156-315.77 Check Point Certified Security Expert Exam Set 19

SmartProvisioning to use different types of profiles to manage and provision the gateways.These types are:


Options are :

  • Provisioning Profiles Profiles and Gateways
  • None
  • SmartLSM password protection and SmartDashboard Profiles
  • SmartLSM password protection and Provisioning Profiles (Correct)
  • Smart Console Profiles and Smart Filter Profiles

Answer : SmartLSM password protection and Provisioning Profiles

You need to check the effectiveness of IPS configuration of web server farm.You have a colleague to run penetration tests to confirm that the Web servers are protected by the traffic hijacks.Of the following, what would be the best configuration to protect traffic capture company?


Options are :

  • reate resource objects in a Web farm servers, and define the rules for Web farm.
  • TCP defenses such as the small size of the MTU
  • None
  • Enable Web intelligence> SQL injection setting
  • Activate Cross-Site Scripting property (Correct)

Answer : Activate Cross-Site Scripting property

Which of the following is not a supported browser Management Portal?


Options are :

  • mozilla
  • Safari (Correct)
  • Internet Explorer
  • Firefox
  • None

Answer : Safari

156-115 Check Point Certified Security Master Practice Exam Set 7

Which of the following destinations can be via the reservations SmartProvisioning profile yet? i) a backup schedule ii) the name of the service searches iii) Hosts Table IV) Domain Name v) interface to IP


Options are :

  • I
  • i, ii, iii, iv, v
  • None
  • i, ii, iv
  • i, ii, iii, iv, (Correct)

Answer : i, ii, iii, iv,

What protocol is not supported DLP?


Options are :

  • None
  • smtp
  • http
  • https (Correct)
  • ftp

Answer : https

We-Make-nas, the company has bought about twenty UTM-1 Edge appliances in their remote offices. Kim decide the best way to manage these devices is to use SmartProvisioning and create a profile that they can all use. Kim enumerate the order would go through the steps to add Dallas Edge device using the output profile for Remote Office below. 1. Enter the profile name called "remote offices" 2. Change the provisioning profile "remote offices" 3. Select File, point to New, and Provisioning Profile 4. Select the Devices tab 5. Highlight Dallas Edge device Edit, edit the Gateway 6. Choose tab


Options are :

  • 6, 1, 3, 4, 5, 2
  • 4, 3, 1, 6, 5, 2
  • 6, 3, 1, 4, 5, 2 (Correct)
  • 4, 1, 3, 6, 5, 2
  • None

Answer : 6, 3, 1, 4, 5, 2

156-215.77 Check Point Certified Security Administrator Exam Set 2

You've just upgraded to R71, and use the software IPS Blade.You not want to take all the critical protections while keeping false positives to a very low.How you can achieve this?


Options are :

  • None
  • This can not be achieved; activating all the IPS system always causes a high false positive.
  • new IPS system based on a policy, but it does not have the possibility to calculate or change the trust level, so it is always a high false positive.
  • As SmartDefense, this can be accomplished by activating all the critical controls manually
  • The new system is based on IPS policy and gives you the ability to activate all of the controls of critical gravity and a high level of confidence. (Correct)

Answer : The new system is based on IPS policy and gives you the ability to activate all of the controls of critical gravity and a high level of confidence.

Which Check Point QoS feature allows Security Administrator to define specific classes of service for delay-sensitive applications?


Options are :

  • .Differentiated Services
  • Weighted Fair Queuing
  • guarantees
  • With a slight delay waiting (Correct)
  • None

Answer : With a slight delay waiting

SmartProvisioning can order the operating system and network settings, which of the following?


Options are :

  • NGX Security Appliances
  • Edge firmware 6.x and higher
  • IPSO 4.2 Security Gateway
  • None
  • R65 HFA 40 security gateways arid above (Correct)

Answer : R65 HFA 40 security gateways arid above

156-315.71 Check Point Security Expert R71 Practice Exam Set 2

Which procedure enables the SSL VPN blade on the gateway?


Options are :

  • Log into Smart Dashboard, Create a new rule with the source and destination addresses of the needed remote network, set the action to Encrypt and push the policy to that gateway.
  • Log into Web UI on the gateway and check the SSL VPN Blade check box.
  • Log into Smart Dashboard, Select the VPN Communities tab and add the gateway to the appropriate community.
  • Log into Smart Dashboard, edit the properties of the Gateway, and select the SSL VPN check box. (Correct)

Answer : Log into Smart Dashboard, edit the properties of the Gateway, and select the SSL VPN check box.

Check Point Certified Security Expert Exam Set 6

What is a task of the SmartEvent Client?


Options are :

  • Add events to the events database.
  • Analyze each IPS log entry as it enters the Log server
  • Assign a severity level to an event
  • Display the received events. (Correct)

Answer : Display the received events.

Using IPS, how do you notify the Security Administrator that malware is scanning specific ports?By enabling:


Options are :

  • Sweep Scan protection (Correct)
  • Host Port Scan
  • Malicious Code Protector
  • Malware Scan protection

Answer : Sweep Scan protection

Even after configuring central logging on Connecter, Connecterlogs are not displaying in Smart View Tracker. What could be the cause of this problem?


Options are :

  • You must install the Management Server database. (Correct)
  • You must install the Security Policy, and try again.
  • You must reestablish logging from Connecter to the Management Server, using a dummy log-server object.
  • R70 does not support a host object with the same IP address as a Management Server used as secondary log server or management station.

Answer : You must install the Management Server database.

Check Point Certified Security Expert Exam Set 12

MultiCorp is located in Atlanta. It has a branch office in Europe, Asia, and Africa.Each location has its own AD controller for local user login.How many AD queries have to be configured?


Options are :

  • 1
  • 2
  • 4 (Correct)
  • 3

Answer : 4

In R71, how would you define a rule to block all traffic sent to or from Germany?


Options are :

  • Create a country specific policy within IPS Geo Protections with Germany as the country, block as the action, and from and to country for direction. (Correct)
  • Create a policy rule with destination being a custom dynamic object representing Germany and action block. You must also create a rule in the opposite direction.
  • Go to Policy / Global Properties / Geographical Protection Enforcement and add Germany to the blocked countries list.
  • This action is not possible.

Answer : Create a country specific policy within IPS Geo Protections with Germany as the country, block as the action, and from and to country for direction.

In R76, My Organization e-mail addresses or domains are used for:


Options are :

  • HTTP traffic sent from a user where his e-mail is part of this definition scanned by DLP, by default
  • Scanning e-mails only if its sender e-mail address is part of this definition, by default. (Correct)
  • FTP traffic sent from a user where his e-mail is part of this definition scanned by DLP, by default.
  • Defining the e-mail address of the SMTP relay server.

Answer : Scanning e-mails only if its sender e-mail address is part of this definition, by default.

Check Point Certified Security Administrator Set 2

You intend to upgrade a Check Point Gateway from R65 to R76.To avoid problems, you decide to back up the Gateway.Which approach allows the Gateway configuration to be completely backed up into a manageable size in the least amount of time?


Options are :

  • upgrade export (Correct)
  • database revision
  • backup
  • snapshot

Answer : upgrade export

Your primary SmartCenter Server is installed on a Secure PlatformPro machine, which is also a VPN-1 Pro Gateway. You want to implement Management High Availability (HA). You have a spare machine to configure as the secondary SmartCenter Server. How do you configure the new machine to be the standby SmartCenter Server, without making any changes to the existing primary SmartCenter Server? (Changes can include uninstalling and reinstalling.)


Options are :

  • The new machine cannot be installed as the Internal Certificate Authority on its own
  • You cannot configure Management HA, when either the primary or secondary SmartCenter Server is running on a VPN-1 Pro Gateway. (Correct)
  • Install the secondary Server on the spare machine. Add the new machine to the same network as the primary Server.
  • The secondary Server cannot be installed on a SecurePlatform Pro machine alone.

Answer : You cannot configure Management HA, when either the primary or secondary SmartCenter Server is running on a VPN-1 Pro Gateway.

For proper system operation, the Administrator has to configure the DLP Portal and define its DNS name for which of the following conditions?


Options are :

  • If the action of all rules is Detect and no Data Owners are configured.
  • If there are one or more Inform Rules.
  • If there are one or more Ask User rules. (Correct)
  • If the DLP Policy is applied to HTTP traffic.

Answer : If there are one or more Ask User rules.

156-215.13 Check Point Certified Security Administrator Exam Set 7

What is the meaning of the option Connect to the Internet?


Options are :

  • SmartDashboard will retrieve information from Check Point over the Internet. No information will be sent.
  • SmartDashboard will retrieve information from Check Point over the Internet. Your information will be sent anonymously to Check Point.
  • SmartDashboard will retrieve information from Check Point over the Internet using your User Center login. (Correct)
  • SmartDashboard will retrieve information from Check Point over the Internet.

Answer : SmartDashboard will retrieve information from Check Point over the Internet using your User Center login.

Which internal user authentication protocols are supported in SSL VPN?


Options are :

  • Check Point Password, SecurID, LDAP, RADIUS, TACACS
  • Check Point Password, SecurID, Active Directory, RADIUS, TACACS
  • Point Password, SecurID, OS Password, RADIUS, TACACS (Correct)
  • Check Point Password, SecurID, L2TP, RADIUS, TACACS
  • None

Answer : Point Password, SecurID, OS Password, RADIUS, TACACS

Which Remote Desktop protocols are supported natively in SSL VPN?


Options are :

  • AT&T VNC, Citrix ICA and Microsoft RDP
  • Microsoft RDP only
  • AT&T VNC and Microsoft RDP
  • Citrix ICA and Microsoft RDP (Correct)

Answer : Citrix ICA and Microsoft RDP

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 5

In a Management High Availability (HA) configuration, you can configure synchronization to occur automatically, when: 1. The Security Policy is installed. 2. The Security Policy is saved. 3. The Security Administrator logs in to the secondary SmartCenter Server, and changes its status to active. 4. A scheduled event occurs. 5. The user database is installed. Select the BEST response for the synchronization sequence. Choose one.


Options are :

  • 1,2,4 (Correct)
  • 1,3,4
  • 1,2,3,4
  • 1,2,5
  • 1,2,3

Answer : 1,2,4

All of the following are used by the DLP engine to match a message during a scan, EXCEPT:


Options are :

  • Protocol
  • Destination
  • Message Body (Correct)
  • Data Type

Answer : Message Body

You plan to incorporate OPSEC servers, such as Web sense and Trend Micro, to do content filtering. Which segment is the BEST location for these OPSEC servers, when you consider Security Server performance and data security?


Options are :

  • Dedicated segment of the network (Correct)
  • On the Security Gateway
  • On the Internet
  • .DMZ network, where application servers are located
  • Internal network, where users are located

Answer : Dedicated segment of the network

156-215.75 Check Point Certified Security Administrator Exam Set 5

Which of these four Check Point QoS technologies prevents the transmission of redundant packets when multiple copies of a packet are concurrently queued on the same flow?


Options are :

  • Retransmission Detection Early Drop (RDED) (Correct)
  • Intelligent Queuing Engine
  • Weighted Flow Random Early Drop (WFRED)
  • Stateful Inspection

Answer : Retransmission Detection Early Drop (RDED)

You plan to migrate a VPN-1 NG with Application Intelligence (Al) R55 SmartCenter Server to VPN-1 NGX. You also plan to upgrade four VPN-1 Pro Gateways at remote offices, and one local VPN-1 Pro Gateway at your company's headquarters. The SmartCenter Server configuration must be migrated. What is the correct procedure to migrate the configuration?


Options are :

  • 1. Upgrade the SmartCenter Server, using the VPN-1 NGX CD. 2. Reinstall and update the licenses of the five remote Gateways.
  • 1. Copy the $FWDIR\conf directory from the SmartCenter Server. 2. Save directory contents to another directory. 3. Uninstall the SmartCenter Server, and install a new SmartCenter Server. 4. Move directory contents to $FWDIR\conf. 5. Reinstall all gateways using NGX and install a policy.
  • 1. From the VPN-1 NGX CD in the SmartCenter Server, select "advance upgrade". 2. After importing the SmartCenter configuration into the new NGX SmartCenter, reboot. 3. Upgrade all licenses and software on all five remote Gateways via SmartUpdate. (Correct)
  • Upgrade the SmartCenter Server and the five remote Gateways via Smart Update, at the same time.
  • 1. Upgrade the five remote Gateways via SmartUpdate. 2. Upgrade the SmartCenter Server, using the VPN-1 NGX CD.

Answer : 1. From the VPN-1 NGX CD in the SmartCenter Server, select "advance upgrade". 2. After importing the SmartCenter configuration into the new NGX SmartCenter, reboot. 3. Upgrade all licenses and software on all five remote Gateways via SmartUpdate.

Which of the following components contains the Events Data Base?


Options are :

  • SmartEvent Server (Correct)
  • SmartEvent Data Server
  • SmartEvent Client
  • SmartEvent Correlation Unit

Answer : SmartEvent Server

156-315.65 Check Point Security Administration NGX R65 Exam Set 7

If Victor wanted to edit new Signature Protections, what tab would he need to access in SmartDashboard?


Options are :

  • IPS Tab (Correct)
  • IPSec VPN Tab
  • SmartDefense Tab
  • QoS Tab

Answer : IPS Tab

Which DLP action would describe the following action:The data transmission event is logged in SmartView Tracker.Administrators with permission can view the data that was sent. The traffic is passed.


Options are :

  • Prevent
  • Detect (Correct)
  • Ask User
  • Inform User

Answer : Detect

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions