156-315.13 Check Point Security Expert R76(GAiA)

Page 1   
Question 1

Typically, when you upgrade the Security Management Server, you install and configure a
freshR76installation on a new computer and then migrate the database from the original
machine. Which of the following statements are TRUE?

  • A. Both machines must have the same number of interfaces installed and configured before migration can be attempted.
  • B. The new machine may not have more Check Point products installed than the original Security Management Server.
  • C. All product databases are included in the migration.
  • D. The Security Management Server on the new machine must be the same or greater than the version on the original machine.

Answer : D

Question 2

If no flags are defined during a back up on the Security Management Server, where does
the system store the *.tgz file?

  • A. /var/opt/backups
  • B. /var/backups
  • C. /var/CPbackup/backups
  • D. /var/tmp/backups

Answer : C

Question 3

Which of the following is NOT a feature of ClusterXL?

  • A. Enhanced throughput in all ClusterXL modes (2 gateway cluster compared with 1 gateway)
  • B. Transparent failover in case of device failures
  • C. Zero downtime for mission-critical environments with State Synchronization
  • D. Transparent upgrades

Answer : C

Question 4

Which describes the function of the account unit?

  • A. An Account Unit is the Check Point account that SmartDirectory uses to access an (LDAP) server
  • B. An Account Unit is a system account on the Check Point gateway that SmartDirectory uses to access an (LDAP) server
  • C. An Account Unit is the administration account on the LDAP server that SmartDirectory uses to access to (LDAP) server
  • D. An Account Unit is the interface which allows interaction between the Security Management server and Security Gateways, and the SmartDirectory (LDAP) server.

Answer : D

Question 5

Which command provides cluster upgrade status?

  • A. cphaprob status
  • B. cphaprob ldstat
  • C. cphaprob fcustat
  • D. cphaprob tablestat

Answer : C

Question 6

Which is NOT a valid option when upgrading Cluster Deployments?

  • A. Full Connectivity Upgrade
  • B. Fast path Upgrade
  • C. Minimal Effort Upgrade
  • D. Zero Downtime

Answer : B

Question 7

A Full Connectivity Upgrade of a cluster:

  • A. Treats each individual cluster member as an individual gateway.
  • B. Upgrades all cluster members except one at the same time.
  • C. Is only supported in minor version upgrades (R70 to R71, R71 toR76).
  • D. Is not a valid upgrade method inR76.

Answer : C

Question 8

  • A. Using the nativeGAiAback up utility from command line or in the Web-based user interface.
  • B. Using the command upgrade_export.
  • C. Run the command pre_upgrade_verifier and save the file *.tgz to the directory c:/temp.
  • D. Copying the directories $FWDIR/conf and $FWDIR/lib to another location.

Answer : A

Question 9

In a "zero downtime" scenario, which command do you run manually after all cluster
members are upgraded?

  • A. cphaconf set_ccp broadcast
  • B. cphaconf set clear_subs
  • C. cphaconf set mc_relod
  • D. cphaconf set_ccp multicast

Answer : D

Question 10

The file snapshot generates is very large, and can only be restored to:

  • A. The device that created it, after it has been upgraded
  • B. Individual members of a cluster configuration
  • C. Windows Server class systems
  • D. A device having exactly the same Operating System as the device that created the file

Answer : D

Question 11

Which of the following is NOT part of the policy installation process?

  • A. Code compilation
  • B. Code generation
  • C. Initiation
  • D. Validation

Answer : D

Question 12

Where multiple SmartDirectory servers exist in an organization, a query from one of the
clients for user information is made to the servers based on a priority. By what category
can this priority be defined?

  • A. Gateway or Domain
  • B. Location or Account Unit
  • C. Location or Domain
  • D. Gateway or Account Unit

Answer : D

Question 13

When restoringR76using the command upgrade_import, which of the following items are
NOT restored?

  • A. Global properties
  • B. Route tables
  • C. Licenses
  • D. SIC Certificates

Answer : B

Question 14

Which of the following commands can provide the most complete restore of an

  • A. upgrade_import
  • B. fwm dbimport -p <export file>
  • C. cpconfig
  • D. cpinfo -recover

Answer : A

Question 15

Which command would you use to save the routing information before upgrading a
Windows Gateway?

  • A. ipconfig –a > [filename].txt
  • B. ifconfig > [filename].txt
  • C. cp /etc/sysconfig/network.C [location]
  • D. netstat –rn > [filename].txt

Answer : D

Page 1