156-315.77 Check Point Certified Security Expert Exam Set 23

What is a task of the SmartEvent Correlation Unit?


Options are :

  • Look for patterns according to the installed Event Policy. (Correct)
  • Add events to the events database.
  • Display the received events
  • Assign a severity level to an event

Answer : Look for patterns according to the installed Event Policy.

The following graphic illustrates which command being issued on SecurePlatform?


Options are :

  • The old status is removed and a new session is created with the same name, but with a note stating new session after repair.
  • The administrator will have to open the old session and make the changes, no note is added automatically, however, the manager adds his notes stating the changes required.
  • The same session is modified with a note automatically added stating under repair
  • A new session is created by the name Repairing Session and the old session status is updated to Repaired with a note stating Repaired by Session < new id> (Correct)

Answer : A new session is created by the name Repairing Session and the old session status is updated to Repaired with a note stating Repaired by Session < new id>

Check Point Certified Security Expert Exam Set 6

In a R76 ClusterXL Load Sharing configuration, which type of ARP related problem can force the use of Unicast Mode (Pivot) configuration due to incompatibility on some adjacent routers and switches?


Options are :

  • MGCP MAC address response to a Multicast IP request
  • Multicast MAC address response to a Unicast IP request (Correct)
  • Multicast MAC address response to a RARP request
  • Unicast MAC address response to a Multicast IP request

Answer : Multicast MAC address response to a Unicast IP request

A VPN Tunnel Interface (VTI) is defined on Secure Platform Pro as:vpn shell interface add numbered 10.10.0.1 10.10.0.2 madrid.cp What do you know about this VTI?


Options are :

  • 10.10.0.1 is the local Gateway's internal interface, and 10.10.0.2 is the internal interface of the remote Gateway.
  • The peer Security Gateway's name is madrid.cp. (Correct)
  • The local Gateway's object name is madrid.cp.
  • The VTI name is madrid.cp.

Answer : The peer Security Gateway's name is madrid.cp.

Which specific R76 GUI would you use to view the length of time a TCP connection was open?


Options are :

  • SmartReporter
  • SmartView Status
  • SmartView Monitor
  • SmartView Tracker (Correct)

Answer : SmartView Tracker

Check Point Certified Security Expert Exam Set 9

Which of the following is TRUE concerning unnumbered VPN Tunnel Interfaces (VTIs)?


Options are :

  • VTIs cannot be assigned a proxy interface.
  • None
  • Local IP addresses are not configured; remote IP addresses are configured
  • VTIs can only be physical, not loopback.
  • They are only supported on the IPSO Operating System (Correct)

Answer : They are only supported on the IPSO Operating System

How can you disable SecureXL via the command line (it does not need to survive a reboot)?


Options are :

  • fwaccel off (Correct)
  • cphaprob off
  • securexl off
  • fw ctl accel off

Answer : fwaccel off

You are running a R76 Security Gateway onSecure Platform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed.What backup method could be used to quickly put the secondary firewall into production?


Options are :

  • manual backup
  • backup
  • snapshot (Correct)
  • upgrade export

Answer : snapshot

156-515.65 Check Point Certified Security Expert Plus Exam Set 2

What is the purpose of the pre-defined exclusions included with SmartEvent R71?


Options are :

  • To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71. (Correct)
  • To give samples of how to write your own exclusion.
  • As a base for starting and building exclusions.
  • To allow SmartEvent R71 to function properly with all other R71 release devices.

Answer : To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.

How many pre-defined exclusions are included by default in SmartEvent R71 as part of the product installation?


Options are :

  • 0
  • 10
  • 3 (Correct)
  • 5

Answer : 3

Your primary Security Gateway runs on SecurePlatform. What is the easiest way to back up your Security Gateway R77 configuration, including routing and network configuration files?


