CPM stands for Check Point Management, which is a process that runs on the Security Management server and controls the management operations, such as policy installation, object creation, configuration backup, etc. CPM also controls other processes that are related to the management functions, such as:
web_services: This process is responsible for providing web services for the communication between SmartConsole and the Security Management server. It handles requests from SmartConsole clients and forwards them to CPM or other processes.
dle_server: This process is responsible for managing the log files and indexes. It handles queries from SmartLog and SmartEvent and provides log data to CPM or other processes.
object_Store: This process is responsible for storing and retrieving objects from the database. It handles requests from CPM or other processes and provides object data.
Therefore, the correct answer is D.
The other options are incorrect because:
A. Object-Store, Database changes, CPM Process and web-services: This option includes some processes that are controlled by CPM, such as Object-Store, CPM Process, and web-services, but it also includes Database changes, which is not a process but an action performed by CPM or other processes.
B. web-services, CPMI process, DLEserver, CPM process: This option includes some processes that are controlled by CPM, such as web-services, DLEserver, and CPM process, but it also includes CPMI process, which is not a process but a protocol used by CPM or other processes to communicate with each other.
C. DLEServer, Object-Store, CP Process and database changes: This option includes some processes that are controlled by CPM, such as DLEServer and Object-Store, but it also includes CP Process and database changes, which are not processes but a generic term for any Check Point process and an action performed by CPM or other processes respectively.
References: Check Point Processes and Daemons, Check Point Processes Cheat Sheet, Check Point Firewall Security Solution
Question 105
Under which file is the proxy arp configuration stored?
Options:
A.
$FWDIR/state/proxy_arp.conf on the management server
B.
$FWDIR/conf/local.arp on the management server
C.
$FWDIR/state/_tmp/proxy.arp on the security gateway
The proxy ARP configuration is stored under the following file:
D. $FWDIR/conf/local.arp on the gateway
This file, local.arp, contains the proxy ARP configuration for the Security Gateway. It is used to configure ARP (Address Resolution Protocol) settings for network communication.
References: Check Point Certified Security Expert R81 Study Guide, Check Point documentation on proxy ARP.
Question 106
When an encrypted packet is decrypted, where does this happen?
When an encrypted packet is received by a Check Point Security Gateway, it is decrypted according to the security policy. The security policy defines the rules and settings for encryption and decryption of traffic, such as the encryption algorithm, the encryption domain, the pre-shared secret or certificate, etc. The security policy is enforced by the Firewall kernel, which is responsible for decrypting the packets before passing them to the inbound chain for further inspection. The inbound chain consists of various inspection modules that apply security checks and actions on the decrypted packets. The outbound chain is the reverse process, where the packets are inspected and then encrypted according to the security policy before being sent out.
References: Check Point Firewall Security Solution, Check Point R81 Cyber Security Platform, Check Point VPN Administration Guide R81
SmartView Monitor is a GUI client that is supported in R81. It allows you to monitor the network and security performance of your Security Gateways and devices5. You can use it to view real-time statistics, alerts, logs, reports, and graphs6. The other GUI clients are not supported in R81 because:
A. SmartProvisioning was replaced by SmartLSM in R80.20 and later versions7. SmartLSM is a unified solution for managing large-scale deployments of Security Gateways8.
B. SmartView Tracker was replaced by SmartLog in R80 and later versions9. SmartLog is a powerful log analysis tool that enables fast and easy access to log data from multiple Security Gateways10.
D. SmartLog is not a GUI client, but a web-based application that runs on the Security Management Server or Log Server10. You can access it from any web browser or from SmartConsole.
References: SmartView Monitor R81 Help, SmartView Monitor R81 Administration Guide, What’s New in Check Point R80.20, SmartLSM R81 Help, What’s New in Check Point R80, SmartLog R81 Help
Conor
I recently used these dumps for my exam and I must say, I was impressed with their authentic material.
YunusFeb 7, 2026
Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.
Ilyas
Definitely. I felt much more confident and prepared because of the Cramkey Dumps. I was able to answer most of the questions with ease and I think that helped me to score well on the exam.
SaoirseFeb 25, 2026
That's amazing. I'm glad you found something that worked for you. Maybe I should try them out for my next exam.
Joey
I highly recommend Cramkey Dumps to anyone preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.
DexterFeb 16, 2026
Agreed. It's definitely worth checking out if you're looking for a comprehensive and reliable study resource.
Ace
No problem! I highly recommend Cramkey Dumps to anyone looking to pass their certification exams. They will help you feel confident and prepared on exam day. Good luck!
HarrisFeb 3, 2026
That sounds amazing. I'll definitely check them out. Thanks for the recommendation!
