156-315.77 Check Point Certified Security Expert Exam Set 18

When selecting a backup destination using SmartProvisioning that the item is not available?


Options are :

  • TFTP
  • FTP
  • locally device
  • None
  • SCP

Answer : FTP

Security Administrator opens a new session makes changes to the policy and submit for approval by the session. The Security Manager can accept a session or request a repair. If the manager opens a new session and submit it for approval, he can accept his session to a Security?


Options are :

  • Yes, he can always accept your session
  • It depends on the changes in the session.
  • None
  • No, he can never accept your session.
  • It depends on the Smart Workflow Settings Global Properties.

Answer : It depends on the Smart Workflow Settings Global Properties.

How many events will be displayed in the event of default, the preview pane?


Options are :

  • $15,000
  • $30,000
  • None
  • $1.00
  • $5,000

Answer : $5,000

156-315.77 Check Point Certified Security Expert Exam Set 19

Develop a particularly DLP Gateway, which acts as an inline bridge mode, why it is important to properly define the topology?


Options are :

  • The topology definition is used in the definition of the VPN.
  • The topology definition is necessary to correct anti-spoofing.
  • By default. My organization has defined internal interfaces DLP Gateway.
  • None
  • Topology is used to hide the NAT.

Answer : By default. My organization has defined internal interfaces DLP Gateway.

What is the significance described in the icon Smart Workflow toolbar?


Options are :

  • None
  • submit for approval
  • All status information: All is OK.
  • The meeting has been adopted.
  • Check the consistency of Smart Workflow sessions.

Answer : submit for approval

What file you can edit the settings are changed management portal? For example: Changing the webserver instead of a port or uses HTTP to HTTPS.


Options are :

  • cp_httpd_admin.conf
  • .cp_http.conf
  • cp_http_admin.conf
  • None
  • cp_httpd.conf

Answer : cp_httpd_admin.conf

156-315.77 Check Point Certified Security Expert Exam Set 2

Which of the following can not accept any change that Smart Workflow session?


Options are :

  • FirewallAdministrators
  • Customer Super users
  • .Provider-1Super users
  • None
  • FirewallManagers

Answer : FirewallAdministrators

When two or more DLP rules apply, the measures are the most restrictive action.Rank the following items from the lowest level of restriction (1) and the highest (4). 1. Ask for User 2. Prevent 3. Detect 4. Report User


Options are :

  • 3,1,4,2
  • 4,3,1,2
  • None
  • 3,4,1,2
  • 4,1,3,2

Answer : 3,1,4,2

The seller of protection sweep scan and port scan Host IPS whether a large amount of traffic to a particular internal IP address is a network attack or the user has been contaminated worm. You will receive all the information you need these actions?


Options are :

  • You can not check whether this is a worm or an active attack, you must also enable TCP-attack defense mechanisms.
  • Yeah. IPS to limit the traffic impact will scan and identify if the traffic model is suitable for all known worms.
  • No. These IPS protection prevents only traffic, but it does not provide a detailed analysis of the traffic.
  • None
  • .No. Logs and the alarm can be given some knowledge, but whether the attack is deliberate or worm, requires further investigation.

Answer : .No. Logs and the alarm can be given some knowledge, but whether the attack is deliberate or worm, requires further investigation.

156-315.77 Check Point Certified Security Expert Exam Set 20

With Smart Event korrelointiyksikön task?


Options are :

  • Analyze the log entries looking for patterns Event Policy.
  • None
  • Define severity levels events.
  • Relied upon and to identify automatic reactions and add events to the database.
  • Display received threats and tune the Events Policy

Answer : Analyze the log entries looking for patterns Event Policy.

Backup Target functionality SmartProvisioning which items are available? i) FTP ii) a TFTP iii) SFTP iv) The SCP


Options are :

  • I
  • ii, iv, v
  • i, ii, iii, iv,
  • None
  • i, ii, iv

Answer : ii, iv, v

The management portal allows all of the following EXCEPT:


Options are :

  • None
  • Manage the firewall logs
  • View the status of Check Point products
  • View manager's activity
  • Schedule installation policy

Answer : Schedule installation policy

156-315.77 Check Point Certified Security Expert Exam Set 21

What is the best way to schedule the backup of multiple firewalls?


Options are :

  • None
  • SmartProvisioning
  • WebUI
  • Smart Dashboard
  • Smart Update

Answer : SmartProvisioning

What is the procedure to create internal user?


Options are :

  • None
  • Users and Administrators tab of the user groups I clientless VPN user and adds Clientless SSL VPN users, VPN user group
  • General characteristics of the moon gateway, select the SSL VPN check box. SSL VPN Blade Wizard starts and Phase 2 allows new users, which can be imported RADIUS.
  • In and administrators tab, right click Users, and then click SSL VPN User
  • Since SSL VPN tab, users and internal users Authentication me I Users and click New User Default I

Answer : Since SSL VPN tab, users and internal users Authentication me I Users and click New User Default I

Which of the following is NOT possible to make the management portal?


Options are :

  • Set the Management Portal to use HTTP instead of HTTPS
  • None
  • Limit the hosts / networks that can access the portal
  • Run the Management Portal port than the default port 4433
  • Define Management Portal to bypass authentication when connecting from a particular IP address

Answer : Run the Management Portal port than the default port 4433

156-315.77 Check Point Certified Security Expert Exam Set 22

Which version is the minimum requirement SmartProvisioning?


Options are :

  • R71
  • None
  • R65 HFA 40
  • R70
  • R70.20

Answer : R65 HFA 40

You need to find out whether the company's Web servers are accessed by an excessive number of times from the same host. How do I set up this IPS tab?


Options are :

  • HTTP protocol inspection
  • successive alarms
  • Successive DoS attacks
  • Successive multiple connections
  • None

Answer : Successive multiple connections

What happens when the administrator activates the portal Self DLP response systems and moves to its fully qualified domain name (DNS name)?


Options are :

  • DLP Gateway can now tell you that the information about the owners of DLP events.
  • the loop created by the user, and the DLP gateway links within the e-mail notifications to send or reject the e-mail messages in quarantine (adapted for Ask User rule) is encrypted.
  • The portal daemon running on DLP starts to run and can accommodate requests from users' web browsers (by following the links to e-mail notifications) and Check Point User Check.
  • Check the user will be activated.
  • None

Answer : The portal daemon running on DLP starts to run and can accommodate requests from users' web browsers (by following the links to e-mail notifications) and Check Point User Check.

156-315.77 Check Point Certified Security Expert Exam Set 23

Management Portal Software Blade enables users to


Options are :

  • Monitor traffic flows
  • None
  • Create / Edit objects
  • Add / Remove Rules
  • View security policies

Answer : View security policies

Where is the ideal place to invest in SSL VPN?


Options are :

  • None
  • the use of DMZ
  • in front of the moon external interface gateway
  • Anywhere
  • SSL VPN gateway in use

Answer : the use of DMZ

The relay is a mail server configured under Email notifications using DLP Gateway: (Choose the best answer.)


Options are :

  • None
  • Send e-mail notifications to users and owners of information.
  • Synchronize with other e-mail servers online
  • Define My Organization / DLP Gateway and only check e-mail messages that originate from the proxy server.
  • Check if the user has been determined, it is not necessary to determine if there is Ask User rules and do not have to notify any person of owners of information for this proxy server.

Answer : Send e-mail notifications to users and owners of information.

156-315.77 Check Point Certified Security Expert Exam Set 24

Which of the following load balancing methods are valid?


Options are :

  • None
  • Round trip
  • They are all valid
  • random
  • domain

Answer : They are all valid

When will the Smart Workflow Policy Installation window will appear?


Options are :

  • When an administrator to install only approved policy
  • When an administrator to install an approved policy
  • When the manager approves the session
  • None
  • When the administrator shall submit session for approval

Answer : When an administrator to install only approved policy

What happens to the information session, when they have been approved and the policy of the installation is done?


Options are :

  • It depends on the Smart Workflow Settings Global Properties
  • Session data can be deleted just before the policy is installed.
  • Session Information is never deleted from the database
  • Option is given to keep the information session, the default is applied for removal of session data from the database.
  • None

Answer : Option is given to keep the information session, the default is applied for removal of session data from the database.

156-315.77 Check Point Certified Security Expert Exam Set 3

When using IPS, what Geo Shield?


Options are :

  • None
  • If you want to avoid the traffic and the specific city
  • If you want to avoid traffic and to a specific person
  • If you want to avoid traffic and specific company
  • If you want to avoid traffic and to a certain country

Answer : If you want to avoid traffic and to a certain country

What is the maximum number of cores supported by CoreXL?


Options are :

  • 8
  • 4
  • None
  • 12
  • 6

Answer : 8

What is the demand to stop all (and only) Management Portal services?


Options are :

  • cpstop
  • sportalstop
  • smart stop portal
  • None
  • spstop

Answer : smart stop portal

156-315.77 Check Point Certified Security Expert Exam Set 4

What does it mean when the security gateway is marked untrusted in SmartProvisioning Status think?


Options are :

  • CPD is not running at the Security Gateway.
  • Security Gateway is down.
  • SIC has not been established between the Security Gateway and Security Management.
  • SmartProvisioning is not enabled Security Gateway.
  • None

Answer : SIC has not been established between the Security Gateway and Security Management.

Every application is used to create the file-Share Application?


Options are :

  • SSL VPN Portal WebUI (File-Share Tab)
  • Smart Portal WebUI (File-Share Tab)
  • None
  • SmartDashboard (SSL VPN tab)
  • Provided one-MDG (Global VPNs Tab)

Answer : SmartDashboard (SSL VPN tab)

Which of the following files are used to allow only certain IPs or networks use the Management Portal?


Options are :

  • None
  • hosts. Allow
  • cpportal_allowips
  • portal.ips
  • allowedips.portal

Answer : hosts. Allow

156-315.77 Check Point Certified Security Expert Exam Set 5

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions