156-315.77 Check Point Certified Security Expert Exam Set 8

If no flags are defined during a back up on the Security Management Server, where does the system store the *.tgz file?


Options are :

  • /var/opt/backups
  • /var/backups
  • /var/tmp/backups
  • /var/CPbackup/backups (Correct)

Answer : /var/CPbackup/backups

Check Point Certified Security Expert Exam Set 4

During a Security Management Server migrate export, the system:


Options are :

  • Saves all system settings and Check Point product configuration settings to a file.
  • Creates a backup file that includes the SmartEvent database.
  • Creates a backup archive for all the Check Point configuration settings. (Correct)
  • Creates a backup file that includes the SmartReporter database.

Answer : Creates a backup archive for all the Check Point configuration settings.

MegaCorps' disaster recovery plan is past due for an update to the backup and restore section to enjoy the benefits of the new distributed R77 installation. You must propose a plan that meets the following required and desired objectives: Required: Security Policy repository must be backed up no less frequently than every 24 hours. Desired: Back up R77 components enforcing the Security Policies at least once a week. Desired: Back up R77 logs at least once a week. You develop a disaster recovery plan proposing the following: Use the utility cron to run the command upgrade_export each night on the Security Management Servers. Configure the organization's routine backup software to back up files created by the command upgrade_export. Configure GAiA back up utility to back up Security Gateways every Saturday night. Use the utility cron to run the command upgrade_export each Saturday night on the log servers. Configure an automatic, nightly logswitch. Configure the organization's routine back up software to back up the switched logs every night. The corporate IT change review committee decides your plan:


Options are :

  • meets the required objective and both desired objectives. (Correct)
  • does not meet the required objective.
  • meets the required objective and only one desired objective.
  • meets the rquired objective but does not meet either deisred objective.

Answer : meets the required objective and both desired objectives.

Your primary Security Management Server runs on GAiA. What is the fastest way to back up your Security Gateway R77 configuration, including routing and network configuration files?


Options are :

  • Using the native GAiA back up utility from command line or in the Web-based user interface. (Correct)
  • Using the command upgrade_export
  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • Use the command snapshot.

Answer : Using the native GAiA back up utility from command line or in the Web-based user interface.

Check Point Certified Security Expert Exam Set 6

SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:


Options are :

  • Possible worm/malware activity.
  • Analyzing access attempts via social-engineering. (Correct)
  • Tracking attempted port scans.
  • Analyzing traffic patterns against public resources.

Answer : Analyzing access attempts via social-engineering.

156-215.71 Check Point Certified Security Administrator Exam Set 1

The process _____ is responsible for Policy compilation.


Options are :

  • FWCMP
  • CPLMD
  • FWM (Correct)
  • CPD

Answer : FWM

The process _____ is responsible for GUI Client communication with the SmartCenter


Options are :

  • CPD
  • FWM (Correct)
  • CPGUI
  • FWD

Answer : FWM

By default, what happens to the existing connections on a firewall when a new policy is installed?


Options are :

  • All existing connections not allowed under the new policy will be terminated. (Correct)
  • All existing control and data connections will be kept open until the connections have ended.
  • Existing connections are always allowed
  • All existing data connections will be kept open until the connections have ended.

Answer : All existing connections not allowed under the new policy will be terminated.

Check Point Certified Security Expert Exam Set 9

You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?


Options are :

  • Select the two port-scan detections as a sub-event.
  • You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
  • Select the two port-scan detections as a new event
  • Define the two port-scan detections as an exception (Correct)

Answer : Define the two port-scan detections as an exception

If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?


Options are :

  • Log Consolidator Policy
  • Smartreporter Policy (Correct)
  • Log Sequence Policy
  • Consolidation Policy

Answer : Smartreporter Policy

In a UNIX environment, SmartReporter Data Base settings could be modified in:


Options are :

  • $CPDIR/Database/conf/conf.C
  • $RTDIR/Database/conf/my.cnf (Correct)
  • $FWDIR/Eventia/conf/ini.C
  • $ERDIR/conf/my.cnf

Answer : $RTDIR/Database/conf/my.cnf

Check Point Certified Security Expert Exam Set 9

What SmartConsole application allows you to change the SmartReporter Policy?


Options are :

  • SmartEvent Server
  • SmartReporter
  • SmartDashboard (Correct)
  • SmartUpdate

Answer : SmartDashboard

Where do you verify that SmartDirectory is enabled?


Options are :

  • Global properties > User Directory (LDAP) > Use SmartDirectory(LDAP) for Security Gateways is checked (Correct)
  • Global properties > Authentication> Use SmartDirectory(LDAP) for Security Gateways is checked
  • Gateway properties > Authentication> Use SmartDirectory(LDAP) for Security Gateways is checked
  • Gateway properties > Smart Directory (LDAP) > Use SmartDirectory(LDAP) for Security Gateways is checked

Answer : Global properties > User Directory (LDAP) > Use SmartDirectory(LDAP) for Security Gateways is checked

Does Check Point recommend generating an upgrade_export on standby SmartCenters?


Options are :

  • Yes. All information is available at both SmartCenters.
  • No. All Check Point processes are stopped.
  • No. There is no way to verify the actual configuration. (Correct)
  • Yes. This is the only way to get the upgrade_export

Answer : No. There is no way to verify the actual configuration.

156-315.77 Check Point Certified Security Expert Exam Set 3

When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?


Options are :

  • snapshot
  • backup
  • migrate export
  • eva_db_backup (Correct)

Answer : eva_db_backup

The process _____ complies $FWDIR/CONF/*.W files into machine language.


Options are :

  • fw gen (Correct)
  • cpd
  • fwd
  • fwm

Answer : fw gen

The process _____ is responsible for all other security server processes run on the Gateway.


Options are :

  • FWM
  • FWD (Correct)
  • CPD
  • FWSSD

Answer : FWD

156-315.77 Check Point Certified Security Expert Exam Set 2

If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?


Options are :

  • Log Sequence Policy
  • Log Consolidator Policy
  • Report Policy
  • Consolidation Policy (Correct)

Answer : Consolidation Policy

Which file defines the fields for each object used in the file objects.C (color, num/string, default value…)?


Options are :

  • $FWDIR/conf/fields.C
  • $FWDIR/conf/table.C
  • $FWDIR/conf/classes.C (Correct)
  • $FWDIR/conf/scheam.C

Answer : $FWDIR/conf/classes.C

Which specific R77 GUI would you use to view the length of time a TCP connection was open?


Options are :

  • SmartView Status
  • SmartView Tracker (Correct)
  • SmartView Monitor
  • SmartReporter

Answer : SmartView Tracker

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 7

When migrating the SmartEvent data base from one server to another, the last step is to save the files on the new server. Which of the following commands should you run to save the SmartEvent data base files on the new server?


Options are :

  • cp
  • migrate import
  • eva_db_restore (Correct)
  • restore

Answer : eva_db_restore

If Bob wanted to create a Management High Availability configuration, what is the minimum number of Security Management servers required in order to achieve his goal?


Options are :

  • One
  • Three
  • Two (Correct)
  • Four

Answer : Two

In a Windows environment, SmartReporter Data Base settings could be modified in:


Options are :

  • %RTDIR%\Database\conf\my.ini (Correct)
  • $CPDIR/Database/conf/conf.C
  • $ERDIR/conf/my.cnf
  • $FWDIR/Eventia/conf/ini.C

Answer : %RTDIR%\Database\conf\my.ini

Check Point Certified Security Expert Exam Set 10

Your company has the requirement that SmartEvent reports should show a detailed and accurate view of network activity but also performance should be guaranteed. Which actions should be taken to achieve that? 1) Use same hard drive for database directory, log files, and temporary directory. 2) Use Consolidation Rules. 3) Limit logging to blocked traffic only. 4) Use Multiple Database Tables.


Options are :

  • 2,4 (Correct)
  • 1,3,4
  • 1,2,4
  • 1,2

Answer : 2,4

What can you do to see the current number of kernel instances in a system with CoreXL enabled?


Options are :

  • Browse to Secure Platform Web GUI.
  • Run command cpconfig. (Correct)
  • Execute SmartDashboard client.
  • Only Check Point support personnel can access that information.

Answer : Run command cpconfig.

How do you check the version of “CPSIZEME” on GAiA?


Options are :

  • [expert@HostName]# ./cpsizeme –version
  • [expert@HostName]# ./cpsizeme.exe –v
  • [expert@HostName]# ./cpsizeme.exe –version
  • [expert@HostName]# ./cpsizeme –V (Correct)

Answer : [expert@HostName]# ./cpsizeme –V

Check Point Certified Security Expert Exam Set 12

MegaCorp has two different types of hardware with Check Point GAiA installed and set up as gateways. The Administrator wants to provide redundancy in case one of them fails. Choose the best approach.


Options are :

  • Configure ClusterXL (Correct)
  • Configure VRRP
  • Configure Gateway HA
  • Configure Management HA for gateways

Answer : Configure ClusterXL

In a Check Point gateway cluster, are VRRP and ClusterXL mutually exclusive?


Options are :

  • No, both gateways should have SPLAT installed.
  • No, only IPSO able to enable both technologies simultaneously.
  • No, you need to install GAiA if you want to use both technologies simultaneously. (Correct)
  • Yes

Answer : No, you need to install GAiA if you want to use both technologies simultaneously.

What process is responsible for transferring the policy file from SmartCenter to the Gateway?


Options are :

  • FWM
  • CPD (Correct)
  • FWD
  • CPRID

Answer : CPD

Check Point Certified Security Expert Exam Set 11

To back up all events stored in the SmartEvent Server, you should back up the contents of which folder(s)?


Options are :

  • $RTDIR/events_db
  • $FWDIR/distrib_db and $FWDIR/events
  • $FWDIR/distrib
  • $RTDIR/distrib and $RTDIR/events_db (Correct)

Answer : $RTDIR/distrib and $RTDIR/events_db

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions