settings

Remote clients are using SSL VPN to authenticate via LDAP server to connect to the organization. Which gateway process is responsible for the authentication?


Options are :

  • cvpnd
  • fwd
  • vpnd
  • fwm

Answer : cvpnd

You configure a Check Point QoS Rule Base with two rules: an HTTP rule with a weight of 40, and the Default Rule with a weight of 10. If the only traffic passing through your QoS Module is HTTP traffic, what percent of bandwidth will be allocated to the HTTP traffic?


Options are :

  • 80%
  • 100%
  • 40%
  • 50%

Answer : 100%

156-315.77 Check Point Certified Security Expert Exam Set 13

Which of the following statements is TRUE concerning MEP VPN?s?


Options are :

  • MEP VPN?s are not restricted to the location of the gateways.
  • State synchronization between Security Gateways is required
  • The VPN Client is assigned a Security Gateway to connect to based on a priority list, should the first connection fail.
  • MEP Security Gateways cannot be managed by separate Management Servers.

Answer : MEP VPN?s are not restricted to the location of the gateways.

156-315.77 Check Point Certified Security Expert Exam Set 14

MEP VPN?s use the Proprietary Probing Protocol to send special UDP RDP packets to port ____ to discover if an IP is accessible.


Options are :

  • 264
  • 201
  • 256
  • 259

Answer : 259

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions