CheckPoint 156-215 New Questions, 50% Discount CheckPoint 156-215 Demo Download Covers All Key Points

Hi,I just took CCNA CheckPoint 156-215 test and passed with a great score.All examcollection and securitytut dump are no longer valid anymore.I recommend studying Exampass Premium VCE.I can confirm that all CheckPoint 156-215 new questions appear on my test. Keep up the good work and good luck!

There is a Web server behind your perimeter Security Gateway. You need to protect the server from network attackers, who creates scripts that force your Web server to send user credentials or identities to other Web servers. Which box do you check in the Web Intelligence tab in SmartDashboard?
A. Command Injection protection
B. SQL Injection protection
C. HTTP header format checking
D. HTTP protocol inspection protection
E. Cross Site Scripting protection

Correct Answer: E
How do you control the maximum mail messages in a spool directory?
A. In the SMTP resource object
B. In the smtp.conf file on the SmartCenter Server
C. In the gateway object’s SMTP settings in the Advanced window
D. In SmartDefense SMTP settings
E. In the Security Server window in Global Properties

Correct Answer: C
Quinton is the Security Administrator for a chain of retail stores. In a recent security newsletter, Quinton read about an attack where a client fools a server into sending large amount of data, using small packets. Quinton is concerned that this company’s servers might be vulnerable to this type of attack. Which smartDefense option should Quinton use to protect the servers?
A. Application Intelligence > DNS > Cache poisoning
B. Network Security > Successive events > DoS
C. Network Security > TCP > Small PMTU
D. Application Intelligence > Microsoft Networks > File and Print Sharing
E. Network Security > Denial of Service > LAND
Correct Answer: C QUESTION 59
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 999
B. Rule 0
C. Rule 1
D. Cleanup Rule
E. Stealth Rule

Correct Answer: B
Sonny is the Security Administrator for a company with a large call center. The management team in the center is concerned that employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch breaks. The call center’s network is protected by an internal Security Gateway, configured to drop peer-to-peer file-sharing traffic. The call-center management team wants to know if the Security Gateway protecting the call center drops more packets than other internal Security Gateways in the corporate network. Which application should Sonny use, determine the number of packets dropped by each Gateway?
A. SmartView Status
B. SmartView Monitor
C. SmartDashboad
D. SmartView Tracker
E. SmartUpdate

Correct Answer: B
Katie is the Security Administrator for an insurance company. Her manager gives Katie the following requirements for controlling DNS traffic:
Required Result #1: Accept domain name-over-TCP traffic (zone-transfer traffic).

Required Result #2: Log domain name-over-TCP traffic (zone-transfer traffic).

Desired Result #1: Accept domain name-over-UDP traffic (queries traffic)

Desired Result #2: Do not log domain name-over-UDP traffic (queries traffic)

Desired Result #3: Do not clutter the Rule Base, by creating explicit rules for traffic that can be controlled using Global Properties. Katie makes the following configuration changes, and installs the Security Policy:
She selects the box “Accept Domain Name over TCP (Zone transfer)” in Global Properties.

She selects the box “Accept Domain Name over UDP (Queries)” in Global Properties.

She selects the box “Log Implied Rules” in Global Properties Does Katie’s solution meet the required and desired results?
A. The solution meets all required results, and none of the desired results.
B. The solution does not meet the required results.
C. The solution meets all required and desired results.
D. The solution meets the required results, and one of the desired results.
E. The solution meets the required results, and two of the desired results.

Correct Answer: E
David is a consultant for a software-deployment company. David is working at a customer’s site this week. David’s ask is to create a map of the customer’s VPN tunnels, including down and destroyed tunnels. Which SmartConsole application will provide David with the information needed to create this map?
A. SmartView Tracker
B. SmartLSM
C. SmartView Monitor
D. SmartView Status
E. SmartUpdate

Correct Answer: C
Gail is the Security Administrator for a marketing firm. Gail is working with the networking team, to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks Gail to check he configuration settings for the perimeter Security Gateway. Which SmartConsole application should Gail use to check the configuration settings?
A. SmartView Tracker
B. SmartView Monitor
C. SmartUpdate
D. SmartDashboard
E. SmartView Status

Correct Answer: D
One of your remote Security Gateways suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the SmartCenter Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic gateway object, you receive an error message “unknown”. What is the problem?
A. The time on the SmartCenter Server’s clock has changed, which invalidates the remote Gateway’s Certificate.
B. The remote Gateway’s IP address has changed, which invalidates the SIC Certificate.
C. The Security Gateway is NG with Application Intelligence, and the SmartCenter Server is NGX.
D. The Internal Certificate Authority for the SmartCenter object has been removed from objects_5_0.c.
E. There is no connection between the SmartCenter Server and the remote Gateway. Rules or routing may block the connection.

Correct Answer: E
Frank wants to know why users on the corporate network cannot receive multicast transmissions from the Internet. A VPN-1 NGX Security Gateway protects the corporate network from the Internet. Which of the following is a possible cause for the connection problem?
A. VPN-1 NGX does not support multicast routing protocols and streaming media through the Security Gateway.
B. The Multicast Rule is below the Stealth Rule. VPN-1 NGX can only pass multicast traffic, it the Multicast Rule is above the Stealth Rule.
C. Multicast restrictions are configured improperly on the external interface properties of the Security Gateway object.
D. Anti-spoofing is enabled. VPN-1 NGX cannot pass multicast traffic, if anti-spoofing is enabled.
E. Frank did not install the necessary multicast license with SmartUpdate, when upgrading the VPN-1 NGX.

Correct Answer: C
You are concerned that a message may have been intercepted and retransmitted, thus compromising the security of the communications. You attach a code to the electronically transmitted message that uniquely identifies the sender. This code is known as a:
A. Digital signature
B. Tag
C. Private key
D. AES flag
E. Diffie-Helman verification

Correct Answer: A
A user attempts authentication using SecureClient. The user’s password is rejected, even though it is
correctly defined in the LDAP directory.
Which of the following is a valid cause?

A. The LDAP server has insufficient memory
B. The LDAP and Security Gateway databases are not synchronized.
C. The SmartCenter Server cannot communicate with the LDAP server.
D. The user has defined the wrong encryption scheme.
E. The user is defined in both the NGX user database and the LDAP directory

Correct Answer: B
Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates:
A. for NGX Security Gateways are created during the SmartCenter Server installation.
B. For the SmartCenter Server are created during the SmartCenter Server installation.
C. Are used for securing internal network communications between the SmartView Tracker and an OPSEC device
D. Decrease network security by securing administrative communication among the SmartCenter Servers and the Security Gateway
E. Uniquely identify Check Point enabled machines; they have the same function as Authentication Certificates

Correct Answer: B
Exhibit: *** MISSING ***
Review the following rules and note the Client Authentication Action properties screen as displayed in the
After being authenticated by the Security Gateway, when a user starts an HPPT connection to a Web site,
the user tries to FTP another site using the command line.
What happens to the user?

A. FTP session is dropped by the implicit Cleanup Rule.
B. User is prompted from that FTP site only, and does not need to enter username and password for Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication bye the Security Gateway again.
Correct Answer:
Diffie-Hellman uses which type of key exchange?
A. Adaptive
B. Asymmetric C. Symmetric
D. Static
E. Dynamic

Correct Answer: B
Certkiller’s main internal network allows all traffic to the Internet using Hide NAT. Certkiller
also has a small network 10.10-.20.0/24 behind the internal router. Jack wants to configure the kernel to
translate the source address only when network tries to access the Internet for HTTP, SMTP,
and FTP services.
Which of the following configurations will allow this network to access Internet?

A. Automatic Static NAT on network
B. Manual Hide NAT rules for HTTP, FTP, and SMTP services for network
C. Manual Static NAT rules for network,
D. Automatic Hide NAT for network
E. No change is necessary.

Correct Answer: B
With SmartDashboard Smart Directory, you can create NGX user definitions on a(n) _____________ Server.
A. NT Domain
C. Provider-1
D. SecureID
E. Radius

Correct Answer: B
Jens notices a large amount of traffic from a specific internal IP address. He needs to verify if it is a network attack, or a user’s system infected with a worm. He has enabled Sweep Scan Protection and Host port scan in SmartDefense. Will Jens get all the information he needs from these actions?
A. No. SmartDefense will only block the traffic, but it will not provide a detailed analysis of the traffic.
B. No. SmartDefense will not block the traffic. The logs and alert can provide a further level information, but determining whether the attack is intentional or a worm requires further research by Jens.
C. No. Jens also should set SmartDefense to quarantine the traffic from the suspicious IP address.
D. Yes. SmartDefense will limit the traffic impact from the scans, and identify if the pattern of the traffic matches any known worms.
E. No. To verify if this is a worm or an active attack, Jens should also enable TCP attack defenses.

Correct Answer: B
Which NGX feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. cpconfig
B. upgrade_export/upgrade_import
C. Database Revision Control
D. Dbexport/dbimport
E. Policy Package management

Correct Answer: C
How do you configure an NGX Security Gateway’s kernel memory settings, without manually modifying the configuration files in $FWDIR\lib? By configuring:
A. the settings on the Gateway object’s Capacity Optimization screen
B. the settings on the Global Properties Capacity Optimization screen
C. the Settings on the Gateway object’s Advanced screen
D. the settings on the SmartCenter Server object’s Advanced screen
E. SmartDefense Kernel Defender options

Correct Answer: A
Which of the following is NOT a feature or quality of a hash function?
A. Encrypted with the sender’s RSA private key, the hash function forms the digital signature.
B. It is mathematically infeasible to derive the original message from the message digest.
C. The hash function forms a two-way, secure communication.
D. The hash function is irreversible.
E. It is mathematically infeasible for two different messages to produce the same message digest.

Correct Answer: C
You are a Security Administrator configuring Static NAT on an internal host-node object. You clear the box “Translate destination on client side”, accessed from Global Properties > NAT settings > Automatic NAT. Assuming all other Global Properties NAT settings are selected, what else must be configured for automatic Static NAT to work?
A. The NAT IP address must be added to the anti-spoofing group of the external Gateway interface
B. Two address-translation rules in the Rule Base
C. No extra configuring needed
D. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway’s external interface
E. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway’s internal interface
Correct Answer: E
Which encryption scheme provides “In-place” encryption?
B. Manual IPSec
Correct Answer: C
After importing the NGX schema into an LDAP server, what should you enable?
A. Schema checking
B. Encryption
C. UserAuthority
D. ConnectControl
E. Secure Internal Communications

Correct Answer: A
Which ldif file must you modify to extend the schema of a Windows 2000 domain?
A. In NGX you do not need to modify any .ldif file
B. The appropriate .ldif file is located in the Security Gateway: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif
C. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/lib/ldap/schema_microsoft_ad.ldif
D. The appropriate .ldif file is located in the Security Gateway: $FWDIR/lib/ldif/Microsoft_ad_schema.ldif
E. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif
Correct Answer: C
What is the reason for the Critical Problem notification in this SmartView Monitor example?

A. Active real memory shortage on the Gateway
B. No Security Policy installed on the Security Gateway
C. Version mismatch between the SmartCenter Server and Security Gateway
D. Time not synchronized between the SmartCenter Server and Security Gateway
E. No Secure Internal Communications established between the SmartCenter Server and Security

Correct Answer: B
Your standby SmartCenter Server’s status is collision. What does that mean, and how do you synchronize the Server and its peer?
A. The standby and active Servers have two Internal Certificate Authority (ICA) Certificates. Uninstall and reinstall the standby Server.
B. The active Server detected a keep-alive packet from the standby Server.
C. The peer Server has not been properly synchronized. Manually synchronize both Servers again.
D. The peer Server is more up-to-date. Manually synchronize both Servers again.
E. The active SmartCenter Server and its peer have different Security Policies and databases. Manually synchronize the Servers, and decide which Server’s configuration to overwrite.

Correct Answer: E
Sarah is the Security Administrator for Certkiller . Sarah has configured SmartDefense to block the CWD and FIND commands. Sarah installs the Security Policy, but the Security Gateway continues to pass the commands. Which of the following could be the cause of the problem?
A. The Rule Base includes a rule accepting FTP to any source, from any destination.
B. The SmartDefense > Application Intelligence > FTP Security Server screen does not have the radio button set to “Configurations apply to all connections”.
C. The FTP Service Object > Advanced > Blocked FTP Commands list does not include CWD and FIND.
D. The Web Intelligence > Application Layer > FTP Settings list is configured to allow, rather than exlude, CW and FIND commands.
E. The Global Properties > Security Server > “Control FTP Commands” box is not checked.

Correct Answer: B
Your NGX enterprise SmartCenter Server is working normally. However, you must reinstall the SmartCenter Server, but keep the SmartCenter Server configuration (for example, all Security Policies, databases, etc.) How would you reinstall the Server and keep its configuration?
A. 1. Run the latest upgrade_export utility to export the configuration.
Keep the exported file in the same location.

Use SmartUpdate to reinstall the SmartCenter Server.

Run upgrade_import to import the configuration.
B. 1. Run the latest upgrade_export utility to export the configuration.
Leave the exported .tgz file in $FWDIR.

Install the priCertkiller SmartCenter Server on top of the current installation.

Run upgrade_import to import the configuration.
C. 1. Insert the NGX CD-ROM, and select the option to export the configuration into a .tgz file.
Transfer the .tgz file to another networked machine.

Uninstall all NGX packages, and reboot.

Use the NGX CD-ROM to select the upgrade_import option to import the configuration.
D. 1. Download the latest upgrade_export utility, and run it from $FWDIR\bin to export the configuration into a .tgz file.
Transfer the .tgz file to another networked machine.

Uninstall all NGX packages, and reboot.

Install a new priCertkiller SmartCenter Server.

Run upgrade_import to import the configuration.
Correct Answer: D QUESTION 85
How can you reset Secure Internal Communications (SIC) between a SmartCenter and Security Gateway?
A. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security Gateway from SmartDashboard.
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
C. From the SmartCenter Server’s command line type fw putkey -p <shared key> <IP Address of SmartCenter Server>.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key> <IP Address of Security Gateway>.
E. Reinstall the Security Gateway.

Correct Answer: B
You have locked yourself out of SmartDashoard with the rules you just installed on your stand alone Security Gateway. Now you cannot access the SmartCenter Server or any SmartConsole tools via SmartDashboard. How can you reconnect to SmartDashboard?
A. Run cpstop on the SmartCenter Server.
B. Run fw unlocklocal on the SmartCenter Server.
C. Run fw unloadlocal on the Security Gatewawy.
D. Delete the $fwdir/database/manage.lock file and run cprestart.
E. Run fw uninstall localhost on the Security Gateway.

Correct Answer: C
Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to verify that the Web servers are secure against traffic hijacks. She has activated the Cross-Site Scripting property. What other settings would be appropriate? Ellen:
A. should also enable the Web intelligence > SQL injection setting.
B. must select the “Products > Web Server” box on each of the node objects.
C. should enable all settings in Web Intelligence.
D. needs to configure TCP defenses such as “Small PMTU” size.
E. needs to create resource objects for the web farm servers and configure rules for the web farm.

Correct Answer: B
William is a Security Administrator who has added address translation for his internal Web server to be accessible by external clients. Due to poor network design by his predecessor, William sets up manual NAT rules for this server, while his FTP server and SMTP server are both using automatic NAT rules. All traffic from his FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped because of anti-spoofing settings. What is causing this?
A. “Allow bi-directional NAT” is not checked in Global Properties.
B. “Translate destination on client side” is not checked in Global Properties under “Manual NAT Rules”.
C. “Translate destination on client side” is not checked in Global Properties > Automatic NAT Rules.
D. Routing is not configured correctly.
E. Manual NAT rules are not configured correctly.
Correct Answer: B
You are a security consultant for a hospital. You are asked to create some type of authentication rule on the NGX Security Gateway, to allow doctors to update patients’ records via HTTP from various workstations. Which authentication method should you use?
A. Client Authentication
B. LDAP Authentication
C. SecureID Authentication
D. TACAS Authentication
E. User Authentication

Correct Answer: E
Certkiller is the Security Administrator for an online bookstore. Customers connect to a variety of Web servers to place orders, change orders, and check status of their orders. Mrs. Bill checked every box in the Web Intelligence tab, and installed the Security Policy, She ran penetration test through the Security Gateway, to determine if the Web servers were protected from cross-site scripting attacks. The penetration test indicated the Web servers were still vulnerable. Which of the following might correct the problem?
A. The penetration software Certkiller is using is malfunctioning and is reporting a false-positive.
B. Certkiller must create resource objects, and use them in the rule allowing HTTP traffic to the Web servers.
C. Certkiller needs to check the “Products > Web Server” box on the host node objects representing his Web servers.
D. Certkiller needs to check the “Web Intelligence” box in the SmartDefense > HTTP Properties.
E. Certkiller needs to configure the Security Gateway protecting the Web servers as a Web server.

Correct Answer: C

Our material on our site CheckPoint 156-215 is exam-oriented,keeping in view the candidates requirements and level of understanding. CheckPoint 156-215 materials are in the most popular and easy-to-use PDF version. You can use it on any devices with you anywhere.

You may also like