Options are :

  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • Run the pre_upgrade_verifier and save the .tgz file to the directory /temp
  • Using the native SecurePlatform backup utility from command line or in the Web based user interface. (Correct)
  • Using the command upgrade_export

Answer : Using the native SecurePlatform backup utility from command line or in the Web based user interface.

156-215.75 Check Point Certified Security Administrator Exam Set 1

Which of the following manages Standard Reports and allows the administrator to specify automatic uploads of reports to a central FTP server?


Options are :

  • Security Management Server
  • Smart Reporter Database
  • Smart Dashboard Log Consolidator
  • Smart Reporter (Correct)

Answer : Smart Reporter

Which type of routing relies on a VPN Tunnel Interface (VTI) to route traffic?


Options are :

  • Subnet-based VPN
  • Domain-based VPN
  • Host-based VPN
  • Route-based VPN (Correct)

Answer : Route-based VPN

Can you implement a complete IPv6 deployment without IPv4 addresses?


Options are :

  • Yes. Only one TCP stack (IPv6 or IPv4) can be used at the same time.
  • No. IPv4 addresses are required for management.
  • Yes, there is no requirement for managing IPv4 addresses (Correct)
  • No. Smart Center cannot be accessed from everywhere on the Internet.

Answer : Yes, there is no requirement for managing IPv4 addresses

156-115 Check Point Certified Security Master Practice Test Set 2

You have a High Availability ClusterXL configuration. Machines are not synchronized. What happens to connections on failover?


Options are :

  • Old connections are lost but are automatically recovered whenever the failed machine recovers.
  • It is not possible to configure High Availability that is not synchronized.
  • Old connections are lost but can be reestablished. (Correct)
  • Connections cannot be established until cluster members are fully synchronized.

Answer : Old connections are lost but can be reestablished.

You want to upgrade a cluster with two members to R76. The Security Management Server and both members are version NGX R65, with the latest Hotfix Accumulator. What is the correct upgrade procedure? 1. Change the version in the General Properties of the Gateway-cluster object. 2. Upgrade the Security Management Server, and reboot. 3. Run cpstop on one member, while leaving the other member running. Upgrade one member at a time and reboot after upgrade. 4. Reinstall the Security Policy.


Options are :

  • 1,3,2,4
  • 2,4,3,1
  • 2,3,1,4 (Correct)
  • 3,2,1,4

Answer : 2,3,1,4

Where do you define NAT properties so that NAT is performed either client side or server side?


Options are :

  • In SmartDashboard in the NAT Rules
  • In SmartDashboard under Global Properties > NAT definition (Correct)
  • In file $DFWDIR/lib/table.def
  • In SmartDashboard under Gateway setting

Answer : In SmartDashboard under Global Properties > NAT definition

156-315.77 Check Point Certified Security Expert Exam Set 8

Review the following list of actions that Security Gateway R76 can take when it controls packets.The Policy Package has been configured for Simplified Mode VPN. Select the response below that includes the available actions:


Options are :

  • Accept, Drop, Encrypt, Session Auth
  • Accept, Hold, Reject, Proxy
  • Accept, Drop, Reject, Client Auth (Correct)
  • Accept, Reject, Encrypt, Drop

Answer : Accept, Drop, Reject, Client Auth

There are times when you want to use the Link Selection manage a lot of traffic to the VPN connections.With Link dialog you can:


Options are :

  • Use the links are based authentication method.
  • Set up VPN links communities.
  • Probe links for availability. (Correct)
  • None
  • .Use links based on date / time.

Answer : Probe links for availability.

156-315.77 Check Point Certified Security Expert Exam Set 15

Which of them is defined as Public Key Infrastructure? Security is provided:


Options are :

  • by Certificate Authorities, digital certificates, and two-way symmetric key encryption
  • None
  • by Certificate Authorities, digital certificates and public key cryptography (Correct)
  • as well as through private and public keys, digital certificates without.
  • authentication.

Answer : by Certificate Authorities, digital certificates and public key cryptography

Which of the following statements is true regarding the members of the VPN's?


Options are :

  • The load-bearing VPN Client is given a priority list based on the security gateway connection, would be the first connection fails.
  • None
  • MEP Security Gateway can be managed by separate management servers. (Correct)
  • State security gateways synchronization is required.
  • MEP VPN's is limited to the location of the gateways.

Answer : MEP Security Gateway can be managed by separate management servers.

Which of the following statements is true regarding the members of the VPN's?


Options are :

  • State synchronization required for security gateways
  • MEP Security Gateway can not be managed by separate management servers.
  • MEP VPN YS are not limited to the location of the gateways. (Correct)
  • None
  • VPN Client is given a priority list based on the security gateway connection, would be the first connection fails.

Answer : MEP VPN YS are not limited to the location of the gateways.

Check Point Certified Security Expert Exam Set 1

How do I check the VPN Tunnel Interface (VTI) is configured correctly?


Options are :

  • VPN shell showdetailed
  • VPN interface shell to show in detail the (Correct)
  • VPN shell display interface in detail
  • None
  • VPN shell displaydetailed

Answer : VPN interface shell to show in detail the

Which of the following statements is true regarding the members of the VPN's?


Options are :

  • MEP Security Gateway can not be managed by separate management servers.
  • State security gateways synchronization is required.
  • VPN Client selects a Security Gateway is repeated, becomes the first connection fails. (Correct)
  • MEP VPN's is limited to the location of the gateways.
  • None

Answer : VPN Client selects a Security Gateway is repeated, becomes the first connection fails.

Check the following list of activities, Security Gateway R75 can be taken when it directs packets. Policy package is configured in a simplified mode VPN. Choose the answer below, which contains the available actions:


Options are :

  • Accept, Drop, Encrypt, Auth Session
  • Accept, Drop, Reject, Client Auth (Correct)
  • Accept, Reject, Encrypt, Drop
  • Accept, Reject, Proxy
  • None

Answer : Accept, Drop, Reject, Client Auth

156-215.75 Check Point Certified Security Administrator Exam Set 1

What used to confirm a digital certificate?


Options are :

  • None
  • IPSec
  • S / MIME
  • CRL (Correct)
  • PKCS

Answer : CRL

Which of the following statements is true regarding the members of the VPN's?


Options are :

  • VPN Client is given a priority list based on the security gateway connection, would be the first connection fails.
  • None
  • MEP VPN's is limited to the location of the gateways.
  • State security gateways synchronization is not required. (Correct)
  • MEP Security Gateway can not be managed by separate management servers.

Answer : State security gateways synchronization is not required.

What is the router prompt to save the OSPF configuration?


Options are :

  • localhost.localdomain (config-if) #
  • localhost.localdomain (config-router-ospf) #
  • localhost.localdomain (config) #
  • None
  • .localhost.localdomain # (Correct)

Answer : .localhost.localdomain #

Check Point Certified Security Expert Exam Set 5

What is the command to display the OSPF adjacencies?


Options are :

  • None
  • Show running-config
  • show OSPF neighbors (Correct)
  • Show OSPF summary-address
  • show OSPF interface

Answer : show OSPF neighbors

If you need to encrypt strong protection for user data, which option would be the best choice?


Options are :

  • When you need strong encryption, IPsec is not the best option. SSL VPN is a better option
  • The certificates phase 1, SHA hash for everyone, for all AES encryption and PFS, and use the ESP protocol. (Correct)
  • Use the Diffie-Hellman key construction and pre-shared keys Quick Mode. Select the System of Health Accounts Quick Mode and AES to encrypt. Uses the AH protocol. Switches aggressive.
  • Removes a stronger testimony Diffie-Hellman based key management by using the method. Use the AES 256-bit encrypted all channels and increase the PFS to Quick Mode. Use the double encryption by implementing AH and ESP protocols
  • None

Answer : The certificates phase 1, SHA hash for everyone, for all AES encryption and PFS, and use the ESP protocol.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now