Month: June 2016
Flydumps is one of the leading exam preparation material providers.We have a complete range of exams offered by the top vendors of their respective industries. You can download CheckPoint 156-210 free demos in PDF files that are the latest.QUESTION 11
What function does the Audit mode of SmartView Tracker perform?
A. It tracks detailed information about packets traversing the Enforcement Modules.
B. It maintains a detailed log of problems with VPN-1/FireWall-1 services on the SmartCenter Server.
C. It is used to maintain a record of the status of each Enforcement Module and SmartCenter server.
D. It maintains a detailed record of status of each Enforcement Module and SmartCenter Server.
E. It tracks changes and Security Policy installations, per Security Administrator, performed in SmartDashboard.
Correct Answer: E
QUESTION 12
In the SmartView Tracker, what is the difference between the FireWall-1 and VPN-1 queries? Choose three.
A. A VPN-1 query only displays encrypted and decrypted traffic.
B. A FireWall-1 query displays all traffic matched by rules, which have logging activated.
C. A FireWall-1 query displays all traffic matched by all rules.
D. A FireWall-1 query also displays encryption and decryption information.
E. Implied rules, when logged, are viewed using the VPN-1 query.
Correct Answer: ABD
QUESTION 13
Network topology exhibit
You want hide all localnet and DMZ hosts behind the Enforcemenet Module, except for the HTTP Server
(192.9.200.9). The HTTP Server will be providing public services, and must be accessible from the
Internet.
Select the two BEST Network Address Translation (NAT) solutions for this scenario,
A. To hide Local Network addresses, set the address translation for 192.9.0.0
B. To hide Local Network addresses, set the address translation for 192.9.200.0
C. Use automatic NAT rule creation to hide both DMZ and Local Network.
D. To hide Local Network addresses, set the address translation for privatenet.
E. Use automatic NAT rule creation, to statically translate the HTTP Server address.
Correct Answer: CE
QUESTION 14
The SmartDefense Storm Center Module agent receives the Dshield.org Block List, and:
A. Populates CPDShield with blocked address ranges, every three hours.
B. Generates logs from rules tracking internal traffic.
C. Submits the number of authentication failures, and drops, rejects, and accepts.
D. Generates regular and compact log digest.
E. Populates the firewall daemon with log trails.
Correct Answer: A QUESTION 15
What are the advantages of central licensing? Choose three.
A. Only the IP address of a SmartCenter Server is needed for all licences.
B. A central licence can be removed from one Enforcement Module, and installe don another Enforcement Module.
C. Only the IP address of an Enforcement Module is needed for all licences.
D. A central license remains valid, when you change the IP address of an Enforcemente Module.
E. A central license can be converted into a local license.
Correct Answer: ABD
QUESTION 16
A security Administrator wants to review the number of packets accepted by each of the Enforcement modules. Which of the following viewers is the BEST source for viewing this information?
A. SmartDashboard
B. SmartUpdate
C. SmartMap
D. SmartView Status
E. SmartView Tracker
Correct Answer: D
QUESTION 17
Hidden (or masked) rules are used to:
A. Hide rules from administrators with lower privileges.
B. View only a few rules, without distraction of others.
C. Temporarily disable rules, without having to reinstall the Security Policy.
D. Temporarily convert specifically defined rules to implied rules.
E. Delete rules, without having to reinstall the Security Policy.
Correct Answer: B
QUESTION 18
Which of the following characteristics BEST describes the behaviour of Check Point NG with Application Intelligence?
A. Traffic not expressly permitted is prohibited.
B. All traffic is expressly permitted by explicit rules.
C. Secure connections are authorized by default. Unsecured connectdions are not.
D. Traffic is filtered using controlled ports.
E. TELNET, HTTP; and SMTP are allowed by default.
Correct Answer: A
QUESTION 19
SmartUpdate CANNOT be used to:
A. Track installed versions of Check Point and OPSEC products.
B. Manage licenses centrally.
C. Update installed Check Point and OPSEC software remotely, from a centralized location.
D. Uninstall Check Point and OPSEC software remotely, from a centralized location.
E. Remotely install NG with Application Intelligence for the first time, on a new machine.
Correct Answer: E
QUESTION 20
Which of the following statements about Client Authentication is FALSE?
A. In contrast to User Authentication that allows access per user. Client Authentication allows access per IP address.
B. Client Authentication is more secure than User Authentication, because it allows multiple users and connections from an authorized IP address or host.
C. Client Authentication enables Security Administrators to grant access privileges to a specific IP address, after successful authentication.
D. Authentication is by user name and password, but it is the host machine (client) that is granted access.
E. Client Authentication is not restricted to a limited set of protocols.
Correct Answer: B
QUESTION 21
Why is Application Layer particularly vulnerable to attacks? Choose three
A. Malicious Java, ActiveX, and VB Scripts can exploit host system simply by browsing.
B. The application Layer performs access-control and legitimate-use checks.
C. Defending against attacks at the Application Layer is more difficult, than at lower layers of the OSI model.
D. The Application Layer does not perform unauthorized operations.
E. The application Layer supports many protocols.
Correct Answer: ACE
QUESTION 22
You have created a rule that requires users to be authenticated, when connecting to the Internet using HTTP. Which is the BEST authentication method for users who must use specific computers for Internet access?
A. Client
B. Session
C. User
Correct Answer: A
QUESTION 23
What function does the Active mode of SmartView Tracker perform?
A. It displays the active Security Policy.
B. It displays active Security Administrators currently logged into a SmartCenter Server.
C. It displays current active connections traversing Enforcement Modules.
D. It displays the current log file, as it is stored on a SmartCenter Server.
E. It displays only current connections between VPN-1/FireWall-1 modules.
Correct Answer: C
QUESTION 24
You are importing product data from modules, during a VPN-1/Firwall-1 Enforcement Module upgrade. Which of the following statements are true? Choose two.
A. Upgrading a single Enforcement Module is recommended by Check Point, since there is no chance of mismatch between installed product versions.
B. SmartUpdate queries license information, from the SmartConsole runging locally on the Enforcement Module.
C. SmartUpdate queries the SmartCenter Server and Enforcement Module for product information.
D. If SmartDashboard and all SmartConsoles must be open during input, otherwise the product-data retrieval process will fail
Correct Answer: AC
QUESTION 25
Which if the following components functions as the Internal Certificate Authority for all modules in the VPN-1/FireWall-1 configuration?
A. Enforcement Module
B. INSPECT Engine
C. SmartCenter Server
D. SmartConsole
E. Policy Server
Correct Answer: C
QUESTION 26
Which of the following is NOT a security benefit of Check Point’s Secure Internal Communications (SIC)?
A. Generates VPN certificates for IKE clients.
B. Allows the Security Administrator to confirm that the Security Policy on an Enforcement Module came from an authorized Management Server.
C. Confirms that a SmartConsole is authorized to connect a SmartCenter Server
D. Uses SSL for data encryption.
E. Maintains data privacy and integrity.
Correct Answer: A
QUESTION 27
You are administering one SmartCenter Server that manages three Enforcement Modules. One of the Enforcement Modules does not appear as a target in the Install Policy screen, when you attempt to install the Security Policy. What is causing this to happen?
A. The license for the Enforcement Module has expired.
B. The Enforcement Module requires a reboot.
C. The object representing the Enforcement Module was created as a Node->Gateway.
D. The Enforcement Module was not listed in the Install On column of its rule.
E. No Enforcement Module Master filer was created, designating the SmartCenter Server
Correct Answer: C
QUESTION 28
You are the Security Administrator with one SmartCenter Server managing one Enforcement Moduel. SmartView Status displayes a computer icon with an “I” in the Status column. What does this mean?
A. You have entered the wrong password at SmartView Status login.
B. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module.
C. The SmartCenter Server cannot contact a gateway.
D. The VPN-1/Firewall-1 Enforcement Module has been compromised and is no longer controlled by this SmartCenter Sever.
E. The Enforcement Module is installed and responding to status checks, but the status is problematic.
Correct Answer: E
QUESTION 29
Check Point’s NG with Application Intelligence protects against Network and Transport layer attacks by: (Choose two)
A. Preventing protocol-anomaly detection-
B. Allowing IP fragmentation-
C. Preventing validation of compliance to standards.
D. Preventing non-TCP denial-of-service attacks, and port scanning.
E. Preventing malicious manipulation of Network Layer protocols.
Correct Answer: DE
QUESTION 30
Which of the following locations is Static NAT processed by the Enforcement Module on packets from an external source to an internal statically translated host? Static NAT occurs.
A. After the inbound kernel, and before routing.
B. After the outbound kernel, and before routing.
C. After the inbound kernel, and aftter routing.
D. Before the inbound kernel, and after routing.
E. Before the outbound kernel, and before routing.
Correct Answer: C
QUESTION 31
Which of the following does a Check Point security gateway access, analyze, and use? Choose three.
A. Communications information
B. Communication-derivec state
C. Packet sniffing
D. Information mapping
E. Application-derived state
Correct Answer: ABE
QUESTION 32
Which NG with Application Intelligence feature allows a Security Administrator to granularly control acceptable FTP commands?
A. FTP Security Server object settings
B. Check Point Gateway object, Security Server settings
C. SmartDefense, FTP Security Server settings
D. Rule Base Service field
E. Global Properties, Security Server settings.
Correct Answer: C
QUESTION 33
You are Security Administrator preparing to deploy a new hot-fix to ten Enforcement Modules at five geographically separated locations. What is the BEST method to implement this hot-fix?
A. Use SmartView installer to deploy the hot-fix to each Enforcement Module.
B. Send a CDROM with the hot-fix to each location, and have local personnel install it.
C. Send a Certified Security Engineer to each site to perform the update.
D. Use SmartInstaller to install the packages to each of the Enforcement Models remotely.
E. Use SmartUpdate to install the packages to each of the Enforcement Models remotely.
Correct Answer: E QUESTION 34
Implicit rules do NOT allow what types of VPN-1/FireWall-1 Control Connections by default?
A. Outgoing traffic, originating from the gateway
B. RIP for routing configuration
C. IKE and RDP-traffic, for communication and encryption
D. VPN-1/Firewall-1 specific traffic, such as logging, management, and key exchange
E. RADIOUS; CVP, UFP, and LDAP
Correct Answer: B
QUESTION 35
In Secure Internal Communicators (SIC), the SmartCenter Server and its components are identified by a (n):
A. SIC entry in the host file
B. Random seed
C. Port number
D. Distinguished Name
E. IP address
Correct Answer: D
QUESTION 36
Which of the following statements BEST describes Dynamic Network Address Translation (Hide NAT)?
A. Allow you to hide an entire network behind one IP address.
B. Translates private external IP addresses to public IP addresses.
C. Allows you to hide an entire network behind public IP addresses.
D. Translates public internal IP addresses to private IP addresses.
E. Allow you to hide an entire network behind random IP addresses.
Correct Answer: A
QUESTION 37
What type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets?
A. SMURF
B. SYN-Flood
C. Host System Hogging
D. Small PMTU
E. LAND
Correct Answer: D
QUESTION 38
How is the Block Intruder request used?
A. It is used in place of the HTTP Security Server.
B. SmartDefense automatically uses this capability.
C. It is used in the Log mode of SmartView Tracker to kill active connections.
D. It is activated in SmartDashboard through the Security Policy.
E. It blocks access from a Source, or to a Destination, for a specified amount of time, or indefinitely.
Correct Answer: E QUESTION 39
A conflict between anti-spoofing and Network Address Translation (NAT) occurs when:
A. The Translate destination on the client-side option is not enabled when using Static NAT:
B. NAT is performed on the client side.
C. Manual NAT rules are used.
D. The Translate destination on the client-side option is enabled.
E. The Translate destination on the server-side option is enabled.
Correct Answer: A
QUESTION 40
One of the most important tasks Security Adminstrators perform is log maintenance. By default, when an administrator clicks File > Switch Active file from SmartView Tracker, the SmartCenter server:
A. Purges the current log file, and prompts the Security Administrator for the mode of the new log.
B. Opens a new window with a previously saved log for viewing.
C. Saves the current log file, names the save file by date and time and starts a new log.
D. Prompts the Security Administrator for the name of the current log, saves it, and then prompts the Security Administrator for the mode of the new log.
E. Purges the current log file, and starts a new log.
Correct Answer: C
QUESTION 41
A VPN-1/FireWall-1 SmartDashboard is used to perform which of the following tasks? Choose two.
A. Allows the Security Administrator to configure Network Address Translation.
B. Stores VPN-1/Firewall-1 logs
C. Compiles the Rule Base into an enforceable Security Policy.
D. Stores the User Database.
E. It is used to crate and define a Security Policy.
Correct Answer: AE
QUESTION 42
Assuming the default settings in the Global Properties have not changed, which of the following types of traffic will be allowed through a firewall with the Rule Base displayed in the exhibit?
A. VPN-1/Firewall-1 Control Connections.
B. HTTP from anywhere to Web Server.
C. HTTP from network out.
D. FTP from anywhere to Web Server.
E. RIP traffic to the gateway.
Correct Answer: AB
QUESTION 43
In SmartView Status, what does a status of Untrusted tell you?
