156-215.71 Check Point Certified Security Administrator R71

Page 1   
Question 1

Once installed, the R71 kernel resides directly below which layer of the OSI model? Note:
Application is the top and Physical is the bottom of the IP stack.

  • A. Network
  • B. Transport
  • C. Data Link
  • D. Session

Answer : A

Question 2

The customer has a small Check Point installation, which includes one Linux Enterprise 3.0
server working as the SmartConsole, and a second server running Windows 2003 as both
Security Management Server and Security Gateway. This is an example of a(n):

  • A. Stand-Alone Installation
  • B. Distributed Installation
  • C. Hybrid Installation
  • D. Unsupported configuration

Answer : D

Question 3

You are the Security Administrator in a large company called ABC. A Check Point Firewall
is installed and in use on SecurePlatform. You are concerned that the system might not be
retaining your entries for the interfaces and routing configuration. You would like to verify
your entries in the corresponding file(s) on SecurePlatform. Where can you view them?
Give the BEST answer.

  • A. /etc/conf/route.C
  • B. /etc/sysconfig/netconf.C
  • C. /etc/sysconfig/network-scripts/ifcfg-ethx
  • D. /etc/sysconfig/network

Answer : B

Question 4

During which step in the installation process is it necessary to note the fingerprint for first-
time verification?

  • A. When establishing SIC between the Security Management Server and the Gateway
  • B. When configuring the Security Management Server using cpconfig
  • C. When configuring the Security Gateway object in SmartDashboard
  • D. When configuring the Gateway in the WebUl

Answer : B

Question 5

The third shift administrator was updating security management server access setting in
global properties. He managed to lock the entire Administrator out of their accounts. How
should you unlock these accounts?

  • A. Logging to smart dash board as special cpconfig_admin account. Right click on each administrator object and select Unlock.
  • B. Type fwm lock_admin –ua from the command line of the security management server
  • C. Reinstall the security management Server and restore using upgrade _imort
  • D. Delete the file admin .lock in the sfwdir/ tmp/directory of the security managem,ent server.

Answer : B

Question 6

A snapshot delivers a complete backup of SecurePlatform. The resulting file can be stored
on servers or as a local file in /var/cpsnapshot/snapshots. How do you restore a local
snapshot named MySnapshot.tgz?

  • A. As expert user, type the command snapshot – r MySnapshot.tgz.
  • B. As expert user, type the command snapshot R to restore from a local file. Then, provide the correct name.
  • C. As expert user, type the command revert --file MySnapshot.tgz.
  • D. Reboot the system and call the start menu. Select the option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.

Answer : C

Question 7

What is the primary benefit of using upgrade_export over either backup of snapshot?

  • A. The backup and snapshot commands can take long time to run whereas upgrade_export will take a much shorter amount of time.
  • B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
  • C. upgrade_export is operating system independent and can be used when backup or snapshot is not available.
  • D. upgrade_export has an option to backup the system and SmartView tracker logs while back and snapshot will not.

Answer : C

Question 8

Which of the following statements about Bridge mode is TRUE?

  • A. When managing a Security Gateway in Bridge mode, it is possible to use a bridge interface for Network Address Translation.
  • B. Assuming a new installation, bridge mode requires changing the existing IP routing of the network.
  • C. All ClusterXL modes are supported.
  • D. A bridge must be configured with a pair of interfaces.

Answer : D

Question 9

An Administrator without access to SmartDashboard installed a new IPSO-based R71
Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to
confirm communication between the Security Gateway and the Management Server by
installing the Policy. What might prevent you from installing the Policy?

  • A. You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway's topology.
  • B. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server You must initialize SIC on the Security Management Server.
  • C. An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance Resolve by running the tw unloadlocal command on the local Security Gateway.
  • D. You first need to run the fw unloadlocal command on the R71 Security Gateway appliance in order to remove the restrictive default policy.

Answer : A

Question 10

How can you most quickly reset Secure Internal Communications (SIC) between a Security
Management Server and Security Gateway?

  • A. Run the command fwm sic-reset to initialize the Internal Certificate Authority (ICA) of the Security Management Server. Then retype the activation key on the Security Gateway from SmartDashboard.
  • B. Use SmartDashboard to retype the activation key on the Security Gateway. This will automatically Sync SIC to both the Security Management Server and Gateway.
  • C. From cpconfig on the Gateway, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the Gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
  • D. From the Security Management Servers command line, Type fw putkey p <shared key> < IP Address of security Gateway>.

Answer : C

Question 11

Tom has been tasked to install Check Point R71 in a distributed deployment. Before Tom
installs the systems this way, how many machines will he need if he does not include a
SmartConsole machine in his calculations?

  • A. One machine
  • B. One machine, but it needs to be installed using SecurePlatform for compatibility purposes
  • C. Three machines
  • D. Two machines

Answer : D

Question 12

Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC
Certificates are created:

  • A. And used for securing internal network communications between SmartView Tracker and an OPSEC device.
  • B. For the Security Management Server during the Security Management Server installation.
  • C. For Security Gateways during the Security Gateway installation.
  • D. To decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.

Answer : B

Question 13

Which of the following methods will provide the most complete backup of an R71

  • A. Policy Package Management
  • B. Copying the $PWDIR\conf and $CPDIR\conf directories to another server
  • C. upgrade_export command
  • D. Database Revision Control

Answer : C

Question 14

How can you view cpinfo on a SecurePlatform machine?

  • A. tcpdump
  • B. snoop – i
  • C. infotab
  • D. Text editor, such as vi

Answer : D

Question 15

Before upgrading SecurePlatform, you should create a backup. To save time, many
administrators use the command backup. This creates a backup of the Check Point
configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after
creating a backup file. There is a mistake in the very complex static routing configuration.
The Check Point configuration has not been changed. Can the administrator use a restore
to fix the errors in static routing?

  • A. The restore can be done easily by the command restore and selecting the appropriate backup file.
  • B. A backup cannot be restored, because the binary files are missing.
  • C. The restore is not possible because the backup file does not have the same build number (version).
  • D. The restore is done by selecting Snapshot Management from the boot menu of SecurePlatform.

Answer : A

Page 1