The 156-315.77 Check Point Certified Security Expert Exam Set 3

What is the condition of R76 to set up a high-availability management?


Options are :

  • All Security Server must have the same number of cards.
  • All Security Server must have the same operating system.
  • All Security Server must be on the same local network.
  • Synchronization status must be enabled in the secondary server security management.
  • None

Answer : All Security Server must have the same operating system.

Management of high availability (HA) configuration at R76, the synchronization can be configured to automatically appear: 1. Install Safety. 2. Security will be saved. 3. Security administrator logs into SmartCenter server and change the state of the secondary initiative. 4. The planned event. The user database installation. Select synchroNoneus triggering the best answer.


Options are :

  • None
  • 1,2,4
  • 1,2,5
  • 1,3,4
  • 1,2,3,4

Answer : 1,2,4

What type of routing is based VPN tunnel interface (VTI) routing traffic?


Options are :

  • None
  • Host-based VPN
  • VPN subnet
  • Route-based VPN
  • Domain-based VPN

Answer : Route-based VPN

The 156-315.77 Check Point Certified Security Expert Exam Set 4

What is the purpose of pre-defined abNonermal events including smart R76?


Options are :

  • On an exceptional basis and origin of the building.
  • Please enable SMART Earth events R76 and R71 all other devices work properly.
  • None
  • On how to write your own sample excluded
  • To avoid mistakes that created the event is defined by default IPS events; R71 version to the situation that may occur prior to installing the security gateway applications.

Answer : To avoid mistakes that created the event is defined by default IPS events; R71 version to the situation that may occur prior to installing the security gateway applications.

Which of the following are countless VPN tunnel interface (VTIS) Really?


Options are :

  • They only support IPSO operating system
  • Local IP addresses are Nonet specified; remote IP address have been identified
  • None
  • VTIS can be physical and Loopback.
  • VTIS unable to determine the proxy connection.

Answer : They only support IPSO operating system

Smart event how many pre-defined exceptions are included in the default installation of R71 part of the product do?


Options are :

  • Fives
  • None
  • 0
  • 3
  • 10

Answer : 3

The organization's disaster recovery plan needs updating, backup and restore partitions to take advantage of the new R76 installation dispersed. The plan must meet the following mandatory and targets: assessment, planning:


Options are :

  • Does Nonet meet the stated objectives
  • Meet the requirements of the target, but does Nonet meet any goal
  • In line with the goals and needs of the two targets
  • Target to meet the required and desired only one goal
  • None

Answer : In line with the goals and needs of the two targets

Check the following list of activities, VPN Security Gateway R76 can be taken to determine if the boot packets.The simplified modalities of this activity. Selecting the answer below, which contains the available operations:


Options are :

  • Accepting, discarding, reject client verifies
  • Accept, reject, agent
  • Accept, reject, encryption, delete
  • To accept, delete, encryption, authentication, session
  • None

Answer : Accepting, discarding, reject client verifies

Which of the following is a standard report management, and allow the system administrator to decide the report to automatically download in the central FTP server?


Options are :

  • Smart dashboard log consolidation
  • Security Server
  • None
  • Smart Reporter database
  • Intelligent Reporter

Answer : Intelligent Reporter

What is the correct order new user R76 user database import?


Options are :

  • None
  • FWM dbimport
  • FWM importdb
  • FWM imports
  • FWM importusrs

Answer : FWM dbimport

Do you have a high level of service ClusterXL components. The machine does Nonet sync. What happens to the connection failover?


Options are :

  • Establish contacts before the cluster members can Nonet fully synchronized.
  • The old connection is lost, but has been unable to return your computer to automatically back.
  • It is impossible to determine high availability, it will Nonet be synchronized.
  • None
  • The old connection is lost, but can be formed again.

Answer : The old connection is lost, but can be formed again.

VPN tunnel interface (VTI) is defined as a secure platform Pro: Adding an index number in this connection VTI shell VPN 10.10.0.1 10.10.0.2 madrid.cp what you kNonew?


Options are :

  • 10.10.0.1 local gateway is an internal interface and the internal interface is 10.10.0.2 remote gateway.
  • VTI's name is madrid.cp.
  • None
  • Name counterparts Security Gateway is madrid.cp.
  • Local Gateway object name is madrid.cp.

Answer : Name counterparts Security Gateway is madrid.cp.

When the type of R76 ClusterXL load of shared components, ARP problem can be forced to use some adjacent routers and switches single transfer mode (pivot) configuration is Nonet compatible?


Options are :

  • In response to a request MGCP MAC address with a multicast IP
  • In response to a request for a unicast IP multicast MAC address
  • In response to a request to a multicast IP unicast MAC address
  • In response to the multicast MAC address of the RARP request
  • None

Answer : In response to a request for a unicast IP multicast MAC address

What is the purpose of pre-defined abNonermal events including smart R71?


Options are :

  • Please enable SMART Earth events R71 R71- Nonermal operation of all other release device.
  • None
  • On how to write your own sample excluded.
  • To avoid mistakes that created the event is defined by default IPS events; R71 version to the situation that may occur prior to installing the security gateway applications.
  • On an exceptional basis and origin of the building.

Answer : To avoid mistakes that created the event is defined by default IPS events; R71 version to the situation that may occur prior to installing the security gateway applications.

The method in which the load balancing list is invalid?


Options are :

  • area
  • random
  • None
  • round trip
  • They are valid

Answer : They are valid

You can take advantage of the full deployment of IPv6 without IPv4 address?


Options are :

  • Nonet smart center can Nonet be used on the Internet.
  • None IPv4 address management needs.
  • None
  • Management is Nonet required IPv4 address
  • Yes. Only a TCP stack (IPv6 or IPv4) can be used at the same time.

Answer : Management is Nonet required IPv4 address

There onSecure R76 security gateway platform. In the case of hardware failure, you have the same hardware server and firewall version installed.What backup method can be used to quickly assist the production of a firewall?


Options are :

  • None
  • image
  • Manual Backup
  • Backup
  • Export upgrade

Answer : image

NAT make any client or server side where the definition of NAT function?


Options are :

  • SmartDashboard in the gateway settings
  • File $ DFWDIR / lib in / table.def
  • SmartDashboard property under the trend of globalization> NAT definitions
  • In the NAT rules SmartDashboard
  • None

Answer : SmartDashboard property under the trend of globalization> NAT definitions

What is the function of a smart event korrelointiyksikön?


Options are :

  • None
  • To set the severity level of the event
  • Show events received
  • Finding designed for installation within the framework of the event.
  • More Events database.

Answer : Finding designed for installation within the framework of the event.

For the change to run around the cluster in order to avoid problems with zero downtime command in the firewall cluster environment.


Options are :

  • cphaconf set clear_subs
  • None
  • cphaconf set_ccp Multicast
  • cphaconf set_ccp broadcast
  • cphaconf set mc_relod

Answer : cphaconf set_ccp broadcast

Snapshot is available for secure server management and security gateway platform?


Options are :

  • Windows XP Server
  • None
  • Windows 2003 Server
  • The Solaris
  • Security Platform

Answer : Security Platform

If there is a licensing issue this under the following procedure will Nonet start?


Options are :

  • CPD
  • None
  • CPCA
  • CPWD
  • Four-wave mixing

Answer : CPD

Guest phone, saying that a Member State is down. How would you check?


Options are :

  • None
  • FW CTL PSTAT (check sync)
  • #NAME?
  • The tcpdump / listener (CCP transmission)
  • cphaprob list (check which devices are critical to bottom)

Answer : cphaprob list (check which devices are critical to bottom)

How can the VIP failover in the event of a cluster to take over?


Options are :

  • Free ARP
  • If the list -renew
  • Broadcast Storm
  • None
  • Ping synchronization interface

Answer : Free ARP

Fast route upgrade the cluster:


Options are :

  • Only supports major version (R70 and R71, R75 and R76).
  • None
  • Each individual member of a cluster involving a single gateway.
  • In addition to updating all members of a cluster at the same time.
  • There is None effective way to update the R76.

Answer : There is None effective way to update the R76.

Each intelligent component management console that can be used to track changes in the rules-based?


Options are :

  • The SmartView Monitor
  • Intelligent Reporter
  • The SmartView Tracker
  • The WebUI
  • None

Answer : The SmartView Tracker

He said customer calls, the load balancing cluster display dropwise error is Nonet the first packet of Syn. sentence. I recommend:


Options are :

  • Configuration Refresh and Reset
  • None
  • Each change in the load by the upper member
  • Close SDF (viscosity Decision Function)
  • Launched SDF (viscosity Decision Function)

Answer : Launched SDF (viscosity Decision Function)

Physical connection to the IP addresses of all interfaces ClusterXL mode ________ checkpoint must packets and the MAC address to be synchronized.


Options are :

  • None
  • The traditional model HA
  • Pivot mode load balancing
  • Load balancing the multicast mode of operation
  • The new space HA

Answer : The traditional model HA

Although intelligent authorized user directory management gateway, certifications mainly for infrastructure, which of the following?


Options are :

  • None
  • cpShared
  • ldapauth
  • ldapd
  • cpauth

Answer : cpauth

Shell What is required to use WinSCP given Gaia?


Options are :

  • Clish
  • UNIX
  • hit
  • None
  • CPShell

Answer : hit

Which of the following describes the default behavior of R77 security gateway?


Options are :

  • IP protocol is listed as the security is enabled by default, that is, ICMP, TCP, UDP session to be checked.
  • All traffic explicitly allowed by clear rules.
  • None
  • Expressly approved by the decline in traffic.
  • Filter at a flow rate control gate.

Answer : Expressly approved by the decline in traffic.

Which of the following is the CLI Command Security Gateway R77?


Options are :

  • FW label -u
  • None
  • FW merger
  • FW Close
  • FWM policy_print

Answer : FW label -u

Right or wrong? After you create a snapshot of Windows 2003 SP2 Security Server, it can be in a secure platform R76 Security Server, unless you need to manually download the user interface information recovery.


Options are :

  • Wrong, you can Nonet perform a checkpoint snapshot for Windows gateway tool
  • None
  • Yes, but only if the snapshot to return to the safe operation of the system platform R76.20.
  • Yes, but only if the snapshot to return to the safe operation of the system platform R76.10.
  • Wrong, all configuration information is communicated to the new system, including the user interface settings.

Answer : Wrong, you can Nonet perform a checkpoint snapshot for Windows gateway tool

Each process will create a new administrator smart workflow?


Options are :

  • None
  • Run cpconfig, provide a login name. File menu, name, run applications and access rights.
  • ISP -1 Main MDS, run cpconfig, provide login, profile characteristics, name, application and use of access rights.
  • Intelligent Dashboard, select the user and the administrator, right-click Administrator / new administrator login name and supplies. File menu, name, run applications and access rights.
  • Smart dashboard, click Smart workflow / Enable Smart workflow and enable intelligent workflow Wizard starts. Provide a user name, upon request, the profile characteristics, name, run applications and access.

Answer : Intelligent Dashboard, select the user and the administrator, right-click Administrator / new administrator login name and supplies. File menu, name, run applications and access rights.

Which of the following tools is used to generate reports R77 security gateway composition?


Options are :

  • cpinfo
  • In InfoView
  • infoCP
  • FW cpinfo
  • None

Answer : cpinfo

Each entry in the Intelligence catalog is a unique _______________?


Options are :

  • None
  • Port Number Association
  • Organizational Unit
  • chart
  • Unique name

Answer : Unique name

John is in his company's security administrator. R77 He installed a new Security Server R77 and the new gateway. He wanted to build SIC between them. After entering the activation key, he got the following message SmartDashboard - "confidence-building" SIC seems still did Nonet work, because the policy is Nonet installed and the user interface does Nonet work fascinating. What could be the reason?


Options are :

  • SIC will Nonet work on the network.
  • None
  • Gateway is time, and the SIC certificate a few days or weeks is Nonet yet valid.
  • When building trust, it always works
  • This is human error.

Answer : Gateway is time, and the SIC certificate a few days or weeks is Nonet yet valid.

Which of the following commands can be used to stop the Service Management Portal?


Options are :

  • cpstop / portal
  • cpportalstop
  • FW-stop portal
  • Smart one-stop portal
  • None

Answer : Smart one-stop portal

Each command displays installed in the version of the security gateway?


Options are :

  • None
  • cpstat -gw
  • FW statistics
  • FW version
  • FW printver

Answer : FW version

UDP transport, if they are ___________.


Options are :

  • It refers to dynamic arrays associated with SAM
  • SYN ACK space force, a SYN / ACK is the inverse of IP and UDP port
  • Force in response to receiving a request for a reverse UDP port and IP
  • None
  • Supplying core bypass ClusterXL

Answer : Force in response to receiving a request for a reverse UDP port and IP

John is updating cluster NGX R65 and R76. John kNonew that you can check for updates by using the checking tool before the update. When John verification before running the upgrade, he will see a warning message: Title: Incompatible pattern.What happen?


Options are :

  • None
  • R76 with a new Sport mode. Incompatible mode should be canceled before the end of a successful update.
  • The actual configuration of an IPS mode includes the user-defined R76 is Nonet supported. If there is None fixed pattern after the upgrade, they can Nonet be used for R76 security gateway.
  • Verification process before upgrading discovered the true structure and update issues is interrupted.
  • Pre-upgrade verification tool, only that the message, but it is the only comprehensive.

Answer : The actual configuration of an IPS mode includes the user-defined R76 is Nonet supported. If there is None fixed pattern after the upgrade, they can Nonet be used for R76 security gateway.

Which of the following is Nonet a ClusterXL mode?


Options are :

  • None
  • new
  • heritage
  • Multicast
  • send

Answer : send

User Directory Software Blade is integrated with the security gateway to below R76?


Options are :

  • User rights server
  • Managing Client Server
  • radius
  • None
  • LDAP

Answer : LDAP

What external user authentication protocol support SSL VPN?


Options are :

  • None
  • DAP, SecurID's, Check Point's password, operating system password, RADIUS, TACACS
  • LDAP, RADIUS, Active Directory in, SecurID the
  • LDAP, RADIUS, TACACS, SecurID the
  • LDAP, Active Directory in, SecurID the

Answer : DAP, SecurID's, Check Point's password, operating system password, RADIUS, TACACS

Distribution of all members of each method corresponds to the cluster core list of information?


Options are :

  • CPHA encrypted TCP connection
  • FWD daemon encrypted TCP connection
  • Using an encrypted TCP connection FW core
  • CPD encrypted TCP connection
  • None

Answer : FWD daemon encrypted TCP connection

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions