CheckPoint 156-215 Dumps, Download Latest CheckPoint 156-215 Exam Cost Download Online Store

Welcome to download the newest Examwind 220-010 dumps:

At Flydumps, we ensure that our CheckPoint 156-215 material is accurate, up to date, and will ensure you pass your certification exam on the first try. If you want to pass your CheckPoint 156-215 exam, Flydumps would be your best choice.

QUESTION 224
VPN routing provides a way of controlling how VPN traffic is directed. There are two methods for doing this. Which of these two methods will Route VPN traffic based on the encryption domain behind each Gateway in the community?
A. Dynamic Based VPN
B. Domain Based VPN
C. Static Based VPN
D. Route Based VPN
E. Routing Based VPN

Correct Answer: B
QUESTION 225
Study the diagram and answer the question below. What rule would allow access from your local ActualTests.com network using FTP service with User Authentication as a method of authentication?

“Pass Any Exam. Any Time.” – www.actualtests.com 119 Checkpoint 156-215-71: Practice Exam
A. 5
B. 1
C. 3
D. 2
E. 4
Correct Answer: D
QUESTION 226
Which of the following is true regarding SmartDirectory (LDAP) Groups? Select all the correct answers.
ActualTests.com
A. SmartDirectory (LDAP) users can be grouped logically
B. SmartDirectory (LDAP) groups are created in order classify users within certain group types
C. SmartDirectory (LDAP) users can be created with SmartView Monitor GUI
D. SmartDirectory (LDAP) users can be grouped dynamically according to a dynamic filter
E. Once SmartDirectory (LDAP) groups are created, they can be applied in various policy rules
Correct Answer: ABDE
QUESTION 227
What will be the consequence of disabling TCP state check in the IPS tab?

ActualTests.com
A. This will boost your overall Firewall performance
B. This will disable your IPS
C. This will disable your firewall
D. This will have adverse effect on your Firewall performance
E. This will degrade your overall Firewall performance

Correct Answer: A
QUESTION 228
You are responsible for the configuration of MegaCorp’s Firewall you need to allow two NA rules to match a connection. Is it possible? Give the best answer
A. Yes it is possible to have the NAT rules which match a connection, but only in using manual NAT (bidirectional NAT)
B. No, it is not possible to have more one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the rule base, and then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule.
C. Yes, there are always as many active NAT rules as there are connections.
D. Yes it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (Bidirectional NAT)
Correct Answer: D
QUESTION 229
A third shift Security Administrator configured and installed a new Security Policy early this morning when you arrive he tells you that he has been Receiving complaints that Internet very slow. You suspect the security Gateway virtual memory might be the problem. Which smart console component would you use to verify this?
ActualTests.com
A. SmartView Tracker
B. SmartView Monitor
C. This information can only be viewed with fw ctl pstat command from the CLI
D. Eventia Analyzer

Correct Answer: B QUESTION 230
Which of the following is NOT true for Clientless VPN?
“Pass Any Exam. Any Time.” – www.actualtests.com 123 Checkpoint 156-215-71: Practice Exam
A. The Gateway accepts any encryption method that is proposed by the client and supported in the VPN
B. Secure communication is provided between clients and servers that support HTTP
C. User Authentication is supported
D. The Gateway can enforce the use of strong encryption

Correct Answer: B QUESTION 231
A rule_______ is designed to log and drop nil other communication that does not match another rule.
A. Stealth
B. Cleanup
C. Reject
D. Ann-Spoor

Correct Answer: B QUESTION 232
You currently do not have a Check Point software subscription for one of your products. What will happen if you attempt to upgrade the license for this product?
A. The license will be upgraded with a warning
B. It is deleted ActualTests.com
C. It is upgraded with new available features, but cannot be activated
D. The license is not upgraded

Correct Answer: D QUESTION 233
Which could be an appropriate solution for assigning a unique office mode IP address to secure client users?
A. Configure a DHCP server with IP reservation using the information gathered by the utility vpn macutil.
B. Edit $ PWDIA/conf/SCM_ assignment. conf on the management server with the correct user name and office mode ip address
C. Create a DHCP resource with the fixed IP address to use name mapping.
D. Fixed office mode IP can be configured as a user property in smart dash board

Correct Answer: A QUESTION 234
How are cached usernames and passwords cleared from the memory of a R71 Security Gateway?
A. By retrieving LDAP user information using the command fw f etchldap
B. By using the Clear User Cache button in Smart Dashboard
C. Usernames and password only clear from memory after they time out
D. By installing a Security Policy

Correct Answer: D QUESTION 235
When you use the Global Properties default settings on R71. Which type of traffic will be dropped?
A. RIP traffic
B. Smart Update connections
C. Outgoing traffic originating from the Security Gateway
D. Firewall logging and ICA key-exchange information ActualTests.com

Correct Answer: A QUESTION 236
URL Filtering Policy ran make exceptions for specific sites by being enforced?
A. Only for specific sources and destinations
B. For all traffic, except on specific sources and destinations
C. For all traffic, except blocked sites
D. For all traffic, There are no exceptions

Correct Answer: B QUESTION 237
You are the Security Administrate for university The University’s FTP servers have old hardware and software. Certain FTP command causes the FTP servers to malfunction Upgrading the FTP servers is not an optional this time. Where you can define blocked FTP commands passing through the Security Gateway protecting the FTP servers?
A. IPS > Protections > By Protocol > IPS Software Blade > Application Intelligence > FTP > FTP advanced protections>FTP Commands
B. FTP Service Object > Advanced > Blocked FTP Commands
C. Global Properties > Firewall > Security Server > Allowed FTP Commands
D. Rule Base > Service Field > Edit Properties

Correct Answer: A QUESTION 238
Spoofing is a method of:
A. Hiding your firewall from unauthorized users.
B. Disguising an illegal IP address behind an authorized IP address through port address Translation.
C. Making packets appear as if they come from an authorized IP address
D. Detecting people using false or wrong authentication logins. Correct Answer: C
QUESTION 239
You plan to migrate a Windows NG with Application Intelligence (Ai) R55 SmartCener server to R71. You also plan to upgrade four VPN-1 pro Gateways at remote offices and one local VPN-1 pro gateway at your company’s head quarter to R71. The management server configuration must be migrated. What is the correct procedure to migrate the configuration?
A. 1. Upgrade the remote gateway via smartUpdate.
2. upgrade the security management server, using the R71 CD
B. 1. From the R71 CD-ROM on the security management server, select Upgrade
2.
Reboot after installation and upgrade all licenses via SmartUpdate

3.
Reinstall all gateways using R 70 and install a policy
C. 1. Copy the $PWDIR\ conf directory from the security management server
2.
Save directory contents to another file server

3.
Uninstall the security management server, and install anew security management server

4.
Move the saved directory contents to $ PWDIR\conf replacing the default installation files

5.
Reinstall all gateways using R71 and install a security policy
D. 1. From the R71 CD- ROM in the security management server, select export
2.
Install R 70 on a new PC using the option installation using imported configuration

3.
Reboot after installation and update all licenses via smartUpdate

4.
Upgrade software on all five remote Gateway via SmartUpdate

Correct Answer: D
QUESTION 240
When john first installed the system, he forgets to configure DNS servers on the security Gateway. How could John configure DNS servers now that his security gateway is in production?
A. Login to the firewall using SSH and run cpconfig, than select domain name servers
B. Login to the firewall using SSH and run fwn, than select system configuration and domain name servers.
C. Login to the smart dashboard, edit the firewall gate object, select the tab interface, than domain name servers
D. Login to the firewall using SSH and run sysconfig, then select domain name servers.

Correct Answer: D
QUESTION 241
You have an NGX R65 have gateway running on Security platform. The Gateway also serves as a Policy Server. When you run patch add CD from security Gateway R71 CD-ROM. what does this command allow you to upgrade?
A. Only the R71 Security Gateway
B. Only the patch utility is upgraded using this command
C. All products, except the Policy Server
D. Both the operating system and all Check Point products
Correct Answer: D
QUESTION 242
Which of the following explanations best describes the command fw logswitch {-h taeget} {+ 1 -} {oldlog}
A. Display a remote machine’s log-file list.
B. Control Kernel
C. Display protocol Hosts
D. Create a new Log file. The old log has moved
Correct Answer: D
QUESTION 243
Which of the following uses the same key to decrypt as it does to encrypt?
A. Asymmetric encryption
B. Symmetric encryption
C. Certificate-based encryption
D. Dynamic encryption

Correct Answer: B QUESTION 244
NAT can be implemented on which of the following lists of objects?
A. Domain network
B. Host network
C. Host user
D. Network, Dynamic Object

Correct Answer: B QUESTION 245
Which security servers can perform authentication task, but CANNOT perform content security tasks?
A. FTP
B. HTTP
C. Telnet
D. HTTPS

Correct Answer: C QUESTION 246
Central license management allows a Security Administrator to perform which of the following functions? 1) Check for expired licenses. 2) Sort licenses and view license properties 3) Attach both R71 Central and Local licenses to a remote module 4) Delete both R71 Local licenses and Central licenses from a remote module 5) Add or remove a license to or from the license repository 6) Attach and/or delete only R71 Central licenses to a remote module (not local licenses)
A. 2.5.&6
B. 2.3.4.&5
C. L 2. 5.& 6
D. 1.2.3.4.&5

Correct Answer: D QUESTION 247
Which smear view tracker selection would most effectively show who installed a security policy blocking all traffic from the corporate network?
A. Custom filter
B. Network and Endpoint tab
C. Management Tab
D. Active tab

Correct Answer: C QUESTION 248
Identify the ports to which the Client authentication daemon listens default?
A. 256, 600
B. 80, 256
C. 8080, 529
D. 259, 900

Correct Answer: D QUESTION 249
Select the correct statement about secure internal communication (S|C) certificates, S|C certificates?
A. Increase network security by securing administrative communication with a two factor challenge response authentication.
B. Uniquely identify the machines installed with check point software only. They have the same function as RSA authentication certificates.
C. Are for security Gateways created during the security management server installation. ActualTests.com
D. Can be used for securing internal network communication between the security gateway and an OPSEC device.

Correct Answer: D QUESTION 250
What is the syntax for uninstalling a package using newpkg?
A. -s (pathname of package)
B. -u (pathname of package)
C. Newpkg CANNOT be used to install
D. -i (full pathname of package)

Correct Answer: C QUESTION 251

When selecting CheckPoint 156-215 practice test, you are buying Passcert high quality CheckPoint 156-215 products obtainable through the web today. Pass4itSure CheckPoint 156-215 practice test are recent and updated on regular basis, giving you with the highest CheckPoint 156-215 exam standard. Start your way to CheckPoint 156-215 success by purchasing Passcert high quality CheckPoint 156-215 practice test.

Welcome to download the newest Examwind 220-010 dumps: http://www.examwind.com/220-010.html

Cisco 300-135 Practice Test, Free Download Real Cisco 300-135 Q&A With High Quality

Continue Reading

CheckPoint 156-215 Exam Cost, Sale Latest Release CheckPoint 156-215 Certification Online

Welcome to download the newest Examwind 1Z0-052 dumps:

Flydumps provides you with the most reliable practice exams to master CheckPoint 156-215 Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These CheckPoint 156-215 test questions provide you with the experience of taking the actual test.

QUESTION 141
Certkiller is the Security Administrator for a chain of grocery stores. Each grocery store is protected by a Security Gateway. Certkiller is generating a report for the information-technology audit department. The report must include the name of the Security Policy installed on each remote Security Gateway, the date and time the Security Policy was installed, and general performance statistics (CPU Use, average CPU time, active real memory, etc.). Which SmartConsole application should Certkiller use to gather this information?
A. SmartUpdate
B. SmartView Status
C. SmartView Tracker
D. SmartLSM
E. SmartView Monitor

Correct Answer: E
QUESTION 142
How can you reset Secure Internal Communications (SIC) between a SmartCenter Server and Security Gateway?
A. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security-Gateway from SmartDashboard
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the actrvation key Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC)
C. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of SmartCenter Server>-.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of security Gateway>-.
E. Re-install the Security Gateway

Correct Answer: B
QUESTION 143
Which NGX feature or command allows Security Administrators to revert to earlier versions of the Security Policy without changing object configurations?
A. upgrade_export/upgrade_import
B. Policy Package management
C. fwm dbexport/fwm dbimport
D. cpconfig
E. Database Revision Control

Correct Answer: B
QUESTION 144
Certkiller is the Security Administrator for Certkiller .com’s large geographically distributed network. The internet connection at one of her remote sites failed during the weekend, and the Security Gateway logged locally for over 48 hours. Certkiller is concerned that the logs may have consumed most of the free space on the Gateway’s hard disk. Which SmartConsole application should Certkiller use, to view the percent of free hard-disk space on the remote Security Gateway?
A. SmartView Status
B. SmartView Tracker
C. SmartUpdate
D. SmartView Monitor
E. SmartLSM

Correct Answer: D
QUESTION 145
Certkiller is recently hired as the Security Administrator for a public relations company. Certkiller’s manager has asked her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Certkiller must propose a plan based on the following required and desired results Required Result #1: Do not purchase new hardware Required Result #2: Use configuration changes that do not reduce security Desired Result #1: Reduce the number of explicit rules in the Rule Base Desired Result #2: Reduce the volume of logs Desired Result #3: Improve the Gateway’s performance Proposed Solution: Certkiller recommends the following changes to the Gateway’s configuration:
1.
Replace all domain objects with network and group objects.

2.
Stop logging Domain Name over UDP (queries)

3.
Use Global Properties, instead of explicit rules, to control ICMP. VRRP, and RIP. Does Certkiller’s proposed solution meet the required and desired result s?
A. The solution meets the required results, and two of the desired results
B. The solution does not meet the required results
C. The solution meets all required results, and none of the desired results
D. The solution meets all required and desired results
E. The solution meets the required results, and one of the desired results
Correct Answer: A
QUESTION 146
What is a Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and SmartDefense Policies
B. The specific Policy used by Eventia Reporter to configure log-management practices
C. The state of the Policy once installed on a Security Gateway
D. A Policy created by Eventia Reporter to generate logs
E. The collective name of the logs generated by Eventia Reporter

Correct Answer: B
QUESTION 147
To change an existing ClusterXL cluster object from Multicast to Unicast mode, what configuration change must be made?
A. Change the cluster mode to Unicast on the cluster object Reinstall the Security Policy
B. Reset Secure Internal Communications (SIC) on the cluster-member objects. Reinstall the Security Policy
C. Run cpstop and cpstart, to reenable High Availability on both objects. Select Pivot mode in cpconfig
D. Change the cluster mode to Unicast on the cluster-member object
E. Switch the internal network’s default Security Gateway to the pivot machine’s IP address

Correct Answer: A
QUESTION 148
Which command line interface utility allows the administrator to verify the name and timestamp of the Security Policy currently installed on a firewall module?
A. fw stat
B. fw ver
C. fw cog
D. fw print
E. fw ctl
F. fw printlic
G. fw ctl pstat

Correct Answer: A
QUESTION 149
When logging into SmartDashboard for the second time, what information is no longer requested?
A. User Name
B. Password
C. Finger verification
D. SmartCenter Server IP

Correct Answer: C
QUESTION 150
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the external interface of the firewall and the Internet. What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Publish a proxy ARP entry on the internal web server instead of the firewall for the valid IP address.
B. Place a static route on the router from the valid IP address to the firewall’s external address.
C. Place a static route on the router from the valid IP address to the internal web server.
D. Publish a proxy ARP entry on the router from the valid IP address to the firewall’s external address.
Correct Answer: B QUESTION 151
When launching SmartDashboard, what information is required to log into VPN-1 NGX?
A. Password, SmartCenter Server IP
B. User Name, SmartCenter Server IP, certificate fingerprint file
C. Password, SmartCenter Server IP, LDAP Server
D. User Name, Password, SmartCenter Server IP

Correct Answer: D
QUESTION 152
Your current security scenario gives you the option to choose between a stand-alone installation or a
distributed installation.
Which of the following factors would cause you to decide in favour of the stand-alone installation?

A. You are required to use Clientless VPN.
B. You are required to use Windows as operating system.
C. You are required to install HFA’s on the Security Gateway via SmartUpdate.
D. You are required to use few hardware resources as possible.

Correct Answer: D
QUESTION 153
You are a Security Administrator configuring Static NAT on an internal host-node object. You clear the box “Translate destination on client side”, accessed from Global Properties > NAT settings > Automatic NAT. Assuming all other Global Properties NAT settings are selected, what else must be configured for automatic Static NAT to work?
A. The NAT IP address must be added to the anti-spoofing group of the internal Gateway interface
B. Two address-translation rules in the Rule Base
C. No extra configuring needed
D. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway’s external interface
E. A dynamic route, to ensure packets destined for the public NAT IP address will reach the Gateway’s internal interface

Correct Answer: A
QUESTION 154
You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows: Source: Any Destination: web_public_IP Service: Any Translated Source: original Translated Destination: web_private_IP Service: original “web_public_IP” is the node object that represents the public IP address of the new Web server. “web_private_IP” is the node object that represents the new Web site’s private IP address. You enable all settings from the Global Properties > NAT. When you try to browse the Web server from the Internet, you see the error “page cannot be displayed”. Which of the following is NOT a possible reason?
A. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
B. There is no ARP table entry for the public IP address of the protected Web server.
C. There is no route defined on the Security Gateway for the public IP address to the private IP address of the Web server.
D. There is an ARP entry on the Gateway but the settings “Merge Manual proxy ARP” and “Automatic APR configuration” are enabled in Global Properties. The Security Gateway ignores manual ARP entries.

Correct Answer: C
QUESTION 155
Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates:
A. may be used for securing internal network communications between the Security Gateway and an OPSEC device.
B. for the SmartView Tracker are created during the SmartCenter Server installation.
C. for NGX Security Gateways are created during the SmartCenter Server installation.
D. decrease network security by securing administrative communication among the SmartCenter Servers and the Security Gateway

Correct Answer: A
QUESTION 156
What settings in the “Track” field of your rules would you use to configure what types of information are
sent to Dshield.org?
Depending on how:

A. the Logs and Masters settings for the SmartCenter Server object, rules with tracking set to Log or None.
B. SmartDefense > DShield Storm Center is configured, rules with tracking set to Alerts or User Defined Alerts.
C. Web Intelligence > Information Disclosure is configured, rules with tracking set to User Defined Alerts or SNMP trap.
D. The Global Properties is configured, in the Log and Alerts section, rules with tracking set to Account or SNMP trap.

Correct Answer: B
QUESTION 157
VPN-1 NGX uses ____________ to retrieve the Interface Name, IP Address, and Network Mask when an administrator clicks the GET button in the Interfaces tab of an Externally Managed VPN Gateway object.
A. URI
B. Ioctl
C. SNMP
D. Control Connection

Correct Answer: C
QUESTION 158
Certkiller .com has a small Check Point installation which includes one Windows 2003 server working as
SmartConsole and a second server running SPLAT working as both SmartCenter server and the Security
Gateway.
This is an example of:

A. Hybrid Installation
B. StandAlone Installation
C. Unsupported Configuration
D. Distribution Installation
Correct Answer: B

FLYDUMPS has updated the latest version of CheckPoint 156-215 exam, which is a hot exam of Microsoft certification. FLYDUMPS provides you everything that you need to pass your CheckPoint 156-215 certification exam. Passcert also provides you the CheckPoint 156-215 exam objectives with there detailed and verified answer relevant to your certification.With our CheckPoint 156-215 practice test, you can be rest assured that you will pass your CheckPoint 156-215 Exam on Your First Try.

Welcome to download the newest Examwind 1Z0-052 dumps: http://www.examwind.com/1Z0-052.html

Cisco 300-115 Study Guide Book, Buy Discount Cisco 300-115 Real Exam On Our Store

Continue Reading

CheckPoint 156-215 Exam Cost, The Most Recommended CheckPoint 156-215 Study Guide Is Your Best Choice

Welcome to download the newest Examwind 70-496 dumps:

The reason of the CheckPoint 156-215 exam sample questions are to take along together in one download all the facts on the CheckPoint 156-215 Professional in CheckPoint 156-215 and practice with this testing material and test pattern can develop a new confident and developed skill in those applicants who want to move on. At FLYDUMPS, we provide SPHR exam sample questions that will show the way to CheckPoint 156-215  certification without any help from CheckPoint 156-215 book. Whether you decide in favor of CheckPoint 156-215 The Professional in CheckPoint 156-215 or you go for CheckPoint 156-215 exam you will a training better than anyone or anywhere else. Now it is your time to avail the actual CheckPoint 156-215 products and pass CheckPoint 156-215 Certifications CheckPoint 156-215 exam with 100% guarantee. FLYDUMPS provide the very best CheckPoint 156-215 exam questions and take the worry of attending CheckPoint 156-215 exam off their mind.

QUESTION 171
During which step in the installation process is it necessary to note the fingerprint for first-time verification?
“Pass Any Exam. Any Time.” – www.actualtests.com 69 Checkpoint 156-215-71: Practice Exam
A. When establishing SIC between the Security Management Server and the Gateway
B. When configuring the Security Management Server using cpconfig
C. When configuring the Security Gateway object in SmartDashboard
D. When configuring the Gateway in the WebUl

Correct Answer: B QUESTION 172
What’s the difference between the SmartView Tracker Tool section in R71 and NGX R65?
A. Tools section in R71 is exactly the same as the tools section in R65
B. Using R71. You can choose a program to view captured packets.
C. Enable Warning Dialogs option is not available in R71
D. R71 adds a new option to send ICMP packets to the source/destination address of the log event

Correct Answer: B QUESTION 173
Your organization has many Edge Gateways at various branch offices allowing users to access company resources. For security reasons, your organization’s Security Policy requires all Internet traffic initiated behind the Edge Gateways first be inspected by your headquarters’ R71 Security Gateway. How do you configure VPN routing in this star VPN Community?
ActualTests.com
A. To Internet and other targets only
B. To center or through the center to other satellites, to Internet and other VPN targets
C. To center and other satellites, through center
D. To center only

Correct Answer: B QUESTION 174
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
“Pass Any Exam. Any Time.” – www.actualtests.com 70 Checkpoint 156-215-71: Practice Exam
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard main menu go to Policy > Policy Installation > Targets and select the correct firewall to be put into the list via Specific Targets
D. A Rule Base can always be installed on any Check Point firewall object It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C QUESTION 175
Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

ActualTests.com
A. Nothing at all
B. Modify the Source 01 Destination columns in Rule 4
C. Remove the service HTTPS from the Service column in Rule A
D. Modify the VPN column in Rule 2 to limit access to specific traffic

Correct Answer: D
QUESTION 176
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?
“Pass Any Exam. Any Time.” – www.actualtests.com 71 Checkpoint 156-215-71: Practice Exam
A. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External.Change topology to Others +.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External
C. The Global Properties setting Translate destination on client side is checked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Uncheck the Global Properties setting Translate destination on client side
D. The Global Properties setting Translate destination on client side is unchecked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Check the Global Properties setting Translate destination on client side.
Correct Answer: D
QUESTION 177
What information is provided from the options in this screenshot?

ActualTests.com (i)Whether a SIC certificate was generated for the Gateway (ii)Whether the operating system is SecurePlatform or SecurePlatform Pro (iii)Whether this is a standalone or distributed installation
A. (i), (ii) and (iii)
B. (i) and (iii)
C. (i) and (ii)
D. (ii) and (iii)

Correct Answer: D QUESTION 178
Which type of R71 Security Server does not provide User Authentication?
A. FTP Security Server
B. SMTP Security Server
C. HTTP Security Server
D. HTTPS Security Server

Correct Answer: B QUESTION 179
Which of the following is true regarding configuration of clustering nodes?
A. Cluster nodes do not have to run exactly the same version of CheckPoint package
B. Each node must have exactly the same set of packages as all the other nodes
C. Each cluster node must run exactly the same version of R71
D. You must enable state synchronization
E. You must install R71 as an enforcement module (only) on each node

Correct Answer: BCDE QUESTION 180
Using the Backup and Restore operation on R71, it is possible to: A. Link the all cluster members for failover
B. Upgrade the SmartDashboard
C. Maintain a backup of the SmartCenter Management Server to be used in case of failover
D. Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced
E. Upgrade the SmartCenter Management Server

Correct Answer: CDE
QUESTION 181
What directory in R71 contains all of the Rule Bases, objects, and the user database files?

A. $FWDIR/bin directory
B. Winnt/Config directory
C. $FWDIR/etc directory
D. $FWDIR/conf directory
E. $FWDIR/bin/etc directory

Correct Answer: D
QUESTION 182
Platforms IP290, IP390 and IP560 are flash-based, diskless platforms. And what do you have to do prior to upgrading their images to R71?
A. Backup old images ActualTests.com
B. Do nothing
C. Delete old images
D. Backup their images
E. Restore old images

Correct Answer: C
QUESTION 183
You have not performed software upgrade to NGX R71. You have upgraded your license and every time you try to run commands such as cplic print; cpstop, you receive all sort of errors. In
“Pass Any Exam. Any Time.” – www.actualtests.com 74 Checkpoint 156-215-71: Practice Exam order to resolve this you will have to:
A. Remove the software
B. Do nothing. The error will go away with time
C. Remove the upgraded license
D. Upgrade the software to version NGX
E. Re-upgrade the license to the version before the upgrade
Correct Answer: D
QUESTION 184
What two conditions must be met when you are manually adding CheckPoint appliances to an existing cluster?
A. You must configure interfaces with IP addresses in each of the networks the cluster will connect to
B. R71 is not running on the system you are adding
C. The IP address should be the real IP address of a cluster interface
D. R71 is running on the system you are adding
E. The existing nodes must be running R71 and firewall monitoring is enabled on them

Correct Answer: BE
QUESTION 185
ActualTests.com
When carrying out a backup operation on R71, you will have to backup which of the following files?

A. $FWDIR/conf/objects_5_0.C
B. $FWDIR/conf/rule.fws
C. $FWDIR/database/fwauth.NDB*
D. $FWDIR/conf/rulebases_5_0.fws
E. $FWDIR/database/control.map

Correct Answer: ACD
QUESTION 186
Which tool will you use prior to installation to reduce the risk of incompatibility with the deployment to R71?
A. Compatibility Tool
B. cpconfig
C. Post-Upgrade Verification Tool
D. Pre-Upgrade Verification Tool
E. cpinfo

Correct Answer: D
QUESTION 187
In the RuleBase, which element determines what Firewall should do with a packet?
A. Destination
B. Source
C. Action
D. No
E. Service

Correct Answer: C
QUESTION 188
To distribute or upgrade a package, you must first add it to the Package Repository. You can add packages to the Package Repository from which of the following three locations?
A. User Center
B. Certificate Key
C. Check Point CD
D. Download Center
E. SmartDashboard
Correct Answer: ACD
QUESTION 189
How will you install a rule base? Choose the best answer.
A. After defining your rules in SmartDashboard , choose install from File menu
B. After defining your rules in SmartDashboard, choose Install from Policy menu
C. Before defining your rules in SmartDashboard , choose Install from View menu
D. After defining your rules in SmartDashboard, choose Install from View menu
E. Before defining your rules in SmartDashboard , choose Install from Policy menu

Correct Answer: B
QUESTION 190
How would you disable a rule?

ActualTests.com
A. By selecting the rule, then select “Disable Rule” option from Topology menu in CheckPoint SmartDashboard
B. By selecting the rule, then select “Disable Rule” option from Rules menu in SmartView Tracker
C. By selecting the rule, then select “Disable Rule” option from Rules menu in CheckPoint SmartDashboard
D. By selecting the rule, then select “Disable Rule” option from File menu in CheckPoint SmartDashboard
E. By selecting the rule, then select “Disable Rule” option from Rules menu in SmartView Status

Correct Answer: C
QUESTION 191
Which of the options below best describes the difference between the Drop action and Reject action? ( assume TCP is specified in the service column of your rulebase)
A. Drop action is the same as Reject action
B. With Drop action, the sender is not notified but with Reject action, the user is notified
C. Reject action is the same as Drop action
D. With Drop action, the sender is authenticated but with Reject action, the user is not authenticated
E. With Drop action, the sender is notified but with Reject action, the user is not Notified

Correct Answer: B
QUESTION 192
Your company has headquarters in two countries: Toronto (Canada) and Washington (USA). Each headquarter has a number of branch offices. The branch offices only need to communicate with the headquarter in their country, not with each other i.e. no branch office should communicate with another branch office.
ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 78 Checkpoint 156-215-71: Practice Exam
A. You need to define two stars and a mesh
B. You need to define a star and two meshes
C. You need to define two stars and two mesh
D. You need to define three stars and two meshes
E. You need to define a star and a mesh

Correct Answer: A
QUESTION 193
The negotiation prior to the establishment of a VPN tunnel might result in the production of large packets. Some NAT devices may not fragment large packets correctly making the connection impossible. Which of the following is true as to the resolving this issue?
A. IKE over TCP can be used to solve the problem, though this problem is resolved during IKE phase 2
B. If using NAT-T, you can use Aggressive Mode
C. UDP Encapsulation method uses port number 2746 to resolve this problem
D. If using NAT-T, port 4500 must be enabled
E. IKE over TCP can be used to solve the problem, though this problem is resolved during IKE phase I

Correct Answer: CDE
QUESTION 194
ActualTests.com
How can you delete an automatic NAT rule? See the diagram if you choose wrong answer.

“Pass Any Exam. Any Time.” – www.actualtests.com 79
Checkpoint 156-215-71: Practice Exam
A. By highlighting the rule, click on Rules menu and select delete
B. By highlighting the rule and hit Delete button on your keyboard
C. By highlighting the rule, right-click and select Delete option from the emerging menu
D. By highlighting the rule, click on Edit menu and select delete
E. By modifying the object’s configuration

Correct Answer: E
QUESTION 195
The SmartUpdate command line “cprinstall get” will:
ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 80 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 81 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 82 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 83 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 84 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 85 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 86 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 87 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 88 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 89 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 90 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 91 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 92 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 93 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 94 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 95 Checkpoint 156-215-71: Practice Exam

A. Install Check Point products on remote Check Point gateways
B. Verify if a specific product can be installed on the remote Check Point gateway
C. Obtain details of the products and the Operating System installed on the specified Check Point gateway, and to update the database
D. Verify that the Operating System and currently installed products are appropriate for the package
E. Delete Check Point products on remote Check Point gateways

Correct Answer: C
QUESTION 196
ActualTests.com
You ran a certain SmartUpdate command line in order to find out the location of the product repository, and the result was “Current repository root is set to : /var/suroot/”. What is the command likely to be?
A. cppkg delete
B. cppkg getroot
C. cppkg setroot
D. cppkg add
E. cppkg print

Correct Answer: B
QUESTION 197
You use the cplic db_rm command to remove a license from the license repository on the Security Management server and receive an error message stating that only detached licenses can be removed. How will you go about this in order to get license removed?
A. Go to License Tree in the SmartView Monitor, highlight the license to be removed and then detach it, then re- run cplic db_rm command
B. Run cplic db_rm twice to solve the problem
C. Manually detach the license by using the control panel and the re-run the cplic db_rm command
D. Go to License Tree in the SmartDashboard, highlight the license to be removed and then detach it, then re- run cplic db_rm command
E. Firstly, use cplic del command to detach the license then re-run the cplic db_rm Command

Correct Answer: E
QUESTION 198
What is the difference between the commands cplic db_print and cplic print?
A. cplic print will print licenses on local machine and cplic db_print will display details of licenses in repository on the Security Management server
B. Both commands do the same job
C. cplic db_print will print licenses on local machine and cplic print will display details of licenses in ActualTests.com repository on the Security Gateway
D. cplic print will print licenses on local machine and cplic db_print will print details of licenses in repository on any components
E. cplic db_print will display licenses on local machine and cplic print will display details of licenses in repository on the SmartConsole
Correct Answer: A
QUESTION 199
The SmartUpdate command line ” cprinstall transfer” will:
“Pass Any Exam. Any Time.” – www.actualtests.com 97 Checkpoint 156-215-71: Practice Exam
A. Transfers a package from the repository to a Check Point Security Gateway without installing the package
B. Verify that the Operating System and currently installed products are appropriate for the package
C. Transfers a package from the repository to a Check Point Security Gateway and install the package
D. Obtain details of the products and the Operating System installed on the specified Check Point gateway, and to update the database
E. Verify if a specific product can be installed on the remote Check Point gateway
Correct Answer: A QUESTION 200
What command prints the details of the Check Point licenses?
A. Pkgadd -d
B. Setup
C. Print
D. fw print
E. cplic print

Correct Answer: E
QUESTION 201
ActualTests.com What will the command “d:\winnt\fw1\ng\bin] cppkg add C:\CPsuite-R71” achieve? Where d:\winnt\fw1\ng\bin is package-full-path?
A. It will purge a product package to the product repository
B. It will kill a product package to the product repository
C. It will add a product package to the product repository
D. It will print a product package to the product repository
E. It will delete a product package to the product repository

Correct Answer: C
QUESTION 202
Anti-Spam status is monitored using which of the following tool?
A. Cpconfig
B. SmartView Tracker
C. Eventia Reporter
D. SmartView Monitor
E. SmartDashboard

Correct Answer: D
QUESTION 203
User Monitor details window is shown in the diagram 1 of the SmartView Monitor. Which of the following information you would not get in the window?

ActualTests.com
A. Internal IP
B. User DN
C. VPN Tunnel
D. Security Gateway
E. Connect Time

Correct Answer: C
QUESTION 204
The rule below shows the Encrypt rule in a Traditional Mode Rule Base. What is likely to be Simplified Mode equivalent if the if the connections originates at X and its destination is Y, within any Site-to-Site Community (i.e. All_GW _to_GW).

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 100 Checkpoint 156-215-71: Practice Exam

A. Rule C
B. Rule E
C. Rule A
D. Rule B
E. Rule D

Correct Answer: B
QUESTION 205
SmartDirectory (LDAP) new features include which of the following? Select the all correct answers.
A. The use of authentication algorithm
B. Support of Multiple SmartDirectory (LDAP) Vendors using Profiles
C. Support of multiple SmartDirectory (LDAP) servers
D. High Availability
E. The use of encrypted or non-encrypted SmartDirectory (LDAP) Connections
Correct Answer: BCDE
QUESTION 206
You are configuring IPS, Denial of Service – Teardrop section. Which of the following is true of Teardrop?

A. A denial of service vulnerability has been reported in the Linux Kernel. The vulnerability is due to an error in the Linux Kernel IPv6 over IPv4 tunneling driverthat fails to properly handle crafted network packets. Teardrop is a widely available attack tool that exploits this vulnerability ActualTests.com
B. Some implementations of TCP/IP contain fragmentation re-assembly code that does not properly handle overlapping IP fragments. Sending two IP fragments, the latter entirely contained inside the former, causes the server to allocate too much memory and crash. Teardrop is a widely available attack tool that exploits this vulnerability
C. JPEG is a very popular image file format. Teardrop is a widely available attack tool that exploits this vulnerability Specially crafted JPEG files may be used to create a DoS condition and in some cases, arbitrary code execution
D. Some implementations of TCP/IP are vulnerable to packets that are crafted in a particular way (a SYN packet in which the source address and port are the same as the destination, i.e., spoofed). Teardrop is a widely available attack tool that exploits this vulnerability
E. The attacker sends a fragmented PING request that exceeds the maximum IP packet size (64KB). Some operating systems are unable to handle such requests and crash. Teardrop is a widely available attack tool that exploits this vulnerability

Correct Answer: B
QUESTION 207
Which of the following command will you use to export users from the NGX user database?
A. fwm dbexports
B. fw export
C. fwm export
D. fw dbexport
E. fwm dbexport

Correct Answer: E
QUESTION 208
The diagrams show your network and the encrypt rule. If the source and destination are inside the VPN
Domain of the same gateway i.e. Source X is in Net_A and Destination Y is in Net_B. The connection
originates at X and reaches the gateway, which forwards the response back to Y.
Which of the following is true?

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 103 Checkpoint 156-215-71: Practice Exam

A. The connection from Net_A to Net_B will be authenticated
B. The gateway 1 will need authentication
C. The connection from Net_A to Net_B will not be encrypted ActualTests.com
D. The gateway 1 will drops the connection from Net_A to Net_B
E. The connection from Net_A to Net_B will be encrypted

Correct Answer: C
QUESTION 209
The main drawback to tunneling-mode encryption is:
A. The security of the packet size
B. The decrease in the packet size
C. The increase in the packet size D. The de-cryption of the packet size
E. The quickness of the packet size

Correct Answer: C
QUESTION 210
259 or connect via HTTP at If SecureClient cannot download a new policy from any Policy Server, it will try again after a fixed interval. If the fixed interval is set to default, then the default time is:
A. 8 minutes
B. 4 minutes
C. 5 minutes
D. 3 minutes
E. 10 minutes ActualTests.com

Correct Answer: C
QUESTION 211
Which of the following Security servers can perform authentication tasks but will not be able perform content security tasks?
A. RLOGIN
B. FTP
C. SMTP
D. HTTP
E. HTTPS

Correct Answer: A
QUESTION 212
Which of the following commands would you use to clear an IP- to- physical address translation table when using SecurePlatform?
A. hosts
B. arp
C. ipconfig
D. traceroute
E. vconfig ActualTests.com

Correct Answer: B
QUESTION 213
You are in SecurePlatform and want to configure a new virtual LAN. If the name of NIC card that host is 3C579 and the Vlan identifier is 10, what command would you use to achieve this? Note: If wrong answer
(s)
is/are chosen, see the diagram for correct answer(s) and explanation.

A.
vconfig [interface-name] [vlan_id]

B.
vconfig add 3C579 10

C.
vconfigure add [3C579] [10]

D.
config add 3C579 10

E.
config add [3C579] [10]

Correct Answer: B
QUESTION 214
What command will you use to configure network interfaces settings?
A. configure
B. config
C. ipconfig
D. arp
E. ifconfig

Correct Answer: E QUESTION 215
A user was initiating client authentication session by beginning a TELNET session on port 900. What do you think might be wrong?
ActualTests.com
A. Nothing is wrong.
B. The authentication type should be changed to session authentication.
C. The user was TELNET- ing at wrong port. The user should use port 295.
D. The user was TELNET- ing at the wrong port. The user should use port 259.
E. The authentication type should be changed to user authentication.

Correct Answer: E QUESTION 216
Study the diagram and answer the question below. What type of client GUI is shown in the
“Pass Any Exam. Any Time.” – www.actualtests.com 114 Checkpoint 156-215-71: Practice Exam diagram?

A. Rule Base GUI
B. SmartView Tracker
C. Security Status GUI
D. Security SmartDashboard
E. SmartView Status

Correct Answer: B QUESTION 217
SmartUpdate is the primary tool used for upgrading Check Point gateways. When upgrading your gateway, what feature will you choose if want to upgrade all packages installed on your gateway?
ActualTests.com
A. Minimal Effort Upgrade
B. Add Package to Repository
C. Upgrading the Gateway
D. Upgrade All Packages
E. Zero Effort

Correct Answer: D QUESTION 218
The allowed Sources in the Location tab of the User Properties window specify that the user to
“Pass Any Exam. Any Time.” – www.actualtests.com 115 Checkpoint 156-215-71: Practice Exam whom a User Authentication rule is being applied is not allowed access from the source address, while the rule itself allows access. To resolve this conflict, you will have to:

A. Create an administrator account in place of the user account
B. Install your rule base
C. Re-create the user object
D. Select Allowed Destinations field in the Network Object Properties
E. Configure User Authentication Action Properties screen

Correct Answer: E
QUESTION 219
What services are supported by client authentication?
A. All services
B. FTP
C. RLOGIN D. HTTP and FTP
E. TELNET, HTTP and FTP
F. HTTPS, HTTP and FTP

Correct Answer: A
QUESTION 220
In what situation will you consider and deploy policy management conventions?
A. No available answer
B. In some situations
C. In some rear situations
D. In all situations
E. Not in any situation

Correct Answer: D
QUESTION 221
On the Anti-Spam & Mail tab of the SmartDashboard, you can configure which of the following:

ActualTests.com
A. Select gateways that enforce Anti-Virus checking
B. Enable automatic updates
C. View settings and logs
D. Select gateways that enforce Anti-Spam protection
E. View alerts

Correct Answer: ABCD QUESTION 222
Which of the following is true of Symmetric Encryption?
A. Both communicating parties using Symmetric Encryption use different keys for encryption and decryption
B. The material used to build these keys must be exchanged in a secure manner
C. Both communicating parties using Symmetric Encryption use the same key for encryption and decryption
D. The material used to build these keys does not have to be exchanged in a secure manner
E. Information can be securely exchanged only if the key belongs exclusively to the communicating parties

Correct Answer: BCE

FLYDUMPS offer you detailed CheckPoint 156-215 exam sample questions. Our experts come from different parts of the Industry and are most experienced and qualified to have the opportunity to write the CheckPoint 156-215 exam for us. CheckPoint 156-215 exam sample questions are even more difficult than the actual test. Our CheckPoint 156-215 exam PDF is a mock up of the actual certification exam questions. This technique has been used for a longest time and it is 100% guaranteed. CheckPoint 156-215 exam sample questions provides you everything you will need to take your CheckPoint 156-215 Exam. The CheckPoint 156-215 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical.

Welcome to download the newest Examwind 70-496 dumps: http://www.examwind.com/70-496.html

Cisco 300-080 Dumps PDF, Discount Cisco 300-080 Preparation Materials Online Store

Continue Reading

CheckPoint 156-215 Free Dumps, Latest Updated CheckPoint 156-215 Exam Collection With Accurate Answers

Welcome to download the newest Pass4itsure 200-310 dumps:

The Flydumps New CheckPoint 156-215 practice tests helps the user to keep a check on their learning and understanding and improve for the CheckPoint 156-215 exam. Flydumps makes you pass your exam much easier.

UESTION 111
When you find a suspicious connection from a problematic host, you want to block everything from that whole network, not just the host. You want to block this for an hour, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Create a Suspicious Activity rule in SmartView Tracker.
B. Create a Suspicious Activity Rule in SmartView Monitor.
C. Create an “FW SAM” rule in SmartView Monitor.
D. Select “block intruder” from the Tools menu in the SmartView Tracker.

Correct Answer: B QUESTION 112
Your internal network is using 10.1.1.0/24. This network is behind your perimeter NGX VPN-1 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet?
A. Use automatic Static NAT for network 10.1.1.0/24.
B. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.
C. Use manual Static NAT on the client side for network 10.1.1.0/24
D. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.
E. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.

Correct Answer: D QUESTION 113
Which of these changes to a Security Policy optimizes Security Gateway performance?
A. Using domain objects in rules when possible
B. Using groups within groups in the manual NAT Rule Base
C. Putting the least-used rule at the top of the Rule Base
D. Logging rules as much as possible
E. Removing old or unused Security Policies from Policy Packages

Correct Answer: A QUESTION 114
Nelson is a consultant. He is at a customer’s site reviewing configuration and logs as a part of a security audit. Nelson sees logs accepting POP3 traffic, but he does not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause? The POP3:
A. service is a VPN-1 Control Connection.
B. rule is hidden.
C. service is accepted in Global Properties.
D. service cannot be controlled by NGX.
E. rule is disabled.

Correct Answer: B
QUESTION 115
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Open the Rule Menu, and select Hide and View hidden rules. Select the rule, right-click, and select Disable.
B. Uninstall the Security Policy, and the disable the rule.
C. When a rule is hidden, it is automatically disabled. You do not need to disable the rule again.
D. Run cpstop and cpstart on the SmartCenter Server, then disable the rule.
E. Clear Hide from Rules drop-down menu, then right-click and select “Disable Rule(s)”.

Correct Answer: E
QUESTION 116
Certkiller is the IT auditor for a bank. One of her responsibilities is reviewing the Security Administrators activity and comparing it to the change log. Which application should Certkiller use to view Security Administrator activity?
A. NGX cannot display Security Administrator activity
B. SmartView Tracker in Real-Time Mode
C. SmartView Tracker in Audit Mode
D. SmartView Tracker in Log Mode
E. SmartView Tracker in Activity Mode

Correct Answer: C
QUESTION 117
Andrea has created a new gateway object that she will be managing at a remote location. She attempts to install the Security Policy to the new gateway object, but the object does not appear in the “install on” box. Which of the following is the most likely cause?
A. Andrea has created the object using “New Check Point > VPN-1 Edge Embedded Gateway”
B. Andrea created the gateway object using the “New Check Point > Externally Managed VPN Gateway” option from the Network Objects dialog box.
C. Andrea has not configured anti-spoofing on the interfaces on the gateway object.
D. Andrea has not configure Secure Internal Communications (SIC) for the oject.
E. Andrea created the Object using “New Check Point > VPN-1 Pro/Express Security Gateway” option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Correct Answer: B
QUESTION 118
Certkiller is recently hired as the Security Administrator for Certkiller .com. Jack Bill’s manager has asked
her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Certkiller
must propose a plan based on the following required and desired results:
Required Result #1: Do not purchase new hardware. Required Result #2: Use configuration changes the
do not reduce security. Desired Result #1: Reduce the number of explicit rules in the Rule Base.
Desired Result #2: Reduce the volume of logs.
Desired Result #3: Improve the Gateway’s performance.
Proposed solution:

*
Replace all domain objects with network and group objects.

*
Check “Log implied rules” and “Accept ICMP requests” in Global Properties.

*
Use Global Properties, instead of explicit rules, to control ICMP, VRRP, and RIP. Does Certkiller’s proposed solution meet the required and desired results?

A.
The solution meets all required and desired results.

B.
The solution meets all required, and one of the desired results.

C.
The solution meets all required, and two of the desired results.

D.
The solution meets all required, and none of the desired results.

E.
The solution does not meet the required results.

Correct Answer: E
QUESTION 119
You create implicit and explicit rules for the following network. The group object “internal-networks” include networks 10.10.10.0 and 10.10.20.0. Assume “Accept ICMP requests” is enabled as before last in the Global Properties.

Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet, by IP address? ICMP will be:
A. dropped by rule 0
B. dropped by rule 2, the Cleanup Rule
C. accepted by rule 1
D. dropped by the last implicit rule
E. accepted by the implicit rule

Correct Answer: C
QUESTION 120
What does schema checking do?
A. Authenticates users attempting to access resources protected by an NGX Security Gateway.
B. Verifies that every object class, and its associated attributes, is defined in the directory schema.
C. Maps LDAP objects to objects in the NGX objects_5_0.c files.
D. Verifies the Certificate Revocation List for Certificate Validity.
E. Provides topology downloads for SecuRemote and SecureClient users authenticated by an LDAP

server. Correct Answer: B QUESTION 121
Certkiller is about to test some rule and object changes suggested in an NGX newsgroup. Which backup and restore solution should Certkiller use, to ensure she can most easily restore her Security Policy to its previous configuration, after testing the changes?
A. SecurePlatform backup utilities
B. Manual copies of the $FWDIR/conf directory
C. Upgrade_export and upgrade_import commands
D. Policy Package management
E. Database Revision Control

Correct Answer: E QUESTION 122
You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule
A. internal_clear>All-GwToGw
B. Communities>Communities
C. Internal_clear>External_Clear
D. Internal_clear>Communities
E. Internal_clear>All_communities

Correct Answer: E QUESTION 123
Review the following rules and note the Client Authentication Action properties screen, as shown in the exhibit.

After being authenticated by the Security Gateway when a user starts an HTTP connection to a Web site
the user tries to FTP to another site using the command line. What happens to the user?
The….

A. FTP session is dropprd by the implicit Cleanup Rule.
B. User is prompted from the FTP site only, and does not need to enter username nad password for the Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication by the Security Gateway again.

Correct Answer: B
QUESTION 124
What is the command to see the licenses of the Security Gateway Certkiller from your SmartCenter Server?
A. print Certkiller
B. fw licprint Certkiller
C. fw tab -t fwlic Certkiller
D. cplic print Certkiller
E. fw lic print Certkiller
Correct Answer: D QUESTION 125
Ophelia is the security Administrator for a shipping company. Her company uses a custom application to update the distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateways Rule Base includes a rule to accept this traffic. Ophelia needs to be notified, via atext message to her cellular phone, whenever traffic is accepted on this rule. Which of the following options is MOST appropriate for Ophelia’s requirement?
A. User-defined alert script
B. Logging implied rules
C. SmartViewMonitor
D. Pop-up API
E. SNMP trap

Correct Answer: A
QUESTION 126
Which of the following is the final step in an NGXbackup?
A. Test restoration in a non-production environment, using the upgrade_import command
B. Move the *.tgz file to another location
C. Run the upgrade_export command
D. Copy the conf directory to another location
E. Run the cpstop command

Correct Answer: B
QUESTION 127
Which mechanism is used to export Check Point logs to third party applications?
A. OPSE
B. CPLogManager
C. LEA
D. SmartViewTracker
E. ELA
Correct Answer: C
QUESTION 128
In NGX, what happens if a Distinguished Name (ON) is NOT found in LADP?
A. NGX takes the common-name value from the Certificate subject, and searches the LADP account unit for a matching user id
B. NGX searches the internal database for the username
C. The Security Gateway uses the subject of the Certificate as the ON for the initial lookup
D. If the first request fails or if branches do not match, NGX tries to map the identity to the user id attribute
E. When users authenticate with valid Certificates, the Security Gateway tries to map the identities with users registered in the extemal LADP user database
Correct Answer: D
QUESTION 129
Which command allows you to view the contents of an NGX table?
A. fw tab -s <tablename>-
B. fw tab -t <tablename>-
C. fw tab -u <tablename>-
D. fw tab -a <tablename>-
E. fw tab -x <tablename>-

Correct Answer: B QUESTION 130
The following is cphaprobstate command output from a New Mode High Availability cluster member:

Which machine has the highest priority?
A. 192.168.1.2,since its number is 2
B. 192.168.1.1,because its number is 1
C. This output does not indicate which machine has the highest priority
D. 192.168.1.2, because its state is active

Correct Answer: B
QUESTION 131
What do you use to view an NGX Security Gateway’s status, including CPU use, amount of virtual memory, percent of free hard-disk space, and version?
A. SmartLSM
B. SmartViewTracker
C. SmartUpdate
D. SmartViewMonitor
E. SmartViewStatus

Correct Answer: D
QUESTION 132
Which of the following commands is used to restore NGX configuration information?
A. cpcontig
B. cpinfo-i
C. restore
D. fwm dbimport
E. upgrade_import

Correct Answer: E
QUESTION 133
Which of the following commands shows full synchronizalion status?
A. cphaprob -i list
B. cphastop
C. fw ctl pstat
D. cphaprob -a if
E. fw hastat

Correct Answer: C
QUESTION 134
Which VPN Community object is used to configure VPN routing within the SmartDashboard?
A. Star
B. Mesh
C. Remote Access
D. Map

Correct Answer: A
QUESTION 135
If you are experiencing LDAP issues, which of the following should you check?
A. Secure lnternal Cornrnunicalions(SIC)
B. VPN tunneling
C. Overlapping VPN Domains
D. NGX connectivity
E. VPN Load Balancing

Correct Answer: D
QUESTION 136
Which operating system is not supported byVPN-1 SecureClient?
A. IPS0 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 7 0
E. MacOS X

Correct Answer: A
QUESTION 137
Which Check Point QoS feature issued to dynamically allocate relative portions of available bandwidth?
A. Guarantees
B. Differentiated Services
C. Limits
D. Weighted Fair Queueing
E. Low Latency Queueinq

Correct Answer: D
QUESTION 138
You are running a VPN-1 NG with Application Intelligence R54 SecurePlatform VPN-1 Pro Gateway. The Gateway also serves as a Policy Server. When you run patch add cd from the NGX CD, what does this command allow you to upgrade?
A. Only VPN-1 Pro Security Gateway
B. Both the operating system (OS) and all Check Point products
C. All products, except the Policy Server
D. On~ the patch utility is upgraded using this command
E. Only the OS
Correct Answer: B QUESTION 139
Amanda is compiling traffic statistics for Certkiller .com’s Internet activity during production hours. How could she use SmartView Monitor to find this information? By
A. using the “Traffic Counters” settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day
B. -monitoring each specific user’s Web traffic use.
C. Viewing total packets passed through the Security Gateway
D. selecting the “Tunnels” view, and generating a report on the statistics
E. configuring a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway

Correct Answer: A
QUESTION 140
Certkiller is the Security Administrator for a software-development company. To isolate the corporate network from the developer’s network, Certkiller installs an internal Security Gateway. Jack wants to optimize the performance of this Gateway. Which of the following actions is most likely to improve the Gateway’s performance?
A. Remove unused Security Policies from Policy Packages
B. Clear all Global Properties check boxes, and use explicit rules
C. Use groups within groups in the manual NAT Rule Base
D. Put the least-used rules at the top of the Rule Base
E. Use domain objects in rules, where possible

Correct Answer: D

CheckPoint 156-215 exam sample questions are written to the highest standards of technical accuracy which can make you succeed in the CheckPoint 156-215. CheckPoint 156-215 practice questions and CheckPoint 156-215 pdf test material are backed by one year of free updates, meaning that you will always get the latest updates for your CheckPoint 156-215. As soon as the CheckPoint 156-215 Objectives change, FLYDUMPS CheckPoint 156-215 exam sample questions changes as well. We know your needs and we will help you in passing your CheckPoint 156-215 with confidence.

Welcome to download the newest Pass4itsure 200-310 dumps: http://www.pass4itsure.com/200-310.html

SAP C_TBI30_66 PDF Download, Offer SAP C_TBI30_66 Demos Online

Continue Reading

CheckPoint 156-215 Exam Cost, The Most Recommended CheckPoint 156-215 Study Guide Online Store

Welcome to download the newest Pass4itsure 70-210 dumps:

If you want to pass CheckPoint 156-215 successfully,do not missing to read Flydumps latest CheckPoint 156-215 practice tests.100% Guarantee! All the dumps are updated timely.

QUESTION 141
R71’s INSPECT Engine inserts itself into the kernel between which tow layers of the OSl model?
A. Physical and Data
B. Session and Transport
C. Presentation and Application
D. Data and Network

Correct Answer: C
QUESTION 142
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the “I”, “I”, and ‘o’ inspection points, but not in the ‘O’ inspection. Which is the likely source of the issue?
A. The packet has been sent out through a VPN tunnel unencrypted.
B. An IPSO ACL has blocked the outbound passage of the packet.
C. A SmartDefense module has blocked the packet
D. It is an issue with NAT

Correct Answer: D
QUESTION 143
Your company has two headquarters, one in London, and one in New York Each office includes ActualTests.com several branch offices. The branch offices need to rate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of:
A. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the center of the Community and its branches as satellites The mesh Community includes only New York and London Gateways.
B. One star Community with the option to “mesh” the center of the star: New York and London Gateways added to the center of the star with the mesh canter Gateways option checked, all London branch offices defined m one satellite window, but all New York branch offices defined m another satellite window.
C. Two mesh and one star Community One mesh Community is set up for each of the headquarters and its branch offices The star Community is configured with London as the center of the Community and New York is the satellite.
D. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one for London and New York headquarters.

Correct Answer: A
QUESTION 144
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped Security Policy?
A. Pop-up alert script
B. User-defined alert script
C. Custom scripts cannot be executed through alert scripts
D. SNMP trap alert script

Correct Answer: B
QUESTION 145
The command fw fetch causes the:
A. Security Management Server to retrieve the IP addresses of the target Security Gateway. ActualTests.com
B. Security Gateway to retrieve the compiled policy and inspect code from the Security Management Server and install it to the kernel
C. Security Gateway to retrieve the user database information from the tables on the Security Management Server
D. Security Management Server to retrieve the debug logs of the target Security Gateway

Correct Answer: B
QUESTION 146
You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credential. What must happen after authentication that
“Pass Any Exam. Any Time.” – www.actualtests.com 58 Checkpoint 156-215-71: Practice Exam allows the client to connect to the Security Gateway’s VPN domain?
A. Active-X must be allowed on the client.
B. An office mode address must be obtained by the client.
C. SNX modifies the routing table to forward VPN traffic to the Security Gateway.
D. The SNX client application must be installed on the client.

Correct Answer: A
QUESTION 147
Which authentication type requires specifying a contact agent in the Rule Base?
A. Client Authentication with Partially Automatic Sign On
B. User Authentication
C. Session Authentication
D. Client Authentication with Manual Sign On

Correct Answer: C
QUESTION 148
You find a suspicious FTP connection trying to connect to one of your internal hosts. How do you block it m real time and verify it is successfully blocked?
A. Highlight the suspicious connection in SmartView Tracker > Active mode. Block it using Tools > ActualTests.com Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”.
B. Highlight the suspicious connection in SmartView Tracker > Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
C. Highlight the suspicious connection in SmartView Tracker > Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view.
D. Highlight the suspicious connection in SmartView Tracker > Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”.

Correct Answer: B
QUESTION 149
Your network includes a SecurePlatform machine running NG with Application Intelligence (Al) R55. This configuration acts as both the primary Security Management Server and VPN-1 Pro Gateway. You add one machine, so you can implement Security Gateway R71 in a distributed environment. The new machine is an Intel CoreDuo processor, with 2 GB RAM and a 500-GB hard drive. How do you use these two machines to successfully migrate the NG with Al R55 configuration?
A. 1. On the existing machine, export the NG with AJ R55 configuration to a network share.
2.
Insert the R71 CD-ROM in the old machine Install the R7D Security Gateway only while reinstalling the SecurePlatform OS over the top of the existing installation. Complete sysconfig.

3.
On the new machine, install SecurePlatform as the primary Security Management Server only.

4.
Transfer the exported. tgz file into the new machine, import the configuration, and then reboot

5.
Open SmartDashboard, change the Gateway object to the new version, and reset SIC for the
Gateway object.

B. 1. Export the configuration on the existing machine to a tape drive
2.
Uninstall the Security Management Server from the existing machine, using sysconfig.

3.
Insert the R71 CD-ROM. run the patch add CD-ROM command to upgrade the existing machine to the R71 Security Gateway, and reboot

4.
Install a new primary Security Management Server on the new machine

5.
Change the Gateway object to the new version, and reset SIC
C. 1. Export the configuration on the existing machine to a network share
2.
Uninstall the Security Gateway from the existing machine, using sysconfig

3.
Insert the R71 CD ROM. and run the patch add CD-HGM command to upgrade the Security
Management Server to Security Gateway R 70
4.
Select upgrade with imported file, and reboot

5.
Install a new R71 Security Gateway as the only module on the new machine, and reset SIC to the new Gateway ActualTests.com
D. 1. Export the configuration on the existing machine as a backup only
2.
Edit $FWDIR\product. conf on the existing machine, to disable the VPN-1 Pro Gateway package

3.
Reboot the existing machine

4.
Perform an in place upgrade on the Security Management Server using the command “patch odd cd”

5.
On the new machine, install SecurePlatform as the R71 Security Gateway only

6.
Run sysconfig to complete the configuration

7.
From SmartDashboard, reconfigure the Gateway object to the new version, and reset SIC

Correct Answer: A
QUESTION 150
How can you access the Certificate Revocation List (CRL) on the firewall, if you have configured a Stealth Rule as the first explicit rule?
A. You can access the Revocation list by means of a browser using the URL: <https: //IP-FW: 18264/ICA_CRLI.crl> provided the implied rules are activated per default
B. The CRL is encrypted, so it is useless to attempt to access it.
C. You cannot access the CRL, since the Stealth Rule will drop the packets
D. You can only access the CRI via the Security Management Server as the internal CA is located on that server
Correct Answer: A
QUESTION 151
What port is used for communication to the User Center with SmartUpdate?
A. CPMI200
B. HTTPS443
C. HTTP 80
D. TCP 8080

Correct Answer: B
QUESTION 152
ActualTests.com You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interface and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.
A. /etc/conf/route.C
B. /etc/sysconfig/netconf.C
C. /etc/sysconfig/network-scripts/ifcfg-ethx
D. /etc/sysconfig/network

Correct Answer: B
QUESTION 153
You are Security Administrator preparing to deploy a new HFA (HOTfix Accumulator) to ten Security Gateways at five geographically separate locations.
What is the BEST method to implement this HFA?
A. Send a Certified Security Engineer to each site to perform the update.
B. Use SmartUpdate to install the packages to each of the Security Gateways remotely
C. Use a SSH connection to SCP the HFA to each Security Gateway. Once copied locally, imitate a remote installation command and monitor the installation progress with SmartView Monitor
D. Send a CD-ROM with the HFA to each location and have local personnel install it.

Correct Answer: B
QUESTION 154
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.

Correct Answer: C
QUESTION 155
Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. Policy Package management
B. dbexport/dbimport
C. Database Revision Control
D. upgrade_export/upgrade_import
Correct Answer: C QUESTION 156
Your Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker’s IP at a peak time of day?
A. SAM – Block Intruder feature of SmartView Tracker
B. Intrusion Detection System (IDS) Policy install
C. SAM – Suspicious Activity Rules feature of SmartView Monitor
D. Change the Rule Base and install the Policy to all Security Gateways

Correct Answer: C QUESTION 157
Which of the following statements about the Port Scanning feature of IPS is TRUE?
A. The default scan detection is when more than 500 open inactive ports are open for a period of 120 seconds
B. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
C. Port Scanning does not block scanning; it detects port scans with one of three levels of detection sensitivity.
D. When a port scan is detected, only a log is issued, never an alert ActualTests.com

Correct Answer: C QUESTION 158
Certificates for Security Gateways are created during a simple initialization from______.
A. SmartUpdate
B. sysconfig
C. The ICA management tool.
D. SmartDashboard

Correct Answer: D QUESTION 159
Reviews the following rules and note the Client Authentication Action properties screen, as shown below: After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:

ActualTests.com
A. User is prompted from that FPT site only, and does not need to enter his user name and password for Client Authentication.
B. User is prompted for Authentication by the Security Gateway again.
C. FTP data connection is dropped after the user is authenticated successfully.
D. FTP connection is dropped by rules 2.

Correct Answer: A QUESTION 160
A Web server behind the Security Gateway is set to Automatic Static NAT Client side NAT is
“Pass Any Exam. Any Time.” – www.actualtests.com 64 Checkpoint 156-215-71: Practice Exam enabled in the Global Properties. A client on the Internet initiates a session to the Web Server. On the initiating packet, NAT occurs on which inspection point?
A. I B. O
B. o
C. i

Correct Answer: B QUESTION 161
Which of the following statements about file-type recognition in Content Inspection is TRUE?
A. Antivirus status is monitored using SrnartView Tracker.
B. A scan failure will only occur if the antivirus engine fails to initialize.
C. All file types are considered “at risk”, and are not configurable by the Administrator or the Security Policy.
D. The antivirus engine acts as a proxy, caching the scanned file before delivering it to the client.

Correct Answer: D QUESTION 162
Which Security Gateway R71 configuration setting forces the Client Authentication authorization time-out to refresh, each time a new user is authenticated? The:
ActualTests.com
A. Global Properties > Authentication parameters, adjusted to allow for Regular Client Refreshment
B. Time properties, adjusted on the user objects for each user, in the source of the Client Authentication rule
C. IPS > Application Intelligence > Client Authentication > Refresh User Timeout option enabled
D. Refreshable Timeout setting, in the Limits tab of the Client Authentication Action Properties screen

Correct Answer: D QUESTION 163
“Pass Any Exam. Any Time.” – www.actualtests.com 65 Checkpoint 156-215-71: Practice Exam What information is found in the SmartView Tracker Management log?
A. Most accessed Rule Base rule
B. Number of concurrent IKE negotiations
C. SIC revoke certificate event
D. Destination IP address

Correct Answer: C QUESTION 164
When configuring objects in SmartMap, it helps if you________ the objects so that they may be used in a policy rule.
A. Expand
B. Actualize
C. Physically connect to
D. Save

Correct Answer: B QUESTION 165
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
ActualTests.com
A. First
B. Before Last
C. Last
D. After Stealth Rule

Correct Answer: C QUESTION 166
Your organization’s disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R71 installation. Your plan must meet the following required and desired objectives: “Pass Any Exam. Any Time.” – www.actualtests.com 66 Checkpoint 156-215-71: Practice Exam Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours.
Desired Objective: The R71 components that enforce the Security Polices should be blocked up at least
once a week.
Desired Objective: Back up R71 logs at least once a week
Your disaster recovery plan is as follows:

Use the cron utility to run the upgrade_ export command each night on the Security Management Servers.
Configure the organization’s routine backup software to back up the files created by the upgrade_ export
command.

Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night
Use the cron utility to run the upgrade export: command each Saturday niqht on the log servers
Configure an automatic, nightly loqswitch
Configure the organization’s routine backup software to back up the switched logs every night
Upon evaluation, your plan:

A. Meets the required objective but does not meet either desired objective.
B. Does not meet the required objective.
C. Meets the required objective and only one desired objective.
D. Meets the required objective and both desired objectives.

Correct Answer: D QUESTION 167
Your Rule Base includes a Client Authentication rule, using partial authentication and standard sign-on for HTTP, Telnet, and FTP services. The rule was working, until this morning. Now users are not prompted for authentication, and they see error “page cannot be displayed” in the browser. In SmartView Tracker, you discover the HTTP connection is dropped when the Gateway is the destination. What caused Client Authentication to fail?
A. You added a rule below the Client Authentication rule, blocking HTTP from the internal network.
B. You added the Stealth Rule before the Client Authentication rule.
C. You disabled R71 Control Connections in Global Properties.
D. You enabled Static NAT on the problematic machines.

Correct Answer: B QUESTION 168
Which SmartConsole component can Administrators use to track remote administrative activities?
A. WebUI
B. Eventia Reporter
C. SmartView Monitor
D. SmartView Tracker

Correct Answer: D QUESTION 169
Which of the following statements regarding SecureXL and CoreXL is TRUE?
A. SecureXL is an application for accelerating connections.
B. CoreXL enables multi-core processing for program interfaces.
C. SecureXL is only available in R71.
D. CoreXL is included in SecureXL.

Correct Answer: A QUESTION 170

Flydumps is an excellent source of information on IT Certifications. In the Flydumps, you can find study skills and learning materials for your exam. Flydumps CheckPoint 156-215 dumps are studied by the experienced IT experts. It has a strong accuracy and logic. To encounter Flydumps,  you will encounter the best CheckPoint 156-215 dumps. You can rest assured that using our CheckPoint 156-215 dumps. With it, you have done fully prepared to meet this CheckPoint 156-215 exam.

Welcome to download the newest Pass4itsure 70-210 dumps: http://www.pass4itsure.com/70-210.html

SAP C_TADM51702 New Questions, First-hand SAP C_TADM51702 Cert Online Sale

Continue Reading

CheckPoint 156-215 Free Dowload, The Most Effective CheckPoint 156-215 Study Guide Are The Best Materials

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html
Amazing,100% candidates have pass the CheckPoint 156-215 exam by practising the preparation material of Flydumps,beacuse the brain dumps are the latest and cover every aspect of CheckPoint 156-215 eaxm.Download the dumps for an undeniable success in CheckPoint 156-215 exams.

QUESTION 126
Which rule is responsible for the installation failure?
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215-71: Practice Exam

A. Rule 4
B. Rule 3
C. Rule 5
D. Rule 6

Correct Answer: A QUESTION 127
If you experience unwanted traffic from a specific IP address, how can you stop it most quickly? ActualTests.com
A. Check anti-spoofing settings
B. Configure a rule to block the address
C. Create a SAM rule
D. Activate an IPS protection

Correct Answer: C QUESTION 128
You are evaluating the configuration of a mesh VPN Community used to create a site-to-site VPN. This graphic displays the VPN properties in this mesh Community
“Pass Any Exam. Any Time.” – www.actualtests.com 50 Checkpoint 156-215-71: Practice Exam

Which of the following would be a valid conclusion?
A. The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R71 supports.
B. Changing the setting Perform IPsec data encryption with from AES-128 to 3DES will increase the encryption overhead.
C. Changing the setting Perform key exchange encryption with 3DES to DES will enhance the VPN Community’s security, and reduce encryption overhead.
D. Change the data-integrity settings for this VPN CommunitybecauseMD5 is incompatible with AES.

Correct Answer: A
QUESTION 129
You just installed a new Web server in the DMZ that must be reachable from the Internet You create a manual Static NAT rule as follows:
“Pass Any Exam. Any Time.” – www.actualtests.com 51 Checkpoint 156-215-71: Practice Exam

“web_publicIP” is the node Object that represents the public IP address of the new Web server. “web_privateIP” is the node object that represents the new Web site’s private P address You enable all settings from Global Properties > NAT.
When you try to browse the Web server from the Internet, you see the error ‘page cannot be displayed” Which of the following is NOT a possible reason?
A. There is no route defined on the Security Gateway for the public IP address to the private IP address of the Web server.
B. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
C. There is an ARP entry on the Gateway but the settings Merge Manual proxy ARP and Automatic ARP configuration are enabled in Global Properties. The Security Gateway ignores manual ARP entries.
D. There is no ARP table entry for the public IP address of the protected Web server

Correct Answer: A QUESTION 130
Which of the following SSL Network Extender server-side prerequisites is NOT correct?
A. The Gateway must be configured to work with Visitor Mode.
B. There are distinctly separate access rules required for SecureClient users vs. SSL Network Extender users.
C. To use Integrity Clientless Security (ICS), you must install the IC3 server or configuration tool.
D. The specific Security Gateway must be configured as a member of the Remote Access Community

Correct Answer: B QUESTION 131
You need to determine if your company’s Web servers are accessed an excessive number of times from the same host. How would you configure this in the IPS tab?
A. Successive multiple connections
B. Successive alerts
C. Successive DoS attacks
D. HTTP protocol inspection

Correct Answer: A QUESTION 132
What does it indicate when a Check Point product name includes the word “SMART”?
A. Stateful Management of all Routed Traffic.
B. This Check Point product is a GUI Client.
C. Security Management Architecture.
D. The Check Point product includes Artificial Intelligence.

Correct Answer: C QUESTION 133
How many times is the firewall kernel invoked for a packet to be passed through a VPN connection?
A. Three times
B. Twice
C. Once
D. None The IPSO kernel handles it Correct Answer: C
QUESTION 134
When attempting to connect with SecureClient Mobile the following error message is received. The certificate provided is invalid. Please provide the username and password.
What is the probable cause of the error?
A. The certificate provided is invalid.
B. The user’s credentials are invalid.
C. The user attempting to connect is not configured to have an office mode IP address so the connection failed.
D. There is no connection to the server, and the client disconnected.

Correct Answer: A
QUESTION 135
The fw stat -l command includes all of the following except:
A. The number of packets that have been inspected
B. The date and time of the policy that is installed.
C. The number of times the policy has been installed ActualTests.com
D. The number of packets that have been dropped

Correct Answer: A
QUESTION 136
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the cpconfig command and put in the same activation key in the Gateway’s object on the Security Management Server Unfortunately SIC cannot be established. What is a possible reason for the problem?
“Pass Any Exam. Any Time.” – www.actualtests.com 54 Checkpoint 156-215-71: Practice Exam
A. The installed policy blocks the communication.
B. Joe forgot to reboot the Gateway.
C. Joe forgot to exit from cpconfig.
D. The old Gateway object should have been deleted and recreated.

Correct Answer: C
QUESTION 137
The TotallyCoolSecurity Company has a large security staff. Bob configured a new IPS Chicago_Profile for fw-chicago using Detect mode. After reviewing logs, Matt noticed that fw- chicago is not detecting any of the IPS protections that Bob had previously setup. Analyze the output below and determine how can correct the problem.

A. Matt should re-create the Chicago_Profile and select Activate protections manually Instead of ActualTests.com per the IPS Policy
B. Matt should activate the Chicago_Profile as it is currently not activated
C. Matt should assign the fw-chicago Security Gateway to the Chicago_Profile
D. Matt should change the Chicago_Profile to use Protect mode because Detect mode will not work.

Correct Answer: C
QUESTION 138
Which statement below describes the most correct strategy for implementing a Rule Base?
“Pass Any Exam. Any Time.” – www.actualtests.com 55 Checkpoint 156-215-71: Practice Exam
A. Add the Stealth Rule before the last rule.
B. Umit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Place a network-traffic rule above the administrator access rule.

Correct Answer: C
QUESTION 139
An Administrator without access to SmartDashboard installed a new IPSO-based R71 Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy?
A. You first need to create a new UTM-1 Gateway object, establish SIC via the Communication button, and define the Gateway’s topology.
B. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server You must initialize SIC on the Security Management Server.
C. An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance Resolve by running the tw unloadlocal command on the local Security Gateway.
D. You first need to run the fw unloadlocal command on the R71 Security Gateway appliance in order to remove the restrictive default policy.
Correct Answer: B
QUESTION 140
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
A. diag
B. cpinfo -o date.cpinfo.txt
C. netstat > date.netstat.txt
D. cpstat > date.cpatat.txt

Correct Answer: B

CheckPoint 156-215 exam dumps provide you with test questions that are covered in details and utmost care is taken in selecting the right answers. Top IT industry experts and professionals make sure that the students get thoroughly researched 100% authentic answers.The CheckPoint 156-215 exam dumps are available in pdf and software format. This makes it very convenient for you to follow the course study and exam whenever and wherever you want.

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html

CheckPoint 156-215 Free Dowload, The Most Effective CheckPoint 156-215 Study Guide Are The Best Materials

Continue Reading

CheckPoint 156-215 Qs&As, Best CheckPoint 156-215 Certification Are The Best Materials

Welcome to download the newest Dumpsoon 70-411 VCE dumps: http://www.dumpsoon.com/70-411.html

Flydumps offers the first-hand CheckPoint 156-215 exam real questions and answers, by train the latest CheckPoint 156-215 PDF and VCE dumps,you will well prepare for the CheckPoint 156-215 exam. Visit Flydumps.com to get free new version for training.

QUESTION 92
A digital signature:
A. Uniquely encodes the receiver of the key.
B. Provides a secure key exchange mechanism over the Internet.
C. Guarantees the authenticity and integrity of a message.
D. Automatically changes the shared keys.
E. Decrypts data to its original form.

Correct Answer: C
QUESTION 93
You are setting up a Virtual Private Network, and must select an encryption scheme. Your data is extremely business sensitive and you want maximum security for your data communications. Which encryption scheme would you select?
A. Tunneling mode encryption
B. In-place encryption
C. Either one will work without compromising performance

Correct Answer: A
QUESTION 94
You have just started a new job as the Security Administrator for Certkiller . Your boss has asked you to ensure that peer-to-peer file sharing is not allowed past the corporate Security Gateway. Where should you configure this?
A. SmartDashboard > SmartDefense
B. SmartDashboard > WebDefense
C. By editing the file $FWDIR/conf/application_intelligence.C
D. SmartDashboard > Policy > Global Properties > Malicious Activity Detection
E. SmartDashboard > Web Intelligence

Correct Answer: A
QUESTION 95
Amy is configuring a User Authentication rule for the technical-support department to access an intranet server. What is the correct statement?
A. The Security Server first checks if there is any rule tat does not require authentication for this type of connection.
B. The User Authentication rule must be placed above the Stealth Rule.
C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
D. Amy can only use the rule for Telnet, FTP, and rlogin services.
E. Amy can limit the authentication attempts in the Authentication tab of the User Properties screen.

Correct Answer: A
QUESTION 96
How can you unlock an administrator’s account, which was been locked due to SmartCenter Access settings in Global Properties?
A. Type fwm lock_admin -ua from the command line of the SmartCenter Server.
B. Clear the “locked” box from the user’s General Properties in SmartDashboard.
C. Type fwm unlock_admin -ua from the command line of the SmartCenter Server.
D. Type fwm unlock_admin -ua from the command line of the Security Gateway.
E. Delete the file admin.lock in the $FWDIR/tmp/ directory of the SmartCenter Server.
Correct Answer: A
QUESTION 97
How many administrators can be created during installation of the SmartCenter Server?
A. Only one
B. Only one with full access and one with read-only access
C. As many as you want
D. Depends on the license installed on the SmartCenter Server
E. Specified in the Global Properties
Correct Answer: A QUESTION 98
Which SmartConsole tool verifies the installed Security Policy name?
A. SmartView Status
B. Eventia Reporter
C. SmartView Server
D. SmartUpdate
E. SmartView Tracker

Correct Answer: E
QUESTION 99
Ilse manages a distributed NGX installation for Certkiller .com. Ilse needs to know which Security Gateways have licenses that will expire within the next 30 days. Which SmartConsole application should Ilse use to gather this information?
A. SmartView Monitor
B. SmartUpdate
C. SmartDashboard
D. SmartView Tracker
E. SmartView Status

Correct Answer: B
QUESTION 100
Herman is attempting to configure a site-to-site VPN with one of his firm’s business partner. Herman thinks Phase 2 negotiations are failing. Which SmartConsole application should Herman use to confirm his suspicions?
A. SmartUpdate
B. SmartView Tracker
C. SmartView Monitor
D. SmartDashboard
E. SmartView Status

Correct Answer: C
QUESTION 101
How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?
A. Launch cpconfig and select “Administrators”.
B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security Administrator’s password.
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the “Password” portion of the file. The log in to the account without password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator’s account. Recreate the account with the same name.
Correct Answer: E
QUESTION 102
What happens when you select File > Export from the SmartView Tracker menu?
A. It is not possible to export an old log file, only save and switch in SmartView Tracker.
B. Current logs are exported to a new *.log file.
C. Exported log entries are still viewable in SmartView Tracker.
D. Exported log entries are deleted from fw.log.
E. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.

Correct Answer: E
QUESTION 103
Which type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets?
A. SMURF
B. Small PMTU
C. Host System Hogging
D. LAN
E. SYN-Flood

Correct Answer: B
QUESTION 104
What is the proper command for exporting users in LDAP format?
A. fw dbexport -f c:\temp\users.txt
B. fw dbimport -f c:\temp\users.ldif -l -s “o=YourCity.com,c=YourCountry”
C. fw dbimport -f c:\temp\users.ldap
D. fw dbexport -f c:\temp\users.ldap -l -s
E. fw dbexport -f c:\temp\users.ldif -l -s “o=YourCity.com,c=YourCountry”

Correct Answer: E
QUESTION 105
Shauna is troubleshooting a Security Gateway that is dropping all traffic whenever the most recent Security Policy is installed. Working at the Security Gateway, Shauna needs to uninstall the Policy, but keep the processes running so she can see if there is an issue with the Gateway’s firewall tables. Which of the following commands will do this?
A. fw dbload 10.1.1.5
B. fw unload 10.1.1.5
C. cprestart
D. fw tab -x -u
E. cpstop

Correct Answer: D
QUESTION 106
You have blocked an IP address via the Block Intruder feature of SmartView Tracker. How can you see the addresses you have blocked?
A. In SmartView Status click the Blocked Intruder tab.
B. Run fwm blocked_view.
C. Run fw sam -va.
D. Run fw tab -t sam_blocked_ips.
E. In SmartView Tracker, click the Active tab, and the actively blocked connections display.
Correct Answer: D
QUESTION 107
Your internal Web server in the DMZ has IP address 172.16.10.1/24. A particular network from the Internet tries to access this Web server. You need to set up some type of Network Address Translation (NAT), so that NAT occurs only from the HTTP service, and only from the remote network as the source. The public IP address for the Web server is 200.200.200.1. All properties in the NAT screen of Global Properties are enabled. Select the correct NAT rules, so NAT happens ONLY between “web_dallas” and the remote network.
A. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules above the automatic Hide NAT rules for the 172.16.10.0 network.

3.
Select “HTTP” in the Service column of both manual NAT rules.

4.
Enter an ARP entry and route on the Security Gateway’s OS.
B. 1. Enable NAT on the web_dallas object, select “static”, and enter “200.200.200.1” in the General Properties screen.
2.
Specify “HTTP” in the automatic Static Address Translation rules.

3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
C. 1. Enable NAT on the web_dallas object, select “hide”, and enter “200.200.200.1” for the Hide NAT IP address.
2.
Specify “HTTP” in the Address Translation rules that are generated automatically.

3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
D. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules below the Automatic Hide NAT rules for network 172.16.10.0, in the Address Translation Rule Base.

3.
Select “HTTP” in the Service column of both manual NAT rules.

4.
Enter an ARP entry and route on the Security Gateway’s OS.

Correct Answer: A
QUESTION 108
Using SmartDefense how do you notify the Security Administrator that malware is scanning specific ports? By enabling:
A. Network Port scan
B. Host Port scan
C. Malware Scan protection
D. Sweep Scan protection
E. Malicious Code Protector

Correct Answer: D
QUESTION 109
Jack’s project is to define the backup and restore section of his organization’s disaster recovery plan for his
organization’s distributed NGX installation. Jack must meet the following required and desired objectives:
Required objective: The security policy repository must be backed up no less frequently than every 24
hours.
Desired objective: The NGX components that enforce the Security Policies should be backed up no less
frequently than once a week. Desired objective: Back up NGX logs no less frequently than once a week.
Administrators should be able to view backed up logs in SmartView Tracker.
Jack’s disaster recovery plan is as follows:
Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure
the organization’s routine backup software to back up the files created by the upgrade_export command.
Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night.
Use the cron utility to run the upgrade_export command each Saturday night on the Log Servers.
Configure an automatic, nightly logexport. Configure the organization’s routine backup software to back up
the export log every night.
Jack’s plan:

A. Meets the required objective but does not meet either desired objective.
B. Meets the required objective and both desired objectives.
C. Meets the required objective and only one desired objective.
D. Does not meet the required objective.

Correct Answer: B QUESTION 110
Anna is working at Certkiller .com, together with three other Security Administrators. Which SmartConsole tool should she use to check changes to rules or object properties other administrators made?
A. SmartDashboard
B. SmartView Tracker
C. Eventia Tracker
D. Eventia Monitor
E. SmartView Monitor

Correct Answer: B

The CheckPoint 156-215 training is a vital way of becoming the best.This CheckPoint 156-215 certification has helped the candidates to enhance their capabilities by providing a great learning platform to them so that they can polish their skills.

Dumpsoon 70-411 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/70-411.html

Continue Reading

CheckPoint 156-215 New Questions, 50% Discount CheckPoint 156-215 Demo Download Covers All Key Points

Hi,I just took CCNA CheckPoint 156-215 test and passed with a great score.All examcollection and securitytut dump are no longer valid anymore.I recommend studying Exampass Premium VCE.I can confirm that all CheckPoint 156-215 new questions appear on my test. Keep up the good work and good luck!

QUESTION 56
There is a Web server behind your perimeter Security Gateway. You need to protect the server from network attackers, who creates scripts that force your Web server to send user credentials or identities to other Web servers. Which box do you check in the Web Intelligence tab in SmartDashboard?
A. Command Injection protection
B. SQL Injection protection
C. HTTP header format checking
D. HTTP protocol inspection protection
E. Cross Site Scripting protection

Correct Answer: E
QUESTION 57
How do you control the maximum mail messages in a spool directory?
A. In the SMTP resource object
B. In the smtp.conf file on the SmartCenter Server
C. In the gateway object’s SMTP settings in the Advanced window
D. In SmartDefense SMTP settings
E. In the Security Server window in Global Properties

Correct Answer: C
QUESTION 58
Quinton is the Security Administrator for a chain of retail stores. In a recent security newsletter, Quinton read about an attack where a client fools a server into sending large amount of data, using small packets. Quinton is concerned that this company’s servers might be vulnerable to this type of attack. Which smartDefense option should Quinton use to protect the servers?
A. Application Intelligence > DNS > Cache poisoning
B. Network Security > Successive events > DoS
C. Network Security > TCP > Small PMTU
D. Application Intelligence > Microsoft Networks > File and Print Sharing
E. Network Security > Denial of Service > LAND
Correct Answer: C QUESTION 59
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 999
B. Rule 0
C. Rule 1
D. Cleanup Rule
E. Stealth Rule

Correct Answer: B
QUESTION 60
Sonny is the Security Administrator for a company with a large call center. The management team in the center is concerned that employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch breaks. The call center’s network is protected by an internal Security Gateway, configured to drop peer-to-peer file-sharing traffic. The call-center management team wants to know if the Security Gateway protecting the call center drops more packets than other internal Security Gateways in the corporate network. Which application should Sonny use, determine the number of packets dropped by each Gateway?
A. SmartView Status
B. SmartView Monitor
C. SmartDashboad
D. SmartView Tracker
E. SmartUpdate

Correct Answer: B
QUESTION 61
Katie is the Security Administrator for an insurance company. Her manager gives Katie the following requirements for controlling DNS traffic:
*
Required Result #1: Accept domain name-over-TCP traffic (zone-transfer traffic).

*
Required Result #2: Log domain name-over-TCP traffic (zone-transfer traffic).

*
Desired Result #1: Accept domain name-over-UDP traffic (queries traffic)

*
Desired Result #2: Do not log domain name-over-UDP traffic (queries traffic)

*
Desired Result #3: Do not clutter the Rule Base, by creating explicit rules for traffic that can be controlled using Global Properties. Katie makes the following configuration changes, and installs the Security Policy:
1.
She selects the box “Accept Domain Name over TCP (Zone transfer)” in Global Properties.

2.
She selects the box “Accept Domain Name over UDP (Queries)” in Global Properties.

3.
She selects the box “Log Implied Rules” in Global Properties Does Katie’s solution meet the required and desired results?
A. The solution meets all required results, and none of the desired results.
B. The solution does not meet the required results.
C. The solution meets all required and desired results.
D. The solution meets the required results, and one of the desired results.
E. The solution meets the required results, and two of the desired results.

Correct Answer: E
QUESTION 62
David is a consultant for a software-deployment company. David is working at a customer’s site this week. David’s ask is to create a map of the customer’s VPN tunnels, including down and destroyed tunnels. Which SmartConsole application will provide David with the information needed to create this map?
A. SmartView Tracker
B. SmartLSM
C. SmartView Monitor
D. SmartView Status
E. SmartUpdate

Correct Answer: C
QUESTION 63
Gail is the Security Administrator for a marketing firm. Gail is working with the networking team, to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks Gail to check he configuration settings for the perimeter Security Gateway. Which SmartConsole application should Gail use to check the configuration settings?
A. SmartView Tracker
B. SmartView Monitor
C. SmartUpdate
D. SmartDashboard
E. SmartView Status

Correct Answer: D
QUESTION 64
One of your remote Security Gateways suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the SmartCenter Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic gateway object, you receive an error message “unknown”. What is the problem?
A. The time on the SmartCenter Server’s clock has changed, which invalidates the remote Gateway’s Certificate.
B. The remote Gateway’s IP address has changed, which invalidates the SIC Certificate.
C. The Security Gateway is NG with Application Intelligence, and the SmartCenter Server is NGX.
D. The Internal Certificate Authority for the SmartCenter object has been removed from objects_5_0.c.
E. There is no connection between the SmartCenter Server and the remote Gateway. Rules or routing may block the connection.

Correct Answer: E
QUESTION 65
Frank wants to know why users on the corporate network cannot receive multicast transmissions from the Internet. A VPN-1 NGX Security Gateway protects the corporate network from the Internet. Which of the following is a possible cause for the connection problem?
A. VPN-1 NGX does not support multicast routing protocols and streaming media through the Security Gateway.
B. The Multicast Rule is below the Stealth Rule. VPN-1 NGX can only pass multicast traffic, it the Multicast Rule is above the Stealth Rule.
C. Multicast restrictions are configured improperly on the external interface properties of the Security Gateway object.
D. Anti-spoofing is enabled. VPN-1 NGX cannot pass multicast traffic, if anti-spoofing is enabled.
E. Frank did not install the necessary multicast license with SmartUpdate, when upgrading the VPN-1 NGX.

Correct Answer: C
QUESTION 66
You are concerned that a message may have been intercepted and retransmitted, thus compromising the security of the communications. You attach a code to the electronically transmitted message that uniquely identifies the sender. This code is known as a:
A. Digital signature
B. Tag
C. Private key
D. AES flag
E. Diffie-Helman verification

Correct Answer: A
QUESTION 67
A user attempts authentication using SecureClient. The user’s password is rejected, even though it is
correctly defined in the LDAP directory.
Which of the following is a valid cause?

A. The LDAP server has insufficient memory
B. The LDAP and Security Gateway databases are not synchronized.
C. The SmartCenter Server cannot communicate with the LDAP server.
D. The user has defined the wrong encryption scheme.
E. The user is defined in both the NGX user database and the LDAP directory

Correct Answer: B
QUESTION 68
Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates:
A. for NGX Security Gateways are created during the SmartCenter Server installation.
B. For the SmartCenter Server are created during the SmartCenter Server installation.
C. Are used for securing internal network communications between the SmartView Tracker and an OPSEC device
D. Decrease network security by securing administrative communication among the SmartCenter Servers and the Security Gateway
E. Uniquely identify Check Point enabled machines; they have the same function as Authentication Certificates

Correct Answer: B
QUESTION 69
Exhibit: *** MISSING ***
Review the following rules and note the Client Authentication Action properties screen as displayed in the
exhibit,
After being authenticated by the Security Gateway, when a user starts an HPPT connection to a Web site,
the user tries to FTP another site using the command line.
What happens to the user?
The…

A. FTP session is dropped by the implicit Cleanup Rule.
B. User is prompted from that FTP site only, and does not need to enter username and password for Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication bye the Security Gateway again.
Correct Answer:
QUESTION 70
Diffie-Hellman uses which type of key exchange?
A. Adaptive
B. Asymmetric C. Symmetric
D. Static
E. Dynamic

Correct Answer: B
QUESTION 71
Certkiller’s main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. Certkiller
also has a small network 10.10-.20.0/24 behind the internal router. Jack wants to configure the kernel to
translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP,
and FTP services.
Which of the following configurations will allow this network to access Internet?

A. Automatic Static NAT on network 10.10.20.0/24
B. Manual Hide NAT rules for HTTP, FTP, and SMTP services for network 10.10.20.0/24.
C. Manual Static NAT rules for network 10.10.20.0/24,
D. Automatic Hide NAT for network 10.10.20.0/24.
E. No change is necessary.

Correct Answer: B
QUESTION 72
With SmartDashboard磗 Smart Directory, you can create NGX user definitions on a(n) _____________ Server.
A. NT Domain
B. LDAP
C. Provider-1
D. SecureID
E. Radius

Correct Answer: B
QUESTION 73
Jens notices a large amount of traffic from a specific internal IP address. He needs to verify if it is a network attack, or a user’s system infected with a worm. He has enabled Sweep Scan Protection and Host port scan in SmartDefense. Will Jens get all the information he needs from these actions?
A. No. SmartDefense will only block the traffic, but it will not provide a detailed analysis of the traffic.
B. No. SmartDefense will not block the traffic. The logs and alert can provide a further level information, but determining whether the attack is intentional or a worm requires further research by Jens.
C. No. Jens also should set SmartDefense to quarantine the traffic from the suspicious IP address.
D. Yes. SmartDefense will limit the traffic impact from the scans, and identify if the pattern of the traffic matches any known worms.
E. No. To verify if this is a worm or an active attack, Jens should also enable TCP attack defenses.

Correct Answer: B
QUESTION 74
Which NGX feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. cpconfig
B. upgrade_export/upgrade_import
C. Database Revision Control
D. Dbexport/dbimport
E. Policy Package management

Correct Answer: C
QUESTION 75
How do you configure an NGX Security Gateway’s kernel memory settings, without manually modifying the configuration files in $FWDIR\lib? By configuring:
A. the settings on the Gateway object’s Capacity Optimization screen
B. the settings on the Global Properties Capacity Optimization screen
C. the Settings on the Gateway object’s Advanced screen
D. the settings on the SmartCenter Server object’s Advanced screen
E. SmartDefense Kernel Defender options

Correct Answer: A
QUESTION 76
Which of the following is NOT a feature or quality of a hash function?
A. Encrypted with the sender’s RSA private key, the hash function forms the digital signature.
B. It is mathematically infeasible to derive the original message from the message digest.
C. The hash function forms a two-way, secure communication.
D. The hash function is irreversible.
E. It is mathematically infeasible for two different messages to produce the same message digest.

Correct Answer: C
QUESTION 77
You are a Security Administrator configuring Static NAT on an internal host-node object. You clear the box “Translate destination on client side”, accessed from Global Properties > NAT settings > Automatic NAT. Assuming all other Global Properties NAT settings are selected, what else must be configured for automatic Static NAT to work?
A. The NAT IP address must be added to the anti-spoofing group of the external Gateway interface
B. Two address-translation rules in the Rule Base
C. No extra configuring needed
D. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway’s external interface
E. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway’s internal interface
Correct Answer: E
QUESTION 78
Which encryption scheme provides “In-place” encryption?
A. IKE
B. Manual IPSec
C. DES
D. SKIP
E. AES
Correct Answer: C
QUESTION 79
After importing the NGX schema into an LDAP server, what should you enable?
A. Schema checking
B. Encryption
C. UserAuthority
D. ConnectControl
E. Secure Internal Communications

Correct Answer: A
QUESTION 80
Which ldif file must you modify to extend the schema of a Windows 2000 domain?
A. In NGX you do not need to modify any .ldif file
B. The appropriate .ldif file is located in the Security Gateway: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif
C. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/lib/ldap/schema_microsoft_ad.ldif
D. The appropriate .ldif file is located in the Security Gateway: $FWDIR/lib/ldif/Microsoft_ad_schema.ldif
E. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif
Correct Answer: C
QUESTION 81
What is the reason for the Critical Problem notification in this SmartView Monitor example?

A. Active real memory shortage on the Gateway
B. No Security Policy installed on the Security Gateway
C. Version mismatch between the SmartCenter Server and Security Gateway
D. Time not synchronized between the SmartCenter Server and Security Gateway
E. No Secure Internal Communications established between the SmartCenter Server and Security
Gateway

Correct Answer: B
QUESTION 82
Your standby SmartCenter Server’s status is collision. What does that mean, and how do you synchronize the Server and its peer?
A. The standby and active Servers have two Internal Certificate Authority (ICA) Certificates. Uninstall and reinstall the standby Server.
B. The active Server detected a keep-alive packet from the standby Server.
C. The peer Server has not been properly synchronized. Manually synchronize both Servers again.
D. The peer Server is more up-to-date. Manually synchronize both Servers again.
E. The active SmartCenter Server and its peer have different Security Policies and databases. Manually synchronize the Servers, and decide which Server’s configuration to overwrite.

Correct Answer: E
QUESTION 83
Sarah is the Security Administrator for Certkiller . Sarah has configured SmartDefense to block the CWD and FIND commands. Sarah installs the Security Policy, but the Security Gateway continues to pass the commands. Which of the following could be the cause of the problem?
A. The Rule Base includes a rule accepting FTP to any source, from any destination.
B. The SmartDefense > Application Intelligence > FTP Security Server screen does not have the radio button set to “Configurations apply to all connections”.
C. The FTP Service Object > Advanced > Blocked FTP Commands list does not include CWD and FIND.
D. The Web Intelligence > Application Layer > FTP Settings list is configured to allow, rather than exlude, CW and FIND commands.
E. The Global Properties > Security Server > “Control FTP Commands” box is not checked.

Correct Answer: B
QUESTION 84
Your NGX enterprise SmartCenter Server is working normally. However, you must reinstall the SmartCenter Server, but keep the SmartCenter Server configuration (for example, all Security Policies, databases, etc.) How would you reinstall the Server and keep its configuration?
A. 1. Run the latest upgrade_export utility to export the configuration.
2.
Keep the exported file in the same location.

3.
Use SmartUpdate to reinstall the SmartCenter Server.

4.
Run upgrade_import to import the configuration.
B. 1. Run the latest upgrade_export utility to export the configuration.
2.
Leave the exported .tgz file in $FWDIR.

3.
Install the priCertkiller SmartCenter Server on top of the current installation.

4.
Run upgrade_import to import the configuration.
C. 1. Insert the NGX CD-ROM, and select the option to export the configuration into a .tgz file.
2.
Transfer the .tgz file to another networked machine.

3.
Uninstall all NGX packages, and reboot.

4.
Use the NGX CD-ROM to select the upgrade_import option to import the configuration.
D. 1. Download the latest upgrade_export utility, and run it from $FWDIR\bin to export the configuration into a .tgz file.
2.
Transfer the .tgz file to another networked machine.

3.
Uninstall all NGX packages, and reboot.

4.
Install a new priCertkiller SmartCenter Server.

5.
Run upgrade_import to import the configuration.
Correct Answer: D QUESTION 85
How can you reset Secure Internal Communications (SIC) between a SmartCenter and Security Gateway?
A. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security Gateway from SmartDashboard.
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
C. From the SmartCenter Server’s command line type fw putkey -p <shared key> <IP Address of SmartCenter Server>.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key> <IP Address of Security Gateway>.
E. Reinstall the Security Gateway.

Correct Answer: B
QUESTION 86
You have locked yourself out of SmartDashoard with the rules you just installed on your stand alone Security Gateway. Now you cannot access the SmartCenter Server or any SmartConsole tools via SmartDashboard. How can you reconnect to SmartDashboard?
A. Run cpstop on the SmartCenter Server.
B. Run fw unlocklocal on the SmartCenter Server.
C. Run fw unloadlocal on the Security Gatewawy.
D. Delete the $fwdir/database/manage.lock file and run cprestart.
E. Run fw uninstall localhost on the Security Gateway.

Correct Answer: C
QUESTION 87
Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to verify that the Web servers are secure against traffic hijacks. She has activated the Cross-Site Scripting property. What other settings would be appropriate? Ellen:
A. should also enable the Web intelligence > SQL injection setting.
B. must select the “Products > Web Server” box on each of the node objects.
C. should enable all settings in Web Intelligence.
D. needs to configure TCP defenses such as “Small PMTU” size.
E. needs to create resource objects for the web farm servers and configure rules for the web farm.

Correct Answer: B
QUESTION 88
William is a Security Administrator who has added address translation for his internal Web server to be accessible by external clients. Due to poor network design by his predecessor, William sets up manual NAT rules for this server, while his FTP server and SMTP server are both using automatic NAT rules. All traffic from his FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped because of anti-spoofing settings. What is causing this?
A. “Allow bi-directional NAT” is not checked in Global Properties.
B. “Translate destination on client side” is not checked in Global Properties under “Manual NAT Rules”.
C. “Translate destination on client side” is not checked in Global Properties > Automatic NAT Rules.
D. Routing is not configured correctly.
E. Manual NAT rules are not configured correctly.
Correct Answer: B
QUESTION 89
You are a security consultant for a hospital. You are asked to create some type of authentication rule on the NGX Security Gateway, to allow doctors to update patients’ records via HTTP from various workstations. Which authentication method should you use?
A. Client Authentication
B. LDAP Authentication
C. SecureID Authentication
D. TACAS Authentication
E. User Authentication

Correct Answer: E
QUESTION 90
Certkiller is the Security Administrator for an online bookstore. Customers connect to a variety of Web servers to place orders, change orders, and check status of their orders. Mrs. Bill checked every box in the Web Intelligence tab, and installed the Security Policy, She ran penetration test through the Security Gateway, to determine if the Web servers were protected from cross-site scripting attacks. The penetration test indicated the Web servers were still vulnerable. Which of the following might correct the problem?
A. The penetration software Certkiller is using is malfunctioning and is reporting a false-positive.
B. Certkiller must create resource objects, and use them in the rule allowing HTTP traffic to the Web servers.
C. Certkiller needs to check the “Products > Web Server” box on the host node objects representing his Web servers.
D. Certkiller needs to check the “Web Intelligence” box in the SmartDefense > HTTP Properties.
E. Certkiller needs to configure the Security Gateway protecting the Web servers as a Web server.

Correct Answer: C

Our material on our site CheckPoint 156-215 is exam-oriented,keeping in view the candidates requirements and level of understanding. CheckPoint 156-215 materials are in the most popular and easy-to-use PDF version. You can use it on any devices with you anywhere.

Continue Reading