156-315.77 Check Point Certified Security Expert Exam Set 1

What are you required to do before running upgrade_export?


Options are :

  • Run cpconfig and set yourself up as a GUI client
  • Run a cpstop on the Security Gateway
  • Run a cpstop on the Security Management Server.
  • Close all GUI clients. (Correct)

Answer : Close all GUI clients.

Typically, when you upgrade the Security Management Server, you install and configure a fresh R76 installation on a new computer and then migrate the database from the original machine.Which of the following statements are TRUE?


Options are :

  • The Security Management Server on the new machine must be the same or greater than the version on the original machine. (Correct)
  • Both machines must have the same number of interfaces installed and configured before migration can be attempted.
  • All product databases are included in the migration.
  • The new machine may not have more Check Point products installed than the original Security Management Server.

Answer : The Security Management Server on the new machine must be the same or greater than the version on the original machine.

Which of the following commands shows full synchronization status?


Options are :

  • cphaprob -a if
  • fw ctl iflist
  • cphaprob -i list (Correct)
  • fw hastat

Answer : cphaprob -i list

Which of the following commands can provide the most complete restore of an R76 configuration?


Options are :

  • cpinfo -recover
  • fwm dbimport -p
  • cpconfig
  • upgrade_import (Correct)

Answer : upgrade_import

Where do you verify that Smart Directory is enabled?


Options are :

  • Global properties > Smart Directory (LDAP) > Use Smart Directory(LDAP) for Security Gateways is checked (Correct)
  • Gateway properties> Smart Directory (LDAP) > Use Smart Directory(LDAP) for Security Gateways is checked
  • Global properties > Authentication> Use Smart Directory(LDAP) for Security Gateways is checked
  • Gateway properties > Authentication> Use Smart Directory(LDAP) for Security Gateways is checked

Answer : Global properties > Smart Directory (LDAP) > Use Smart Directory(LDAP) for Security Gateways is checked

Check Point Clustering protocol, works on:


Options are :

  • TCP 19864
  • TCP 8116
  • UDP 500
  • UDP 8116 (Correct)

Answer : UDP 8116

In CoreXL, what process is responsible for processing incoming traffic from the network interfaces, securely accelerating authorized packets, and distributing non-accelerated packets among kernel instances?


Options are :

  • NAD (Network Accelerator Daemon)
  • SNP (System Networking Process)
  • SSD (Secure System Distributor)
  • SND (Secure Network Distributor) (Correct)

Answer : SND (Secure Network Distributor)

To configure the Cluster Control Protocol (CCP) to use Broadcast, the following command is run:


Options are :

  • ccp broadcast
  • clusterconfig set_ccp broadcast
  • cphaconf set_ccp broadcast (Correct)
  • set_ccp cpcluster broadcast

Answer : cphaconf set_ccp broadcast

You are concerned that the processor for your firewall running NGX R71 Secure Platform may be overloaded. What file would you view to determine the speed of your processor(s)?


Options are :

  • cat /etc/cpuinfo
  • cat /var/opt/CPsuite-R71/fw1/conf/cpuinfo
  • cat /proc/cpuinfo (Correct)
  • cat /etc/sysconfig/cpuinfo

Answer : cat /proc/cpuinfo

What is the default port number for Secure Sockets Layer connections with the LDAP Server?


Options are :

  • 398
  • 389
  • 363
  • 636 (Correct)

Answer : 636

How can you view the virtual cluster interfaces of a Cluster XL environment?


Options are :

  • cphaprob -ia if
  • cphaprob -ia list
  • cphaprob -a if (Correct)
  • cphaprob -a list

Answer : cphaprob -a if

When configuring an LDAP Group object, which option should you select if you do NOT want the gateway to reference the groups defined on the LDAP server for authentication purposes?


Options are :

  • OU Accept and select appropriate domain
  • Only Group in Branch
  • Group Agnostic
  • Only Sub Tree (Correct)

Answer : Only Sub Tree

When defining an Organizational Unit, which of the following are NOT valid object categories?


Options are :

  • Services
  • Resources
  • Domains (Correct)
  • Users

Answer : Domains

Your customer complains of the weak performance of his systems. He has heard that Connection Templates accelerate traffic. How do you explain to the customer about template restrictions and how to verify that they are enabled?


Options are :

  • To enhance connection-establishment acceleration, a mechanism attempts to “group together” all connections that match a particular service and whose sole discriminating element is the destination port. To test if connection templates are enabled, use the command fwacel templates.
  • To enhance connection-establishment acceleration, a mechanism attempts to “group together” all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fw ctl templates.
  • To enhance connection-establishment acceleration, a mechanism attempts to “group together” all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fwaccel stat. (Correct)
  • To enhance connection-establishment acceleration, a mechanism attempts to “group together” all connections that match a particular service and whose sole discriminating element is the destination port. To test if connection templates are enabled, use the command fw ctl templates.

Answer : To enhance connection-establishment acceleration, a mechanism attempts to “group together” all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fwaccel stat.

Your primary Security Management Server runs on GAiA. What is the easiest way to back up your Security Gateway R76 configuration, including routing and network configuration files?


Options are :

  • Using the command upgrade_export
  • Run the command pre_upgrade verifier and save the file *.tgz to the directory c:/temp
  • Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • .Using the native GAiA backup utility from command line or in the Web-based user interface. (Correct)

Answer : .Using the native GAiA backup utility from command line or in the Web-based user interface.

Your network includes ClusterXL running Multicast mode on two members, as shown in this topology: Your network is expanding, and you need to add new interfaces: 10.10.10.1/24 on Member A, and 10.10.10.2/24 on Member B.The virtual IP address for interface 10.10.10.0/24 is 10.10.10.3.What is the correct procedure to add these interfaces?


Options are :

  • 1. Run cpstop on one member, and configure the new interface via sysconfig. 2. Run cpstart on the member. Repeat the same steps on another member. 3. Update the new topology in the cluster object for the cluster and members. 4. Install the Security Policy. (Correct)
  • 1. Use the ifconfig command to configure and enable the new interface. 2. Run cpstop and cpstart on both members at the same time. 3. Update the topology in the cluster object for the cluster and both members. 4. Install the Security Policy.
  • 1. Use sysconfig to configure the new interfaces on both members. 2. Update the topology in the cluster object for the cluster and both members. 3. Install the Security Policy.
  • 1. Disable "Cluster membership" from one Gateway via cpconfig. 2. Configure the new interface via sysconfig from the "non-member" Gateway. 3. RE. enable "Cluster membership" on the Gateway. 4. Perform the same step on the other Gateway. 5. Update the topology in the cluster object for the cluster and members. 6. Install the Security Policy.

Answer : 1. Run cpstop on one member, and configure the new interface via sysconfig. 2. Run cpstart on the member. Repeat the same steps on another member. 3. Update the new topology in the cluster object for the cluster and members. 4. Install the Security Policy.

Which of the following commands can be used to troubleshoot ClusterXL sync issues?


Options are :

  • fw tab -s -t connections > file_name (Correct)
  • fw tab -u connections > file_name
  • fw debug cxl connections > file_name
  • fw ctl -s -t connections > file_name

Answer : fw tab -s -t connections > file_name

In ClusterXL, _______ is defined by default as a critical device.


Options are :

  • PROT_SRV.EXE
  • fw.d
  • protect.exe
  • Filter (Correct)

Answer : Filter

When restoring R76 using the command upgrade_import, which of the following items are NOT restored?


Options are :

  • Route tables (Correct)
  • Licenses
  • .Global properties
  • SIC Certificates

Answer : Route tables

How can you view the critical devices on a cluster member in a Cluster XL environment?


Options are :

  • cphaprob -a list
  • cphaprob -ia if
  • cphaprob -ia list (Correct)
  • cphaprob -a if

Answer : cphaprob -ia list

A snapshot delivers a complete backup of Secure Platform.The resulting file can be stored on servers or as a local file in /var/CPsnapshot/snapshots.How do you restore a local snapshot named MySnapshot.tgz?


Options are :

  • As Expert user, type command revert --file MySnapshot.tgz. (Correct)
  • As Expert user, type command snapshot -r MySnapshot.tgz.
  • As Expert user, type command snapshot - R to restore from a local file. Then, provide the correct file name.
  • Reboot the system and call the start menu. Select option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.

Answer : As Expert user, type command revert --file MySnapshot.tgz.

Jack is using SmartEvent and does not see the identities of the users on the events. As an administrator with full access, what does he need to do to fix his issue?


Options are :

  • Open SmartEvent and toggle the Show or Hide identities icon.
  • Open SmartDashboard and toggle the Show or Hide identities icon, then re-open SmartEvent
  • Open SmartEvent, Click on Query Properties and select the User column
  • Open SmartEvent, go to the Policy Tab, select General Settings from the left column > User identities and check the box Show identities. (Correct)

Answer : Open SmartEvent, go to the Policy Tab, select General Settings from the left column > User identities and check the box Show identities.

Which of the following is NOT a restriction for connection template generation?


Options are :

  • VPN Connections
  • UDP services with no protocol type or source port mentioned in advanced properties (Correct)
  • ISN Spoofing
  • SYN Defender

Answer : UDP services with no protocol type or source port mentioned in advanced properties

Which of the following commands will stop acceleration on a Security Gateway running on Secure Platform?


Options are :

  • splat_accel off
  • fw accel off
  • fwaccel off (Correct)
  • perf_pack off

Answer : fwaccel off

Which command provides cluster upgrade status?


Options are :

  • cphaprob ldstat
  • cphaprob fcustat (Correct)
  • cphaprob status
  • cphaprob tablestat

Answer : cphaprob fcustat

__________ is a proprietary Check Point protocol. It is the basis for Check Point ClusterXL inter-module communication.


Options are :

  • CKPP
  • CCP (Correct)
  • RDP
  • HA OPCODE

Answer : CCP

In a “zero downtime” firewall cluster environment, what command do you run to avoid switching problems around the cluster.


Options are :

  • cphaconf set mc_relod
  • cphaconf set clear_subs
  • cphaconf set_ccp broadcast (Correct)
  • cphaconf set_ccp multicast

Answer : cphaconf set_ccp broadcast

What command will allow you to disable sync on a cluster firewall member?


Options are :

  • fw ctl setsync off (Correct)
  • fw ctl setsync 0
  • fw ctl syncstat stop
  • fw ctl syncstat off

Answer : fw ctl setsync off

In a “zero downtime” scenario, which command do you run manually after all cluster members are upgraded?


Options are :

  • cphaconf set_ccp broadcast
  • cphaconf set_ccp multicast (Correct)
  • cphaconf set mc_relod
  • cphaconf set clear_subs

Answer : cphaconf set_ccp multicast

The process that performs the authentication for Smart Dashboard is:


Options are :

  • cpd
  • fwm (Correct)
  • vpnd
  • cvpnd

Answer : fwm

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions