156-315.77 Check Point Certified Security Expert Exam Set 10

You have two IP Appliances: one IP565 and IP395 one. Both devices are IPSO 6.2 and R76 installed in a distributed deployment. They may be members of a gateway cluster?


Options are :

  • Yes, as long as they have the same IPSO and Check Point versions. (Correct)
  • No, because the devices must be of the same model (both should be the IP565 or IP395)
  • No, because the security gateway must be installed in a separate installation.
  • None
  • .No, because IP is not cluster option.

Answer : Yes, as long as they have the same IPSO and Check Point versions.

156-315.13 Check Point Security Expert R76 (GAiA) Exam Set 2

Primary Security Management Server works with GAIA. What is the easiest way to backup your Security Gateway R76 configuration, including routing and network configuration files?


Options are :

  • The command upgrade_export
  • None
  • .Using Gaia native backup utility from the command line or web-based interface. (Correct)
  • By copying directories FWDIR $ / conf and $ FWDIR / lib to a different location.
  • Command pre_upgrade verifier and save the file * .tgz the directory c: / temp

Answer : .Using Gaia native backup utility from the command line or web-based interface.

Jack Smart Event to use and does not see users' identities events. Administrators have full access to what he needs to do to fix his problem?


Options are :

  • None
  • Open SmartDashboard and change the Show or Hide the icon identities and re-open the Smart Event
  • Open Smart Event, go to the Policy tab, select General Settings in the left column> User identities and the screen will show identities. (Correct)
  • Open Smart Event and change the Show or hide the identities of the icon.
  • Open Smart Event, click on the Query Properties and select the user column

Answer : Open Smart Event, go to the Policy tab, select General Settings in the left column> User identities and the screen will show identities.

What can be said RSA algorithms? Select all that apply


Options are :

  • RSA key length varies (Correct)
  • Long keys can be used to improve the security of RSA (Correct)
  • RSA is faster to calculate than DES
  • Short keys can be used RSA efficiency. (Correct)

Answer : RSA key length varies Long keys can be used to improve the security of RSA Short keys can be used RSA efficiency.

156-315.77 Check Point Certified Security Expert Exam Set 7

Check Point clustering protocol works:


Options are :

  • UDP 500
  • TCP 19864
  • None
  • TCP 8116
  • UDP 8116 (Correct)

Answer : UDP 8116

To upgrade a cluster of two members of the VPN-1 NGX. SmartCenter Server, and both are members of the version of VPN-1 / Firewall-1 NG FP3, the latest Hotfix.What have the correct upgrade procedure? 1. Change the browser version of the General Features gateway cluster object. 2. Update the SmartCenter Server, and then restart after the update. 3. Run cpstop one member, leaving the other member of the running. Upgrade one member at a time, and restart after the update. 4. Install security.


Options are :

  • 1, 3, 2, 4
  • 2, 3, 1, 4 (Correct)
  • 2, 4, 3, 1
  • 1, 2, 3, 4
  • 3, 2, 1, 4

Answer : 2, 3, 1, 4

Customer complains of his poor systems. He has heard that the interface templates to speed up traffic. How to explain to the customer how the limitations of the model and make sure that they are running?


Options are :

  • Improves establish a connection to the acceleration, the mechanism aims to group together all the connections that correspond to a particular service and a discriminating factor is the only port of destination. You can test the connection patterns are available with the command FW ctl models.
  • Improves establish a connection to the acceleration, the mechanism aims to group together all the connections that correspond to a particular service and a discriminating factor is the sole source port. You can test the connection patterns are available with the command FW ctl models.
  • None
  • Improves establish a connection to the acceleration, the mechanism aims to group together all the connections that correspond to a particular service and a discriminating factor is the sole source port. You can test the connection patterns are available with the command fwaccel stat. (Correct)
  • Improves establish a connection to the acceleration, the mechanism aims to group together all the connections that correspond to a particular service and a discriminating factor is the only port of destination. You can test the connection patterns are available with the command fwacel models.

Answer : Improves establish a connection to the acceleration, the mechanism aims to group together all the connections that correspond to a particular service and a discriminating factor is the sole source port. You can test the connection patterns are available with the command fwaccel stat.

156-315.77 Check Point Certified Security Expert Exam Set 14

Using SmartProvisioning profiles, which of the following could be organized as a secure platform and UTM-1 Edge appliances? (I), a backup (ii) Routing (iii) the connections (iv) Hosts (v) NTP (vi) DNS


Options are :

  • (I), (II) and (IV) (Correct)
  • .none of these options are available as well.
  • (I), (iii), (iv) and (vi)
  • None
  • (Ii), (iii), (iv) and (vi)

Answer : (I), (II) and (IV)

156-315.77 Check Point Certified Security Expert Exam Set 4

Where Security Administrator to adjust the unit of measurement (bps, kbps, or bps), Check Point QoS Bandwidth?


Options are :

  • $ CPDIR / conf / qos_props.pf
  • Check Point Gateway object properties
  • Global Features (Correct)
  • None
  • QoS-class objects

Answer : Global Features

In the XYZ Company, DLP administrator defined a new data type keywords, which contains a list of the names of the secret project; that is, Ayalon Yarkon, Yarden. The threshold is set to a minimum of 2 keywords or phrases. Based on this information, which of the following scenarios will match the rule base?


Options are :

  • Password-protected MS Excel file that contains the following text Ayalon Yarkon Yarden
  • PDF file, containing the following text Yarkon1 may be a code name for the new product.Yardens list of protected sites
  • MS-Excel file that contains the following text Mort resources Yarkon project..Are you certain this is about Yarden (Correct)
  • None
  • Word file that contains the following text to match: Ayalon Ayalon Ayalon

Answer : MS-Excel file that contains the following text Mort resources Yarkon project..Are you certain this is about Yarden

Which of the following can not be changed by editing the file cp_httpd_admin.conf?


Options are :

  • Go to the HTTP or HTTPS protocol,
  • None
  • Customizing a Web server certificate attributes
  • Administrative Access Level (Correct)
  • Web server port

Answer : Administrative Access Level

156-215.70 Check Point Certified Security Administrator Exam Set 8

The management portal should be installed: (i) the management server (ii) a Security Gateway (iii) Dedicated Server


Options are :

  • None
  • All solutions are possible
  • . (I) or (II) a (Correct)
  • (Iii) only
  • . (Ii) only

Answer : . (I) or (II) a

Jacob mesh VPN to use the community to create a site-to-site VPN. VPN features in this mesh in the Community graphic display: Which of the following statements is true?


Options are :

  • Jacob VPN entity performs IKE Phase 1 using the encryption key-exchange key longest VPN-1 NGX supports.
  • If Jacob to change the settings in the "Run IPSec data encryption with the" from "AES-128" and "3DES", he adds overhead of encryption. (Correct)
  • Jacob must change data integrity settings for VPN Community. MD5 is contrary to AES.
  • .If Jacob to change the settings in the "Run the encryption key exchange" from "3DES" and "DES", he VPN to improve community safety and security and reduce the overhead of encryption.
  • None

Answer : If Jacob to change the settings in the "Run IPSec data encryption with the" from "AES-128" and "3DES", he adds overhead of encryption.

What are the benefits the introduction of SSL VPN DMZ, LAN vs.?


Options are :

  • The traffic is authenticated without hiding behind Connectra IP address
  • SSL Network Extender is ineffective LAN deployment.
  • Traffic is delivered to the internal servers in plain text, but behind the connection is encrypted remote users
  • SSL VPN will add another layer of security access internal resources, when it lives in the DMZ (Correct)
  • None

Answer : SSL VPN will add another layer of security access internal resources, when it lives in the DMZ

156-215.75 Check Point Certified Security Administrator Exam Set 6

You are preparing to send the VPN-1 Pro Gateway VPN-1 NGX.You has five systems to select a new Gateway, and you must meet the following requirements: Operating system vendor license agreement with Check Point License Agreement lowest operating temperature of the system hardware configuration Minimum Gateway hardware configuration Gateway installed on a supported operating system (OS), which the machine meets all of the following requirements?


Options are :

  • Processor: 2.2 GHz RAM: 256 MB Hard Drive: 20 GB Operating System: Windows 2000 Server (Correct)
  • Processor: 1.5 GHz RAM: 256 MB Hard Drive: 20 GB OS: Red Hat Linux 8.0
  • Processor: 1.67 GHz RAM: 128 MB Hard Drive: 5 GB OS: FreeBSD
  • Processor: 1.1 GHz RAM: 512MB Hard Drive: 10 GB Operating System: Windows 2000 Workstation
  • Processor: 2.0 GHz RAM: 512MB Hard Drive: 10 GB OS: Windows ME

Answer : Processor: 2.2 GHz RAM: 256 MB Hard Drive: 20 GB Operating System: Windows 2000 Server

What is the command to update the Secure Platform NG with Application Intelligence (AI) R55 SmartCenter Server, VPN-1 NGX using a CD?


Options are :

  • cppkg more
  • add patch CD (Correct)
  • FWM upgrade_tool
  • add patch
  • CD patch to add

Answer : add patch CD

You are configuring a VoIP Domain object skinny Client Control Protocol (SCCP) environment-protected VPN-1 NGX. Which type of VoIP Domain object can be used?


Options are :

  • Call Manager (Correct)
  • power of attorney
  • Gatekeeper
  • port
  • Transmission router

Answer : Call Manager

156-315.13 Check Point Security Expert R76 (GAiA) Exam Set 1

What port is used for administrative access to your SSL VPN?


Options are :

  • 443
  • 4433 (Correct)
  • None
  • 4434
  • 80

Answer : 4433

The cluster contains two members, the external connections 172.28.108.1 and 172.28.108.2. Internal interfaces are 10.4.8.1 and 10.4.8.2. The external cluster IP address 172.28.108.3 is, the cluster and the internal IP address 10.4.8.3. Synchronization interfaces are 192.168.1.1 and 192.168.1.2. Security Administrator discovers the status of the synchronization process does not work correctly, cphaprob if the control output looks like the following: What causes the status of the synchronization process is the problem?


Options are :

  • None
  • Another cluster to use 192.168.1.3 one unprotected interfaces
  • The interfaces 192.168.1.1 and 192.168.1.2 are defined as part of 192.168.1.3. user interface.
  • Synchronization connection cluster member object Topology tab is on "Cluster Interface". Delete this interface.
  • The synchronization network is a cluster, which is the IP address 192.168.1.3 defined gateway cluster object. Remove 192.168.1.3 VIP Connection cluster topology. (Correct)

Answer : The synchronization network is a cluster, which is the IP address 192.168.1.3 defined gateway cluster object. Remove 192.168.1.3 VIP Connection cluster topology.

Reviewing SmartView Tracker entries, and see the connection rejection is a Checkpoint QoS rule. What causes the connection rejection?


Options are :

  • Burst traffic matching the default rule is exhausting Check Point QoS global packet buffers.
  • For a constant bit rate with low delay class is exceeded by more than 10%, and the maximum delay is below the requirements.
  • Guaranteeing one rule's part of the rules exceeds the guarantee rule themselves.
  • None
  • the number of connections exceeded the amount guaranteed. The rule action properties are set to accept new connections. (Correct)

Answer : the number of connections exceeded the amount guaranteed. The rule action properties are set to accept new connections.

156-215.75 Check Point Certified Security Administrator Exam Set 6

You can change the default port Management Portal:


Options are :

  • Run the sysconfig and change management interface (Correct)
  • Edit the file cp_httpd_admin Conf.
  • Edit Masters. conf file Portal Server.
  • None
  • Reformat SIC

Answer : Run the sysconfig and change management interface

You set up a VPN network community, so the internal network can use the partner's network, and vice versa. In practice, the Security encrypts the only FTP and HTTP traffic through the VPN tunnel. All other traffic among internal and partner network sends a clear text.How you configure the VPN community?


Options are :

  • Put FTP and HTTP Excluded object services within the Community. Then add a rule to allow security as a service, where the object VPN field.
  • None
  • .Disable "accept all encrypted traffic" in the community, and to increase FTP and HTTP services with the security community object to the VPN box. (Correct)
  • Removes the "accept all encrypted traffic", and put the FTP and HTTP services in the community Excluded object. Add a rule security services FTP and HTTP, the object in the VPN box.
  • .Enable "accept all encrypted traffic", but put FTP and HTTP Excluded services in the community. Add a rule security services for HTTP and FTP and VPN community the object field.

Answer : .Disable "accept all encrypted traffic" in the community, and to increase FTP and HTTP services with the security community object to the VPN box.

Sometimes there are problems in distributing IPSec packets a few machines to be load-sharing mode Multicast cluster, even if the machines have the same source and destination IP addresses. What is the best way to prevent Load sharing this kind of problem?


Options are :

  • Load sharing is based only on IP addresses
  • Load sharing is based on IP addresses, ports, and serial peripheral interfaces (SPI)
  • Load sharing is based on the SPI ports and only
  • .Load sharing is based on the SPI only
  • Load sharing based on IP addresses and ports (Correct)

Answer : Load sharing based on IP addresses and ports

Check Point Certified Security Expert Exam Set 6

How do you prevent delay-sensitive applications such as video and voice traffic, due to the long queue busting using Check Point QoS solution?


Options are :

  • The weighted fair queuing
  • guaranteed per connection
  • Guaranteed towards the rule of VoIP
  • With a little delay class (Correct)
  • None

Answer : With a little delay class

Rachel is a Security Administrator University. University of FTP servers have old hardware and software. Certain FTP commands to FTP servers cause a malfunction. Update FTP servers is not an option in this time.Which following options allow Rachel to control which FTP commands through the Security Gateway to protect FTP servers?


Options are :

  • Web Intelligence> Application Layer> FTP settings
  • Carries Rule> Function Field> Features
  • SmartDefense> Application Intelligence> FTP Security Server (Correct)
  • Global Properties> Security Server> Enable FTP commands
  • FTP Service object> Advanced Settings> Blocked FTP commands

Answer : SmartDefense> Application Intelligence> FTP Security Server

What is not true about Management Portal?


Options are :

  • The management portal could be reconfigured HTTPS instead of HTTP
  • By clicking Accept, the control interface includes an implicit Policy Management Portal access (Correct)
  • None
  • Management Portal requires a license
  • The default port Management Portal access is 4433

Answer : By clicking Accept, the control interface includes an implicit Policy Management Portal access

Check Point Certified Security Administrator Set 3

How can you completely tear down the VPN tunnel intranet IKE VPN deployment?


Options are :

  • Command VPN Security Gateway is tu, and select the option to "Remove all IPSec + IKE SA ALL peers and users."
  • Command VPN Security Gateway is tu, and select the option to "Remove all IPSec for a particular user (Client)".
  • .Move command tu VPN is a security gateway, and then select the option "Delete all IPSec + IKE SA to a specific peer (GW)". (Correct)
  • .Move command tu VPN is SmartCenter Server and select the option to "Remove all IPSec + IKE SA ALL peers and users."
  • Command VPN Security Gateway is tu, and select the option "Remove ALL IPSec peers and users."

Answer : .Move command tu VPN is a security gateway, and then select the option "Delete all IPSec + IKE SA to a specific peer (GW)".

How standby mode SmartCenter Server to receive logs of all Security Gateway, when the active SmartCenter Server fails over?


Options are :

  • Remote Gateway was founded SIC secondary SmartCenter Server, for logging.
  • The secondary server's host name and IP address must be added to the Masters file, remote gateways.
  • Select a Log Servers screen (from the Logs and Masters tree gateway object General properties of the display), add additional log server to a secondary SmartCenter Server object. Install security. (Correct)
  • Create Checkpoint host object to represent the standby SmartCenter Server. Then select the "Secondary SmartCenter Server" and the log server "on the list of Check Point products General Properties screen.
  • To set up a secure communication between the internal (SIC), the primary and secondary Servers.The the secondary server may then receive logs gateway, when an active server fails over.

Answer : Select a Log Servers screen (from the Logs and Masters tree gateway object General properties of the display), add additional log server to a secondary SmartCenter Server object. Install security.

Mark the options that are available for Data Loss Prevention in R71.


Options are :

  • DLP Gateway running on a Firewall Software Blade
  • None
  • Unified DLP software blade that can be deployed is Check Point's Security Gateway other software blades including firewall, IPS, and management.
  • DLP Gateway running on a management server on the same machine
  • Dedicated DLP Gateway running only DLP Software Blade. (Correct)

Answer : Dedicated DLP Gateway running only DLP Software Blade.

156-215.77 Check Point Certified Security Administrator Exam Set 1

What component acts as an internal Certificate Authority VPN-1 NGX?


Options are :

  • SmartCenter Server (Correct)
  • SmartLSM
  • Security Gateway
  • policy Server
  • VPN-1 Certificate Management

Answer : SmartCenter Server

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions