Checkpoint 156-215.13 Dumps
Exam: Check Point Certified Security Administrator - GAiA
Checkpoint 156-215.13 Exam Tutorial
Question No : 1 - Topic 1
You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start
cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key.
The screen reads The SIC was successfully initialized and jumps back to the cpconfig
menu. When trying to establish a connection, instead of a working connection, you receive
this error message:
What is the reason for this behavior?
A. The Gateway was not rebooted, which is necessary to change the SIC key.
B. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
C. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.
Question No : 2 - Topic 1
What is the primary benefit of using the command upgrade_export over either backup or
A. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.
B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
C. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.
D. upgrade_export is operating system independent and can be used when backup or snapshot is not available.
Question No : 3 - Topic 1
How is wear on the flash storage device mitigated on diskless appliance platforms?
A. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
B. A RAM drive reduces the swap file thrashing which causes fast wear on the device.
C. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
D. PRAM flash devices are used, eliminating the longevity.
Question No : 4 - Topic 1
Which command displays the installed Security Gateway version?
A. fw ver
B. fw stat
C. fw printver
D. cpstat -gw
Question No : 5 - Topic 1
Which command allows you to view the contents of an R76 table?
A. fw tab -s <tablename>
B. fw tab -t <tablename>
C. fw tab -x <tablename>
D. fw tab -a <tablename>
Question No : 6 - Topic 1
During which step in the installation process is it necessary to note the fingerprint for first-
A. When configuring the Security Gateway object in SmartDashboard
B. When configuring the Security Management Server using cpconfig
C. When establishing SIC between the Security Management Server and the Gateway
D. When configuring the Gateway in the WebUI
Question No : 7 - Topic 1
When launching SmartDashboard, what information is required to log into R76?
A. User Name, Management Server IP, certificate fingerprint file
B. User Name, Password, Management Server IP
C. Password, Management Server IP
D. Password, Management Server IP, LDAP Server IP
Question No : 8 - Topic 1
Which of the following tools is used to generate a Security Gateway R76 configuration
D. fw cpinfo
Question No : 9 - Topic 1
You installed Security Management Server on a computer using GAiA in the MegaCorp
home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a
second SecurePlatform computer, which you plan to ship to another Administrator at a
MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway
before shipping it?
A. 2, 1, 3, 4, 5
B. 2, 3, 4, 5, 1
C. 1, 3, 2, 4, 5
D. 2, 3, 4, 1, 5
Question No : 10 - Topic 1
How can you check whether IP forwarding is enabled on an IP Security Appliance?
A. clish -c show routing active enable
B. ipsofwd list
C. cat /proc/sys/net/ipv4/ip_forward
D. echo 1 > /proc/sys/net/ipv4/ip_forward
Question No : 11 - Topic 1
You have configured SNX on the Security Gateway. The client connects to the Security
Gateway and the user enters the authentication credentials. What must happen after
authentication that allows the client to connect to the Security Gateway's VPN domain?
A. Active-X must be allowed on the client.
B. The SNX client application must be installed on the client.
C. SNX modifies the routing table to forward VPN traffic to the Security Gateway.
D. An office mode address must be obtained by the client.
Question No : 12 - Topic 1
UDP packets are delivered if they are ___________.
A. referenced in the SAM related dynamic tables
B. a valid response to an allowed request on the inverse UDP ports and IP
C. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
D. bypassing the kernel by the forwarding layer of ClusterXL
Question No : 13 - Topic 1
A. Create a time object, and add 48 hours as the interval. Select that time object's Global Properties > Logs and Masters window, to schedule a logswitch.
B. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object's Logs and Masters window, enable Schedule log switch, and select the Time object.
C. On a SecurePlatform Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.
D. Create a time object, and add 48 hours as the interval. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.
Question No : 14 - Topic 1
The London Security Gateway Administrator has just installed the Security Gateway and
Management Server. He has not changed any default settings. As he tries to configure the
Gateway, he is unable to connect. Which troubleshooting suggestion will NOT help him?
A. Check if some intermediate network device has a wrong routing table entry, VLAN assignment, duplex-mismatch, or trunk issue.
B. Verify that the Rule Base explicitly allows management connections.
C. Test the IP address assignment and routing settings of the Security Management Server, Gateway, and console client.
D. Verify the SIC initialization.
Question No : 15 - Topic 1
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
Question No : 16 - Topic 1
Which of the following describes the default behavior of an R76 Security Gateway?
A. Traffic is filtered using controlled port scanning.
B. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.
C. All traffic is expressly permitted via explicit rules.
D. Traffic not explicitly permitted is dropped.
Question No : 17 - Topic 1
When using SecurePlatform, it might be necessary to temporarily change the MAC address
of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC
address should be active. How do you configure this change?
A. Edit the file /etc/sysconfig/netconf.C and put the new MAC address in the field
B. As expert user, issue these commands:
C. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings.
D. As expert user, issue the command: # IP link set eth0 addr 00:0C:29:12:34:56
Question No : 18 - Topic 1
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Use the search utility in SmartDashboard to view all hidden rules. Select the relevant rule and click Disable Rule(s).
D. Hidden rules are already effectively disabled from Security Gateway enforcement.
Question No : 19 - Topic 1
What is the syntax for uninstalling a package using newpkg?
A. -u <pathname of package>
B. newpkg CANNOT be used to uninstall a package
C. -i <full pathname of package>
D. -S <pathname of package>
Question No : 20 - Topic 1
How does the button Get Address, found on the Host Node Object > General Properties
page retrieve the address?
A. Route Table
B. Address resolution (ARP, RARP)
C. Name resolution (hosts file, DNS, cache)
D. SNMP Get