156-315.77 Check Point Certified Security Expert Exam Set 17

My Client wants to install on top of Smart Workflow R70 Security Management Server (Windows system). What is the required disk space?


Options are :

  • 512 MB
  • 1 GB
  • 1256 MB
  • 880 MB (Correct)
  • None

Answer : 880 MB

Why Old Connecter gateway IP will be displayed on the remote SSL Network Extender users, after changing to a different IP? You must:


Options are :

  • Install the new license, which is equivalent to the previously specified IP
  • None
  • Update Connector Certificate to match the assigned IP address (Correct)
  • To make a change, instead of using sysconfig admin portal
  • Restart the service CPwebis

Answer : Update Connector Certificate to match the assigned IP address

Among the authentication methods employs SSL VPN users that the system is Check Point recommends that all servers are replicated?


Options are :

  • None
  • LDAP
  • The user name and password
  • User certificates
  • RAIN (Correct)

Answer : RAIN

Check Point Certified Security Expert Exam Set 4

My Client wants to install Smart Workflow Software Blade is R70 Security Management Server (Secure Platform) .Which is the right way?


Options are :

  • None
  • Smart Workflow Software Blade R70 is included in the standard version. You have to help it through cpconfig.
  • Smart Workflow works directly to version R70. Install Smart Workflow as an add-on.The version of the Management Server is R70.
  • A.When install R70.1 R70 package on the Security Management server, it will be upgraded to version R70.1 with Smart Workflow. (Correct)
  • .You need to upgrade Management Server version R70.1 before you start the installation of Smart Workflow Software Blade plug-in.

Answer : A.When install R70.1 R70 package on the Security Management server, it will be upgraded to version R70.1 with Smart Workflow.

Smart Provisioning is an integral part of the Security Management or Provider-1 CMA.To enable Smart Provisioning is a Security Management Server:


Options are :

  • Acquire Smart Provisioning license, the license for more Security Management server or CMA, remove SecureXL.
  • Acquire Smart Provisioning license, the license for more Security Management server or CMA. (Correct)
  • Acquire Smart Provisioning license, the license for more Security Management server or CMA, select the field of Smart Policy Provisioning.
  • None
  • Acquire Smart Provisioning license, the license for more Security Management server or CMA, restart the Smart Provisioning in each gateway to control.

Answer : Acquire Smart Provisioning license, the license for more Security Management server or CMA.

What are Smart Policy Provisioning Status indicators?


Options are :

  • OK, Waiting, out of sync, not installed, do not communicate
  • OK, down, up, synchronized
  • OK, the waiting, unknown, not installed, is not updated, may be out of date (Correct)
  • OK, Unknown, not installed, may be out of date
  • None

Answer : OK, the waiting, unknown, not installed, is not updated, may be out of date

156-315.71 Check Point Security Expert R71 Practice Exam Set 7

The following command, LSMcli [d] "server" should be replaced by:


Options are :

  • IP Address Security Management Server (Correct)
  • GUIclient
  • None
  • Host Name ROBO gateway
  • Host Name DAIP device

Answer : IP Address Security Management Server

After repairing Smart Workflow session:


Options are :

  • Session transferred with the holding corrected and a new session can be started. (Correct)
  • The session moves to the status Waiting for repair and must be resubmitted.
  • The session will be continued drive is not accepted and a new session is initiated.
  • The meeting was discarded and a new session is started automatically.
  • None

Answer : Session transferred with the holding corrected and a new session can be started.

Which of the following statements is true SSL VPN?


Options are :

  • None
  • Traffic is encrypted when it is initiated LAN
  • All traffic is always encrypted.
  • Administrative traffic is not encrypted.
  • Traffic is not encrypted LAN deployment, where the plaintext requests will be forwarded to internal servers. (Correct)

Answer : Traffic is not encrypted LAN deployment, where the plaintext requests will be forwarded to internal servers.

156-215.70 Check Point Certified Security Administrator Exam Set 8

A process of performing authentication of the SSL VPN users to:


Options are :

  • cvpnd (Correct)
  • FWM
  • None
  • cpd
  • vpnd

Answer : cvpnd

156-315.77 Check Point Certified Security Expert Exam Set 13

When configuring the LDAP Group object, select _____, if you want the gateway to refer to all groups defined in the authentication LDAP server purposes.


Options are :

  • None
  • OU Accept and choose the appropriate domain name
  • The only group Branch
  • All Account-Unita YS Users (Correct)
  • Only Sub Tree

Answer : All Account-Unita YS Users

When configuring the LDAP Group object, select the option _____ if you want the gateway to refer to a particular group defined LDAP server for authentication purposes.


Options are :

  • The only group Branch
  • Only Sub Tree (Correct)
  • None
  • All Users Account Unit
  • Group Agnostic

Answer : Only Sub Tree

Which of the following is a valid Active Directory user name Jane Doe MIS department AcmeCorp.com?


Options are :

  • None
  • Jane_doe cn =, ou = MIS, dc = acmecorp, dc = com (Correct)
  • Cn = jane_doe, ca = MIS, cn = acmecorp, dc = com
  • Cn = jane_doe, ca = MIS, dc = acmecorp, dc = com
  • Jane_doe cn =, ou = MIS, cn = acmecorp, dc = com

Answer : Jane_doe cn =, ou = MIS, dc = acmecorp, dc = com

156-215.75 Check Point Certified Security Administrator Exam Set 5

A process of performing the authentication session authentication succession to:


Options are :

  • FWM
  • fwssd (Correct)
  • vpnd
  • None
  • cvpnd

Answer : fwssd

you may see the following entries debug the user authentication process. In what order these messages may appear?


Options are :

  • make_au, au_auth, au_fetchuser, au_auth_auth, cpLdapCheck, cpLdapGetUser
  • make_au, au_auth, au_fetchuser, cpLdapGetUser, cpLdapCheck, au_auth_auth (Correct)
  • au_fetchuser, make_au, au_auth, cpLdapGetUser, au_auth_auth, cpLdapCheck
  • None
  • cpLdapGetUser, au_fetchuser, cpLdapCheck, make_au, au_auth, au_auth_auth

Answer : make_au, au_auth, au_fetchuser, cpLdapGetUser, cpLdapCheck, au_auth_auth

Control connections Security Management Server and Gateway are not encrypted VPN community. How these connections secured?


Options are :

  • They are not encrypted, but are verified Gateway
  • They are protected by PPTP
  • They are encrypted and authenticated SIC. (Correct)
  • None
  • They are not secured.

Answer : They are encrypted and authenticated SIC.

156-315.77 Check Point Certified Security Expert Exam Set 4

What is the correct command imports of new users R77 user database?


Options are :

  • FWM dbimport (Correct)
  • FWM importdb
  • FWM import
  • FWM importusrs
  • None

Answer : FWM dbimport

While the authorized user is managed by SmartDirectory performed gateway, authentication, occurs most often in _____.


Options are :

  • cpauth (Correct)
  • None
  • ldapauth
  • cpShared
  • ldapd

Answer : cpauth

Security server configuration settings are stored in _____.


Options are :

  • $ FWDIR / conf / AMT.conf
  • $ FWDIR / conf / Fwauth.c
  • $ FWDIR / conf / fwopsec.conf
  • None
  • $ FWDIR / conf / fwauthd.conf (Correct)

Answer : $ FWDIR / conf / fwauthd.conf

Check Point Certified Security Expert Exam Set 6

Which of the following is a valid Active Directory user name John Doe in the sales department of AcmeCorp.com?


Options are :

  • Cn = john_doe, ca = Sales, ou = acmecorp, dc = com
  • None
  • John_doe cn =, ou = Sales, ou = acmecorp, dc = com
  • John_doe cn =, ou = Sales, dc = acmecorp, dc = com (Correct)
  • Cn = john_doe, ca = Sales, dc = acmecorp, dc = com

Answer : John_doe cn =, ou = Sales, dc = acmecorp, dc = com

Process _____ is responsible for authentication for remote access clients.


Options are :

  • cpd
  • vpnd (Correct)
  • None
  • cvpnd
  • FWM

Answer : vpnd

When using the model to determine the user SmartDirectory The user YS password should be defined _____ object.


Options are :

  • Template
  • LDAP
  • None
  • VPN Community
  • user (Correct)

Answer : user

156-215.77 Check Point Certified Security Administrator Exam Set 2

When the client initiates a connection to the server, firewall core signals FWD process using the trap. FWD spawns a child _____ service, which runs from the security server.


Options are :

  • None
  • FWD
  • FWSD
  • FWSSD (Correct)
  • .In.httpd

Answer : FWSSD

User definitions are stored in _____.


Options are :

  • $ FWDIR / conf / fwusers.conf
  • $ FWDIR / conf / fwauth.NDB (Correct)
  • None
  • $ FWDIR / conf / users.NDB
  • $ FWDIR / conf / fwmuser.conf

Answer : $ FWDIR / conf / fwauth.NDB

Which of the following Clish commands you would use to set admin user shell bash?


Options are :

  • a set of user administrator shell = / bin / bash
  • set by the admin shell bash
  • None
  • set by the admin shell / bin / bash (Correct)
  • set by the admin / bin / bash

Answer : set by the admin shell / bin / bash

Check Point Certified Security Expert Exam Set 8

The process _____ to perform authentication to log SmartDashboard.


Options are :

  • cvpnd
  • cpd
  • None
  • FWM (Correct)
  • vpnd

Answer : FWM

When the client initiates a connection to the server, firewall core signals FWD process using the trap. FWD spawns a child _____ service, which runs from the security server.


Options are :

  • They are not encrypted, but are verified Gateway
  • They are encrypted and authenticated SIC. (Correct)
  • None
  • They are protected by PPTP
  • They are not secured.

Answer : They are encrypted and authenticated SIC.

Which process should debug SmartDashboard if the login fails?


Options are :

  • FWM (Correct)
  • fwd
  • SDM
  • None
  • cpd

Answer : FWM

156-315.77 Check Point Certified Security Expert Exam Set 16

When the endpoint user can authenticate but receives a message from the client that it can not control the desktop policy, which is the most likely scenario?


Options are :

  • Desktop policy is not set
  • The gateway could not find the user SmartDirectory and allows the connection restrictions based on the general profile.
  • None
  • The user attempts to connect to the wrong endpoint client. (Correct)
  • User rights prevent access to the secure network.

Answer : The user attempts to connect to the wrong endpoint client.

If Smart Workflow is configured to work without sessions or Role segregation, how is SmartDashboard tool?


Options are :

  • SmartDashboard works if Smart Workflow is not available, but automatic session there in the background and complete SmartView Tracker and audit trail functions are available. (Correct)
  • SmartDashboard works without Smart Workflow, without a hearing and audit trail functionality.
  • Nothing
  • SmartDashboard there is no session, but the SmartView Tracker and the audit trail is available.
  • None

Answer : SmartDashboard works if Smart Workflow is not available, but automatic session there in the background and complete SmartView Tracker and audit trail functions are available.

156-315.71 Check Point Security Expert R71 Practical Exam Set 6

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions