Check Point Certified Security Expert Exam Set 5

The process _____ is responsible for Policy compilation.


Options are :

  • FWM (Correct)
  • FWCMP
  • CPD
  • CPLMD

Answer : FWM

Check Point Certified Security Expert Exam Set 10

How do you check the version of “CPSIZEME” on GAiA?


Options are :

  • [expert@HostName]# ./cpsizeme.exe –version
  • [expert@HostName]# ./cpsizeme.exe –v
  • [expert@HostName]# ./cpsizeme –version
  • [expert@HostName]# ./cpsizeme –V (Correct)

Answer : [expert@HostName]# ./cpsizeme –V

Which of the following methods will provide the most complete backup of an R77 configuration?


Options are :

  • Policy Package Management
  • Copying the directories $FWDIR\conf and $CPDIR\conf to another server
  • The command migrate_export (Correct)
  • Database Revision Control

Answer : The command migrate_export

What step should you take before running migrate_export?


Options are :

  • Run a cpstop on the Security Management Server
  • Install policy and exit SmartDashboard.
  • Run a cpstop on the Security Gateway
  • Disconnect all GUI clients. (Correct)

Answer : Disconnect all GUI clients.

156-215.13 Check Point Certified Security Administrator Exam Set 8

What process is responsible for transferring the policy file from Smart Center to the Gateway?


Options are :

  • FWD
  • FWM
  • CPD (Correct)
  • CPRID

Answer : CPD

An administrator has installed the latest HFA on the system for fixing traffic problems after creating a backup file. A large number of routes were added or modified, causing network problems. The Check Point configuration has not been changed. What would be the most efficient way to revert to a working configuration?


Options are :

  • Use the command restore and select the appropriate backup file. (Correct)
  • Select Snapshot Management from the SecurePlatform boot menu.
  • The restore is not possible because the backup file does not have the same build number (version).
  • A back up cannot be restored, because the binary files are missing.

Answer : Use the command restore and select the appropriate backup file.

In a Check Point gateway cluster, are VRRP and ClusterXL mutually exclusive?


Options are :

  • No, you need to install GAiA if you want to use both technologies simultaneously (Correct)
  • No, only IPSO able to enable both technologies simultaneously
  • Yes
  • No, both gateways should have SPLAT installed

Answer : No, you need to install GAiA if you want to use both technologies simultaneously

156-315.77 Check Point Certified Security Expert Exam Set 5

The process _____ is responsible for GUI Client communication with the Smart Center.


Options are :

  • CPD
  • FWM (Correct)
  • FWD
  • CPGUI

Answer : FWM

Does Check Point recommend generating an upgrade_export on standby SmartCenters?


Options are :

  • No. All Check Point processes are stopped.
  • Yes. All information is available at both SmartCenters
  • No. There is no way to verify the actual configuration (Correct)
  • Yes. This is the only way to get the upgrade_export

Answer : No. There is no way to verify the actual configuration

Where do you verify that Smart Directory is enabled?


Options are :

  • Gateway properties > Authentication> Use SmartDirectory(LDAP) for Security Gateways is checked
  • Global properties > User Directory (LDAP) > Use SmartDirectory(LDAP) for Security Gateways is checked (Correct)
  • Global properties > Authentication> Use SmartDirectory(LDAP) for Security Gateways is checked
  • Gateway properties > Smart Directory (LDAP) > Use SmartDirectory(LDAP) for Security Gateways is checked

Answer : Global properties > User Directory (LDAP) > Use SmartDirectory(LDAP) for Security Gateways is checked

Check Point Certified Security Expert Exam Set 9

When restoring R77 using the command upgrade_import, which of the following items are NOT restored?


Options are :

  • Licenses
  • User db
  • Gateway topology
  • Route tables (Correct)

Answer : Route tables

You are running a R77 Security Gateway on GAiA. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?


Options are :

  • manual backup
  • snapshot (Correct)
  • backup
  • migrate_import

Answer : snapshot

MegaCorp has two different types of hardware with Check Point GAiA installed and set up as gateways. The Administrator wants to provide redundancy in case one of them fails. Choose the best approach.


Options are :

  • Configure ClusterXL (Correct)
  • Configure Gateway HA
  • Configure Management HA for gateways
  • Configure VRRP

Answer : Configure ClusterXL

Check Point Certified Security Expert Exam Set 10

You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?


Options are :

  • Select the two port-scan detections as a sub-event.
  • Define the two port-scan detections as an exception
  • You cannot set Smart Event to detect two port scans from a host within 10 seconds of each other. (Correct)
  • Select the two port-scan detections as a new event.

Answer : You cannot set Smart Event to detect two port scans from a host within 10 seconds of each other.

When, during policy installation, does the atomic load task run?


Options are :

  • It is the last task during policy installation. (Correct)
  • Immediately after fwm load runs on the SmartCenter
  • It is the first task during policy installation.
  • Before CPD runs on the Gateway

Answer : It is the last task during policy installation.

In a Windows environment, SmartReporter Data Base settings could be modified in:


Options are :

  • %RTDIR%\Database\conf\my.ini (Correct)
  • $CPDIR/Database/conf/conf.C
  • $ERDIR/conf/my.cnf
  • $FWDIR/Eventia/conf/ini.C

Answer : %RTDIR%\Database\conf\my.ini

Check Point Certified Security Expert Exam Set 6

The file snapshot generates is very large, and can only be restored to:


Options are :

  • Windows Server class systems
  • Individual members of a cluster configuration
  • The device that created it, after it has been upgraded
  • A device having exactly the same Operating System and hardware as the device that created the file. (Correct)

Answer : A device having exactly the same Operating System and hardware as the device that created the file.

The process _____ complies $FWDIR/CONF/*.W files into machine language.


Options are :

  • fwm
  • fw gen (Correct)
  • fwd
  • cpd

Answer : fw gen

Which of the following is NOT part of the policy installation process?


Options are :

  • Code generation
  • Code compilation
  • Validation (Correct)
  • Initiation

Answer : Validation

156-315.77 Check Point Certified Security Expert Exam Set 3

What can you do to see the current number of kernel instances in a system with CoreXL enabled?


Options are :

  • Browse to Secure Platform Web GUI
  • Execute SmartDashboard client
  • Run command cpconfig (Correct)
  • Only Check Point support personnel can access that information

Answer : Run command cpconfig

Which of the following is the preferred method for adding static routes in GAiA?


Options are :

  • In the CLI via sysconfig
  • In the CLI with the command “route add”
  • In Web Portal, under Network Management > IPv4 Static Routes (Correct)
  • In SmartDashboard under Gateway Properties > Topology

Answer : In Web Portal, under Network Management > IPv4 Static Routes

Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment. Which back up method does Check Point recommend before major changes, such as upgrades?


Options are :

  • upgrade_export
  • backup
  • migrate export
  • snapshot (Correct)

Answer : snapshot

156-515.65 Check Point Certified Security Expert Plus Exam Set 2

The process _____ provides service to access the GAIA configuration database


Options are :

  • configdbd
  • confd (Correct)
  • fwm
  • ipsrd

Answer : confd

If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?


Options are :

  • Log Sequence Policy
  • Smartreporter Policy (Correct)
  • Consolidation Policy
  • Log Consolidator Policy

Answer : Smartreporter Policy

In a UNIX environment, SmartReporter Data Base settings could be modified in:


Options are :

  • $FWDIR/Eventia/conf/ini.C
  • $RTDIR/Database/conf/my.cnf (Correct)
  • $CPDIR/Database/conf/conf.C
  • $ERDIR/conf/my.cnf

Answer : $RTDIR/Database/conf/my.cnf

156-315.77 Check Point Certified Security Expert Exam Set 7

David wants to manage hundreds of gateways using a central management tool. What tool would David use to accomplish his goal?


Options are :

  • SmartBlade
  • SmartDashboard
  • SmartProvisioning (Correct)
  • SmartLSM

Answer : SmartProvisioning

Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment. Which back up method does Check Point recommend every couple of months, depending on how frequently you make changes to the network or policy?


Options are :

  • migrate export
  • upgrade_export
  • backup (Correct)
  • snapshot

Answer : backup

Which protocol can be used to provide logs to third-party reporting?


Options are :

  • CPMI (Check Point Management Interface)
  • AMON (Application Monitoring)
  • ELA (Event Logging API)
  • LEA (Log Export API) (Correct)

Answer : LEA (Log Export API)

156-215.75 Check Point Certified Security Administrator Exam Set 1

What is the primary benefit of using upgrade_export over either backup or snapshot?


Options are :

  • The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.
  • upgrade_export is operating system independent and can be used when backup or snapshot is not available. (Correct)
  • upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
  • upgrade_export has an option to backup the system and SmartView Tracker logs while backup and snapshot will not.

Answer : upgrade_export is operating system independent and can be used when backup or snapshot is not available.

When do modifications to the Event Policy take effect?


Options are :

  • When saved on the Smart Event Server and installed to the Correlation Units (Correct)
  • As soon as the Policy Tab window is closed.
  • When saved on the Correlation Units, and pushed as a policy.
  • When saved on the Smart Event Client, and installed on the SmartEvent Server

Answer : When saved on the Smart Event Server and installed to the Correlation Units

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions