156-315.77 Check Point Certified Security Expert Exam Set 24

You want VPN traffic packets to match the internal interfaces. You also want to leave the security gateway traffic all the way to the site-to-site VPN communities, such as remote communities. How should you configure the VPN-match rule?


Options are :

  • None
  • internal_clear> All_GwToGw
  • internal_clear> All_communities
  • Communities> Communities
  • Internal_clear> External_Clear

Answer : internal_clear> All_communities

156-315.77 Check Point Certified Security Expert Exam Set 3

What kind of object can be unambiguously define the MEP VPN?


Options are :

  • VPN community
  • Mesh VPN Community
  • Remote access VPN Community
  • Star VPN Community
  • None

Answer : Star VPN Community

You want a VPN using certificates. VPN exchange certificates for external partners. Which of the following should be done first?


Options are :

  • Manually bring Partner YS list of certificates.
  • None
  • Manually bring your partner's Access Control List.
  • Exchange exported to CA keys and use them to create a new server object to describe the PARTNER YS Certificate Authority (CA).
  • Create a new logical server object to describe the PARTNER YS CA.

Answer : Exchange exported to CA keys and use them to create a new server object to describe the PARTNER YS Certificate Authority (CA).

There are times when you want to use the Link Selection manage a lot of traffic to the VPN connections.With Link dialog you can:


Options are :

  • None
  • Use the links are based authentication method.
  • Set up links using dynamic DNS
  • Use Load sharing divides VPN traffic.
  • Use the links based on the date / time.

Answer : Use Load sharing divides VPN traffic.

156-315.77 Check Point Certified Security Expert Exam Set 4

Your organization maintains a number of IKE VPN. The Executives in your organization will want to know which system to use Security Gateway R77 guarantee the authenticity and integrity of messages. What technique you should explain to executives?


Options are :

  • application awareness
  • The key exchange protocols
  • None
  • Certificate Revocation Lists
  • digital signatures

Answer : digital signatures

MEP VPN's use of Proprietary Products Touch to send special protocol UDP RDP packets to port ____ to find out if an IP is available.


Options are :

  • 201
  • 264
  • 256
  • 259
  • None

Answer : 259

There are times when you want to use the Link Selection manage a lot of traffic to the VPN connections.With Link dialog you can:


Options are :

  • Set the remote access links
  • Set up links to use dynamic DNS.
  • Set up VPN links communities
  • Links based on the date / time
  • None

Answer : Set the remote access links

156-315.77 Check Point Certified Security Expert Exam Set 5

VPN Tunnel Interface (VTI) is defined Gaia as: VPN connection add zest numbered 10.10.0.1 10.10.0.2 madrid.cp What do you know about this VTI?


Options are :

  • Peer Security Gateway name is madrid.cp.
  • 10.10.0.1 local gateway is an internal interface, and 10.10.0.2 is an internal interface on the remote gateway.
  • VTI's name is madrid.cp
  • None
  • Local Gateway object name is madrid.cp.

Answer : Peer Security Gateway name is madrid.cp.

Web Application's SSL Network Extender is found to fail one after the TCP connection has been idle for more than one hour.You find out that you need to enable sending a reset (RST) packets in a TCP connection time out expiration.Where it is necessary to change this setting?


Options are :

  • $ FWDIR / conf / objects.C
  • $ WEBISDIR / conf / cpadmin.elg
  • $ FWDIR / conf / objects_5_0.C
  • None
  • $ CVPNDIR / conf / cvpnd.C

Answer : $ FWDIR / conf / objects_5_0.C

156-315.77 Check Point Certified Security Expert Exam Set 6

Even after the configuration of the central logging Connecter, Connecterlogs do not appear in the Smart View Tracker. What could be the cause of this problem?


Options are :

  • You need to restore the logging Connecter management server using dummy log server object.
  • You must install the security policy and try again.
  • You must install the Management Server database.
  • None
  • R70 is not supported by the host object the same IP address as the Management Server is used as a secondary log server or control rooms.

Answer : You must install the Management Server database.

Are you going to transfer the VPN-1 NG Application Intelligence (AI) R55 Smart Center Server VPN-1 NGX. You also plan to upgrade the four VPN-1 Pro Gateways at remote offices and one local VPN-1 Pro Gateway company headquarters. SmartCenter Server configuration is transferred. What is the correct procedure to move the assembly?


Options are :

  • Update SmartCenter Server and five from elsewhere Gateways through the Smart Update at the same time.
  • 1. Update the SmartCenter Server using the VPN-1 NGX CD. 2. Install and upgrade licenses to five remote gateways.
  • 1. Copy the FWDIR $ \ conf directory SmartCenter Server. 2. Save the contents of a directory to another directory. 3. Removing the installation of Smart Center Server and to install a new Smart Center Server. 4. Transfer the contents of the directory FWDIR $ \ conf. 5. Install all gateways using the NGX and install the policy.
  • 1. Update the five through remote gateways Smart Update. 2. Update the SmartCenter Server using the VPN-1 NGX CD.
  • 1. VPN-1 NGX SmartCenter Server CD, select the "pre-upgrade". 2. After the import configuration to the new SmartCenter NGX SmartCenter, re-start. 3. Upgrade all licenses and software in all five remote gateways via Smart Update.

Answer : 1. VPN-1 NGX SmartCenter Server CD, select the "pre-upgrade". 2. After the import configuration to the new SmartCenter NGX SmartCenter, re-start. 3. Upgrade all licenses and software in all five remote gateways via Smart Update.

Online bookstore is combined with a variety of Web servers customers to place or change orders and check order status. You ran through penetration tests whether the Security Gateway Web servers were sheltered from the recent cross-site scripting attacks. Tests carried out showed the penetration of Web servers were still vulnerable.You checked each box Web Intelligence tab and install the security Policy.What else can you do to reduce the vulnerability?


Options are :

  • Configure the Security Gateway to protect Web servers Web server.
  • Add port (TCP 443) as an extra port on the Web Server tab Host knots.
  • Check Products / Web Server Host box Knots objects representing Web Servers
  • None
  • The penetration of the software you are using is a failure, is reporting falsepositive.

Answer : Check Products / Web Server Host box Knots objects representing Web Servers

156-315.77 Check Point Certified Security Expert Exam Set 7

At a certain IPS protects R76 Logging Settings Capture what option packages do?


Options are :

  • Collect all the logs packets are responded to within this protection during the last 30 days
  • This is not a valid choice for R76
  • Contact the packet capture the traffic that is responsible for this protection that each log produces security.
  • Starts packet capture with a policy to install to capture all of the traffic until this protection is a hit.
  • None

Answer : Contact the packet capture the traffic that is responsible for this protection that each log produces security.

Which internal user authentication protocols are supported SSL VPN?


Options are :

  • Check Point password, SecurID, Active Directory, RADIUS, TACACS
  • None
  • Check Point password, SecurID, LDAP, RADIUS, TACACS
  • Check Point password, SecurID, L2TP, RADIUS, TACACS
  • Point your password, SecurID, OS password, RADIUS, TACACS

Answer : Point your password, SecurID, OS password, RADIUS, TACACS

What technique would be to describe RDED QoS?


Options are :

  • The mechanism for managing packet buffers.
  • The mechanism for reducing the number of re-send and forward storms
  • None
  • The mechanism leading to the perfect state and context information for all network traffic.
  • The mechanism accurately classify traffic and set it to the correct transmission queue

Answer : The mechanism for reducing the number of re-send and forward storms

156-315.77 Check Point Certified Security Expert Exam Set 8

In R76, the organization's own e-mail addresses or domain names are used:


Options are :

  • None
  • Scan to e-mail messages only if the sender's email address is part of this definition by default.
  • FTP traffic is sent to the user's e-mail in which he is a part of this definition are scanned by DLP, by default.
  • HTTP traffic that is sent to the user where his email is part of this definition DLP scanned by default,
  • Defining e-mail address SMTP proxy server.

Answer : Scan to e-mail messages only if the sender's email address is part of this definition by default.

The primary Smart Center Server is installed on the Secure PlatformPro machine, which is also a VPN gateway 1 Pro. You want to implement the Management High Availability (HA). You will have a free machine to determine the secondary SmartCenter Server. How to configure a new device is in standby mode SmartCenter Server, without making changes to the existing primary SmartCenter Server? (Changes may include removing and re-installing.)


Options are :

  • The new machine can not be installed as an internal Certificate Authority on its own
  • Install a secondary backup server machine. Add a new machine to the same network as the primary server.
  • None
  • You can set the management of HA, when either the first or the second smart Center Server is running on the VPN gateway 1 Pro.
  • The secondary server can not install the Secure Platform Pro machine alone.

Answer : You can set the management of HA, when either the first or the second smart Center Server is running on the VPN gateway 1 Pro.

Back up all the events stored in the Smart Event Server will back up the contents of the folder (s)?


Options are :

  • $ RTDIR / distributes and $ FWDIR / events_db
  • $ RTDIR / distributes
  • $ RTDIR / events_db
  • $ RTDIR / distrib_db and $ FWDIR / events
  • None

Answer : $ RTDIR / distributes and $ FWDIR / events_db

156-315.77 Check Point Certified Security Expert Exam Set 9

TotallyCoolSecurity The company has a large security staff. Bob configured for the new IPS Chicago_Profile fw-Chicago using the Detect state. After examining the logs, Matt noticed that fw-Chicago does not detect IPS protections Bob had previously setup.Analyze output below and to determine how Matt can fix the problem.


Options are :

  • Matt should change Chicago_Profile use protection mode due to Detect mode does not work.
  • Matt should give FW-Chicago Security Gateway to Chicago_Profile.
  • Matt should re-create the Chicago_Profile and select Enable instead of manually towards the IPS Policy.
  • Matt should activate Chicago_Profile because it is currently not enabled.
  • None

Answer : Matt should give FW-Chicago Security Gateway to Chicago_Profile.

In the XYZ Company, DLP administrator defined a new model of data type, which is based on a blank PDF format insurance claim.Which of the following statements about this new data type is correct?


Options are :

  • If a blank PDF insurance claim form is submitted, it can not be adapted to this type of data.
  • Completed until the insurance claim forms the type of PDF file, based on a blank PDF form adapted to this type of data.
  • Word, Excel, PDF filled forms of insurance compensation, which were based on a blank PDF insurance claim form adapted to this type of data.
  • None
  • Data type mismatch only files with the name and the file size is similar to that of the original insurance claim forms in PDF format.

Answer : Word, Excel, PDF filled forms of insurance compensation, which were based on a blank PDF insurance claim form adapted to this type of data.

You are SSL VPN Administrator. Users complain that their Outlook Web Access runs very slowly, and their overall browsing experience continues to get worse. You suspect that it could be logging problem.Which the following log files do not recommend Checkpoint to clean?


Options are :

  • event_ws.log
  • httpd * .log
  • alert_owd.log
  • mod_ws_owd.log
  • None

Answer : httpd * .log

156-315.77 Check Point Certified Security Expert Exam Set 1

Which of the following statements port scanning feature IPS is true?


Options are :

  • Port Scanning feature is to actively prevent the scan and send an alert to the SmartView Monitor.
  • The default scan settings detection is the case when more than 500 open inactive ports are open for the duration of 120 seconds.
  • When a port scan is detected, only the log has been given, never alarm.
  • None
  • At the gate does not prevent scanning; it detects port scans, one three-level sensitivity.

Answer : At the gate does not prevent scanning; it detects port scans, one three-level sensitivity.

Which option is intended for connection to the Internet?


Options are :

  • None
  • SmartDashboard will retrieve information about Check Point's on the Internet. No information will be sent.
  • SmartDashboard will retrieve information about Check Point's on the Internet. Your information will be sent anonymously Checkpoint.
  • SmartDashboard will retrieve information about Check Point's on the Internet.
  • SmartDashboard will retrieve information about Check Point's Internet user ID Login.

Answer : SmartDashboard will retrieve information about Check Point's Internet user ID Login.

Using IPS, how to inform the Security Administrator, the malware scans specified port? By:


Options are :

  • Malware Protection Amendment
  • Undesirable Code Protector
  • The host port scan
  • None
  • Sweep Scan Protection

Answer : Sweep Scan Protection

156-315.77 Check Point Certified Security Expert Exam Set 10

How to prevent some of the seldom-used FTP commands, such as CWD, and to find the doorway Gateway?


Options are :

  • Define limited FTP commands to display the Security Servers Global Properties
  • None
  • More limited commands aftpd.conf file Security Management Server.
  • Enable FTP Bounce checking / Application Intelligence / IPS protections Protocol tab
  • Edit the desired profile in the FTP commands IPS protection details tab.

Answer : Edit the desired profile in the FTP commands IPS protection details tab.

Every procedure enables SSL VPN gateway blade?


Options are :

  • None
  • Log in Smart Dashboard, select the VPN Communities tab and add the appropriate port of the Community.
  • Log on to Web UI and check the gateway SSL VPN Blade check box.
  • Smart Dashboard log, edit the properties of the Gateway and SSL VPN select the check box.
  • Log in Smart Dashboard Create a new rule source and destination addresses of the remote network is needed, set the encrypt and push the policy that the gateway.

Answer : Smart Dashboard log, edit the properties of the Gateway and SSL VPN select the check box.

You are using the trace logger debug SSL VPN on the server side and get the text in the form of traffic landfill. What type of traffic do you not see the output?


Options are :

  • traffic portal
  • Outgoing traffic to external networks
  • None
  • Traffic leaving the internal network
  • Traffic incoming external networks

Answer : traffic portal

156-315.77 Check Point Certified Security Expert Exam Set 2

Which of the following functions can not be performed Client About Computer information is collected?


Options are :

  • Enter the new access to account information computer information.
  • Stores the data in the active tab of the .exe file.
  • To copy the selected cells.
  • None
  • Run a Google.com search the contents of the selected cell.

Answer : Stores the data in the active tab of the .exe file.

Oman R76 Enterprise Security Management Server is running exceptionally Windows 2008 Server. You decide to try to install the Security Management Server, but you want to try to keep your critical Security Management Server configuration intact (ie, all security policies, databases, SIC, licensing, etc.), what is the best way to install the server and keep its critical assembly?


Options are :

  • None
  • 1. Download the latest upgrade_export utility and run it from the \ temp directory to export the configuration file into a .tgz 2. Carry out all mandatory fields upgrade_version suggested steps 3. Remove all the packages through R70 Add / Remove Programs, and then restart 4. Smart Update to install the Security Management Server and start the 5. Move the tgz file back to the local \ temp 6. Run upgrade_import import the configuration
  • 1. Creates a database version control system Smart Backup Dashboard 2. Create a compressed archive FWDlR * * \ conf and> FWDiR8 \ lib directories and copy them to another network device. 3. Remove all the packages R70 Add / Remove Programs, and reboot. 4. Re-install the primary Security Management Server using the R70 CD. 5. Start and returns two archived on the directories of the new installation, choose to overwrite existing files.
  • 1. Set F70 CD-ROM, and select to export the configuration using the latest update utilities 2. Carry out all mandatory fields upgrade_verification suggested steps and re-export the configuration if necessary 3. Save the export "tgz file to your local C: \ temp directory 4. Remove all the packages through R70 Add / remove Programs, and then restart 5. Reinstall using the R70 CD-ROM as the primary Security Management Server, and then restart 6. Run upgrade_import import the configuration
  • 1. Download the latest upgrade_export utility and run it on C; \ Temp directory to export the assembly into a .tgz file 2. Go to any upgrade_verification warnings, because you are not updating 3. Move the .tgz file to another network device 4. Download and run the utility, and then restart cpclean 5. Use the R70 CD-ROM select the option to import the configuration upgrade_import

Answer : 1. Download the latest upgrade_export utility and run it from the \ temp directory to export the configuration file into a .tgz 2. Carry out all mandatory fields upgrade_version suggested steps 3. Remove all the packages through R70 Add / Remove Programs, and then restart 4. Smart Update to install the Security Management Server and start the 5. Move the tgz file back to the local \ temp 6. Run upgrade_import import the configuration

All of the following using DLP match during the message description, except:


Options are :

  • Data Type
  • None
  • protocol
  • message body
  • destination

Answer : message body

156-315.77 Check Point Certified Security Expert Exam Set 3

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions