156-315.77 Check Point Certified Security Expert Exam Set 3

You have a production implementation of the Management High Availability clock version of VPN-1 NG with Application Intelligence R55.You need to upgrade two SmartCenter servers VPN-1 NGX. What is the correct procedure?


Options are :

  • None
  • 1. synchronize the two SmartCenter servers. 2. Perform an advanced upgrade the primary SmartCenter Server. 3. Update your secondary SmartCenter Server. 4. Determine both smart objects Center server version of the VPN-1 NGX. 5. servers to synchronize again. (Correct)
  • 1. Perform an advanced upgrade the primary SmartCenter Server. 2. Determine the primary Smart Center Server object version of the VPN-1 NGX. 3. The synchronization of the primary secondary SmartCenter Server. 4. Update your secondary SmartCenter Server. 5. Set a secondary SmartCenter Server object version of VPN-1 NGX. 6. servers to synchronize again.
  • 1. synchronize the two SmartCenter servers. 2. Perform an advanced upgrade the primary SmartCenter Server. 3. Determine the primary Smart Center Server object version of the VPN-1 NGX. 4. The synchronize data between two servers again. 5. Update your secondary SmartCenter Server. 6. Determine the secondary smart center server object version of the VPN-1 NGX. 7. synchronize servers again.
  • 1. synchronize the two SmartCenter servers. 2. Update your secondary SmartCenter Server. 3. Update the primary SmartCenter Server. 4. Specify both SmartCenter Server resist version of VPN-1 NGX. 5. servers to synchronize again.

Answer : 1. synchronize the two SmartCenter servers. 2. Perform an advanced upgrade the primary SmartCenter Server. 3. Update your secondary SmartCenter Server. 4. Determine both smart objects Center server version of the VPN-1 NGX. 5. servers to synchronize again.

With encryption for the domain SmartLSM Security Gateway R71 defined?


Options are :

  • .Inside SmartLSM Security Gateway GUI object SmartDashboard
  • None
  • Within SmartLSM Security Gateway GUI object SmartProvisioning
  • Within SmartLSM Security Gateway GUI profile SmartProvisioning (Correct)
  • Within SmartLSM Security Gateway GUI profile SmartDashboard

Answer : Within SmartLSM Security Gateway GUI profile SmartProvisioning

156-315.77 Check Point Certified Security Expert Exam Set 4

The cluster contains two members, the external connections 172.28.108.1 and 172.28.108.2. Internal interfaces are 10.4.8.1 and 10.4.8.2. The external cluster IP address 172.28.108.3 is, the cluster and the internal IP address 10.4.8.3. Synchronization interfaces are 192.168.1.1 and 192.168.1.2. Security Administrator discovers the status of the synchronization process does not work correctly, cphaprob if the control output looks like the following: What causes the status of the synchronization process is the problem?


Options are :

  • The interfaces 192.168.1.1 and 192.168.1.2 are defined as part of 192.168.1.3. user interface.
  • Another cluster to use 192.168.1.3 one unprotected interfaces
  • The synchronization network is a cluster, which is the IP address 192.168.1.3 defined gateway cluster object. Remove 192.168.1.3 VIP Connection cluster topology. (Correct)
  • None
  • Synchronization connection cluster member object Topology tab is on "Cluster Interface". Delete this interface.

Answer : The synchronization network is a cluster, which is the IP address 192.168.1.3 defined gateway cluster object. Remove 192.168.1.3 VIP Connection cluster topology.

Wayne configure the HTTP Security Server to work with content vectoring protocol to screen for forbidden sites. He has created the URI of the resource object CVP with the following settings: Use the CVP Allow CVP server to modify the contents of Return data when the content is approved, he adds two rules in his rule base: one to inspect HTTP traffic going to known forbidden sites, the other to all other HTTP traffic. Wayne sees HTTP traffic going to these problematic sites is not prohibited. What could be causing this problem?


Options are :

  • Security server is connected to the CVP server, but no restrictions are defined CVP server.
  • The protection server is not communicating with CVP server.
  • None
  • Security server is not configured correctly.
  • Security Server rule is, when the HTTP Accept the general rule. (Correct)

Answer : Security Server rule is, when the HTTP Accept the general rule.

Mark the options that are available for Data Loss Prevention in R71.


Options are :

  • None
  • DLP Gateway running on a management server on the same machine
  • Dedicated DLP Gateway running only DLP Software Blade. (Correct)
  • Unified DLP software blade that can be deployed is Check Point's Security Gateway other software blades including firewall, IPS, and management.
  • DLP Gateway running on a Firewall Software Blade

Answer : Dedicated DLP Gateway running only DLP Software Blade.

156-315.77 Check Point Certified Security Expert Exam Set 5

Reviewing SmartView Tracker entries, and see the connection rejection is a Checkpoint QoS rule. What causes the connection rejection?


Options are :

  • Burst traffic matching the default rule is exhausting Check Point QoS global packet buffers.
  • For a constant bit rate with low delay class is exceeded by more than 10%, and the maximum delay is below the requirements.
  • None
  • Guaranteeing one rule's part of the rules exceeds the guarantee rule themselves.
  • the number of connections exceeded the amount guaranteed. The rule action properties are set to accept new connections. (Correct)

Answer : the number of connections exceeded the amount guaranteed. The rule action properties are set to accept new connections.

What port is used for administrative access to your SSL VPN?


Options are :

  • 443
  • 80
  • None
  • 4434
  • 4433 (Correct)

Answer : 4433

Jerry is concerned that denial-of-service (DoS) may impact his VPN Communities. He decides to take IKE DoS protection. Jerry is a need to minimize the performance impact of this new protection.Which of the following configurations is the most appropriate Jerry?


Options are :

  • Place the support IKE DoS protection to identify the source of "Stateless", and support for IKE DoS protection unidentified source "None".
  • Place the support IKE DoS protection to identify the source "puzzles", and support for IKE DoS protection unidentified source "Stateless".
  • Place the support IKE Dos Protective identified sources, and support for IKE DoS protection unidentified source "puzzles".
  • Set the "Support IKE DoS protection" of the identified source, and "Support IKE DoS protection" unknown source "Stateless". (Correct)
  • Place the support IKE DoS protection to identify the source of "Stateless" and support for IKE DoS protection unidentified source "puzzles".

Answer : Set the "Support IKE DoS protection" of the identified source, and "Support IKE DoS protection" unknown source "Stateless".

156-315.77 Check Point Certified Security Expert Exam Set 6

Smart Work Flow has been introduced in the following configuration: If the security administrator opens a new session and changes to the policy will be submitted for approval session will be displayed:


Options are :

  • None
  • Waiting for approval
  • In progress (Correct)
  • admitted
  • Abandoned

Answer : In progress

What are the benefits the introduction of SSL VPN DMZ, LAN vs.?


Options are :

  • Traffic is delivered to the internal servers in plain text, but behind the connection is encrypted remote users
  • None
  • SSL VPN will add another layer of security access internal resources, when it lives in the DMZ (Correct)
  • SSL Network Extender is ineffective LAN deployment.
  • The traffic is authenticated without hiding behind Connectra IP address

Answer : SSL VPN will add another layer of security access internal resources, when it lives in the DMZ

What is not true about Management Portal?


Options are :

  • The default port Management Portal access is 4433
  • By clicking Accept, the control interface includes an implicit Policy Management Portal access (Correct)
  • Management Portal requires a license
  • None
  • The management portal could be reconfigured HTTPS instead of HTTP

Answer : By clicking Accept, the control interface includes an implicit Policy Management Portal access

156-315.77 Check Point Certified Security Expert Exam Set 7

What kind of package is VPN-1 SecureClient sends it to the Policy Server, to report to the Secure Configuration Verification Status?


Options are :

  • ICMP Port unreachable
  • TCP keep alive
  • IKE Key Exchange
  • UDP keep alive (Correct)
  • ICMP Destination unreachable

Answer : UDP keep alive

Using SmartProvisioning profiles, which of the following could be organized as a secure platform and UTM-1 Edge appliances? (I), a backup (ii) Routing (iii) the connections (iv) Hosts (v) NTP (vi) DNS


Options are :

  • None
  • (I), (iii), (iv) and (vi)
  • (I), (II) and (IV) (Correct)
  • (Ii), (iii), (iv) and (vi)
  • .none of these options are available as well.

Answer : (I), (II) and (IV)

Where Security Administrator to adjust the unit of measurement (bps, kbps, or bps), Check Point QoS Bandwidth?


Options are :

  • None
  • Global Features (Correct)
  • $ CPDIR / conf / qos_props.pf
  • QoS-class objects
  • Check Point Gateway object properties

Answer : Global Features

156-315.77 Check Point Certified Security Expert Exam Set 8

Which of the following explains the role of Segregation?


Options are :

  • Administrators have different abilities than the Smart Workflow leaders.
  • Different tasks are broken down SmartDashboard firewall administrator rights
  • Smart Workflow can be configured in such a way that managers can only view the assigned sessions
  • None
  • Changes made by the administrator Smart Workflow session must have managerial competency certification before making a commitment. (Correct)

Answer : Changes made by the administrator Smart Workflow session must have managerial competency certification before making a commitment.

Which Check Point QoS feature means TOS byte in the IP header?


Options are :

  • Differentiated Services (Correct)
  • None
  • guarantees
  • With a slight delay waiting
  • Weighted Fair Queuing

Answer : Differentiated Services

Which of the following can not be changed by editing the file cp_httpd_admin.conf?


Options are :

  • Web server port
  • Customizing a Web server certificate attributes
  • Go to the HTTP or HTTPS protocol,
  • Administrative Access Level (Correct)
  • None

Answer : Administrative Access Level

156-315.77 Check Point Certified Security Expert Exam Set 9

How can you completely tear down the VPN tunnel intranet IKE VPN deployment?


Options are :

  • Command VPN Security Gateway is tu, and select the option to "Remove all IPSec + IKE SA ALL peers and users."
  • Command VPN Security Gateway is tu, and select the option to "Remove all IPSec for a particular user (Client)".
  • Command VPN Security Gateway is tu, and select the option "Remove ALL IPSec peers and users."
  • .Move command tu VPN is SmartCenter Server and select the option to "Remove all IPSec + IKE SA ALL peers and users."
  • .Move command tu VPN is a security gateway, and then select the option "Delete all IPSec + IKE SA to a specific peer (GW)". (Correct)

Answer : .Move command tu VPN is a security gateway, and then select the option "Delete all IPSec + IKE SA to a specific peer (GW)".

You set up a VPN network community, so the internal network can use the partner's network, and vice versa. In practice, the Security encrypts the only FTP and HTTP traffic through the VPN tunnel. All other traffic among internal and partner network sends a clear text.How you configure the VPN community?


Options are :

  • .Disable "accept all encrypted traffic" in the community, and to increase FTP and HTTP services with the security community object to the VPN box. (Correct)
  • None
  • Put FTP and HTTP Excluded object services within the Community. Then add a rule to allow security as a service, where the object VPN field.
  • Removes the "accept all encrypted traffic", and put the FTP and HTTP services in the community Excluded object. Add a rule security services FTP and HTTP, the object in the VPN box.
  • .Enable "accept all encrypted traffic", but put FTP and HTTP Excluded services in the community. Add a rule security services for HTTP and FTP and VPN community the object field.

Answer : .Disable "accept all encrypted traffic" in the community, and to increase FTP and HTTP services with the security community object to the VPN box.

Jacob mesh VPN to use the community to create a site-to-site VPN. VPN features in this mesh in the Community graphic display: Which of the following statements is true?


Options are :

  • None
  • Jacob must change data integrity settings for VPN Community. MD5 is contrary to AES.
  • If Jacob to change the settings in the "Run IPSec data encryption with the" from "AES-128" and "3DES", he adds overhead of encryption. (Correct)
  • .If Jacob to change the settings in the "Run the encryption key exchange" from "3DES" and "DES", he VPN to improve community safety and security and reduce the overhead of encryption.
  • Jacob VPN entity performs IKE Phase 1 using the encryption key-exchange key longest VPN-1 NGX supports.

Answer : If Jacob to change the settings in the "Run IPSec data encryption with the" from "AES-128" and "3DES", he adds overhead of encryption.

156-315.77 Check Point Certified Security Specialist Exam Set 1

What is the correct command imports of new users R76 user database?


Options are :

  • None
  • FWM importusrs
  • FWM importdb
  • FWM dbimport (Correct)
  • FWM import

Answer : FWM dbimport

156-315.77 Check Point Certified Security Specialist Exam Set 2

What are the specific R76 GUI you use to look at how long a TCP connection was open?


Options are :

  • Smart Reporter
  • SmartView status
  • SmartView Tracker (Correct)
  • SmartView Monitor
  • None

Answer : SmartView Tracker

Check the following list of activities, Security Gateway R76 can be taken when it directs packets.The This activity is determined in a simplified mode VPN. Choose the answer below, which contains the available actions:


Options are :

  • None
  • Accept, Reject, Encrypt, Drop
  • Accept, Reject, Proxy
  • Accept, Drop, Encrypt, Auth Session
  • Accept, Drop, Reject, Client Auth (Correct)

Answer : Accept, Drop, Reject, Client Auth

How many pre-defined exceptions are included by default as part of the Smart Event R76 installation of the product?


Options are :

  • 3 (Correct)
  • 5
  • 10
  • None
  • 0

Answer : 3

156-315.77 Check Point Certified Security Specialist Exam Set 3

To upgrade a cluster of two members of R76. Security Management Server, and both are members of version NGX R65, the latest Hotfix battery. What is the correct upgrade procedure? 1. Change the version of the General Features Gateway Cluster object. 2. Update Security Management Server, and then restart. 3. Run cpstop one member, leaving the other member of the running. Upgrade one member at a time and restart after the update. 4. Install security.


Options are :

  • None
  • 2,3,1,4 (Correct)
  • 3,2,1,4
  • 2,4,3,1
  • 1,3,2,4

Answer : 2,3,1,4

VPN Tunnel Interface (VTI) is defined as the Secure Platform Pro: shell VPN connection add numbered 10.10.0.1 10.10.0.2 madrid.cp What do you know about this VTI?


Options are :

  • Peer Security Gateway name is madrid.cp. (Correct)
  • 10.10.0.1 local gateway is an internal interface, and 10.10.0.2 is an internal interface on the remote gateway.
  • None
  • Local Gateway object name is madrid.cp.
  • VTI's name is madrid.cp.

Answer : Peer Security Gateway name is madrid.cp.

The following illustration shows which command being issued on Secure Platform?


Options are :

  • In the same session, is modified by adding a note stating automatically reparable
  • The old status is removed and a new session is created with the same name, but notice it after repair new session.
  • None
  • The administrator is open the old session and make changes, has not been added automatically, but the manager more leaflet states the necessary changes.
  • The new session is created in the name of correcting Session Nand old session status information updated to fix a note to the Session for repair (Correct)

Answer : The new session is created in the name of correcting Session Nand old session status information updated to fix a note to the Session for repair

156-315.77 Check Point Certified Security Specialist Exam Set 4

If the number of instances of the core is shown in CoreXL 6, how many cores are in the physical plane?


Options are :

  • 4
  • 6
  • 8 (Correct)
  • 12
  • None

Answer : 8

Where to define NAT capabilities so that NAT is performed either client side or server side?


Options are :

  • The file $ DFWDIR / lib / table.def
  • In SmartDashboard under Global Properties> NAT definition (Correct)
  • In SmartDashboard under the Gateway setting
  • In SmartDashboard NAT Rules
  • None

Answer : In SmartDashboard under Global Properties> NAT definition

When ClusterXL R76 Load Sharing assembly, the problem of the type of ARP can force the use of a single transmission mode (pivot) configuration incompatibility of some adjacent routers and switches?


Options are :

  • MGCP MAC address in response to the request for a multicast IP
  • Unicast MAC address in response to the request for a multicast IP
  • The multicast MAC address in response to the request for an IP Unicast (Correct)
  • The multicast MAC address in response to the RARP request
  • None

Answer : The multicast MAC address in response to the request for an IP Unicast

156-315.77 Check Point Certified Security Specialist Exam Set 5

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now