156-215.76 Check Point Certified Security Administrator – GAiA

Page 1   
Question 1

John is the Security Administrator in his company. He installs a new R76 Security
Management Server and a new R76 Gateway. He now wants to establish SIC between
them. After entering the activation key, he gets the following message in SmartDashboard -
"Trust established"
SIC still does not seem to work because the policy won't install and interface fetching does
not work. What might be a reason for this?

  • A. It always works when the trust is established
  • B. This must be a human error.
  • C. SIC does not function over the network.
  • D. The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid.

Answer : D

Question 2

Which item below in a Security Policy would be enforced first?

  • A. Network Address Translation
  • B. Security Policy First rule
  • C. Administrator-defined Rule Base
  • D. IP spoofing/IP options

Answer : D

Question 3

Which of the following describes the default behavior of an R76 Security Gateway?

  • A. Traffic is filtered using controlled port scanning.
  • B. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.
  • C. All traffic is expressly permitted via explicit rules.
  • D. Traffic not explicitly permitted is dropped.

Answer : D

Question 4

How can you activate the SNMP daemon on a Check Point Security Management Server?

  • A. Using the command line, enter snmp_install.
  • B. Any of these options will work.
  • C. In SmartDashboard, right-click a Check Point object and select Activate SNMP.
  • D. From cpconfig, select SNMP extension.

Answer : D

Question 5

Where is the IPSO Boot Manager physically located on an IP Appliance?

  • A. On the platform's BIOS
  • B. In the directory /nvram
  • C. On an external jump drive
  • D. On built-in compact Flash memory

Answer : D

Question 6

Which SmartConsole component can Administrators use to track changes to the Rule

  • A. SmartView Monitor
  • B. SmartReporter
  • C. WebUI
  • D. SmartView Tracker

Answer : D

Question 7

Your primary Security Gateway runs on SecurePlatform. What is the easiest way to back
up your Security Gateway R76 configuration, including routing and network configuration

  • A. Using the native SecurePlatform backup utility from command line or in the Web based user interface.
  • B. Copying the directories $FWDIR/conf and $FWDIR/lib to another location.
  • C. Using the command upgrade_export.
  • D. Run the pre_upgrade_verifier and save the .tgz file to the directory /temp.

Answer : A

Question 8

  • A. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
  • B. Log in as the default user expert and start cpinfo.
  • C. No action is needed because cpshell has a timeout of one hour by default.
  • D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo.

Answer : A

Question 9

When using SecurePlatform, it might be necessary to temporarily change the MAC address
of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC
address should be active. How do you configure this change?

  • A. Edit the file /etc/sysconfig/netconf.c and put the new MAC address in the field
  • B. As expert user, issue these commands: # IP link set eth0 down # IP link set eth0 addr 00:0C:29:12:34:56 # IP link set eth0 up
  • C. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings.
  • D. As expert user, issue the command: # IP link set eth0 addr 00:0C:29:12:34:56

Answer : B

Question 10

You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in
use on SecurePlatform. You are concerned that the system might not be retaining your
entries for the interfaces and routing configuration. You would like to verify your entries in
the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST

  • A. /etc/conf/route.C
  • B. /etc/sysconfig/network-scripts/ifcfg-ethx
  • C. /etc/sysconfig/netconf.C
  • D. /etc/sysconfig/network

Answer : C

Question 11

The SIC certificate is stored in the directory _______________.

  • A. $CPDIR/conf
  • B. $FWDIR/database
  • C. $CPDIR/registry
  • D. $FWDIR/conf

Answer : A

Question 12

Which of the below is the MOST correct process to reset SIC from SmartDashboard?

  • A. Run cpconfig, and click Reset.
  • B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
  • C. Click Communication > Reset on the Gateway object, and type a new activation key.
  • D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.

Answer : B

Question 13

Chris has lost SIC communication with his Security Gateway and he needs to re-establish

What would be the correct order of steps needed to perform this task?

  • A. 3, 1, 4, 2
  • B. 2, 3, 1, 4
  • C. 5, 1, 2, 4
  • D. 5, 1, 4, 2

Answer : C

Question 14

When restoring R76 using the command upgrade_import, which of the following items are
NOT restored?

  • A. Licenses
  • B. SIC Certificates
  • C. Global properties
  • D. Route tables

Answer : D

Question 15

Which of the following statements is TRUE about management plug-ins?

  • A. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
  • B. The plug-in is a package installed on the Security Gateway.
  • C. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
  • D. Installing a management plug-in is just like an upgrade process.

Answer : A

Page 1