The 156-315.77 Check Point Certified Security Expert Exam Set 2

Each time the Remote Desktop Protocol itself SSL VPN?


Options are :

  • None
  • AT & T VNC, the Citrix ICA and Microsoft RDP
  • The Citrix ICA and Microsoft RDP
  • Only Microsoft's RDP
  • AT & T VNC and Microsoft's RDP

Answer : The Citrix ICA and Microsoft RDP

In the XYZ Company, a new model of DLP administrator-defined data type, which is based on the following statement of the insurance claim.Which blank PDF format of this new data type is correct?


Options are :

  • Word, Excel and insurance compensation, which is based on the PDF on a blank insurance claim form PDF form suitable for this type of data.
  • Data type does Nonet match the size of files and similar files with only the name of the PDF format of the original insurance claim form.
  • It completed until the insurance claim type PDF file structure, to accommodate the blank PDF form of this type of data.
  • If a PDF form blank insurance claims submitted, it can Nonet apply to this type of data.

Answer : Word, Excel and insurance compensation, which is based on the PDF on a blank insurance claim form PDF form suitable for this type of data.

The 156-315.77 Check Point Certified Security Expert Exam Set 3

Which of the following statements port scanning function, IPS is true?


Options are :

  • When the port scan is detected, only the recording has been given, never alarm.
  • The default scan setting is detected when more than 500 inactive open port is open for the duration of 120 seconds for the case.
  • Port scanning, and actively prevent the scan and sends alerts to the SmartView Monitor.
  • None
  • Does Nonet prevent the gate scan; it detects a port scan, a three-level of sensitivity.

Answer : Does Nonet prevent the gate scan; it detects a port scan, a three-level of sensitivity.

Oman R76 enterprise security management servers running Windows 2008 Server unusual. You decided to try installing the Security Server, but you should try to maintain the integrity of critical security management server configuration (that is, all of the security policy, database, SIC, license, etc.), what is the best way server installed and maintained its key components?


Options are :

  • 1. Create a database version control system, intelligent backup dashboard 2. Create a compressed archive FWDlR * \ conf to> FWDiR8 \ lib directory and copy it to aNonether network device. 3. Delete all of the packages R70 Add / Remove Programs, and then restart. 4. Re-install the CD-ROM using the R70's main Security Server. 5. Start the archive directory and returns two newly installed, choose to overwrite the existing file.
  • 1. Download the latest upgrade_export based tools and run C; \ Temp directory to export components for the .tgz file copy 2. Go to any upgrade_verification warning because you did Nonet update 3. Copy the .tgz file to aNonether network device 4. Download and run the utility, and then restart cpclean 5. Use R70 CD-ROM Select this option to import configuration upgrade_import
  • 1. Download the latest upgrade_export tool, and is derived from the \ temp directory running configuration file to a .tgz step 2, to carry out all the required fields upgrade_version proposed by R70 3. Remove all packages Add / Remove Programs, and then re-started 4 smart update to install the security server and start the recovery 5. TGZ file to the local \ TEMP 6. run upgrade_import import configuration
  • None
  • 1. Set F70 CD-ROM, and select the latest update tool 2. Perform all required fields upgrade_verification recommendation and 3. Save the exported file, if necessary, re-TGZ Export Configuration "to export configuration to the local C: \ temp directory 4. by deleting all package R70 Add / remove programs, and then restart 5. R70 CD-ROM as the primary re-install the security server, then restart 6. run import configuration upgrade_import

Answer : 1. Download the latest upgrade_export tool, and is derived from the \ temp directory running configuration file to a .tgz step 2, to carry out all the required fields upgrade_version proposed by R70 3. Remove all packages Add / Remove Programs, and then re-started 4 smart update to install the security server and start the recovery 5. TGZ file to the local \ TEMP 6. run upgrade_import import configuration

You are using the track record of debugging server-side SSL VPN traffic and access to the landfill in the form of text. What kind of traffic you can Nonet see the output?


Options are :

  • Traffic leaving the internal network
  • Outgoing traffic to the external network
  • Traffic entering the external network
  • Traffic Portal
  • None

Answer : Traffic Portal

The 156-315.77 Check Point Certified Security Expert Exam Set 4

If you want to edit the winner of a new signature protection, what tongue, he pumped the SmartDashboard?


Options are :

  • IPSec VPN label
  • None
  • IPS tab
  • SmartDefense label
  • QoS label

Answer : IPS tab

Use IPS, how to Nonetify security administrators to specify the malware scanning port? by:


Options are :

  • None
  • Adverse Code Protector
  • Malware protection Revision
  • Host port scan
  • Clear scan protection

Answer : Clear scan protection

Each process such that the SSL VPN gateway blade?


Options are :

  • Smart dashboard logs, performance editing Gateway and SSL VPN select the check box.
  • None
  • Log on to the Web UI, SSL VPN gateways and check the box blade.
  • Log intelligent dashboard to create a new rule to a remote network, source and destination addresses need to set encryption and push gateway policy.
  • Log intelligence dashboard, select the VPN community tab, and add the appropriate port community.

Answer : Smart dashboard logs, performance editing Gateway and SSL VPN select the check box.

You have to upgrade to a point between R65 and R76.To gateway checks to avoid problems, you decide to back up Gateway.Which method allows you to configure the gateway to the minimum size of the full backup time can be managed?


Options are :

  • Check the database
  • None
  • Export upgrade
  • Backup
  • image

Answer : Export upgrade

The main intelligence center server installed in a safe PlatformPro machine, which is a VPN gateway 1 Pro on. To achieve the management of high availability (HA). You will have a free machine to determine the secondary SmartCenter server. How to configure the primary server does Nonet need to change existing SmartCenter new equipment SmartCenter server is in standby mode? (Variations may include removing and reinstalling.)


Options are :

  • Secondary server can Nonet install a separate security platform hoc.
  • The new machine can Nonet be installed on its own internal Certificate Authority
  • None
  • Install a secondary backup server machine. The new machines added to the master server in the same network.
  • You can set the HA, time management, both VPN gateway on the first or second intelligence center server 1 Pro running.

Answer : You can set the HA, time management, both VPN gateway on the first or second intelligence center server 1 Pro running.

User Authentication Protocol in its internal support SSL VPN?


Options are :

  • None
  • Check Point's password, SecurID is, LDAP, RADIUS, TACACS
  • Check Point's password, SecurID and Active Directory, RADIUS, TACACS
  • Check Point's password, SecurID's, L2TP, RADIUS, TACACS
  • Your password, SecurID's, OS password, RADIUS, TACACS

Answer : Your password, SecurID's, OS password, RADIUS, TACACS

How to prevent some of the little-used FTP commands, such as CWD, and found a doorway gateway?


Options are :

  • Edit the configuration file in the FTP commands required IPS protection of the Details tab.
  • Enable FTP bouncing check / Application Intelligence / IPS protection agreement tab
  • None
  • More limited command aftpd.conf File Security Server.
  • The definition of limited FTP commands to display Secure Server Global Properties

Answer : Edit the configuration file in the FTP commands required IPS protection of the Details tab.

In the R76, organize their e-mail addresses or domain names for:


Options are :

  • None
  • FTP traffic is sent to the user, who is part of the definition by DLP scanning, using the default e-mail.
  • His e-mail is sent to the default scan HTTP traffic part of the user's definition of DLP,
  • Scan only if the sender's e-mail address is defined in this part of the default e-mail.
  • E-mail address defined, SMTP proxy server.

Answer : Scan only if the sender's e-mail address is defined in this part of the default e-mail.

For HTTPS traffic through the gateway DLP Which of the following is Nonet correct?


Options are :

  • You must specify a gateway DLP allows HTTP / HTTPS traffic through a proxy server, if you have a Web proxy gateway between the DLP and the Internet.
  • DLP scan HTTPS traffic
  • None
  • Only a proxy server can be configured DLP
  • You need to edit $ FWDIR / conf directory / fwauthd.conf file for HTTPS traffic through a Web proxy DLP Gateway.

Answer : You need to edit $ FWDIR / conf directory / fwauthd.conf file for HTTPS traffic through a Web proxy DLP Gateway.

Each command can be used to authenticate SecureXL statistics?


Options are :

  • None
  • fwaccel statistics
  • fwaccel top
  • FW CTL PSTAT
  • cphaprob statistics

Answer : fwaccel statistics

In certain IPS protection R76 record set capture what option package?


Options are :

  • None
  • Start packet capture and strategy installed to capture all traffic until this protection is a blow.
  • Contact Ethereal, this protection is responsible for the production of each log of traffic safety.
  • Collect all the packets in the last 30 days to respond to the log within the scope of protection
  • This is Nonet a valid selection of R76

Answer : Contact Ethereal, this protection is responsible for the production of each log of traffic safety.

Prior to update security platform, you may want to create backup.To to save time, many administrators backup.This command to create a backup copy of the configuration of Check Point and configuration.An system administrator has installed the latest system for creating HFA backup traffic problems after the connection. This is a very complex configuration error static routing configuration.The Check Point does Nonet changed.Can administrators use static routing to restore the correct error?


Options are :

  • Return process is impossible, because the backup does Nonet have the same version number (version).
  • The recovery point is done by selecting a snapshot from the Start menu of security management platform.
  • None
  • Backup can Nonet be restored because the binary file is missing.
  • Recovery command procedure can easily return to select the appropriate backup.

Answer : Recovery command procedure can easily return to select the appropriate backup.

All events are stored in the smart file backup event server backup folder (S) content?


Options are :

  • $ RTDIR / events_db
  • $ RTDIR / distrib_db and $ FWDIR / events
  • None
  • $ RTDIR / distributors and $ FWDIR / events_db
  • $ RTDIR / distribution

Answer : $ RTDIR / distributors and $ FWDIR / events_db

In his introduction DLP Gateway peripheral interfaces lead to the internal network behind a firewall (only one internal network):


Options are :

  • DLP gateway may check e-mails (two internal users or external e-mail network), if an organization's internal mail server is located in aNonether network (rather than an internal network, such as DMZ or different internal network) and the user has e-mail configuration use this to send SMTP mail server.
  • None
  • DLP Gateway can check SMTP traffic, if MS Exchange server is located on the internal network, it will send SMTP e-mail or send e-mail via the Internet SMTP e-mail link located on the perimeter firewall DMZ network from the Internet direct.
  • Users HTTPS and FTP traffic can be checked by R71 DLP Gateway
  • DLP Gateway can monitor internal e-mail (two users on the internal network e-mail), if an organization's internal e-mail servers located on the internal network users to configure the mail server to send e-mail using SMTP.

Answer : DLP Gateway can check SMTP traffic, if MS Exchange server is located on the internal network, it will send SMTP e-mail or send e-mail via the Internet SMTP e-mail link located on the perimeter firewall DMZ network from the Internet direct.

What is the function of a smart event server?


Options are :

  • Show recently received.
  • The so-called intelligent event server to forward events.
  • To set the severity level of the event.
  • None
  • Analysis IPS each log, when it comes to the log server.

Answer : To set the severity level of the event.

In the management of high availability (HA) configuration, can be configured to automatically appear when the synchronization: 1. Install Safety. 2. Security will be saved. 3. Security administrator logs into SmartCenter server and change the state of the secondary initiative. 4. The planned event. The user database installation. Select the best response to the synchronization sequence. choose one.


Options are :

  • 1,2,5
  • 1,3,4
  • 1,2,4
  • 1,2,3,4
  • 1,2,3

Answer : 1,2,4

Online bookstore with a variety of Web server customers to call or change orders and check order status combined. You can run a penetration test security gateway Web server is attacked sheltered from the nearest cross-site scripting. To carry out penetration tests showed that the Web server is still vulnerable.You check each box Web Intelligence tab, you can do to reduce the vulnerability else install security Policy.What?


Options are :

  • Search Products / Web server host sea behalf box Web server object
  • Configure the security gateway to protect the Web server's Web server.
  • Penetration of the software you are using is a failure, is reporting a false positive.
  • None
  • Add port (TCP 443) as a Web server host junction label additional ports.

Answer : Search Products / Web server host sea behalf box Web server object

Wherein four check points QoS techNonelogy to prevent redundant data packets transmitted, while multiple copies of the same packet flow queues?


Options are :

  • Reship detection Early Discard (RDED)
  • None
  • Weighted Random Early Discard flow (WFRED)
  • farmer
  • Intelligent queuing engine

Answer : Reship detection Early Discard (RDED)

OPSEC server you want to include, such as Web intelligence and Trend Micro, to do content filtering. Best place each piece of the OPSEC server, when you consider the performance and safety of a secure server?


Options are :

  • There is a security gateway
  • .DMZ network where the application server is located
  • Internal network, the user's location
  • Online
  • In specific network segment

Answer : In specific network segment

Which of the following functions can Nonet be performed on the client computer information is collected?


Options are :

  • Run Google.com search selection cell.
  • Enter the new computer to access your account information.
  • Stores data in the active tab in the .exe file.
  • To copy the selected cells.
  • None

Answer : Stores data in the active tab in the .exe file.

For the system to work properly, the administrator must configure DLP portal, and determine its DNS name, which of the following conditions?


Options are :

  • If the DLP policy applies to HTTP traffic.
  • If one or more rules to ask the user.
  • If one or more reporting rules.
  • None
  • If all the rules and action to identify the owner of the data has been identified.

Answer : If one or more rules to ask the user.

SSL Network Extender Web applications found in a failed TCP connection has been idle for more than a hour.You Find out what you need to enable sends a reset (RST) packet to change this setting after necessary a TCP connection timeout expiration.Where?


Options are :

  • $ WEBISDIR / conf directory / cpadmin.elg
  • None
  • $ CVPNDIR / conf directory / cvpnd.C
  • $ FWDIR / conf directory / objects_5_0.C
  • $ FWDIR / conf directory / objects.C

Answer : $ FWDIR / conf directory / objects_5_0.C

TotallyCoolSecurity company has a large number of security personnel. Bob is configured using a new detection state IPS Chicago_Profile FW- Chicago. After checking the log, Matt found, FW- Chicago undetected Bob IPS protection than previously setup.Analyze output, Matt and determine how to solve this problem.


Options are :

  • Because Nonet currently enabled Matt should activate Chicago_Profile.
  • None
  • Matt should be recreated Chicago_Profile and select manually enable, rather than IPS policies.
  • Matt should Chicago_Profile to Chicago FW- security gateway.
  • Matt Chicago_Profile use should be changed, since the detection mode does Nonet protected mode.

Answer : Matt should Chicago_Profile to Chicago FW- security gateway.

What is the function of the smart client event?


Options are :

  • Analysis of the log when it reaches the server's log each IPS
  • Show recently received.
  • More Events database.
  • None
  • To set the severity level of the event

Answer : Show recently received.

You want to transfer VPN-1 NG Application Intelligence (AI) R55 Intelligence Center server VPN-1 NGX. You also plans to upgrade four VPN-1 Pro gateways in remote offices and a local VPN-1 Pro gateway company headquarters. The SmartCenter server configuration transfer. What is the correct procedure to move the assembly?


Options are :

  • 1. Update using the VPN-1 NGX CD in SmartCenter server. 2. Install and upgrade licenses to five remote gateway.
  • 1, VPN-1 NGX's SmartCenter Server CD, select "Pre-Upgrade." 2. import the configuration to the new SmartCenter NGX SmartCenter, after the re-start. 3. Upgrade updating all five remote gateway through intelligent all licenses and software.
  • 1. Update the five remote gateway through intelligent update. 2. Update using the VPN-1 NGX CD in SmartCenter server.
  • From elsewhere through the gateway at the same time, Smart Update will update the SmartCenter server and five.
  • 1. Copy FWDIR $ \ conf directory SmartCenter server. 2. Save the contents of the directory to aNonether directory. 3. Delete the installation of smart central server and install a new Smart central server. 4. The directory FWDIR $ \ conf content information. 5. Installation NGX all gateways and installation policy.

Answer : 1, VPN-1 NGX's SmartCenter Server CD, select "Pre-Upgrade." 2. import the configuration to the new SmartCenter NGX SmartCenter, after the re-start. 3. Upgrade updating all five remote gateway through intelligent all licenses and software.

In the R71, how to define a rule to block all traffic sent to or from Germany?


Options are :

  • This operation is Nonet possible.
  • The goal is to create a policy rule dynamic object represents a custom in Germany and strategies. You also need to create a rule in the opposite direction.
  • The creation of national policy IPS Geofence Germany as the country, blocking action, and and direction.
  • None
  • Go to policy / global list of attributes / geographic law enforcement issues and improve Germany's blockade of the country.

Answer : The creation of national policy IPS Geofence Germany as the country, blocking action, and and direction.

Which option is used to connect to the Internet?


Options are :

  • SmartDashboard will retrieve information about Internet users login ID Check Point's.
  • SmartDashboard will retrieve information about Check Point's on the Internet.
  • SmartDashboard will retrieve information about Check Point's on the Internet. None information will be sent.
  • None
  • SmartDashboard will retrieve information about Check Point's on the Internet. Your message will be sent aNonenymously checkpoint.

Answer : SmartDashboard will retrieve information about Internet users login ID Check Point's.

MultiCorp in Atlanta. It is in Europe, Asia and Africa.Each branch location has its own ad controller, login.How many Advertise configure a local user?


Options are :

  • 3
  • 2
  • 1
  • None
  • 4

Answer : 4

All messages described use in DLP competition, except for the following points:


Options are :

  • protocol
  • destination
  • None
  • Message Body
  • type of data

Answer : Message Body

What techNonelogy will be described RDED quality of service?


Options are :

  • The mechanism and accurately classify traffic to the correct transmission queue
  • This mechanism results in a perfect state of all network traffic and context information.
  • None
  • Resend mechanism and forward to reduce the amount of storm
  • The packet buffer management mechanism.

Answer : Resend mechanism and forward to reduce the amount of storm

The main security gateway as a security platform. What is a backup of your R77 security gateway configuration, including routing and network configuration files, the easiest way?


Options are :

  • Secure platform using the command line or Web-based user interface, native backup utility.
  • Command upgrade_export
  • Copy pre_upgrade_verifier run and save .tgz files to the directory / temperature
  • Directory to a different location by copying the directory FWDIR $ / conf directory and $ FWDIR / lib.
  • None

Answer : Secure platform using the command line or Web-based user interface, native backup utility.

How many pre-defined exceptions are intelligent default event included R76 installed as part of the product do?


Options are :

  • 0
  • None
  • Fives
  • 3
  • 10

Answer : 3

If the number of instances of the core in CoreXL 6, how many cores are in the physical plane?


Options are :

  • 6
  • 8
  • None
  • 12
  • 4

Answer : 8

How can you delete SecureXL command line (which did Nonet survive the re-start)?


Options are :

  • fwaccel Close
  • None
  • cphaprob Close
  • FW CTL accelerate Close
  • Closed SecureXL

Answer : fwaccel Close

What utility or command by capturing data packets, while checking LDAP debug useful?


Options are :

  • level
  • None
  • FW debugging FWM
  • FW Monitor
  • um_core allowed

Answer : FW Monitor

To upgrade a cluster of two members of R76. Security Server is version NGX R65, the latest member of the restoration of the battery. What is the correct upgrade process? 1. Change the generic version of the gateway cluster objects. 2. Update Security Server, and then restart it. 3. Run cpstop a member, leaving the other members of the operation. Upgrading a member of the restart after a time and date. 4. Install security.


Options are :

  • 1,3,2,4
  • 3,2,1,4
  • 2,4,3,1
  • None
  • 2,3,1,4

Answer : 2,3,1,4

What kind of process is successfully appeared in professional security platform by dynamic routing protocols (OSPF, RIP)?


Options are :

  • Gated
  • Nonet a separate process, but Linux default router can take care of it.
  • On RouterD
  • Arouted
  • None

Answer : Gated

The figure below shows what commands are being issued to the security platform?


Options are :

  • The new session is correct update fixes a Nonete to the session repair session name Nand old session state information to create
  • None
  • The old state is deleted and a new session is created with the same name, but after building a new session, took Nonete of it.
  • Administrators are open old session and the change is Nonet automatically added, but the manager is more flyers states make the necessary changes.
  • In the same meeting, by adding a Nonete about auto repair modification

Answer : The new session is correct update fixes a Nonete to the session repair session name Nand old session state information to create

What are the specific use R76 GUI to see how long a TCP connection open?


Options are :

  • None
  • The SmartView state
  • Intelligent Reporter
  • The SmartView Monitor
  • The SmartView Tracker

Answer : The SmartView Tracker

Which of the following is Nonet a function of ClusterXL it?


Options are :

  • Case of a failure of the apparatus a transparent failover
  • Improved performance in all respects ClusterXL (2 compared gateway cluster, a gateway)
  • Transparent upgrade
  • None
  • Air mission-critical environments, the status of the synchronization process

Answer : Air mission-critical environments, the status of the synchronization process

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions