156-315.77 Check Point Certified Security Expert Exam Set 22

The process _____ to perform authentication to log SmartDashboard.


Options are :

  • FWM (Correct)
  • vpnd
  • cpd
  • None
  • cvpnd

Answer : FWM

While the authorized user is managed by SmartDirectory performed gateway, authentication, occurs most often in _____.


Options are :

  • cpShared
  • ldapd
  • ldapauth
  • cpauth (Correct)
  • None

Answer : cpauth

A process of performing the authentication session authentication succession to:


Options are :

  • None
  • cvpnd
  • FWM
  • fwssd (Correct)
  • vpnd

Answer : fwssd

Check Point Certified Security Expert Exam Set 4

Which of the following Clish commands you would use to set admin user shell bash?


Options are :

  • set by the admin shell / bin / bash (Correct)
  • set by the admin / bin / bash
  • None
  • a set of user administrator shell = / bin / bash
  • set by the admin shell bash

Answer : set by the admin shell / bin / bash

When using the model to determine the user SmartDirectory The user YS password should be defined _____ object.


Options are :

  • LDAP
  • Template
  • VPN Community
  • None
  • user (Correct)

Answer : user

When configuring the LDAP Group object, select _____, if you want the gateway to refer to all groups defined in the authentication LDAP server purposes.


Options are :

  • The only group Branch
  • OU Accept and choose the appropriate domain name
  • All Account-Unita YS Users (Correct)
  • None
  • Only Sub Tree

Answer : All Account-Unita YS Users

156-215.77 Check Point Certified Security Administrator Exam Set 1

Security server configuration settings are stored in _____.


Options are :

  • $ FWDIR / conf / Fwauth.c
  • $ FWDIR / conf / AMT.conf
  • $ FWDIR / conf / fwopsec.conf
  • $ FWDIR / conf / fwauthd.conf (Correct)
  • None

Answer : $ FWDIR / conf / fwauthd.conf

Process _____ is responsible for authentication for remote access clients.


Options are :

  • cpd
  • None
  • FWM
  • vpnd (Correct)
  • cvpnd

Answer : vpnd

What is the correct command imports of new users R77 user database?


Options are :

  • FWM import
  • FWM importusrs
  • FWM dbimport (Correct)
  • FWM importdb
  • None

Answer : FWM dbimport

156-315.77 Check Point Certified Security Expert Exam Set 10

Which of the following is a valid Active Directory user name Jane Doe MIS department AcmeCorp.com?


Options are :

  • None
  • Cn = jane_doe, ca = MIS, cn = acmecorp, dc = com
  • Jane_doe cn =, ou = MIS, dc = acmecorp, dc = com (Correct)
  • Cn = jane_doe, ca = MIS, dc = acmecorp, dc = com
  • Jane_doe cn =, ou = MIS, cn = acmecorp, dc = com

Answer : Jane_doe cn =, ou = MIS, dc = acmecorp, dc = com

Which process should debug SmartDashboard if the login fails?


Options are :

  • FWM (Correct)
  • fwd
  • cpd
  • SDM
  • None

Answer : FWM

When configuring the LDAP Group object, select the option _____ if you want the gateway to refer to a particular group defined LDAP server for authentication purposes.


Options are :

  • Only Sub Tree (Correct)
  • The only group Branch
  • All Users Account Unit
  • Group Agnostic
  • None

Answer : Only Sub Tree

156-315.77 Check Point Certified Security Expert Exam Set 12

Which of the following is a valid Active Directory user name John Doe in the sales department of AcmeCorp.com?


Options are :

  • Cn = john_doe, ca = Sales, ou = acmecorp, dc = com
  • None
  • John_doe cn =, ou = Sales, dc = acmecorp, dc = com (Correct)
  • John_doe cn =, ou = Sales, ou = acmecorp, dc = com
  • Cn = john_doe, ca = Sales, dc = acmecorp, dc = com

Answer : John_doe cn =, ou = Sales, dc = acmecorp, dc = com

When the endpoint user can authenticate but receives a message from the client that it can not control the desktop policy, which is the most likely scenario?


Options are :

  • The user attempts to connect to the wrong endpoint client. (Correct)
  • Desktop policy is not set
  • User rights prevent access to the secure network.
  • The gateway could not find the user SmartDirectory and allows the connection restrictions based on the general profile.
  • None

Answer : The user attempts to connect to the wrong endpoint client.

When the client initiates a connection to the server, firewall core signals FWD process using the trap. FWD spawns a child _____ service, which runs from the security server.


Options are :

  • FWSD
  • None
  • FWSSD (Correct)
  • .In.httpd
  • FWD

Answer : FWSSD

Check Point Certified Security Expert Exam Set 10

User definitions are stored in _____.


Options are :

  • $ FWDIR / conf / users.NDB
  • $ FWDIR / conf / fwauth.NDB (Correct)
  • $ FWDIR / conf / fwmuser.conf
  • $ FWDIR / conf / fwusers.conf
  • None

Answer : $ FWDIR / conf / fwauth.NDB

you may see the following entries debug the user authentication process. In what order these messages may appear?


Options are :

  • au_fetchuser, make_au, au_auth, cpLdapGetUser, au_auth_auth, cpLdapCheck
  • cpLdapGetUser, au_fetchuser, cpLdapCheck, make_au, au_auth, au_auth_auth
  • None
  • make_au, au_auth, au_fetchuser, cpLdapGetUser, cpLdapCheck, au_auth_auth (Correct)
  • make_au, au_auth, au_fetchuser, au_auth_auth, cpLdapCheck, cpLdapGetUser

Answer : make_au, au_auth, au_fetchuser, cpLdapGetUser, cpLdapCheck, au_auth_auth

Control connections Security Management Server and Gateway are not encrypted VPN community. How these connections secured?


Options are :

  • They are encrypted and authenticated SIC. (Correct)
  • They are not encrypted, but are verified Gateway
  • They are not secured.
  • None
  • They are protected by PPTP

Answer : They are encrypted and authenticated SIC.

Check Point Certified Security Expert Exam Set 6

When the client initiates a connection to the server, firewall core signals FWD process using the trap. FWD spawns a child _____ service, which runs from the security server.


Options are :

  • They are not encrypted, but are verified Gateway
  • They are encrypted and authenticated SIC. (Correct)
  • None
  • They are not secured.
  • They are protected by PPTP

Answer : They are encrypted and authenticated SIC.

If the number of kernel instances for CoreXL shown is 6, how many cores are in the physical machine?


Options are :

  • 8 (Correct)
  • 4
  • 6
  • 12

Answer : 8

156-315.77 Check Point Certified Security Expert Exam Set 8

Which of the following is NOT a feature of ClusterXL?


Options are :

  • Transparent upgrades
  • Zero downtime for mission-critical environments with State Synchronization (Correct)
  • Enhanced throughput in all ClusterXL modes (2 gateway cluster compared with 1 gateway)
  • Transparent failover in case of device failures

Answer : Zero downtime for mission-critical environments with State Synchronization

What is the purpose of the pre-defined exclusions included with SmartEvent R76?


Options are :

  • As a base for starting and building exclusions.
  • To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71. (Correct)
  • To give samples of how to write your own exclusion
  • To allow SmartEvent R76 to function properly with all other R71 devices.

Answer : To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.

Which utility or command is useful for debugging by capturing packet information, including verifying LDAP authentication?


Options are :

  • um_core enable
  • fw debug fwm
  • ping
  • fw monitor (Correct)

Answer : fw monitor

156-315.71 Check Point Security Expert R71 Practical Exam Set 5

Which of the listed load-balancing methods is NOT valid?


Options are :

  • Domain
  • Random
  • Round Trip
  • They are all valid (Correct)

Answer : They are all valid

What is the proper command for importing users into the R76 User Database?


Options are :

  • fwm importdb
  • fwm dbimport (Correct)
  • fwm import
  • fwm importusrs

Answer : fwm dbimport

Your organization's disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R76 installation. Your plan must meet the following required and desired objectives:Upon evaluation, your plan:


Options are :

  • Meets the required objective and only one desired objective
  • Meets the required objective but does not meet either desired objective
  • Does not meet the required objective
  • Meets the required objective and both desired objectives (Correct)

Answer : Meets the required objective and both desired objectives

Check Point Certified Security Expert Exam Set 7

What is a requirement for setting up R76 Management High Availability?


Options are :

  • All Security Management Servers must have the same number of NICs.
  • All Security Management Servers must reside in the same LAN.
  • All Security Management Servers must have the same operating system. (Correct)
  • State synchronization must be enabled on the secondary Security Management Server.

Answer : All Security Management Servers must have the same operating system.

In a R76 Management High Availability (HA) configuration, you can configure synchronization to occur automatically, when: 1. The Security Policy is installed. 2. The Security Policy is saved. 3. The Security Administrator logs in to the secondary Smart CenterServer, and changes its status to active. 4. A scheduled event occurs. 5. The user database is installed. Select the BEST response for the synchronization trigger.


Options are :

  • 1,2,4 (Correct)
  • 1,2,5
  • 1,3,4
  • 1,2,3,4

Answer : 1,2,4

How many pre-defined exclusions are included by default in SmartEvent R76 as part of the product installation?


Options are :

  • 0
  • 5
  • 3 (Correct)
  • 10

Answer : 3

156-315.77 Check Point Certified Security Expert Exam Set 1

What process manages the dynamic routing protocols (OSPF, RIP, etc.) on SecurePlatform Pro?


Options are :

  • Routerd
  • Gated (Correct)
  • Arouted
  • There's no separate process, but the Linux default router can take care of that.

Answer : Gated

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions