Checkpoint 156-915.77 Exam - Questions and Answers

Question 1

Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked. What can be done to unlock
Peters account? Give the BEST answer.
A. You can unlock Peters account by using the command fwm lock_admin -u Peter on the
Security Management Server.
B. You can unlock Peters account by using the command fwm unlock_admin -u Peter on the Security Management Server
C. It is not possible to unlock Peters account. You have to install the firewall once again or abstain from Peters help.
D. You can unlock Peters account by using the command fwm unlock_admin -u Peter on the Security Gateway.

Answer : A Topic 3, Deployment Platforms Obj 3

Question 2

Which command allows you to view the contents of an R77 table?

A. fw tab -a <tablename>
B. fw tab -t <tablename>
C. fw tab -s <tablename>
D. fw tab -x <tablename>

Answer : B

Question 3

How do you recover communications between your Security Management Server and
Security Gateway if you lock yourself out through a rule or policy mis-configuration?

A. fw unload policy
B. fw unloadlocal
C. fw delete all.all@localhost
D. fwm unloadlocal

Answer : B

Question 4

Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC
Certificates:

A. Are used for securing internal network communications between the SmartDashboard and the Security Management Server.
B. For R75 Security Gateways are created during the Security Management Server installation.
C. Decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.
D. Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.

Answer : D

Question 5

How can you check whether IP forwarding is enabled on an IP Security Appliance?

A. clish -c show routing active enable
B. cat /proc/sys/net/ipv4/ip_forward
C. echo 1 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd list

Answer : D

Question 6

Which of the following statements accurately describes the command snapshot?

A. snapshot creates a full OS-level backup, including network-interface data, Check Point product information, and configuration settings during an upgrade of a GAiA Security Gateway.
B. snapshot creates a Security Management Server full system-level backup on any OS.
C. snapshot stores only the system-configuration settings on the Gateway.
D. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server.

Answer : A

Question 7

Which command would provide the most comprehensive diagnostic information to Check
Point Technical Support?

A. fw cpinfo
B. cpinfo -o date.cpinfo.txt
C. diag
D. cpstat - date.cpstat.txt

Answer : B

Question 8

You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in

A. ethtool
B. set interface <options>
C. mii_tool
D. ifconfig -a

Answer : B

Question 9

Which of the following tools is used to generate a Security Gateway R77 configuration report?

A. fw cpinfo
B. infoCP
C. cpinfo
D. infoview

Answer : C

Question 10

ALL of the following options are provided by the GAiA sysconfig utility, EXCEPT:

A. Export setup
B. DHCP Server configuration
C. Time & Date
D. GUI Clients

Answer : D

Question 11

Which of the following options is available with the GAiA cpconfig utility on a Management
Server?

A. Export setup
B. DHCP Server configuration
C. GUI Clients
D. Time & Date

Answer : C

Question 12

Which of the following is a CLI command for Security Gateway R77?

A. fw tab -u -

B. fw shutdown -

C. fw merge -
D. fwm policy_print <policyname>

Answer : A Topic 4, Network Address Translation

Question 13

You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global
Properties / NAT.)
When you run fw monitor on the R77 Security Gateway and then start a new HTTP connection from host 10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into
10.10.10.5?

A. o=outbound kernel, before the virtual machine
B. I=inbound kernel, after the virtual machine
C. O=outbound kernel, after the virtual machine
D. i=inbound kernel, before the virtual machine

Answer : B

Question 14

A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the
Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?

A. Automatic ARP must be unchecked in the Global Properties.
B. Nothing else must be configured.
C. A static route must be added on the Security Gateway to the internal host.
D. A static route for the NAT IP must be added to the Gateway’s upstream router.

Answer : C

Question 15

You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateways external interface. You browse to the Google Website from host, 10.1.1.10 successfully.
You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?

A. Two, one for outbound, one for inbound
B. Only one, outbound
C. Two, both outbound, one for the real IP connection and one for the NAT IP connection
D. Only one, inbound

Answer : B

Check Point Certified Security Expert Update v7.0

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Talk to us!