CCSE Review Exam UPDATED QUESTIONS
AND CORRECT ANSWERS
What are scenarios supported by the Central Deployment in SmartConsole?
A. Installation of Jumbo Hotfix on a ClusterXL environment in High Availability Mode
B. Upgrading a Standalone environment
C. Upgrading a Dedicated SmartEvent Server
D. Upgrading a Dedicated Log Server to R81.10 - CORRECT ANSWER A.
Installation of Jumbo Hotfix on a ClusterXL environment in High Availability Mode
The installation of a package via SmartConsole CANNOT be applied on
A. A single Security Gateway
B. Multiple Security Gateways and/or Clusters
C. A full Security Cluster (All Cluster Members included)
D. R81.10 Security Management Server - CORRECT ANSWER D. R81.10 Security
Management Server
Which of the following Central Deployment is NOT a limitation in R81.10 SmartConsole?
A. Security Gateway Clusters in Load Sharing mode
B. Dedicated Log Server
C. Dedicated SmartEvent Server
D. Security Gateways/Clusters in ClusterXL HA new mode - CORRECT ANSWER D.
Security Gateways/Clusters in ClusterXL HA new mode
The admin lost access to the Gaia Web Management Interface but he was able to connect via
ssh. How can you check if the web service is enabled, running and which port is used?
,A. In expert mode run #netstat -tulnp | grep httpd to see if httpd is up and to get the port
number. In clish run >show web daemon-enable to see if the web daemon is enabled.
B. In clish run >show web ssl-port to see if the web daemon is enabled and which port is in
use. In expert mode run #netstat -anp | grep httpd to see if the httpd is up
C. In clish run >show web ssl-port to see if the web daemon is enabled and which port is in
use. In expert mode run #netstat -anp | grep httpd2 to see if the httpd2 is up
D. In expert mode run #netstat -tulnp | grep httpd2 to see if httpd2 is up and to get the port
number. In clish run >show web daemon-enable to see if the web daemon is enabled. -
CORRECT ANSWER D. In expert mode run #netstat -tulnp | grep httpd2 to see if
httpd2 is up and to get the port number. In clish run >show web daemon-enable to see if the
web daemon is enabled.
After having saved the Clish Configuration with the "save configuration config.txt"
command, where can you find the config.txt file?
A. You will find it in the home directory of your user account (e.g. /home/admin/).
B. You can locate the file via SmartConsole > Command Line.
C. You have to launch the WebUI and go to "Config" -> "Export Config File" and specify the
destination directory of your local file system.
D. You cannot locate the file in the file system since Clish does not have any access to the
bash file system. - CORRECT ANSWER A. You will find it in the home directory of
your user account (e.g. /home/admin/).
What is the purpose of the command "ps aux | grep fwd"?
A. You can check the Process ID and the processing time of the fwd process.
B. You can convert the log file into Post Script format.
C. You can list all Process IDs for all running services.
D. You can check whether the IPS default setting is set to Detect or Prevent mode. -
CORRECT ANSWER A. You can check the Process ID and the processing time of the
fwd process.
, What mechanism can ensure that the Security Gateway can communicate with the
Management Server with ease in situations with overwhelmed network resources?
A. The corresponding feature is new to R81.10 and is called "Management Data Plane
Separation"
B. The corresponding feature is called "Dynamic Dispatching"
C. There is a feature for ensuring stable connectivity to the management server and is done
via Priority Queuing
D. The corresponding feature is called "Dynamic Split" - CORRECT ANSWER C.
There is a feature for ensuring stable connectivity to the management server and is done via
Priority Queuing
What is a possible command to delete all of the SSH connections of a gateway?
A. fw sam -l dport 22
B. fw ctl conntab -x -dport=22
C. fw tab -t connections -x -e 00000016
D. fwaccel dos config set dport ssh - CORRECT ANSWER B. fw ctl conntab -x -
dport=22
What is the difference between Updatable Objects and Dynamic Objects?
A. Dynamic Objects are maintained automatically by the Threat Cloud. Updatable Objects
are created and maintained locally. In both cases there is no need to install policy for the
changes to take effect.
B. Updatable Objects is a Threat Cloud Service. The provided Objects are updated
automatically. Dynamic Objects are created and maintained locally. For Dynamic Objects
there is no need to install policy for the changes to take effect.
C. Updatable Objects is a Threat Cloud Service. The provided Objects are updated
automatically. Dynamic Objects are created and maintained locally. In both cases there is no
need to install policy for the changes to take effect.
D. Dynamic Objects are maintained automatically by the Threat Cloud. For Dynamic Objects
there is no need to install policy for the changes to take effect. Updatable Objects are creat
AND CORRECT ANSWERS
What are scenarios supported by the Central Deployment in SmartConsole?
A. Installation of Jumbo Hotfix on a ClusterXL environment in High Availability Mode
B. Upgrading a Standalone environment
C. Upgrading a Dedicated SmartEvent Server
D. Upgrading a Dedicated Log Server to R81.10 - CORRECT ANSWER A.
Installation of Jumbo Hotfix on a ClusterXL environment in High Availability Mode
The installation of a package via SmartConsole CANNOT be applied on
A. A single Security Gateway
B. Multiple Security Gateways and/or Clusters
C. A full Security Cluster (All Cluster Members included)
D. R81.10 Security Management Server - CORRECT ANSWER D. R81.10 Security
Management Server
Which of the following Central Deployment is NOT a limitation in R81.10 SmartConsole?
A. Security Gateway Clusters in Load Sharing mode
B. Dedicated Log Server
C. Dedicated SmartEvent Server
D. Security Gateways/Clusters in ClusterXL HA new mode - CORRECT ANSWER D.
Security Gateways/Clusters in ClusterXL HA new mode
The admin lost access to the Gaia Web Management Interface but he was able to connect via
ssh. How can you check if the web service is enabled, running and which port is used?
,A. In expert mode run #netstat -tulnp | grep httpd to see if httpd is up and to get the port
number. In clish run >show web daemon-enable to see if the web daemon is enabled.
B. In clish run >show web ssl-port to see if the web daemon is enabled and which port is in
use. In expert mode run #netstat -anp | grep httpd to see if the httpd is up
C. In clish run >show web ssl-port to see if the web daemon is enabled and which port is in
use. In expert mode run #netstat -anp | grep httpd2 to see if the httpd2 is up
D. In expert mode run #netstat -tulnp | grep httpd2 to see if httpd2 is up and to get the port
number. In clish run >show web daemon-enable to see if the web daemon is enabled. -
CORRECT ANSWER D. In expert mode run #netstat -tulnp | grep httpd2 to see if
httpd2 is up and to get the port number. In clish run >show web daemon-enable to see if the
web daemon is enabled.
After having saved the Clish Configuration with the "save configuration config.txt"
command, where can you find the config.txt file?
A. You will find it in the home directory of your user account (e.g. /home/admin/).
B. You can locate the file via SmartConsole > Command Line.
C. You have to launch the WebUI and go to "Config" -> "Export Config File" and specify the
destination directory of your local file system.
D. You cannot locate the file in the file system since Clish does not have any access to the
bash file system. - CORRECT ANSWER A. You will find it in the home directory of
your user account (e.g. /home/admin/).
What is the purpose of the command "ps aux | grep fwd"?
A. You can check the Process ID and the processing time of the fwd process.
B. You can convert the log file into Post Script format.
C. You can list all Process IDs for all running services.
D. You can check whether the IPS default setting is set to Detect or Prevent mode. -
CORRECT ANSWER A. You can check the Process ID and the processing time of the
fwd process.
, What mechanism can ensure that the Security Gateway can communicate with the
Management Server with ease in situations with overwhelmed network resources?
A. The corresponding feature is new to R81.10 and is called "Management Data Plane
Separation"
B. The corresponding feature is called "Dynamic Dispatching"
C. There is a feature for ensuring stable connectivity to the management server and is done
via Priority Queuing
D. The corresponding feature is called "Dynamic Split" - CORRECT ANSWER C.
There is a feature for ensuring stable connectivity to the management server and is done via
Priority Queuing
What is a possible command to delete all of the SSH connections of a gateway?
A. fw sam -l dport 22
B. fw ctl conntab -x -dport=22
C. fw tab -t connections -x -e 00000016
D. fwaccel dos config set dport ssh - CORRECT ANSWER B. fw ctl conntab -x -
dport=22
What is the difference between Updatable Objects and Dynamic Objects?
A. Dynamic Objects are maintained automatically by the Threat Cloud. Updatable Objects
are created and maintained locally. In both cases there is no need to install policy for the
changes to take effect.
B. Updatable Objects is a Threat Cloud Service. The provided Objects are updated
automatically. Dynamic Objects are created and maintained locally. For Dynamic Objects
there is no need to install policy for the changes to take effect.
C. Updatable Objects is a Threat Cloud Service. The provided Objects are updated
automatically. Dynamic Objects are created and maintained locally. In both cases there is no
need to install policy for the changes to take effect.
D. Dynamic Objects are maintained automatically by the Threat Cloud. For Dynamic Objects
there is no need to install policy for the changes to take effect. Updatable Objects are creat
