Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Checkpoint 156-915.77 Dumps Questions Answers

Page: 1 / 8
Total 203 questions

Check Point Certified Security Expert Update Questions and Answers

Question 1

Captive Portal is a __________ that allows the gateway to request login information from the user.

Options:

A.

Pre-configured and customizable web-based tool

B.

Transparent network inspection tool

C.

LDAP server add-on

D.

Separately licensed feature

Buy Now
Question 2

The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

Options:

A.

When accuracy in detecting identity is crucial

B.

Leveraging identity for Data Center protection

C.

Protecting highly sensitive servers

D.

Identity based enforcement for non-AD users (non-Windows and guest users)

Question 3

What is the purpose of the pre-defined exclusions included with SmartEvent R77?

Options:

A.

To allow SmartEvent R77 to function properly with all other R71 devices.

B.

To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.

C.

As a base for starting and building exclusions.

D.

To give samples of how to write your own exclusion.

Question 4

You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?

Options:

A.

Define the two port-scan detections as an exception.

B.

You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.

C.

Select the two port-scan detections as a sub-event.

D.

Select the two port-scan detections as a new event.

Question 5

Access Role objects define users, machines, and network locations as:

Options:

A.

Credentialed objects

B.

Linked objects

C.

One object

D.

Separate objects

Question 6

Where do you verify that UserDirectory is enabled?

Options:

A.

Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

B.

Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

C.

Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

D.

Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

Question 7

What is the syntax for uninstalling a package using newpkg?

Options:

A.

-u

B.

-i

C.

-S

D.

newpkg CANNOT be used to uninstall a package

Question 8

Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.

Options:

A.

Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows

B.

Check Point GAiA and SecurePlatform, and Microsoft Windows

C.

Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO

D.

Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows

Question 9

Type the command and syntax to view critical devices on a cluster member in a ClusterXL environment.

Options:

Question 10

To bind a NIC to a single processor when using CoreXL on GAiA, you would use the command

Options:

Question 11

Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods.

Options:

A.

Proxied, User, Dynamic, Session

B.

Connection, User, Client

C.

User, Client, Session

D.

User, Proxied, Session

Question 12

Your company’s Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow the Telnet service to itself from any location. How would you configure authentication on the Gateway? With a:

Options:

A.

Client Authentication rule using the manual sign-on method, using HTTP on port 900

B.

Client Authentication rule, using partially automatic sign on

C.

Client Authentication for fully automatic sign on

D.

Session Authentication rule

Question 13

What is Check Point's CoreXL?

Options:

A.

A way to synchronize connections across cluster members

B.

TCP-18190

C.

Multiple core interfaces on the device to accelerate traffic

D.

Multi Core support for Firewall Inspection

Question 14

When a packet is flowing through the security gateway, which one of the following is a valid inspection path?

Options:

A.

Acceleration Path

B.

Small Path

C.

Firewall Path

D.

Medium Path

Question 15

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.

He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19).

He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy.

2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy.

John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server. What is the next BEST troubleshooting step?

Options:

A.

Investigate this as a network connectivity issue

B.

Install the Identity Awareness Agent

C.

Set static IP to DHCP

D.

After enabling Identity Awareness, reboot the gateway

Question 16

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.

To make this scenario work, the IT administrator must:

1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.

2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.

3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.

Ms. McHanry tries to access the resource but is unable. What should she do?

Options:

A.

Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”

B.

Have the security administrator reboot the firewall

C.

Have the security administrator select Any for the Machines tab in the appropriate Access Role

D.

Install the Identity Awareness agent on her iPad

Question 17

Complete this statement. To save interface information before upgrading a Windows Gateway, use command

Options:

Question 18

MegaCorps' disaster recovery plan is past due for an update to the backup and restore section to enjoy the benefits of the new distributed R77 installation. You must propose a plan that meets the following required and desired objectives:

Required: Security Policy repository must be backed up no less frequently than every 24 hours.

Desired: Back up R77 components enforcing the Security Policies at least once a week.

Desired: Back up R77 logs at least once a week.

You develop a disaster recovery plan proposing the following:

* Use the utility cron to run the command upgrade_export each night on the Security Management Servers.

* Configure the organization's routine backup software to back up files created by the command upgrade_export.

* Configure GAiA back up utility to back up Security Gateways every Saturday night.

* Use the utility cron to run the command upgrade_export each Saturday night on the log servers.

* Configure an automatic, nightly logswitch.

* Configure the organization's routine back up software to back up the switched logs every night.

The corporate IT change review committee decides your plan:

Options:

A.

meets the required objective and only one desired objective.

B.

meets the required objective and both desired objectives.

C.

meets the rquired objective but does not meet either deisred objective.

D.

does not meet the required objective.

Question 19

Where can you find the Check Point’s SNMP MIB file?

Options:

A.

$CPDIR/lib/snmp/chkpt.mib

B.

$FWDIR/conf/snmp.mib

C.

It is obtained only by request from the TAC.

D.

There is no specific MIB file for Check Point products.

Question 20

Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?

Options:

A.

Using SmartDashboard, under Users, select Add New Administrator

B.

Using SmartDashboard or cpconfig

C.

Using the Web console on GAiA under Product configuration, select Administrators

D.

Using cpconfig on the Security Management Server, choose Administrators

Question 21

You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the BEST answer.

Options:

A.

The Administrator decides the rule order by shifting the corresponding rules up and down.

B.

The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

C.

The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

D.

The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Question 22

Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

Options:

A.

This is an example of Hide NAT.

B.

There is not enough information provided in the Wireshark capture to determine the NAT settings.

C.

This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.

D.

This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Question 23

Fill in the blank. To save your OSPF configuration in GAiA, enter the command ___________ .

Options:

Question 24

Which Check Point tool allows you to open a debug file and see the VPN packet exchange details.

Options:

A.

PacketDebug.exe

B.

VPNDebugger.exe

C.

IkeView.exe

D.

IPSECDebug.exe

Question 25

Which command will only show the number of entries in the connection table?

Options:

A.

fw tab -t connections -s

B.

fw tab -t connections -u

C.

fw tab -t connections

D.

fw tab

Question 26

The connection to the ClusterXL member ‘A’ breaks. The ClusterXL member ‘A’ status is now ‘down’. Afterwards the switch admin set a port to ClusterXL member ‘B’ to ‘down’. What will happen?

Options:

A.

ClusterXL member ‘B’ also left the cluster.

B.

ClusterXL member ‘B’ stays active as last member.

C.

Both ClusterXL members share load equally.

D.

ClusterXL member ‘A’ is asked to come back to cluster.

Question 27

Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?

Options:

A.

External-user group

B.

LDAP group

C.

A group with a generic user

D.

All Users

Question 28

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

Options:

A.

You checked the cache password on desktop option in Global Properties.

B.

Another rule that accepts HTTP without authentication exists in the Rule Base.

C.

You have forgotten to place the User Authentication Rule before the Stealth Rule.

D.

Users must use the SecuRemote Client, to use the User Authentication Rule.

Question 29

Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:

Options:

A.

Are used for securing internal network communications between the SmartDashboard and the Security Management Server.

B.

For R75 Security Gateways are created during the Security Management Server installation.

C.

Decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.

D.

Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.

Question 30

Which command allows you to view the contents of an R77 table?

Options:

A.

fw tab -a

B.

fw tab -t

C.

fw tab -s

D.

fw tab -x

Page: 1 / 8
Total 203 questions