Check Point Certified Security Expert Exam Set 4

Remote clients are using IPSec VPN to authenticate via LDAP server to connect to the organization. Which gateway process is responsible for the authentication?


Options are :

  • vpnd (Correct)
  • fwm
  • cvpnd
  • fwd

Answer : vpnd

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 9

Which of the following is NOT an internal/native Check Point command?


Options are :

  • cphaprob
  • tcpdump (Correct)
  • fw ctl debug
  • fwaccel on

Answer : tcpdump

Which of the following commands shows full synchronization status?


Options are :

  • fw hastat
  • cphaprob -i list (Correct)
  • fw ctl iflist
  • cphaprob -a if

Answer : cphaprob -i list

Check Point Clustering protocol, works on:


Options are :

  • UDP 500
  • TCP 19864
  • UDP 8116 (Correct)
  • TCP 8116

Answer : UDP 8116

156-315.77 Check Point Certified Security Expert Exam Set 6

What is the default port number for Secure Sockets Layer connections with the LDAP Server?


Options are :

  • 398
  • 636 (Correct)
  • 389
  • 363

Answer : 636

Jack is using SmartEvent and does not see the identities of the users on the events. As an administrator with full access, what does he need to do to fix his issue?


Options are :

  • Open SmartEvent, go to the Policy Tab, select General Settings from the left column > User identities and check the box Show identities (Correct)
  • Open SmartEvent and toggle the Show or Hide identities icon.
  • Open SmartEvent, Click on Query Properties and select the User column
  • Open SmartDashboard and toggle the Show or Hide identities icon, then re-open SmartEvent

Answer : Open SmartEvent, go to the Policy Tab, select General Settings from the left column > User identities and check the box Show identities

A snapshot delivers a complete backup of Secure Platform.

The resulting file can be stored on servers or as a local file in /var/CPsnapshot/snapshots.

How do you restore a local snapshot named MySnapshot.tgz?


Options are :

  • As Expert user, type command snapshot - R to restore from a local file. Then, provide the correct file name.
  • Reboot the system and call the start menu. Select option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.
  • As Expert user, type command revert --file MySnapshot.tgz. (Correct)
  • As Expert user, type command snapshot -r MySnapshot.tgz.

Answer : As Expert user, type command revert --file MySnapshot.tgz.

156-215.13 Check Point Certified Security Administrator Exam Set 2

In a “zero downtime” firewall cluster environment, what command do you run to avoid switching problems around the cluster


Options are :

  • cphaconf set clear_subs
  • cphaconf set mc_relod
  • cphaconf set_ccp multicast
  • cphaconf set_ccp broadcast (Correct)

Answer : cphaconf set_ccp broadcast

Which command will erase all CRL’s?


Options are :

  • vpn flush
  • cpstop/cpstart
  • vpn crl_zap (Correct)
  • vpn crladmin

Answer : vpn crl_zap

The process that performs the authentication for Smart Dashboard is:


Options are :

  • vpnd
  • fwm (Correct)
  • cpd
  • cvpnd

Answer : fwm

Check Point Certified Security Expert Exam Set 6

How do you verify the Check Point kernel running on a firewall?


Options are :

  • fw ctl pstat
  • fw ver -k (Correct)
  • fw kernel
  • fw ctl get kernel

Answer : fw ver -k

When upgrading Check Point products in a distributed environment, in which order should you upgrade these components?

1 GUI Client

2 Security Management Server

3 Security Gateway


Options are :

  • 2, 3, 1 (Correct)
  • 1, 2, 3
  • 3, 1, 2
  • 3, 2, 1

Answer : 2, 3, 1

You configure a Check Point QoS Rule Base with two rules: an HTTP rule with a weight of 40, and the Default Rule with a weight of 10. If the only traffic passing through your QoS Module is HTTP traffic, what percent of bandwidth will be allocated to the HTTP traffic?


Options are :

  • 100% (Correct)
  • 40%
  • 80%
  • 50%

Answer : 100%

156-315.77 Check Point Certified Security Expert Exam Set 18

Choose the ClusterXL process that is defined be default as a critical device?


Options are :

  • cpp
  • fwm
  • fwd (Correct)
  • assld

Answer : fwd

Frank is concerned with performance and wants to configure the affinities settings. His gateway does not have the Performance pack running. What would Frank need to perform in order configure those settings?


Options are :

  • Run fw affinity and change the settings
  • Edit affinity.conf and change the settings
  • Edit $FWDIR/conf/fwaffinity.conf and change the settings (Correct)
  • Run sim affinity and change the settings

Answer : Edit $FWDIR/conf/fwaffinity.conf and change the settings

Which of the following statements is TRUE concerning MEP VPN’s?


Options are :

  • MEP Security Gateways cannot be managed by separate Management Servers
  • MEP VPN’s are not restricted to the location of the gateways (Correct)
  • The VPN Client is assigned a Security Gateway to connect to based on a priority list, should the first connection fail.
  • State synchronization between Security Gateways is required.

Answer : MEP VPN’s are not restricted to the location of the gateways

156-315.77 Check Point Certified Security Expert Exam Set 13

Katie has enabled User Directory and applied the license to Security Management Server, Green. Her supervisor has asked her to configure the Password Strength options of the least one digit, one symbol, 8 characters long and include an uppercase character. How should she accomplish this?


Options are :

  • Open the SmartDashboard, Select Global properties, select Identity Awareness; check the boxes for Password must include an upper character, Password must include a digit, Password must include a symbol and change the password length to 8 characters
  • Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, and Password must include a symbol.
  • Open the SmartDashboard, Select Global properties, select User Authority; check the boxes for Password must include an upper character, Password must include a digit and Password must include a symbol.
  • Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, Password must include a symbol and change the password length to 8 characters. (Correct)

Answer : Open the SmartDashboard, Select Global Properties, select User Directory, check the boxes for Password must include an uppercase character, Password must include a digit, Password must include a symbol and change the password length to 8 characters.

A Threat Prevention profile is a set of configurations based on the following. Select the right answer.


Options are :

  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings.
  • Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings, HTTPS inspection settings
  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings. (Correct)
  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings, HTTPS inspection settings.

Answer : Anti-Virus settings, Anti-Bot settings, Threat Emulation settings.

What does the command vpn crl_zap do?


Options are :

  • Erases CRL’s from the management server cache
  • Erases all CRL’s from the gateway cache (Correct)
  • Nothing, it is not a valid command
  • Erases VPN certificates from cache

Answer : Erases all CRL’s from the gateway cache

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 8

__________ is a proprietary Check Point protocol. It is the basis for Check Point ClusterXL intermodule communication.


Options are :

  • CKPP
  • RDP
  • HA OPCODE
  • CCP (Correct)

Answer : CCP

Which of the following log files contains verbose information regarding the negotiation process and other encryption failures?


Options are :

  • vpnd.elg (Correct)
  • vpn.elg
  • ike.elg
  • iked.elg

Answer : vpnd.elg

You have pushed a policy to your firewall and you are not able to access the firewall. What command will allow you to remove the current policy from the machine?


Options are :

  • fw fetch policy
  • fw purge active
  • fw unloadlocal (Correct)
  • fw purge policy

Answer : fw unloadlocal

156-215.77 Check Point Certified Security Administrator Exam Set 2

CPD is a core Check Point process that does all of the following EXCEPT:


Options are :

  • SIC (Secure Internal Communication) functions
  • AMON status pull from the Gateway
  • Management High Availability (HA) sync (Correct)
  • Policy installation

Answer : Management High Availability (HA) sync

What are you required to do before running upgrade_export?


Options are :

  • Run a cpstop on the Security Management Server.
  • Run cpconfig and set yourself up as a GUI client.
  • Run a cpstop on the Security Gateway
  • Close all GUI clients (Correct)

Answer : Close all GUI clients

Lilly has generated an IKE debug on her Security Gateway. She has asked Jack to transfer the file to Support. Where is the file located?


Options are :

  • $FWDIR/opt/ike.elg
  • $FWDIR/log/vpnd.elg
  • $FWDIR/opt/vpnd.elg
  • $FWDIR/log/ike.elg (Correct)

Answer : $FWDIR/log/ike.elg

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 4

Which graded parameters help determine the protections to activate for security and which can be safely deactivated? Select the most correct answer


Options are :

  • Type, Severity, Confidence level, Performance impact, Protection type. (Correct)
  • Severity, Confidence level, Performance impact, Protection type
  • Type, Severity, Confidence level, Performance impact
  • Type, Severity, Confidence level, Performance impact, Geo information

Answer : Type, Severity, Confidence level, Performance impact, Protection type.

A VPN Tunnel Interface (VTI) is defined on GAiA as:

vpn shell interface add numbered 10.10.0.1 10.10.0.2 madrid.cp

What do you know about this VTI?


Options are :

  • The VTI name is madrid.cp.
  • The peer Security Gateway’s name is madrid.cp. (Correct)
  • 10.10.0.1 is the local Gateway’s internal interface, and 10.10.0.2 is the internal interface of the remote Gateway.
  • The local Gateway's object name is madrid.cp.

Answer : The peer Security Gateway’s name is madrid.cp.

Which Check Point ClusterXL mode is used to synchronize the physical interface IP and MAC addresses on all clustered interfaces


Options are :

  • Multicast Mode Load Sharing
  • New Mode HA (Correct)
  • Pivot Mode Load Sharing
  • Legacy Mode HA

Answer : New Mode HA

156-315.65 Check Point Security Administration NGX R65 Exam Set 6

When configuring a Permanent Tunnel between two gateways in a Meshed VPN community, in what object is the tunnel managed?


Options are :

  • Only the local Security Gateway object
  • Security Management Server
  • VPN Community object (Correct)
  • Each participating Security Gateway object

Answer : VPN Community object

The process that performs the authentication for Remote Access is:


Options are :

  • cvpnd
  • vpnd (Correct)
  • fwm
  • cpd

Answer : vpnd

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions