Question 1:

Tom has been tasked to install Check Point R80 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

A. One machine, but it needs to be installed using SecurePlatform for compatibility purposes

B. One machine

C. Two machines

D. Three machines

Correct Answer: C

Question 2:

In order to test ClusterXL failovers which command would you use on one of the ClusterXL nodes to initiate a failover?

A. clusterXL_admin down -p

B. cluster XL_admin up -p

C. cphaprob -d TEST -s ok register

D. cphaprob -d TEST -s problem unregister

Correct Answer: A

Reference: https://sc1.checkpoint.com/documents/R76/ CP_R76_ClusterXL_AdminGuide/7298.htm#o97358

Question 3:

Which of the following is NOT a valid “fwaccel” parameter?

A. stat

B. stats

C. templates

D. packets

Correct Answer: D

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk41397

Question 4:

Which of the following is not one of the relational database domains that stores the management configuration?

A. User Domain

B. System Domain

C. Global Domain

D. Audit Domain

Correct Answer: D

Question 5:

What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

A. .cap

B. .exe

C. .tgz

D. .pcap

Correct Answer: A

Question 6:

How often will a gateway with Performance Pack running by default automatically review and distribute interface affinity between cores?

A. Every 60 seconds

B. Interface affinity is determined at gateway build time and does not change

C. Every 5 minutes

D. Every 10 seconds

Correct Answer: A

Reference: https://sc1.checkpoint.com/documents/R76/ CP_R76_PerformanceTuning_WebAdmin/6731.htm

Question 7:

Which of the following features is supported in Check Point\’s implementation of IPv6?

A. Security Servers

B. QoS

C. ClusterXL High Availability


Correct Answer: C

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk39374

Question 8:

You verified that Performance Pack is disabled and need to distribute the affinity interfaces. What command would you run to use static affinity to balance the interfaces between the SND cores?

A. cpmq set

B. sim affinity -s

C. fw ctl affinity -a -l -v

D. fw ctl affinity -s

Correct Answer: C

Question 9:

What must be done for the “fw monitor” command to capture packets through the firewall kernel?

A. SecureXL must be disabled

B. ClusterXL must be temporarily disabled

C. Firewall policy must be re-installed

D. The output file must be transferred to a machine with WireShark

Correct Answer: A

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk30583

Question 10:

Consider a Check Point Security Gateway under high load. What mechanism can be used to confirm that important traffic such as control connections are not dropped?

A. fw debug fgd50 on OPSEC_DEBUG_LEVEL=3

B. fw ctl multik prioq

C. fgate –d load

D. fw ctl debug –m fg all

Correct Answer: B

Question 11:

What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance?

A. 1,024 and 4,096

B. 4,096 and 16,384

C. 4,096 and 65,536

D. 1,024 and 16,384

Correct Answer: D

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/73181.htm

Question 12:

Which kernel debug flag should you use to troubleshoot NAT connections?

A. fw ctl debug xlate xltrc nat table

B. fw ctl debug xltrc xlate nat conn

C. fw ctl debug xlate xltrc nat conn drop

D. fw ctl debug fwx_alloc nat conn drop

Correct Answer: C

Question 13:

You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules

B. Create a separate Security Policy package for each remote Security Gateway

C. Create network objects that restrict all applicable rules to only certain networks

D. Run separate SmartConsole instances to login and configure each Security Gateway directly

Correct Answer: B

Question 14:

Which type of SecureXL templates is enabled by default on Security Gateways?

A. Accept

B. Drop



Correct Answer: A

Question 15:

Which one of following commands should you run to display HTTPS packet content together with kernel debug?

A. fw ctl get int https_inspection_show_decrypted_data_in_debug=1 fw ctl get int ssl_inspection_extra_debug=1

B. fw set int https_inspection_get_encrypted_data_in_debug 1 fw set int https_inspection_show_debug 1

C. fw ctl set int https_inspection_show_decrypted_data_in_debug 1 fw ctl set int ssl_inspection_extra_debug 1

D. fw ctl set int http_inspection_display_encrypted_data_in_debug=1 fw ctl set int http_inspection_extra_debug=1

Correct Answer: C