156-315.77 Check Point Certified Security Expert Exam Set 9

The network includes a multicast ClusterXL running on the two members, as in this topology: the network expands, you need to add new interfaces: 10.10.10.1/24 member A and B.The 10.10.10.2/24 member of the virtual IP address of the interface 10.10.10.0 / 24 10.10.10.3.What is the correct procedure is to add these interfaces?


Options are :

  • 1. Use the sysconfig configure the new interfaces on both members. 2. Update the topology of a cluster of a cluster object and both members. 3. Install the Security Policy.
  • 1. Remove the "Cluster Membership" through one Gateway cpconfig. 2. Specify the new interface sysconfig "non-member" Gateway. 3. RE. enable "Cluster Membership" Gateway. 4. Do the same for the second step in the Gateway. 5. Update the topology of a cluster object and cluster members. 6. Install the Security Policy.
  • 1. Run cpstop one member and configured through a new user interface sysconfig. 2. Run the cpstart is a member. Repeat the same steps to the second member. 3. Download a new topology of a cluster object and cluster members. 4. Install security. (Correct)
  • None
  • 1. Use the ifconfig command to configure and to the new interface. 2. Run the cpstop and cpstart both members at the same time. 3. Update the topology of a cluster of a cluster object and both members. 4. Install security.

Answer : 1. Run cpstop one member and configured through a new user interface sysconfig. 2. Run the cpstart is a member. Repeat the same steps to the second member. 3. Download a new topology of a cluster object and cluster members. 4. Install security.

156-215.75 Check Point Certified Security Administrator Exam Set 6

R76 for returning the command upgrade_import which the following aspects have not been restored?


Options are :

  • None
  • licenses
  • SIC Certificates
  • their route (Correct)
  • .Global properties

Answer : their route

Which of the following is NOT apply the connection pattern generation?


Options are :

  • UDP services, which do not have the protocol type or source port said additional features (Correct)
  • VPN connections
  • SYN Defender
  • None
  • ISN Scam

Answer : UDP services, which do not have the protocol type or source port said additional features

You are preparing for the new computers ClusterXL deployment.For cluster, you are going to use four machines with the following configurations: Cluster member 1: OS: a secure platform, network cards: QuadCard, Memory: 1 GB, only the Security Gateway, version: R76 member of the cluster 2: OS: Safe platform, network cards: 4 Intel 3Com, memory: 1 GB, Security Gateway only version: R76 cluster member 3: OS: a secure platform, network cards: 4 other manufacturers, memory: 512 MB, Security Gateway only version: R76 Security Management Server : MS Windows 2003, NIC. Intel NIC (1), the security gateway and the primary Management Server Security installed, version: R76 Are these machines configured properly for the introduction of ClusterXL?


Options are :

  • None
  • No, Security Management Server is not running the same operating system as the members of the cluster.
  • Yes, these machines are correctly configured for ClusterXL deployment. (Correct)
  • No, Cluster member 3 is not needed memory.
  • No, the security gateway can not install Security Management Pro Server.

Answer : Yes, these machines are correctly configured for ClusterXL deployment.

156-215.77 Check Point Certified Security Administrator Exam Set 1

What is the default port number for Secure Sockets Layer connections to LDAP?


Options are :

  • 636 (Correct)
  • None
  • 363
  • 398
  • 389

Answer : 636

Which of the following commands can be used to troubleshoot synchronization problems ClusterXL?


Options are :

  • FW debug CXL connections> filename
  • FW tab -u connections> filename
  • None
  • FW tab -s -t Connections> filename (Correct)
  • FW CTL -S -t Connections> filename

Answer : FW tab -s -t Connections> filename

You want to make sure that the Check Point cluster acts correctly.Which command line tool you can use?


Options are :

  • cphaconf status
  • cphastart 'status
  • cphainfo -S
  • .cphaprob status (Correct)
  • None

Answer : .cphaprob status

156-315.77 Check Point Certified Security Expert Exam Set 2

How do you verify that the Smart Directory is in use?


Options are :

  • Global Properties> Smart Directory (LDAP)> Use Smart Directory (LDAP), Security Gateways checked (Correct)
  • Global Properties> Authentication> Use Smart Directory (LDAP), Security Gateways checked
  • None
  • Gateway Properties> Authentication> Use Smart Directory (LDAP), Security Gateways checked
  • Gateway Properties> Smart Directory (LDAP)> Use Smart Directory (LDAP), Security Gateways checked

Answer : Global Properties> Smart Directory (LDAP)> Use Smart Directory (LDAP), Security Gateways checked

In defining the organizational unit, which of the following are not valid object classes?


Options are :

  • resources
  • users
  • None
  • Services
  • domain Names (Correct)

Answer : domain Names

Which of the following commands can be offered as complete as possible to restore the configuration of an R76?


Options are :

  • cpconfig
  • FWM dbimport -p
  • upgrade_import (Correct)
  • cpinfo -Recover
  • None

Answer : upgrade_import

156-315.71 Check Point Security Expert R71 Practical Exam Set 4

When configuring the LDAP Group object, which option should be selected if you do not want the gateway to refer to defined groups in the LDAP server for authentication purposes?


Options are :

  • None
  • Only Sub Tree (Correct)
  • Group Agnostic
  • The only group Branch
  • OU Accept and choose the appropriate domain name

Answer : Only Sub Tree

What is the most typical type of assembly VPNs with multiple outsourced Gateways?


Options are :

  • Community mesh
  • Community domain
  • star Community (Correct)
  • hybrid community
  • SAT Community

Answer : star Community

Which command allows you to disable sync on a cluster firewall member?


Options are :

  • None
  • FW ctl setsync 0
  • FW ctl syncstat off
  • FW ctl setsync off (Correct)
  • FW ctl syncstat standing

Answer : FW ctl setsync off

156-315.71 Check Point Security Expert R71 Practical Exam Set 4

You need to back up your routing, interface, and DNS configuration information for the Secure Platform R76 Security Gateway. Every backup and recovery solution do you use?


Options are :

  • None
  • Manual copies of the directory FWDIR $ / conf
  • Database version control system
  • Commands upgrade_export and upgrade_import
  • Secure platform back up utilities (Correct)

Answer : Secure platform back up utilities

Determine the Cluster Control Protocol (CCP) uses broadcast, the next command is carried out:


Options are :

  • cphaconf set_ccp broadcast (Correct)
  • None
  • CCP broadcast
  • set_ccp cpcluster broadcast
  • clusterconfig set_ccp broadcast

Answer : cphaconf set_ccp broadcast

In the air the firewall cluster environment, what command you run to avoid problems by changing around the cluster.


Options are :

  • cphaconf set clear_subs
  • cphaconf set mc_relod
  • None
  • cphaconf set_ccp broadcast (Correct)
  • cphaconf set_ccp multicast

Answer : cphaconf set_ccp broadcast

156-215.75 Check Point Certified Security Administrator Exam Set 4

Which of the following commands will stop the acceleration is running the Secure Gateway Security Platform?


Options are :

  • fwaccel off (Correct)
  • FW Accel off
  • perf_pack off
  • splat_accel off
  • None

Answer : fwaccel off

In CoreXL, which method is responsible for incoming traffic network interfaces safely speed up the licensing packages, and distributes among the non-accelerated packet core cases?


Options are :

  • SND (Secure Network distributor) (Correct)
  • SNP (System Networking Process)
  • None
  • NAD (Network Accelerator Daemon)
  • SSD (Secure System distributor)

Answer : SND (Secure Network distributor)

In ClusterXL _______ is defined as a critical device.


Options are :

  • None
  • Filter (Correct)
  • fw.d
  • protect.exe
  • PROT_SRV.EXE

Answer : Filter

156-315.77 Check Point Certified Security Expert Exam Set 2

When configuring the LDAP Group object, which option should be selected if you want the port to refer to defined groups in the LDAP server for authentication purposes?


Options are :

  • None
  • Only Sub Tree
  • The only group Branch (Correct)
  • All Users Account Unit
  • OU Auth and select the group's name

Answer : The only group Branch

When you upgrade a distributed environment Checkpoint products, in what order should upgrade to these parts? 1 2 GUI Client Security Management Server 3 Security Gateway


Options are :

  • 3,2,1
  • 3,1,2
  • 2,3,1 (Correct)
  • 1,2,3
  • None

Answer : 2,3,1

What is the command to update an NG engine Application Intelligence R55 Smart Center platform running Secure VPN-1 NGX R65?


Options are :

  • upgrade_mgmt
  • FW install_mgmt
  • None
  • add patch CD (Correct)
  • FWM upgrade_tool

Answer : add patch CD

156-315.77 Check Point Certified Security Expert Exam Set 6

Each menu provides a cluster upgrade status?


Options are :

  • cphaprob status
  • cphaprob tablestat
  • None
  • cphaprob ldstat
  • cphaprob fcustat (Correct)

Answer : cphaprob fcustat

What you need to do before running upgrade_export?


Options are :

  • Run cpconfig and set himself up as a GUI client
  • Run cpstop is a Security Gateway
  • Close all GUI clients. (Correct)
  • None
  • Run cpstop Security Management Server.

Answer : Close all GUI clients.

What is the default standard port number of TCP connections with the LDAP server?


Options are :

  • 363
  • None
  • 389 (Correct)
  • 398
  • 636

Answer : 389

Check Point Certified Security Expert Exam Set 11

__________ has its own Check Point Protocol. It is based on Check Point ClusterXL between the communication module.


Options are :

  • CKPP
  • HA OPCODE
  • None
  • CCP (Correct)
  • RDP

Answer : CCP

In a zero downtime scenario, I command you to run manually, while all members of the cluster are updated?


Options are :

  • cphaconf set_ccp multicast (Correct)
  • None
  • cphaconf set mc_relod
  • cphaconf set_ccp broadcast
  • cphaconf set clear_subs

Answer : cphaconf set_ccp multicast

The sample deliver a full backup Secure Platform.The file can be saved to a local file servers or /var/CPsnapshot/snapshots.How you restore a local snapshot named MySnapshot.tgz?


Options are :

  • As the expert user, the type command, the snapshot -r MySnapshot.tgz.
  • As the expert user, the command returns --file MySnapshot.tgz. (Correct)
  • As the expert user, the type command, the snapshot - R returns the local file. Then give the correct file name.
  • None
  • Restart the system and call in the Start menu. Select the option Snapshot Management, provides expert password and click [L] to return the local file. Then give the correct file name.

Answer : As the expert user, the command returns --file MySnapshot.tgz.

156-315.77 Check Point Certified Security Expert Exam Set 3

You are concerned that your firewall processor NGX R71 secure platform may be overloaded. What file Would you set the speed (s)?


Options are :

  • None
  • cat / proc / cpuinfo (Correct)
  • cat / etc / sysconfig / cpuinfo
  • cat / etc / cpuinfo
  • cat / var / opt / CPsuite-R71 / FW1 / conf / cpuinfo

Answer : cat / proc / cpuinfo

A process of performing authentication of the remote access to:


Options are :

  • cpd
  • vpnd (Correct)
  • None
  • cvpnd
  • FWM

Answer : vpnd

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now