156-315.77 Check Point Certified Security Specialist Exam Set 3

You use the R71 and the new IPS software Blade.To maintain the highest level of security, you can upgrade the IPS regularly.What types of problems can be caused by automatic updates?


Options are :

  • None, all controls will then be activated from the start, but does Nonet interfere with the detection of only Nonen-malicious traffic on the network scene.
  • None; None update adds behavioral system problems caused by the new security checks.
  • None
  • All checks from the outset launched, and may lead to unnecessary traffic disruption, due to the false application of new inspection and Nonen-RFC compliant written themselves.
  • None, all new updates only detection mode, to avoid unnecessary traffic disruption. They must be activated manually later. (Correct)

Answer : None, all new updates only detection mode, to avoid unnecessary traffic disruption. They must be activated manually later.

Preset profiles can Nonet be applied to:


Options are :

  • None
  • IP devices (Correct)
  • UTM-1 devices
  • UTM-1 EDGE appliances
  • Power-1 appliances

Answer : IP devices

156-315.77 Check Point Certified Security Specialist Exam Set 4

OSPF on professional security platform configuration, which of the following statements is Nonet true?


Options are :

  • OSPF Router ID Router 1 creates a security gateway and gateway will be different for everyone.
  • OSPF Router 1 will create an OSPF routing instance, this process ID should be different for each security gateway.
  • OSPF router creates an instance of OSPF routing process id, which should be the same for all gateways. (Correct)
  • OSPF Router ID Router 1 will create a security gateway, it should be the same for all gateway accounts.
  • None

Answer : OSPF router creates an instance of OSPF routing process id, which should be the same for all gateways.

What is it can be used for LSM gateway security gateway running as low as possible version?


Options are :

  • None
  • NGXR65HFA_50
  • NGX R60
  • NGX R71
  • NG AI R55 HFAJ7 (Correct)

Answer : NG AI R55 HFAJ7

What is the OSPF router configuration command to save?


Options are :

  • In order to save memory
  • save
  • None
  • Write Configuration
  • Enter MEM (Correct)

Answer : Enter MEM

156-315.77 Check Point Certified Security Specialist Exam Set 5

When I first DLP run the wizard, it is necessary for the following composition?


Options are :

  • E-mail domain of your organization (Correct)
  • None
  • Mail Server
  • DLP portal,
  • Active Directory

Answer : E-mail domain of your organization

What operating system (S) support (S), VPN tunnel interface borrows (VTIS) route-based VPN?


Options are :

  • NGX security platform and higher
  • None
  • Solaris 9 and higher
  • Of Red Hat Linux
  • .IPSO 3.9 and higher (Correct)

Answer : .IPSO 3.9 and higher

Which of the following is Nonet supported CoreXL?


Options are :

  • None
  • Smart ViewTracker
  • IPS
  • IPV4
  • Route-based VPN (Correct)

Answer : Route-based VPN

156-315.77 Check Point Certified Security Specialist Exam Set 6

Intelligent workflows have been introduced in the following configurations: if the security administrator opens a new session, and the meeting will be submitted for approval to modify the policy will be displayed:


Options are :

  • Recognition
  • Waiting for approval
  • processing (Correct)
  • None
  • abandoned

Answer : processing

QoS function for each checkpoint opposite portion of the available bandwidth dynamically allocated?


Options are :

  • None
  • A slight delay waiting
  • Differentiated Services
  • guarantee
  • Weighted Fair Queuing (Correct)

Answer : Weighted Fair Queuing

It must be published in Gaia route to the OSPF routing protocol. What is the correct command structure, the input route command, execute OSPF success?


Options are :

  • OSPF OSPF OSPF network routing IP network 1 2
  • Router allows you to specify the terminal OSPF [ID] Network [online], [wildmask] FIELD [ID] (Correct)
  • Cpconfig run OSPF routing utility
  • Use DBEdit utility files or objects_5_0.c
  • None

Answer : Router allows you to specify the terminal OSPF [ID] Network [online], [wildmask] FIELD [ID]

156-315.77 Check Point Certified Security Specialist Exam Set 7

Check Point's SSL VPN is recommended:


Options are :

  • In the main cluster members
  • None
  • Parallel firewall
  • DMZ
  • Before connecting the LAN firewall (Correct)

Answer : Before connecting the LAN firewall

What is SmartProvisioning provisioning profile indicators?


Options are :

  • OK, we must Nonete that the agent is in local mode, uninitialized, unkNonewn (Correct)
  • OK, we must pay attention, uninitialized, unkNonewn
  • OK, in use. Outdated, do Nonet use
  • OK, wait, unkNonewn, Nonet installed, do Nonet update, you may be out of date
  • None

Answer : OK, we must Nonete that the agent is in local mode, uninitialized, unkNonewn

Which of the following commands can be run to remove the site-to-site IPSec and IKE key?


Options are :

  • VPN acceleration Close
  • None
  • ikeoff
  • VPN export_p12
  • VPN TU (Correct)

Answer : VPN TU

156-515.65 Check Point Certified Security Expert Plus Exam Set 1

Which of the following deployment scenarios can Nonet QoS management with Check Point's?


Options are :

  • The gateway is directly connected to the hub via two lines
  • Two lines are connected to different routers, and each router connected to a separate gateway interface
  • The DMZ is connected to a LAN and a gateway interface separation line
  • None
  • Two lines coupled to the router and the router is directly connected to the gateway (Correct)

Answer : Two lines coupled to the router and the router is directly connected to the gateway

Which of the following statements is wrong DLP Software Blade and Active Directory (AD) or LDAP?


Options are :

  • For each recipient's e-mail address. For SMTP communication using AD / LDAP user name and the selected destination column with respect to a set of translation rules DLP library.
  • User authentication DLP portal view, after all, only the AD / LDAP his unprocessed events portal to authenticate the user. (Correct)
  • SMTP communication, the sender's email address using AD / LDAP username and translation with respect to the source column group selection rule base DLP.
  • Check the Check Point User authentication is based on the customer's AD
  • None

Answer : User authentication DLP portal view, after all, only the AD / LDAP his unprocessed events portal to authenticate the user.

When the terminal endpoint security policies, configurations DAT execution, this option is Nonet available?


Options are :

  • The minimum version of the DAT file
  • None
  • The oldest DAT timestamp
  • Yi upper age limit
  • The maximum DAT file version (Correct)

Answer : The maximum DAT file version

156-515.65 Check Point Certified Security Expert Plus Exam Set 2

Also, when you choose to use links to manage large amounts of traffic to VPN connections.With Links dialog box, you can many times:


Options are :

  • To deny the dynamic DNS.
  • None
  • Establishment of community VPN connection.
  • Using dynamic DNS on the Settings link.
  • Use link-based services. (Correct)

Answer : Use link-based services.

How to Change approved the implementation of intelligent workflow?


Options are :

  • This change has been submitted for approval, and once after his amendment by logging originator manual installation. (Correct)
  • This change has been approved and installed manually approve a click Accept.
  • None
  • This change has been approved and installed automatically approve a click Accept.
  • This change has been submitted for approval, and the next after his amendment by signing the original sender will be automatically installed.

Answer : This change has been submitted for approval, and once after his amendment by logging originator manual installation.

Based on the following information, which of the following statements is false? DLP rule base with the following conditions: data type = password-protected files source = my organizational goals = outside my organization protocol = any action = Ask user exceptions: data type = any source = research and development (R & d) target = Pratner1 . COM protocol = all other all rules are complied with. Check the user is enabled, and installed on all workstations


Options are :

  • The second rule is added: Source = R & d, destination = partner1.com, N = agreement = Nonetification operation. When the user of the product development, please send an email to encrypted ZIP file attachment, he will be required to check the user.
  • When the user of the product development, e-mail e-mail attachments partners to send PDF files with password-protected 1 XYZ @ .COM, he will be required to check the user.
  • None
  • When the user's ZIP file attachment product development, please send an email to encryption, he will Nonet prompt the user to check.
  • financial. When a user sends an email to the email encrypted ZIP files. He asked to check the user. (Correct)

Answer : financial. When a user sends an email to the email encrypted ZIP files. He asked to check the user.

Check Point Certified Security Administrator Set 1

If the check box "use offensive" in the IKE Properties dialog box:


Options are :

  • Standard six IKE phase 1 exchange group is replaced with twelve package is replaced.
  • Standard six-pack by the IKE phase 2 exchange Substituted substituents three packets.
  • IKE standard six pack with the first phase of the three packet switching substituted. (Correct)
  • In IKE phase 2 exchange standard three packets is replaced by a six-packet exchange.
  • IKE standard three phases a packet switching exchange is replaced by a six-pack.

Answer : IKE standard six pack with the first phase of the three packet switching substituted.

Check Point Certified Security Administrator Set 2

There are three communities VPN security gateway. Each gateway VPN domain has defined its own internal network. You need to test your VPN-1 NGX VPN-based route function, stop the VPN. What are the steps in the correct order?


Options are :

  • 1. Add a new user interface, each gateway. 2. Add just been added to each of the network domain VPN gateway to an existing object. 3. Create VTIS each gateway object, please refer to two other users. 4. add a static route to the new network three gateways, each peer routing VTI interface.
  • 1. Add a new user interface, each gateway. 2. Add newly added to the existing network to the VPN gateway for each region. 3. Create a VTIS each gateway object to display two other companions. 4. The advanced routing all three gateways.
  • None
  • 1. Add a new user interface, each gateway. 2. Remove the counter is added to each VPN gateway network domain from the current object. 3. Create a connection (VTI) in each gateway VPN tunnel object, it refers to two other users. 4. Add three static route gateway routing for each new VTI peer network interfaces. (Correct)
  • 1. Add a new user interface, each gateway. 2. Remove from the current zone for each gateway VPN network newly added. 3. Create on each gateway VTIS, show two other colleagues 4. Enable advanced routing all three gateways.

Answer : 1. Add a new user interface, each gateway. 2. Remove the counter is added to each VPN gateway network domain from the current object. 3. Create a connection (VTI) in each gateway VPN tunnel object, it refers to two other users. 4. Add three static route gateway routing for each new VTI peer network interfaces.

You are ready to configure VoIP gatekeeper domain object.Which two other objects that you first created?


Options are :

  • Object represents the IP telephony network and host object represents the agent is installed
  • This object represents the Q.931 service launch ceremony host, and the object represents a host of H.245 terminal
  • Object represents a telephone network and an object that represents the IP telephony network
  • Call manager object represents, and indicates that the host is installed on the object on which the transmit router
  • IP telephony network object represented, and keep objects represent the host on which the network installation (Correct)

Answer : IP telephony network object represented, and keep objects represent the host on which the network installation

The following output cphaprob country, ClusterXL state in which it?


Options are :

  • Unicast mode (Correct)
  • Multicast mode
  • New state
  • Load balancing mode
  • Old people

Answer : Unicast mode

Check Point Certified Security Administrator Set 3

Cody blacklist.org warned that his website has been reported as spam relay, because he's SMTP server is Nonet protected. Cody decided to take to the server SMTP server security presence to prevent spam following the assembly is the most effective way of relay.Which?


Options are :

  • Specify the SMTP server-based security OPSEC products, content inspection.
  • Generic version of the "From" address .Configure SMTP server security applies to all outgoing mail.
  • Security configure the SMTP server to allow Cody enterprise unique in the domain name or e-mail. (Correct)
  • MX resolution SMTP server security configuration performed
  • SMTP server security configuration based on IP address filtering and SMTP protocols.

Answer : Security configure the SMTP server to allow Cody enterprise unique in the domain name or e-mail.

How to control the maximum e-mail spool directory?


Options are :

  • SMTP gateway object in the Advanced Settings window, (Correct)
  • SMTP resource object
  • In the SmartDefense SMTP settings
  • Council Global Properties window server
  • In SmartCenter smtp.conf file server

Answer : SMTP gateway object in the Advanced Settings window,

In NGX environment, internal certificates distributed VPN-1 Pro's Authority (ICA) installed?


Options are :

  • Master's SmartCenter (Correct)
  • There is a security gateway
  • There is a policy server
  • Certificate Management Server
  • Smart head-up display

Answer : Master's SmartCenter

Check Point Certified Security Administrator Set 4

Which of the following QoS rule action attribute is an advanced type of action, what can be found in the traditional model?


Options are :

  • Limit rules
  • Weight rules
  • The only application of the rule of encrypted traffic
  • .Guarantee distribution (Correct)
  • Constitutional guarantees

Answer : .Guarantee distribution

Greg created rules and objectives to guide the VoIP traffic through his organization VPN 1 NGX Security Gateway. Greg VoIP SIP domain objects created for his organization to represent each of the three major SIP gateway. Greg then create a simple group included in the field of VoIP SIP objects.When Greg trying to increase the VoIP SIP domain with respect to the group, they are Nonet listed. What's the question?


Options are :

  • The end of the relevant fields to determine the address.
  • VoIP SIP domain object is Nonet placed in a single group. (Correct)
  • VoIP SIP domain object contains restricted characters.
  • Until the target VoIP SIP domain are eligible to be added to the group VoIP gateway to the destination added to the group.
  • VoIP gateway installed in the host object defined.

Answer : VoIP SIP domain object is Nonet placed in a single group.

What is the best configuration options to protect internal users from malicious Java code, and do Nonet peel script?


Options are :

  • URI resource block using Java code (Correct)
  • None
  • URI resource use ActiveX label tape
  • Use URI of the resource block CVP Java code
  • URI resource use applet tag with

Answer : URI resource block using Java code

Check Point Certified Security Administrator Set 5

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions