156-315.77 Check Point Certified Security Specialist Exam Set 7

How to Check Point package out?


Options are :

  • None
  • In any order, as long as all packets are deleted
  • In the same order in which the packaging facility was originally installed.
  • In reverse order, the facility is a package originally installed them. (Correct)
  • In any order, CP suite is the last package removed

Answer : In reverse order, the facility is a package originally installed them.

Currently SmartCenter VPN-1 NG with Application Intelligence (AI) R 55 independently VPN-1 Pro gateways and servers running SecurePlatform.You planned, VPN-1 NGX R65 in a distributed environment, where the new machine will SmartCenter server the current machine is VPN-1 Pro gateway only.You must move NG AI R55 SmartCenter server's configuration, including licensing licensing.How how do you handle this NGX R65 upgrade?


Options are :

  • It calls for the use of existing gateway IP address of the SmartCenter Server NGX R65 license. Require the use of new IP address of the new local license NGX R65 VPN-1 gateways.
  • After the appeal NGX R65 SmartCenter server license, use the new IP address. Proposed a new central NGX R65 VPN-1 gateway license exists gateway IP address.
  • After the appeal NGX R65 SmartCenter server license, use the new IP address. Proposed a new central NGX R65 VPN-1 gateway license also won the IP address of the new SmartCenter server. (Correct)
  • None
  • Keep the current license software update update port. Purchase a new license of VPN-1 NGX R65 SmartCenter server.

Answer : After the appeal NGX R65 SmartCenter server license, use the new IP address. Proposed a new central NGX R65 VPN-1 gateway license also won the IP address of the new SmartCenter server.

156-515.65 Check Point Certified Security Expert Plus Exam Set 2

These products are: secure platform, VPN-1 Pro gateway, server UserAuthority Nonekia OS, UTM-1, using Eventia Reporter and performance package, which statement is true?


Options are :

  • All updates in addition to the performance package can be upgraded to VPN-1 NGX R65 and intelligence.
  • All except Nonekia operating system can be upgraded to VPN-1 NGX R65 update and intelligence.
  • In addition to all UTM-1 can upgrade to VPN-1 NGX R65 and Smart Upgrade
  • None
  • All can be upgraded to VPN-1 NGX R65 and intelligent update. (Correct)

Answer : All can be upgraded to VPN-1 NGX R65 and intelligent update.

What can be said, RSA algorithm? Select all eligible


Options are :

  • RSA is faster than DES calculation
  • Long keys can be used to improve the security of RSA (Correct)
  • RSA key length change (Correct)
  • Short keys using the RSA algorithm efficiency. (Correct)

Answer : Long keys can be used to improve the security of RSA RSA key length change Short keys using the RSA algorithm efficiency.

Think about it, when the management of VPN-1 NGX software package can take the following measures. Policy profile settings select the traditional mode VPN.Identify, including actions available. Select four.


Options are :

  • Drop (Correct)
  • Refuse (Correct)
  • accept (Correct)
  • extract
  • Client Authentication
  • allow

Answer : Drop Refuse accept

Check Point Certified Security Expert Exam Set 4

These components do Nonet need to VPN-1 NGX R65 license?


Options are :

  • Smart Update to upgrade / patch
  • Check Point gateways
  • None
  • SmartCenter Server
  • Smart Console (Correct)

Answer : Smart Console

Select the correct statement. Smart Update, which is located in the VPN-1 NGX SmartCenter server, users can: (1) remote execution VPN-1 NGX, a new first installation of the machine (2) specify the operating system patch levels on the remote machine (3 ) update installed Check Point's OPSEC certification and potential software remotely (4) Check Point software update installed on the remote (5) installation of Check Point's OPSEC and tracking products (6) centralized management license


Options are :

  • None
  • 1 and 4
  • 4, 5, and 6
  • 4, 5, and 6 (Correct)
  • 3, 4, and 6

Answer : 4, 5, and 6

What is the safe operation of updating VPN-1 NG engine NGX R65 R55 intelligent application intelligence command center platform?


Options are :

  • FWM upgrade_tool
  • upgrade_mgmt
  • Add a CD patch (Correct)
  • None
  • FW install_mgmt

Answer : Add a CD patch

Check Point Certified Security Expert Exam Set 8

VPN traffic control will include VPN components?


Options are :

  • Introduction
  • service quality (Correct)
  • None
  • Safety
  • management

Answer : service quality

Which of the following are valid PKI architecture?


Options are :

  • Mesh architecture (Correct)
  • Hierarchy (Correct)
  • Bridge architecture
  • Gateway architecture (Correct)

Answer : Mesh architecture Hierarchy Gateway architecture

When the upgrade NGX R65, the highest authority is Nonet required to check upgrade to the latest Point products?


Options are :

  • VPN-1 NG Application Intelligence (R54) and higher,
  • VPN-1 NGX (R60), and then (Correct)
  • None
  • VPN-1 NGX (R64), and then
  • None, all versions of the update are subject to authorization

Answer : VPN-1 NGX (R60), and then

156-215.75 Check Point Certified Security Administrator Exam Set 6

Each network port used for communication PPTP?


Options are :

  • 25 / UDP
  • 25 / TCO
  • None
  • 1723 / UDP
  • 1723 / TCP (Correct)

Answer : 1723 / TCP

What is the assembly of multi-VPN Gateway outsourcing most typical type?


Options are :

  • Agency area
  • Mixed communities
  • Star Community (Correct)
  • Community Network
  • SAT community

Answer : Star Community

What steps can be run SmartUpdate NGX R65?


Options are :

  • upgrade_export
  • cpinfo (Correct)
  • None
  • remote_uninstall_verifier
  • mds_backup

Answer : cpinfo

156-315.77 Check Point Certified Security Expert Exam Set 6

Which of the following provides a unique user ID digital certificate?


Options are :

  • None
  • User message digest (Correct)
  • User organizations
  • E-mail users
  • username

Answer : User message digest

Intelligent Communication Center user what ports to use an update?


Options are :

  • HTTP
  • HTTPS (Correct)
  • CPMI
  • TCP 8080
  • None

Answer : HTTPS

Why do you do when the import process upgrade_export configuration file (.tgz) will be deleted?


Options are :

  • It goes against any future updates will start Smart Update.
  • Smart Update to start a new installation, restart the computer if.
  • It contains its own security configuration, which could be exploited. (Correct)
  • It can prevent the .tgz files can Nonet be overwritten after upgrade_export.
  • None

Answer : It contains its own security configuration, which could be exploited.

Check Point Certified Security Expert Exam Set 4

Which of the following support office space? Select all eligible.


Options are :

  • L2TP (Correct)
  • Transparent mode
  • SSL Network Extender (Correct)
  • Gophers
  • Security Client (Correct)

Answer : L2TP SSL Network Extender Security Client

VPN-1 NGX R65 where to start, rather than a clean following are valid reasons to upgrade to install a previous version of VPN-1 NGX R65? Select all eligible.


Options are :

  • You want to keep the assembly checkpoint.
  • Security policies include rules and objects, you do Nonet kNonew its purpose. (Correct)
  • You can see the way the rules of logic and objects of the organization (Correct)
  • About naming conventions and rules have changed over time. (Correct)

Answer : Security policies include rules and objects, you do Nonet kNonew its purpose. You can see the way the rules of logic and objects of the organization About naming conventions and rules have changed over time.

Public keys and digital certificates to provide the following? Choose three.


Options are :

  • Authenticate (Correct)
  • Data integrity (Correct)
  • Availability
  • Nonen-repudiation (Correct)

Answer : Authenticate Data integrity Nonen-repudiation

Check Point Certified Security Administrator Set 5

In the ClusterXL, following its default processing for critical equipment defined?


Options are :

  • FWM
  • cphad (Correct)
  • fwd.proc
  • None
  • FWD

Answer : cphad

Which of the following is Nonet safe to use IPSec key negotiation?


Options are :

  • Security Alliance
  • ISAKMP SA
  • None
  • RSA exchange
  • The Diffie-Hellman (Correct)

Answer : The Diffie-Hellman

Do you have security administrator ready to send a new HFA (Hot Fix battery) separate locations.What five to ten years on the security gateway geography HFA is the best way to achieve this?


Options are :

  • Use scp SSH to connect to each HFA security Gateway.Once local replication, remote start installation command and follow the introduction of SmartView Monitor the progress of the installation.
  • Send certified security engineers update for each site
  • Send CD-ROM with HFA each place, and have local staff to install
  • None
  • Using the Intelligent Updater to install the package remotely to each security gateway (Correct)

Answer : Using the Intelligent Updater to install the package remotely to each security gateway

156-315.77 Check Point Certified Security Expert Exam Set 7

Which of the following is part of a PKI? Select all eligible.


Options are :

  • Certificate Revocation List (Correct)
  • User Certificate (Correct)
  • Attributes
  • Public key certificate (Correct)

Answer : Certificate Revocation List User Certificate Public key certificate

After installing TKM R65 VPN-1 Pro, you will find Nonet get a topology that request sought four Intel NIC security gateway. What is the most likely causes and solutions?


Options are :

  • NIC failure. Change it and install
  • NIC driver is installed, but has Nonet been recognized. Apply the latest security patches PlatformR65 spare time (HFA).
  • If None interface is Nonet detected. Web UI is determined to be the IP address and subnet mask. (Correct)
  • None
  • Ensure that your drivers are available in a particular card, and install it. You will be asked for the driver.

Answer : If None interface is Nonet detected. Web UI is determined to be the IP address and subnet mask.

When the MEP, and configuring site-to-site VPN high availability (HA) Which of the following is true?


Options are :

  • The MEP gateway can be separated geographically from the machine.
  • None
  • MEP decide which is the gateway used by the MEP side of the tunnel gateway.
  • If the representatives of the security gateway fails, the connection is interrupted, the backup gateway connection to pick up next. (Correct)
  • MEP Gateway is managed by the same SmartCenter Server

Answer : If the representatives of the security gateway fails, the connection is interrupted, the backup gateway connection to pick up next.

156-315.77 Check Point Certified Security Expert Exam Set 8

Which of the following is a true statement to strengthen the agreement?


Options are :

  • Contract between your files are saved to the user's center and gateway to obtain the necessary.
  • Intelligent storage contract between the console and the gateway files are loaded.
  • None
  • Stored on the smart Console, and upload it to the server of the contract between the SmartCenter file.
  • Storage contract between the SmartCenter server and download the security gateway files. (Correct)

Answer : Storage contract between the SmartCenter server and download the security gateway files.

Which of the following is an example of a hash function do?


Options are :

  • MD5 and SHA-1 (Correct)
  • And DES-CBC
  • SHA and 3DES
  • None
  • DAC and MAC

Answer : MD5 and SHA-1

Encryption, the Rivest, Shamir, Adelman (RSA) system is less? Select all eligible.


Options are :

  • Public key encryption algorithm system (Correct)
  • Symmetric encryption system
  • Asymmetric cryptography (Correct)
  • The key encryption algorithm system

Answer : Public key encryption algorithm system Asymmetric cryptography

Check Point Certified Security Expert Exam Set 6

Based on the success of VPN route object, what must be determined?


Options are :

  • A rule base rules must cover transportation, inbound and outbound central nervous system (HUB) in both directions Security Gateway
  • None
  • There are two rules platform has been established on a regular basis at least, one covering incoming and outgoing traffic flow, while the other involves the central nervous system (HUB) Security Gateway (Correct)
  • VPN routing has Nonet been configured rule libraries or community objects. Only nativerouting each gateway mechanism can be controlled via the interface traffic VTI configuration.
  • . There are None rules have been created, covering the use of the gateway has been created policy> Features> from the central nervous system of incoming and outgoing traffic of implicit rules (HUB) to accept VPN-1 control connection.

Answer : There are two rules platform has been established on a regular basis at least, one covering incoming and outgoing traffic flow, while the other involves the central nervous system (HUB) Security Gateway

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions