New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Checkpoint 156-915.77 Check Point Certified Security Expert Update Exam Practice Test

Demo: 30 questions
Total 203 questions

Check Point Certified Security Expert Update Questions and Answers

Question 1

What command syntax would you use to turn on PDP logging in a distributed environment?

Options:

A.

pdp track=1

B.

pdp tracker on

C.

pdp logging on

D.

pdp log=1

Question 2

How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface?

Options:

A.

Change the gateway settings to allow Captive Portal access via an external interface.

B.

No action is necessary. This access is available by default.

C.

Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces.

D.

Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface.

Question 3

You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the most likely reason?

Options:

A.

fw monitor was restricted to the wrong interface.

B.

Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.

C.

By default only SYN pakets are captured.

D.

Acceleration was turned on and therefore fw monitor sees only SYN.

Question 4

Which of the following CLISH commands would you use to set the admin user's shell to bash?

Options:

A.

set user admin shell bash

B.

set user admin shell /bin/bash

C.

set user admin shell = /bin/bash

D.

set user admin /bin/bash

Question 5

Which of the following commands can provide the most complete restoration of a R77 configuration?

Options:

A.

upgrade_import

B.

cpinfo -recover

C.

cpconfig

D.

fwm dbimport -p

Question 6

Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?

Options:

A.

Using SmartDashboard, under Users, select Add New Administrator

B.

Using SmartDashboard or cpconfig

C.

Using the Web console on GAiA under Product configuration, select Administrators

D.

Using cpconfig on the Security Management Server, choose Administrators

Question 7

All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?

Options:

A.

FTP

B.

SMTP

C.

HTTP

D.

RLOGIN

Question 8

The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

Options:

A.

You can only use the rule for Telnet, FTP, SMTP, and rlogin services.

B.

The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.

C.

Once a user is first authenticated, the user will not be prompted for authentication again until logging out.

D.

You can limit the authentication attempts in the User Properties’ Authentication tab.

Question 9

Where is it necessary to configure historical records in SmartView Monitor to generate Express reports in SmartReporter?

Options:

A.

In SmartDashboard, the SmartView Monitor page in the R77 Security Gateway object

B.

In SmartReporter, under Express > Network Activity

C.

In SmartReporter, under Standard > Custom

D.

In SmartView Monitor, under Global Properties > Log and Masters

Question 10

If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?

Options:

A.

Log Sequence Policy

B.

Report Policy

C.

Log Consolidator Policy

D.

Consolidation Policy

Question 11

Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to users from Mkting_net to Finance_net. But in the user’s properties, connections are only permitted within Mkting_net. What is the BEST way to resolve this conflict?

Options:

A.

Select Ignore Database in the Action Properties window.

B.

Permit access to Finance_net.

C.

Select Intersect with user database in the Action Properties window.

D.

Select Intersect with user database or Ignore Database in the Action Properties window.

Question 12

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

Options:

A.

You checked the cache password on desktop option in Global Properties.

B.

Another rule that accepts HTTP without authentication exists in the Rule Base.

C.

You have forgotten to place the User Authentication Rule before the Stealth Rule.

D.

Users must use the SecuRemote Client, to use the User Authentication Rule.

Question 13

Which of the following is a CLI command for Security Gateway R77?

Options:

A.

fw tab -u

B.

fw shutdown

C.

fw merge

D.

fwm policy_print

Question 14

Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?

Options:

A.

fw cpinfo

B.

cpinfo -o date.cpinfo.txt

C.

diag

D.

cpstat - date.cpstat.txt

Question 15

Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?

Options:

A.

cpstat fwd

B.

fw ver

C.

fw stat

D.

fw ctl pstat

Question 16

Before upgrading SecurePlatform to GAiA, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.

An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?

Options:

A.

The restore is not possible because the backup file does not have the same build number (version).

B.

The restore is done by selecting Snapshot Management from the boot menu of GAiA.

C.

The restore can be done easily by the command restore and copying netconf.C from the production environment.

D.

A backup cannot be restored, because the binary files are missing.

Question 17

Match the ClusterXL modes with their configurations.

Exhibit:

Options:

A.

A-2, B-3, C-4, D-1

B.

A-2, B-3, C-1, D-5

C.

A-3, B-5, C-1, D-4

D.

A-5, B-2, C-4, D-1

Question 18

Fill in the blank.

In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2 Internal host 10.4.8.108 pings 10.4.8.3, and receives replies. Review the ARP table from the internal Windows host 10.4.8.108. According to the output, which member is the standby machine?

Options:

Question 19

Complete this statement from the options provided. Using Captive Portal, unidentified users may be either; blocked, allowed to enter required credentials, or required to download the _____________.

Options:

A.

Identity Awareness Agent

B.

Full Endpoint Client

C.

ICA Certificate

D.

SecureClient

Question 20

The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

Options:

A.

When accuracy in detecting identity is crucial

B.

Leveraging identity for Data Center protection

C.

Protecting highly sensitive servers

D.

Identity based enforcement for non-AD users (non-Windows and guest users)

Question 21

Which process should you debug if SmartDashboard login fails?

Options:

A.

sdm

B.

cpd

C.

fwd

D.

fwm

Question 22

The connection to the ClusterXL member ‘A’ breaks. The ClusterXL member ‘A’ status is now ‘down’. Afterwards the switch admin set a port to ClusterXL member ‘B’ to ‘down’. What will happen?

Options:

A.

ClusterXL member ‘B’ also left the cluster.

B.

ClusterXL member ‘B’ stays active as last member.

C.

Both ClusterXL members share load equally.

D.

ClusterXL member ‘A’ is asked to come back to cluster.

Question 23

Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user’s credentials?

Options:

A.

Access Policy

B.

Access Role

C.

Access Rule

D.

Access Certificate

Question 24

What happens if the identity of a user is known?

Options:

A.

If the user credentials do not match an Access Role, the system displays the Captive Portal.

B.

If the user credentials do not match an Access Role, the system displays a sandbox.

C.

If the user credentials do not match an Access Role, the traffic is automatically dropped.

D.

If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.

Question 25

How granular may an administrator filter an Access Role with identity awareness? Per:

Options:

A.

Specific ICA Certificate

B.

AD User

C.

Radius Group

D.

Windows Domain

Question 26

Which of the following is NOT defined by an Access Role object?

Options:

A.

Source Network

B.

Source Machine

C.

Source User

D.

Source Server

Question 27

Fill in the blank. The command that typically generates the firewall application, operating system, and hardware specific drivers is _________ .

Options:

Question 28

Fill in the blank. The user wants to replace a failed Windows-based firewall with a new server running GAiA. For the most complete restore of an GAiA configuration, he or she will use the command

Options:

Question 29

Which Check Point tool allows you to open a debug file and see the VPN packet exchange details.

Options:

A.

PacketDebug.exe

B.

VPNDebugger.exe

C.

IkeView.exe

D.

IPSECDebug.exe

Question 30

You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule?

Options:

A.

internal_clear > All_communities

B.

Internal_clear > External_Clear

C.

Communities > Communities

D.

internal_clear > All_GwToGw

Demo: 30 questions
Total 203 questions