Check Point Certified Security Expert Exam Set 6

A snapshot delivers a complete backup of GAiA. How do you restore a local snapshot named MySnapshot.tgz?


Options are :

  • As Expert user, type command revert --file MySnapshot.tgz. (Correct)
  • As Expert user, type command snapshot - R to restore from a local file. Then, provide the correct file name.
  • Reboot the system and call the start menu. Select option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name
  • As Expert user, type command snapshot -r MySnapshot.tgz.

Answer : As Expert user, type command revert --file MySnapshot.tgz.

156-315.77 Check Point Certified Security Expert Exam Set 10

If Bob wanted to create a Management High Availability configuration, what is the minimum number of Security Management servers required in order to achieve his goal?


Options are :

  • One
  • Two (Correct)
  • Four
  • Three

Answer : Two

What is the best tool to produce a report which represents historical system information?


Options are :

  • SmartView Tracker
  • SmartReporter-Standard Reports
  • Smartview Monitor
  • SmartReporter-Express Reports (Correct)

Answer : SmartReporter-Express Reports

If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?


Options are :

  • Report Policy
  • Consolidation Policy (Correct)
  • Log Sequence Policy
  • Log Consolidator Policy

Answer : Consolidation Policy

Check Point Certified Security Administrator Set 4

What tool exports the Management Configuration into a single file?


Options are :

  • Upgrade_Export
  • Backup
  • CPConfig_Export
  • migrate export (Correct)

Answer : migrate export

Check Point recommends that you back up systems running Check Point products. Run your back ups during maintenance windows to limit disruptions to services, improve CPU usage, and simplify time allotment. Which back up method does Check Point recommend anytime outside a maintenance window?


Options are :

  • migrate export (Correct)
  • backup_export
  • snapshot
  • backup

Answer : migrate export

Select the right answer to export IPS profiles to copy to another management server?


Options are :

  • ips_export_import export (Correct)
  • fwm dbexport –p
  • IPS profile exports is not allowed
  • SmartDashboard – IPS tab – Profiles – select profile + right click and select “export profile”

Answer : ips_export_import export

Check Point Certified Security Expert Exam Set 9

By default, what happens to the existing connections on a firewall when a new policy is installed?


Options are :

  • Existing connections are always allowed
  • All existing data connections will be kept open until the connections have ended.
  • All existing control and data connections will be kept open until the connections have ended.
  • All existing connections not allowed under the new policy will be terminated (Correct)

Answer : All existing connections not allowed under the new policy will be terminated

The process _____ is responsible for all other security server processes run on the Gateway.


Options are :

  • FWM
  • CPD
  • FWSSD
  • FWD (Correct)

Answer : FWD

What Smart Console application allows you to change the Smart Reporter Policy?


Options are :

  • Smart Reporter
  • Smart Update
  • Smart Dashboard (Correct)
  • Smart Event Server

Answer : Smart Dashboard

156-215.70 Check Point Certified Security Administrator Exam Set 3

Where is it necessary to configure historical records in SmartView Monitor to generate Express reports in Smart Reporter?


Options are :

  • In SmartView Monitor, under Global Properties > Log and Masters
  • In SmartReporter, under Express > Network Activity
  • In Smart Dashboard, the Smart View Monitor page in the R77 Security Gateway object (Correct)
  • In SmartReporter, under Standard > Custom
  • NONE

Answer : In Smart Dashboard, the Smart View Monitor page in the R77 Security Gateway object

The process _____ is responsible for Management High Availability synchronization.


Options are :

  • FWM (Correct)
  • CPLMD
  • FWSYNC
  • CPD

Answer : FWM

SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:


Options are :

  • Analyzing access attempts via social-engineering (Correct)
  • Tracking attempted port scans
  • Possible worm/malware activity.
  • Analyzing traffic patterns against public resources

Answer : Analyzing access attempts via social-engineering

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 2

To back up all events stored in the Smart Event Server, you should back up the contents of which folder(s)?


Options are :

  • $FWDIR/distrib
  • $RTDIR/distrib and $RTDIR/events_db (Correct)
  • $RTDIR/events_db
  • $FWDIR/distrib_db and $FWDIR/events

Answer : $RTDIR/distrib and $RTDIR/events_db

Which of the following statements accurately describes the migrate command?


Options are :

  • Used when upgrading the Security Gateway, upgrade_export includes modified files, such as in the directories /lib and /conf.
  • Used primarily when upgrading the Security Management Server, migrate stores all object databases and the conf directories for importing to a newer version of the Security Gateway (Correct)
  • upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included or excluded before exporting.
  • upgrade_export stores network-configuration data, objects, global properties, and the database revisions prior to upgrading the Security Management Server

Answer : Used primarily when upgrading the Security Management Server, migrate stores all object databases and the conf directories for importing to a newer version of the Security Gateway

When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?


Options are :

  • eva_db_backup (Correct)
  • migrate export
  • snapshot
  • backup

Answer : eva_db_backup

156-315.77 Check Point Certified Security Expert Exam Set 20

You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?


Options are :

  • Commands upgrade_export and upgrade_import
  • Manual copies of the directory $FWDIR/conf
  • Database Revision Control
  • GAiA back up utilities (Correct)

Answer : GAiA back up utilities

To clean the system of all Smart Event events, you should delete the files in which folder(s)?


Options are :

  • $RTDIR/distrib and $RTDIR/events_db (Correct)
  • None
  • $FWDIR/distrib
  • $FWDIR/distrib_db and $FWDIR/events
  • $RTDIR/events_db

Answer : $RTDIR/distrib and $RTDIR/events_db

Your company has the requirement that SmartEvent reports should show a detailed and accurate view of network activity but also performance should be guaranteed. Which actions should be taken to achieve that?

1) Use same hard drive for database directory, log files, and temporary directory.

2) Use Consolidation Rules.

3) Limit logging to blocked traffic only.

4) Use Multiple Database Tables.


Options are :

  • 1, 2
  • 2, 4 (Correct)
  • 1, 3, 4
  • 1, 2, 4

Answer : 2, 4

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 1

Your primary Security Management Server runs on GAiA. What is the fastest way to back up your Security Gateway R77 configuration, including routing and network configuration files?


Options are :

  • Use the command snapshot
  • Using the command upgrade_export.
  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • Using the native GAiA back up utility from command line or in the Web-based user interface. (Correct)

Answer : Using the native GAiA back up utility from command line or in the Web-based user interface.

Your R7x-series Enterprise Security Management Server is running abnormally on Windows Server 2008 R2. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?


Options are :

  • 1. Create a data base revision control back up using SmartDashboard. 2. Create a compressed archive of the directories %FWDIR%/conf and %FWDIR%/lib and copy them to another networked machine. 3. Uninstall all packages using Add/Remove Programs and reboot. 4. Install again as a primary Security Management Server using the R77 CD-ROM. 5. Reboot and restore the two archived directories over the top of the new installation, choosing to overwrite existing files.
  • 1. Insert the R77 CD-ROM and select the option to export the configuration using the latest upgrade utilities. 2. Follow steps suggested by upgrade_verification and re-export the configuration if needed. 3. Save the exported file *.tgz to a local directory c:/temp. 4. Uninstall all packages using Add/Remove Programs and reboot. 5. Install again using the R77 CD-ROM as a primary Security Management Server and reboot. 6. Run upgrade_import to import the configuration. (Correct)
  • 1. Download the latest utility upgrade_export and run from directory c:/temp to export the configuration into a *.tgz file. 2. Follow steps suggested by upgrade_verification. 3. Uninstall all packages using Add/Remove Programs and reboot. 4. Use SmartUpdate to reinstall the Security Management Server and reboot. 5. Transfer file *.tgz back to local directory /temp. 6. Run upgrade_import to import the configuration.
  • 1. Download the latest utility upgrade_export and run from a local directory c:/temp to export the configuration into a *.tgz file. 2. Skip any upgrade_verification warnings since you are not upgrading. 3. Transfer the file *.tgz to another networked machine. 4. Download and run the utility cpclean and reboot. 5. Use the R77 CD-ROM to select option upgrade_import to import the configuration.

Answer : 1. Insert the R77 CD-ROM and select the option to export the configuration using the latest upgrade utilities. 2. Follow steps suggested by upgrade_verification and re-export the configuration if needed. 3. Save the exported file *.tgz to a local directory c:/temp. 4. Uninstall all packages using Add/Remove Programs and reboot. 5. Install again using the R77 CD-ROM as a primary Security Management Server and reboot. 6. Run upgrade_import to import the configuration.

Check Point New Mode HA is a(n) _____ solution.


Options are :

  • acceleration
  • load-balancing
  • primary-domain
  • active-standby (Correct)

Answer : active-standby

Check Point Certified Security Administrator Set 3

Which specific R77 GUI would you use to view the length of time a TCP connection was open?


Options are :

  • SmartView Monitor
  • SmartReporter
  • SmartView Status
  • SmartView Tracker (Correct)

Answer : SmartView Tracker

A Threat Prevention profile is a set of configurations based on the following. Select the right answer.


Options are :

  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings. (Correct)
  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings, HTTPS inspection settings.
  • Anti-Virus settings, Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings.
  • Anti-Bot settings, Threat Emulation settings, Intrusion-prevention settings, HTTPS inspection settings.

Answer : Anti-Virus settings, Anti-Bot settings, Threat Emulation settings.

To stop acceleration on a GAiA Security Gateway, enter command:


Options are :

  • fwaccel off (Correct)
  • fwaccel on
  • save config
  • sim affinity

Answer : fwaccel off

Check Point Certified Security Expert Exam Set 8

To help organize events, SmartReporter uses filtered queries. Which of the following is NOT an SmartEvent event property you can query?


Options are :

  • Event: Critical, Suspect, False Alarm (Correct)
  • TypE. Scans, Denial of Service, Unauthorized Entry
  • TimE. Last Hour, Last Day, Last Week
  • StatE. Open, Closed, False Alarm

Answer : Event: Critical, Suspect, False Alarm

Which file defines the fields for each object used in the file objects.C (color, num/string, default value…)?


Options are :

  • $FWDIR/conf/scheam.C
  • $FWDIR/conf/fields.C
  • $FWDIR/conf/table.C
  • $FWDIR/conf/classes.C (Correct)

Answer : $FWDIR/conf/classes.C

When migrating the SmartEvent data base from one server to another, the last step is to save the files on the new server. Which of the following commands should you run to save the SmartEvent data base files on the new server?


Options are :

  • cp
  • restore
  • eva_db_restore (Correct)
  • migrate import

Answer : eva_db_restore

156-315.77 Check Point Certified Security Expert Exam Set 3

Fill in the blank.

To bind a NIC to a single processor when using CoreXL on GAiA, you would use the command


Options are :

  • fwaccel off
  • save config
  • sim affinity (Correct)
  • fwaccel stat

Answer : sim affinity

Fill in the blank.

To save your OSPF configuration in GAiA, enter the command _____.


Options are :

  • fwaccel off
  • save config (Correct)
  • sim affinity
  • fwaccel stat

Answer : save config

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions