Download Free VCE Files: CCNA, A+ Certification, MCSE – Cert4sure Checkpoint,CheckPoint Certification CheckPoint 156-315 Study Guides, Discount CheckPoint 156-315 Exam Download For Download

CheckPoint 156-315 Study Guides, Discount CheckPoint 156-315 Exam Download For Download

Flydumps Cisco Certification CheckPoint 156-315 exam questions which contain almost 100% correct answers are tested and approved by senior Cisco lecturers and experts. They have been devoting themselves to providing candidates with the best study materials to make sure what they get are valuable.

QUESTION 77
In NGX, what happens if a Distinguished Name (ON) is NOT found in LADP?
A. NGX takes the common-name value from the Certificate subject, and searches the LADP account unit for a matching user id
B. NGX searches the internal database for the username
C. If the first request fails or if branches do not match, NGX tries to map the identity to the user id attribute
D. When users authenticate with valid Certificates, the Security Gateway tries to map the identities with users registered in the extemal LADP user database
E. The Security Gateway uses the subject of the Certificate as the ON for the initial lookup
Correct Answer: C
QUESTION 78
Which command allows you to view the contents of an NGX table?
A. fw tab -s <tablename>-
B. fw tab -t <tablename>-
C. fw tab -u <tablename>-
D. fw tab -a <tablename>-
E. fw tab -x <tablename>-
Correct Answer: C
QUESTION 79
Jack’s project is to define the backup and restore section of his organization’s disaster recovery plan for his organization’s distributed NGX installation. Jack must meet the following required and desired objectives.
*
Required Objective The security policy repository must be backed up no less frequent~ than every 24 hours

*
Desired Objective The NGX components that enforce the Security Policies should be backed up no less frequently than once a week

*
Desired Objective Back up NGX logs no less frequently than once a week Jack’s disaster recovery plan is as follows. See exhibit.

Jack’s plan:
A. Meets the required objective but does not meet either desired objective
B. Does not meet the required objective
C. Meets the required objective and only one desired objective
D. Meets the required objective and both desired objectives
Correct Answer: D QUESTION 80
The following is cphaprobstate command output from a New Mode High Availability cluster member:

Which machine has the highest priority?
A. 192.168.1.2,since its number is 2
B. 192.168.1.1,because its number is 1
C. This output does not indicate which machine has the highest priority
D. 192.168.1.2, because its state is active

Correct Answer: B
QUESTION 81
What do you use to view an NGX Security Gateway’s status, including CPU use, amount of virtual memory, percent of free hard-disk space, and version?
A. SmartLSM
B. SmartViewTracker
C. SmartUpdate
D. SmartViewMonitor
E. SmartViewStatus

Correct Answer: D
QUESTION 82
Which of the following commands is used to restore NGX configuration information?
A. cpcontig
B. cpinfo-i
C. restore
D. fwm dbimport
E. upgrade_import

Correct Answer: E
QUESTION 83
Eric wants to see all URLs’ ful destination path in the SmartView Tracker logs, not just the fully qualified domain name of the web servers. For Example, the information field of a log entry displays the URL http://hp.msn.com/css/home/hpcl1012.css. How can Eric best customize SmartView Tracker to see the logs he wants? Configure the URl resource, and select
A. “transparent” asthe connection method
B. “tunneling”as the connection method
C. “optimize URL logging”; use the URI resource in the rule, with action “accept”
D. “Enforce URI capability”; use the URI resource in the rule,with action “accept”
Correct Answer: C
QUESTION 84
Which of the following commands shows full synchronizalion status?
A. cphaprob -i list
B. cphastop
C. fw ctl pstat
D. cphaprob -a if
E. fw hastat

Correct Answer: C
QUESTION 85
Which VPN Community object is used to configure VPN routing within the SmartDashboard?
A. Star
B. Mesh
C. Remote Access
D. Map

Correct Answer: A
QUESTION 86
If you are experiencing LDAP issues, which of the following should you check?
A. Secure lnternal Cornrnunicalions(SIC)
B. VPN tunneling
C. Overlapping VPN Domains
D. NGX connectivity
E. VPN Load Balancing

Correct Answer: E
QUESTION 87
How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlattform?
A. Launch cpcontig and select “Administrators”
B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password
C. Type cpm -a, and provide the existing administration account name. Reset the Security Administrator’s password
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the “Password” portion of the file Then log in to the account withthout password. You will be prompted to assign a new password
E. Launch cpconfig and delete the Administrator’s account. Recreate the account with the same name
Correct Answer: E
QUESTION 88
Which operating system is not supported byVPN-1 SecureClient?
A. IPS0 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 7 0
E. MacOS X
Correct Answer: A QUESTION 89
Which Check Point QoS feature issued to dynamically allocate relative portions of available bandwidth?
A. Guarantees
B. Differentiated Services
C. Limits
D. Weighted Fair Queueing
E. Low Latency Queueinq

Correct Answer: D
QUESTION 90
You are running a VPN-1 NG with Application Intelligence R54 SecurePlatform VPN-1 Pro Gateway. The Gateway also serves as a Policy Server. When you run patch add cd from the NGX CD, what does this command allow you to upgrade?
A. Only VPN-1 Pro Security Gateway
B. Both the operating system (OS) and all Check Point products
C. All products, except the Policy Server
D. On~ the patch utility is upgraded using this command
E. Only the OS

Correct Answer: B
QUESTION 91
Amanda is compiling traffic statistics for Certkiller.com’s Internet activity during production hours. How could she use SmartView Monitor to find this information? By
A. Using the “Traffic Counters” settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day
B. Monitoring each specific user’s Web traffic use.
C. Viewing total packets passed through the Security Gateway
D. Selecting the “Tunnels” view, and generating a report on the statistics
E. Configuring a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway

Correct Answer: A
QUESTION 92
ASecurity Administrator is notified that some long-lasting Telnet connections to a mainframe are dropped every time after an hour. The Administrator suspect that the the Security Gateway might be blocking these connections. As she reviews the Smart Tracker the Administrator sees the packet is dropped with the error “Unknown established connection”. How can she resolve this problem without causing other security issues? Choose the BEST answer. She can:
A. Increase the session time-out in the mainframe’s Object Properties
B. Create a new TCP service object on port 23, and increase the session time-out for this object She only uses this new object in the rule that allows the Telnet connections to the mainframe
C. Increase the session time-out in the Service Properties of the Telnet service
D. Increase the session time-out in the Global Properties
E. Ask the mainframe users to reconnect every time this error occurs
Correct Answer: B QUESTION 93
Certkiller is the Security Administrator for a software-development company. To isolate the corporate network from the developer’s network, Certkiller installs an internal Security Gateway. Jack wants to optimize the performance of this Gateway. Which of the following actions is most likely to improve the Gateway’s performance?
A. Remove unused Security Policies from Policy Packages
B. Clear all Global Properties check boxes, and use explicit rules
C. Use groups within groups in the manual NAT Rule Base
D. Put the least-used rules at the top of the Rule Base
E. Use domain objects in rules, where possible

Correct Answer: A
QUESTION 94
Certkiller is the Security Administrator for a chain of grocery stores. Each grocery store is protected by a Security Gateway. Certkiller is generating a report for the information-technology audit department. The report must include the name of the Security Policy installed on each remote Security Gateway, the date and time the Security Policy was installed, and general performance statistics (CPU Use, average CPU time, active real memory, etc.). Which SmartConsole application should Certkiller use to gather this information?
A. SmartUpdate
B. SmartView Status
C. SmartView Tracker
D. SmartLSM
E. SmartView Monitor

Correct Answer:
QUESTION 95
How can you reset Secure Internal Communications (SIC) between a SmartCenter Server and Security Gateway?
A. Run the command fwm sicreset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security-Gateway from SmartDashboard
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the actrvation key Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC)
C. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of SmartCenter Server>-.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of security Gateway>-.
E. Re-install the Security Gateway

Correct Answer: B
QUESTION 96
Which NGX feature or command allows Security Administrators to revert to earlier versions of the Security Policy without changing object configurations?
A. upgrade_export/upgrade_import
B. Policy Package management
C. fwm dbexport/fwm dbimport
D. cpconfig
E. Database Revision Control
Correct Answer: B QUESTION 97

CheckPoint 156-315 Exam Certification Guide presents you with an organized test preparation routine through the use of proven series elements and techniques.“Do I Know This Already?”quizzes open each chapter and allow you to decide how much time you need to spend on each section.CheckPoint 156-315 lists and Foundation Summary tables make referencing easy and give you a quick refresher whenever you need it.Challenging CheckPoint 156-315 review questions help you assess your knowledge and reinforce key concepts.CheckPoint 156-315 exercises help you think about exam objectives in real-world situations,thus increasing recall during exam time.