156-315.77 Check Point Certified Security Expert Exam Set 21

With the User Directory Software Blade, you can create R76 user definitions on a(n) _________ Server.


Options are :

  • SecureID
  • NT Domain
  • Radius
  • LDAP (Correct)

Answer : LDAP

The Security Gateway is installed on SecurePlatform R77. The default port for the Web User Interface is ____________.


Options are :

  • TCP 18211
  • TCP 443 (Correct)
  • TCP 257
  • TCP 4433

Answer : TCP 443

156-315.77 Check Point Certified Security Expert Exam Set 22

UDP packets are delivered if they are ___________.


Options are :

  • referenced in the SAM related dynamic tables
  • a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
  • bypassing the kernel by the forwarding layer of ClusterXL
  • a valid response to an allowed request on the inverse UDP ports and IP (Correct)

Answer : a valid response to an allowed request on the inverse UDP ports and IP

You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? (i.e. the command cprestart is not sufficient.) 1. Adding a hot-swappable NIC to the Operating System for the first time. 2. Uninstalling the R75 Power/UTM package. 3. Installing the R75 Power/UTM package. 4. Re-establishing SIC to the Security Management Server. 5. Doubling the maximum number of connections accepted by the Security Gateway.


Options are :

  • 3 only
  • 2, 3 only (Correct)
  • 3, 4, and 5 only
  • 1, 2, 3, 4, and 5

Answer : 2, 3 only

In an R76 Cluster, some features such as VPN only function properly when:


Options are :

  • All cluster members have the same policy
  • All cluster members' clocks are synchronized (Correct)
  • All cluster members have the same Hot Fix Accumulator pack installed
  • All cluster members have the same number of interfaces configured

Answer : All cluster members' clocks are synchronized

156-315.77 Check Point Certified Security Expert Exam Set 23

n a zero downtime firewall cluster environment what command do you run to avoid switching problems around the cluster.


Options are :

  • cphaconf set_ccp broadcast (Correct)
  • cphaconf set clear_subs
  • cphaconf set mc_relod
  • cphaconf set_ccp multicast

Answer : cphaconf set_ccp broadcast

Which external user authentication protocols are supported in SSL VPN?


Options are :

  • LDAP, RADIUS, Active Directory, SecurID
  • LDAP, RADIUS, TACACS, SecurID
  • DAP, SecurID, Check Point Password, OS Password, RADIUS, TACACS (Correct)
  • LDAP, Active Directory, SecurID

Answer : DAP, SecurID, Check Point Password, OS Password, RADIUS, TACACS

Jack needs to configure CoreXL on his Red Security Gateway. What are the correct steps to enable CoreXL?


Options are :

  • SSH to Red Security Gateway, run cpconfig > select Configure Check Point CoreXL > enable CoreXL > exit cpconfig > reboot the Security Gateway (Correct)
  • Open the SmartDashboard, Open the Red Check Point Object, select ClusterXL, check the CoreXL box, and push policy
  • Open the SmartDashboard, Open the Red Check Point Object, select Optimizations, check the CoreXL box, and push policy
  • SSH to Red Security Gateway, run cpconfig > select Configure Check Point CoreXL > exit cpconfig > reboot the Security Gateway

Answer : SSH to Red Security Gateway, run cpconfig > select Configure Check Point CoreXL > enable CoreXL > exit cpconfig > reboot the Security Gateway

156-315.77 Check Point Certified Security Expert Exam Set 24

True or false? After creating a snapshot of a Windows 2003 SP2 Security Management Server, you can restore it on a Secure Platform R76 Security Management Server, except you must load interface information manually.


Options are :

  • False, all configuration information conveys to the new system, including the interface configuration settings.
  • True, but only when the snapshot file is restored to a Secure Platform system running R76.10.
  • False, you cannot run the Check Point snapshot utility on a Windows gateway (Correct)
  • True, but only when the snapshot file is restored to a Secure Platform system running R76.20.

Answer : False, you cannot run the Check Point snapshot utility on a Windows gateway

Which of the following is a CLI command for Security Gateway R77?


Options are :

  • fw tab -u (Correct)
  • fw merge
  • fw shutdown
  • fwm policy_print

Answer : fw tab -u

Snapshot is available on which Security Management Server and Security Gateway platforms?


Options are :

  • Windows 2003 Server
  • Solaris
  • Secure Platform (Correct)
  • Windows XP Server

Answer : Secure Platform

156-315.77 Check Point Certified Security Expert Exam Set 3

When you check Web Server in a host-node object, what happens to the host?


Options are :

  • IPS Web Intelligence is enabled to check on the host.
  • The Web server daemon is enabled on the host
  • More granular controls are added to the host, in addition to Web Intelligence tab settings. (Correct)
  • You can specify allowed ports in the Web server's node-object properties. You then do not need to list all allowed ports in the Rule Base.

Answer : More granular controls are added to the host, in addition to Web Intelligence tab settings.

Which command would you use to save the interface information before upgrading a Windows Gateway?


Options are :

  • ifconfig > [filename].txt
  • cp /etc/sysconfig/network.C [location]
  • netstat -m > [filename].txt
  • ipconfig -a > [filename].txt (Correct)

Answer : ipconfig -a > [filename].txt

Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?


Options are :

  • fw ver
  • fw ctl pstat
  • fw stat (Correct)
  • cpstat fwd

Answer : fw stat

156-315.77 Check Point Certified Security Expert Exam Set 4

How does a cluster member take over the VIP after a failover event?


Options are :

  • Ping the sync interface
  • Gratuitous ARP (Correct)
  • Broadcast storm
  • if list -renew

Answer : Gratuitous ARP

Which of the following tools is used to generate a Security Gateway R77 configuration report?


Options are :

  • infoCP
  • infoview
  • fw cpinfo
  • cpinfo (Correct)

Answer : cpinfo

Your users are defined in a Windows 2008 Active Directory server.You must add LDAP users to a Client Authentication rule.Which kind of user group do you need in the Client Authentication rule in R76?


Options are :

  • LDAP group (Correct)
  • All Users
  • A group with a generic user
  • External-user group

Answer : LDAP group

156-315.77 Check Point Certified Security Expert Exam Set 5

Which command displays the installed Security Gateway version?


Options are :

  • fw stat
  • fw ver (Correct)
  • cpstat -gw
  • fw printver

Answer : fw ver

The User Directory Software Blade is used to integrate which of the following with a R76 Security Gateway?


Options are :

  • User Authority server
  • RADIUS server
  • Account Management Client server
  • LDAP server (Correct)

Answer : LDAP server

Which process is responsible for kernel table information sharing across all cluster members?


Options are :

  • fw kernel using an encrypted TCP connection
  • cpd using an encrypted TCP connection
  • CPHA using an encrypted TCP connection
  • fwd daemon using an encrypted TCP connection (Correct)

Answer : fwd daemon using an encrypted TCP connection

156-315.77 Check Point Certified Security Expert Exam Set 6

You have installed a R77 Security Gateway on GAiA. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy.When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?


Options are :

  • No Masters file is created for the new Gateway.
  • The Gateway object is not specified in the first policy rule column Install On
  • The object was created with Node > Gateway (Correct)
  • The new Gateway's temporary license has expired.

Answer : The object was created with Node > Gateway

Which one of the following processes below would not start if there was a licensing issue?


Options are :

  • CPCA
  • FWM
  • CPD (Correct)
  • CPWD

Answer : CPD

Which task will ThreatSpect Engine NOT do?


Options are :

  • Review the IPS signatures (Correct)
  • Look for suspicious activity by monitoring outgoing mail traffic
  • Review the networks signatures for Bot families
  • Perform a reputation check

Answer : Review the IPS signatures

156-315.77 Check Point Certified Security Expert Exam Set 7

A customer calls saying that a Load Sharing cluster shows drops with the error First packet is not SYN. Complete the following sentence. I will recommend:


Options are :

  • turning on SDF (Sticky Decision Function) (Correct)
  • configuring flush and ack
  • turning off SDF (Sticky Decision Function)
  • changing the load on each member

Answer : turning on SDF (Sticky Decision Function)

Which procedure creates a new administrator in Smart Workflow?


Options are :

  • In Smart Dashboard, click Smart Workflow/ Enable Smart Workflow and the Enable SmartWorkflow wizard will start. Supply the Login Name, Profile Properties, Name, Access Applications and Permissions when prompted.
  • In Smart Dashboard, click Users and Administrators right click Administrators / New Administrator and supply the Login Name. Profile Properties, Name, Access Applications and Permissions. (Correct)
  • On the Provider-1 primary MDS, run cpconfig, supply the Login Name, Profile Properties, Name, Access Applications and Permissions.
  • Run cpconfig, supply the Login Name. Profile Properties, Name, Access Applications and Permissions.

Answer : In Smart Dashboard, click Users and Administrators right click Administrators / New Administrator and supply the Login Name. Profile Properties, Name, Access Applications and Permissions.

While authorization for users managed by Smart Directory is performed by the gateway, the authentication is mostly performed by the infrastructure in which of the following?


Options are :

  • ldapauth
  • ldapd
  • cpauth (Correct)
  • cpShared

Answer : cpauth

156-315.77 Check Point Certified Security Expert Exam Set 8

John is the Security Administrator in his company. He installs a new R77 Security Management Server and a new R77 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard - "Trust established" SIC still does not seem to work because the policy won't install and interface fetching does not work. What might be a reason for this?


Options are :

  • It always works when the trust is established
  • The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid. (Correct)
  • This must be a human error.
  • SIC does not function over the network.

Answer : The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid.

Which of the following commands can be used to stop Management portal services?


Options are :

  • cpstop / portal
  • cpportalstop
  • smartportalstop (Correct)
  • fw stopportal

Answer : smartportalstop

The ________ Check Point ClusterXL mode must synchronize the physical interface IP and MAC addresses on all clustered interfaces.


Options are :

  • Multicast Mode Load Sharing
  • Legacy Mode HA (Correct)
  • New Mode HA
  • Pivot Mode Load Sharing

Answer : Legacy Mode HA

156-315.77 Check Point Certified Security Expert Exam Set 9

A process of performing authentication of the SSL VPN users to:


Options are :

  • None
  • cvpnd (Correct)
  • cpd
  • FWM
  • vpnd

Answer : cvpnd

156-315.77 Check Point Certified Security Expert Exam Set 1

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now