156-315.77 Check Point Certified Security Expert Exam Set 12

To upgrade an NG engine Application Intelligence R55 Security Gateway running through the Secure Platform VPN-1 NGX R65 SmartUpdate.Which package (s) is (are) needed Repository before the upgrade?


Options are :

  • VPN-1 Power / UTM NGX R65 package
  • SVN Foundation and VPN-1 Power / UTM packages
  • None
  • Secure Platform NGX R65 package (Correct)
  • Secure platform and VPN-1 Power / UTM NGX R65 packages

Answer : Secure Platform NGX R65 package

Which of the following is not in use IPSec IPSec key negotiation?


Options are :

  • ISAKMP SA
  • None
  • IPSec SA
  • Diffie-Hellman (Correct)
  • RSA Exchange

Answer : Diffie-Hellman

Encryption, Rivest, Shamir, Adelman (RSA) system is which of the following? Select all that apply.


Options are :

  • Asymmetric crypto system (Correct)
  • The secret key encryption algorithm system
  • Public-key encryption algorithm system (Correct)
  • A symmetrical crypto system
  • None

Answer : Asymmetric crypto system Public-key encryption algorithm system

156-315.77 Check Point Certified Security Expert Exam Set 8

Which of the following are valid reasons for starts instead of a clean install of VPN-1 NGX R65 upgrade a previous version of VPN-1 NGX R65? Select all that apply.


Options are :

  • You can see the logical way to organize the rules and objects (Correct)
  • Security policy includes rules and objects, whose purpose you do not know. (Correct)
  • The objects and rules on naming conventions have changed over time. (Correct)
  • You want to keep Checkpoint assembly.

Answer : You can see the logical way to organize the rules and objects Security policy includes rules and objects, whose purpose you do not know. The objects and rules on naming conventions have changed over time.

If the digital signature is used to achieve, and verify the integrity of the data and the verification of the sender, digital signatures are used only for the implementation of:


Options are :

  • Symmetric encryption algorithm
  • Triple DES
  • CBL-DES
  • Asymmetric encryption algorithm (Correct)
  • None

Answer : Asymmetric encryption algorithm

If Smart Update to update or distribution fails on Secure Platform, how the system will recover?


Options are :

  • The administrator must install the latest version via the command cprinstall Restore.
  • Administrator can only return to a previously created picture (if any) of the command cprinstall snapshot.
  • None
  • The administrator must remove RPM packages by hand, and reattempt the update.
  • Secure Platform will restart automatically return to a snapshot of the last version before the upgrade. (Correct)

Answer : Secure Platform will restart automatically return to a snapshot of the last version before the upgrade.

Check Point Certified Security Expert Exam Set 10

Why upgrade_export configuration file (.tgz) will be deleted when you have made the import process?


Options are :

  • Smart Update to start a new installation, if the machine is restarted.
  • None
  • It prevents subsequent upgrade_export as .tgz files can not be overwritten.
  • It contains its own security configuration, which could be exploited. (Correct)
  • It contradicts any future updates will start Smart Update.

Answer : It contains its own security configuration, which could be exploited.

What action can not be run SmartUpdate NGX R65?


Options are :

  • Get all the information Gateway
  • reboot the gateway
  • pre-install the verifier
  • Retrieve synchronization status (Correct)
  • None

Answer : Retrieve synchronization status

When configuring site-to-site VPN High Availability (HA) with the MEP, which of the following is correct?


Options are :

  • MEP Gateway is managed by the same SmartCenter Server
  • None
  • The MEP gateways can be geographically separate from the machines.
  • The decision as to which MEP Gateway use is made MEP Gateway's side of the tunnel.
  • If a representative of the security gateway fails, the connection is interrupted and the backup gateway picks up the next connection. (Correct)

Answer : If a representative of the security gateway fails, the connection is interrupted and the backup gateway picks up the next connection.

156-215.77 Check Point Certified Security Administrator Test Set 3

What encryption method provides an in-place encryption?


Options are :

  • HARROW
  • SKIP (Correct)
  • None
  • IKE
  • D FLAT

Answer : SKIP

Which of the following is supported office space? Select all that apply.


Options are :

  • Secure Client (Correct)
  • Transparent mode
  • L2TP (Correct)
  • SSL Network Extender (Correct)
  • gopher

Answer : Secure Client L2TP SSL Network Extender

Which of the following are valid PKI architectures?


Options are :

  • hierarchical architecture (Correct)
  • bridge architecture
  • mesh architecture (Correct)
  • gateway Architecture (Correct)

Answer : hierarchical architecture mesh architecture gateway Architecture

Check Point Certified Security Expert Exam Set 8

VPN VPN access control would include a component?


Options are :

  • management
  • QoS
  • None
  • Presentation
  • safety (Correct)

Answer : safety

Which of the following is an example of the hash function?


Options are :

  • And DES-CBC
  • DAC and MAC
  • None
  • MD5 and SHA-1 (Correct)
  • SHA and 3DES

Answer : MD5 and SHA-1

Current VPN-1 NG with Application Intelligence (AI) R 55 stand-alone VPN-1 Pro Gateway and the SmartCenter server runs SecurePlatform.You have a plan to VPN-1 NGX R65 in a distributed environment, where the new machine will SmartCenter server and the current machine is a VPN-1 Pro Gateway only.You must be moved NG AI R55 SmartCenter server configuration, including licensing licensing.How do you handle this NGX R65 upgrade?


Options are :

  • Calls on the NGX R65 SmartCenter Server license, using the new IP address. Ask a new central NGX R65 VPN-1 Gateway license is also licensed the new SmartCenter server's IP address. (Correct)
  • Leave the current license is updated port during the software update. Purchase a new license VPN-1 NGX R65 SmartCenter Server.
  • Calls on the NGX R65 SmartCenter Server license using the existing gateway device IP address. Calls for a new local license NGX R65 VPN-1 gateway using the new IP address.
  • None
  • Calls on the NGX R65 SmartCenter Server license, using the new IP address. Ask a new central NGX R65 VPN-1 Gateway license is present the gateway IP address.

Answer : Calls on the NGX R65 SmartCenter Server license, using the new IP address. Ask a new central NGX R65 VPN-1 Gateway license is also licensed the new SmartCenter server's IP address.

156-315.71 Check Point Security Expert R71 Practice Exam Set 7

What happens in relation to the CRL cache after cpstop; spstart has been started?


Options are :

  • The gateway continues to use the old CRL even if it is not valid until a new CRL is cached
  • The gateway acquires a new CRL after starting discard the old CRL is valid.
  • The gateway continues to use the old CRL, as long as it is valid. (Correct)
  • None
  • The gateway will issue crl_zap startup, which clears the cache, and forces a certificate search.

Answer : The gateway continues to use the old CRL, as long as it is valid.

Which of the following provides a unique user ID digital certificate?


Options are :

  • user e-mail
  • User Message Digest (Correct)
  • user organization
  • None
  • User name

Answer : User Message Digest

Which of the following is supported in Office Mode?


Options are :

  • Secure wealt (Correct)
  • Secure Client
  • data Transfer mode
  • None
  • SSL Network Extender

Answer : Secure wealt

156-315.65 Check Point Security Administration NGX R65 Exam Set 4

After you install the VPN-1 Pro TKM R65, you will notice that one of the Quad port Intel NIC Security Gateway is not sought by the request to get the topology. What is the cause and the solution to the most probable?


Options are :

  • Make sure that the driver for you in particular NIC is available, and install. You will be asked for the driver.
  • NIC driver is installed, but have not been recognized. Apply the latest Secure PlatformR65 Hotfix spare time (HFA).
  • None
  • NIC is faulty. Change it and install
  • If an interface is not specified, it is not detected. Determine the IP and subnet mask for a Web UI. (Correct)

Answer : If an interface is not specified, it is not detected. Determine the IP and subnet mask for a Web UI.

Object-based VPN routing succeeds, what must be determined?


Options are :

  • At least two rules Regular Platform has been created, one covering the transport of incoming and outgoing traffic while the other covers the central nervous system (HUB) Security Gateway (Correct)
  • None
  • .No rules must be created, with an implied rules which cover the incoming and outgoing traffic from the central nervous system (HUB) Gateway has already been created Policy> Features> Accept VPN-1 Control connections.
  • VPN routing has not been configured for the rule base or community objects. Only nativerouting mechanism of each Gateway can be controlled through traffic VTI configured interfaces.
  • One rule rule base must cover both directions of traffic, inbound and outbound central nervous system (HUB) Security Gateway

Answer : At least two rules Regular Platform has been created, one covering the transport of incoming and outgoing traffic while the other covers the central nervous system (HUB) Security Gateway

How to Check Point packages removed?


Options are :

  • In any order, the CP Suite is the last package removed
  • None
  • In the opposite order in which the facility is a wrapper originally installed them. (Correct)
  • In any order, as long as all packets are removed
  • In the same order in which the facility is a wrapper originally installed.

Answer : In the opposite order in which the facility is a wrapper originally installed them.

156-315.77 Check Point Certified Security Expert Exam Set 2

You are using Smart Update to retrieve data and perform remote improvements NGX Security Gateway.Which of the following statements is false?


Options are :

  • The remote installation can be performed without the SVN Foundation package on a remote NG Application Intelligence Security Gateway (Correct)
  • Smart Update can ask for license information locally running VPN-1 Gateway
  • None
  • Smart Update can query the smart Center and the VPN gateway information about the product 1
  • If SmartDashboard is open package downloads and updates, the update will fail.

Answer : The remote installation can be performed without the SVN Foundation package on a remote NG Application Intelligence Security Gateway

To identify the correct Smart Update step is carried out to update the remote security gateway.


Options are :

  • None
  • Once you have selected the "Packages> Share ..." and select the destination gateway, the selected package is copied Package repository Smart Center Security Gateway and the installation is complete.
  • Once you have selected the "Packages> Share ..." and select the destination gateway, the selected package is copied from the disc and the Smart Update PC directly to the Security Gateway and the installation is complete.
  • Once you have selected the "Packages> Share ..." and select the destination gateway Smart Update wizard guides the administrator through a distributed installation.
  • Once you have selected the "Packages> Share ..." and select the destination gateway, the selected package is copied Package repository Smart Center Security Gateway but the installation is not performed. (Correct)

Answer : Once you have selected the "Packages> Share ..." and select the destination gateway, the selected package is copied Package repository Smart Center Security Gateway but the installation is not performed.

These products are for: Secure Platform, VPN-1 Pro Gateway, Server UserAuthority Nokia OS, UTM-1, Eventia Reporter and Performance Pack, which statement is true?


Options are :

  • All except the Nokia operating system can be upgraded to VPN-1 NGX R65 with Smart Update.
  • All can be upgraded to VPN-1 NGX R65 with Smart Update. (Correct)
  • None
  • All except the Performance Pack can be upgraded to VPN-1 NGX R65 with Smart Update.
  • All except for UTM-1 can be upgraded to VPN-1 NGX R65 with Smart Update

Answer : All can be upgraded to VPN-1 NGX R65 with Smart Update.

156-315.77 Check Point Certified Security Expert Exam Set 7

Public key encryption is considered which of the following?


Options are :

  • two-key / asymmetric (Correct)
  • None
  • one of the key / asymmetric
  • one of the key / symmetric
  • two-key / symmetric

Answer : two-key / asymmetric

What port is used by the Communication User Center Smart Update?


Options are :

  • HTTP
  • HTTPS (Correct)
  • CPMI
  • TCP 8080
  • None

Answer : HTTPS

What is the size of a little DES?


Options are :

  • 32
  • 64
  • 168
  • 128
  • 112
  • 56 (Correct)

Answer : 56

156-315.77 Check Point Certified Security Expert Exam Set 4

In ClusterXL, which of the following processes are defined by default as critical equipment?


Options are :

  • fwd
  • FWM
  • fwd.proc
  • None
  • cphad (Correct)

Answer : cphad

Which of the following to use the same key to decrypt, because it does not encrypt?


Options are :

  • dynamic encryption
  • static encryption
  • asymmetric encryption
  • symmetric encryption (Correct)
  • certificate encryption

Answer : symmetric encryption

What tools can not trigger the Smart Update NGX R65?


Options are :

  • cpinfo
  • None
  • picture (Correct)
  • Nokia Voyager
  • Secure Web Platform UI

Answer : picture

156-315.71 Check Point Security Expert R71 Practical Exam Set 8

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions