100% Pass CheckPoint 156-215 Exam By Training CheckPoint 156-215 Exam Dumps

Welcome to download the newest Flydumps 156-215 VCE dumps: http://www.flydumps.com/156-215.html

Exam A
QUESTION 1
Which VPN-1 NGX feature or command allows Security Administrators to revert to earlier versions of the same Security Policy?
A. Policy Package management
B. cpinfo
C. cpconfig
D. Database Revision Control
E. upgrade_export/import

Correct Answer: D
QUESTION 2
In SmartView Tracker, you see an entry for an outbound connection showing address translation. But when setting SmartView Tracker to show all entries for that connection, only outbound entries show. What is the possible cause for this?
A. The entry is for a Manual Dynamic NAT connection, from a specific host infected by a worm.
B. The entry is for a Manual Static NAT connection, where inbound traffic is managed by a separate rule.
C. The entry is for a Static NAT connection, from a specific host that has been infected by a worm.
D. The entry is for a Dynamic NAT connection from a specific host.

Correct Answer: B
QUESTION 3
Which of the following commands is used to restore VPN-1 NGX configuration information?
A. gunzip
B. cpconfig
C. fw ctl pstat
D. cpinfo
E. upgrade_import

Correct Answer: E
QUESTION 4
Which OPSEC server is used to prevent users from accessing certain Web sites?
A. CVP
B. DEFENDER
C. URI
D. FTP
E. UFP

Correct Answer: E
QUESTION 5
Your organization Certkiller .com’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How would you request and apply the license?
A. Request a central license, using the remote Security Gateway’s IP address. Apply he license locally with the fwputlic command.
B. Request a central license, using the SmartCenter Server’s IP address. Apply the license locally on the remote Gateway with the fwputlic command.
C. Request a central license, using your SmartCenter Server’s IP address. Attach the license to the remote Gateway via SmartUpdate.
D. Request a central license, using the remote Gateway’s IP address. Attach the license to the remote Gateway via SmartUpdate.
E. Request local licenses for all Gateways separately. Apply the license locally on the remote Gateways with the fwputlic command.

Correct Answer: C
QUESTION 6
How do you create more granular control over commands, such as CWD and FIND, in FTP data connections?
A. Use Global Properties > Security Server settings.
B. Use the gateway object’s Security Server settings.
C. Use the Service field of the Rule Base.
D. Use an FTP resource object.
E. Use FTP Security Server settings in SmartDefense.

Correct Answer: E
QUESTION 7
Which of the following is the final step in a VPN-1 NGX backup?
A. Test restoration in a non-production environment, using the upgrade_import command.
B. Move the *.tgz file to another location.
C. Copy the conf directory to another location.
D. Run the upgrade_export command.
E. Run the cpstop command.

Correct Answer: B
QUESTION 8
Choose the BEST sequence for configuring user management on SmartDashboard, for use with an LDAP server:
A. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP server using an OPSEC application.
B. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP resource object.
C. Enable LDAP in Global Properties, configure a host-node object for the LDAP Server, and configure a server object for the LDAP Account Unit.
D. Configure a server object for the LDAP Account Unit, and create an LDAP resource object.
E. Configure a workstation object for the LDAP server, configure a server object for the LDAP Account Unit, and enable LDAP in Global Properties.

Correct Answer: C
QUESTION 9
You want to create an IKE VPN between two VPN-1 NGX Security Gateways, to protect two networks. The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind the peer’s Gateway. Which type of address translation should you use, to ensure the two networks access each other through the VPN tunnel?
A. Hide NAT
B. None
C. Dynamic NAT
D. Static NAT
E. Manual NAT

Correct Answer: B
QUESTION 10
Yoav is a Security Administrator preparing to implement a VPN solution for his multisite organization. To comply with industry regulations, Yoav’s VPN solution must meet the following requirement:
*
Portability: Standard

*
Key management: Automatic, external PKI

*
Session keys: Changed at configured times during a connection’s lifetime

*
Key length: No less that 128-bit

*
Data integrity: Secure against inversion and brute-force attacks What is the most appropriate setting Yoav should choose?

A.
IKE VPNs: AES encryption for IKE Phase 1, and DES encryption for Phase 2; SHA1 hash

B.
IKE VPNs: SHA1 encryption for IKE Phase 1, and MD5 encryption for Phase 2; AES hash

C.
IKE VPNs: CAST encryption for IKE Phase 1, and SHA1 encryption for Phase 2; DES hash

D.
IKE VPNs: DES encryption for IKE Phase 1, and 3DES encryption for Phase 2; MD5 hash

E.
IKE VPNs: AES encryption for IKE Phase 1, and AES encryption for Phase 2; SHA1 hash

Correct Answer: E

Flydumps 156-215 dumps with PDF + Premium VCE + VCE Simulator: http://www.flydumps.com/

You may also like