A. The Enforcement Module is offline.
B. The Security Administrator has entered the wrong password at SmartView Status login.
C. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module
D. The SmartCenter Server cannot contact a gateway
E. An Enforcement Module is installed and responding to status checks, but the status is problematic.
Correct Answer: C
QUESTION 44
For which of the following objectd types can Network Address Translation be configured?
A. Domains, host nodes, network.
B. Domains, networks, users
C. Host nodes, networks, OSE devices
D. Host nodes, networks, address ranges
E. Networks, OSE Devices logical servers.
Correct Answer: D
QUESTION 45
Howa CK Storm Center Block Lists activated? Choose the correction order.
1.
Security Adminstrators define a CPDShield object and place it in the Rule Base appropriately.
2.
The Storm Center Module agent on the Enforcement Module retrieves the Block list, and replaces the CPDSHield object with a list of blocked IP addresses.
3.
The Storm Center Module agent periodically checks for updates to the Block list.
A. 3, 2, 1
B. 1, 2, 3
C. 2, 3, 1
D. 3, 1, 2
E. 2, 1, 3
Correct Answer: B
QUESTION 46
Network topology exhibit In the network displayed in the exhibit, the public servers accept and initiate connections from the Internet. The public servers must:
A. Be moved to the other side of the Enforcement Module, and give public addresses.
B. Use Reverse Network Address Translation.
C. Use Static Network Address Translation.
D. Use Dynamic Network Address Translation
E. Network Address Translation is not required.
Correct Answer: C
QUESTION 47
What Blocking Scope options are available when using Block Intruder? Choose three.
A. Block access from this Source.
B. Block source and destination
C. Block access to this Destination.
D. Block only this connection
E. Block all traffic
Correct Answer: ACD
QUESTION 48
TO be MOST effective, where should Anti-Spoofing be configured?
A. Only on interfaces facing internal networks.
B. Only on external and DMZ interfaces.
C. Only on DMZ interfaces
D. Only on external interfaces.
E. On all interfaces.
Correct Answer: E QUESTION 49
Choose the two responses that BEST describe a VPN-1/Firewall-1 Rule Base. A Rule Base is:
A. A collection of corporate guidelines used to structure the network Security Policies for users operating behind the firewall.
B. A collection of system settings that make up implicit rules defining network security.
C. The process by which secure communications are established between different VPN-1/Firewall-1 Modules, operating within an enterprise security environment.
D. A repository of DLL files, each provides a specific security function.
E. A set of explicitly and implicitly defined rules used to define network security.
Correct Answer: AE
QUESTION 50
When defining objects, why should you NOT change the name or IP address of the system-created SmartCenter Server objects? Choose two.
A. Changes the certificate of the system-created object
B. Causes a fault-tolerance error on the VPN-1/Firewall-1 Enforcement Module
C. Interferes with Security Policy Installation
D. Does not change the object name in the Rule Base.
E. Negatively affects the Internal Certificate Authority.
Correct Answer: AE
QUESTION 51
You are the Security Administrator with one SmartCenter Server managing one Enforcement Module.
SmartView Status displays a computer icon with an “?” in the Status column.
What does this mean?
A. The VPN-1/FireWall-1 Enforcement Module has been compromised and is no longer controlled by this SmartCenter Server.
B. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module.
C. The Enforcement Module is installed and responding to status checks, but the status is problematic.
D. You have entered the wrong password at SmartView Status login.
E. The SmartCenter Server cannot contact the gateway.
Correct Answer: E
QUESTION 52
Which statement below BEST describes how VPN-1/FireWall-1 handles hidden rules? Hidden rules are:
A. Not included when the Security Policy is installed.
B. Removed from the existing Security Policy.
C. Enforced when the Security Policy is installed.
D. Automatically installed, when the Unhide All option is selected from the Hide Rules menu.
E. Enforced as implied rules, before the explicitly defined Rule Base.
Correct Answer: C
QUESTION 53
Which of the following is NOT included in SVN Foundation?
A. Watch Dog for Critical Services
B. License Utilities
C. CPShared Daemon
D. SmartDefense
E. SNMP Daemon
Correct Answer: D
QUESTION 54
Which of the following BEST describes the function of Dynamic Network Address Translation (Dynamic
NAT)?
Dynamic NAT:
A. Allows you to configure more public IP addresses than you have hosts.
B. Reduces the load on the Enforcement Module.
C. Limits the number of internal hosts that may access the Internet.
D. Reduces the number of connections to your Web server.
E. Allows you to configure for more hosts than you have public IP addresses.
Correct Answer: E
The CheckPoint 156-210 certification can make you a competent person.It may enable a technician to know about the CheckPoint 156-210 configurations,get information about the CheckPoint 156-210 data center products and hardware and knowledge about CheckPoint 156-210 united computing systems.
We are committed on providing you with the latest and most accurate CheckPoint 156-110 exam preparation products.If you want to pass CheckPoint 156-110 exam successfully, do not miss to read latest CheckPoint 156-110 brain dumps on Flydumps.
QUESTION 41
If e-mail is subject to review by individuals other than the sender and recipient, what should be clearly stated in the organization’s e-mail policy?
A. Technologies and methods used to monitor and enforce the organization’s policies
B. Senior management and business-unit owner responsibilities and delegation options
C. Clear, legally defensible definition of what constitutes a business record
D. Consequences for violation of the organization’s acceptable-use policy
E. No expectation of privacy for e-mail communications, using the organization’s resources
Correct Answer: E
QUESTION 42
Which of the following are common failures that should be addressed in an organization’s Business Continuity Plan (BCP) ? (Choose THREE.)
A. Connectivity failures
B. Accounting failures
C. Hardware failures
D. Utility failures
E. Personal failures
Correct Answer: ACD
QUESTION 43
Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?
A. Hire an investigation agency to run background checks.
B. Verify all dates of previous employment.
C. Question candidates, using polygraphs.
D. Contact personal and professional references.
E. Run criminal-background checks.
Correct Answer: BD QUESTION 44
A _______ _______ posture provides many levels of security possibilities, for access control.
A. Layered defensive
B. Multiple offensive
C. Flat defensive
D. Reactive defensive
E. Proactive offensive
Correct Answer: A
QUESTION 45
At ABC Corporation, access to critical information resources, such as database and e-mail servers, is controlled by the information-technology (IT) department. The supervisor in the department grants access to printers where the printer is located. Managers grant and revoke rights to files within their departments’ directories on the file server, but the IT department controls who has access to the directories. Which type of access-management system is in use at ABC Corporation?
A. Centralized access management
B. Role-based access management
C. Hybrid access management
D. Decentralized access management
E. Privileged access management
Correct Answer: C
QUESTION 46
Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.
A. Espionage
B. Transposition cipher
C. Key exchange
D. Arithmancy
E. Steganography
Correct Answer: E
QUESTION 47
Why should each system user and administrator have individual accounts? (Choose TWO.)
A. Using generic user names and passwords increases system security and reliability.
B. Using separate accounts for each user reduces resource consumption, particularly disk space.
C. By using individual login names and passwords, user actions can be traced.
D. If users do not have individual login names, processes can automatically run with root/administrator access.
E. A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing.
Correct Answer: CE
QUESTION 48
A(n) _______ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.
A. False positive
B. False negative
C. CIFS pop-up
D. Threshold
E. Alarm
Correct Answer: B
QUESTION 49
What is single sign-on? An authentication method:
A. that allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
B. that stores user credentials locally, so that users need only authenticate the first time, a local machine is used
C. requiring the use of one-time passwords, so users authenticate only once, with a given set of credentials.
D. that uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication
E. that requires users to re-authenticate for every resource accessed
Correct Answer: A
QUESTION 50
Which of the following is NOT a Business Continuity Plan (BCP) recovery strategy?
A. Delegating risk to another entity, such as an insurer
B. Manual procedures; alternative solution to technology available
C. Deferring action; action waiting until a later date
D. Reciprocal agreements with another organization
E. Doing nothing; no action taken to recover the technology
Correct Answer: A
Get certified CheckPoint 156-110 is a guaranteed way to succeed with IT careers.We help you do exactly that with our high quality CheckPoint 156-110 Certification Certified Information Systems Security Professional training materials.
At Flydumps,we are positive that our CheckPoint 156-110 preparation material with questions and answers pdf provide most in-depth solutions for individuals that are preparing for the CheckPoint 156-110 exam.Our uodated CheckPoint 156-110 brain dumps will allow you the opportunity to know exactly what to expect on the exam day and ensure that you can pass the exam beyond any doubt.
QUESTION 55
____________________ educate(s) security administrators and end users about organizations’ security policies.
A. Security-awareness training
B. Information Security (INFOSEC) briefings
C. Acceptable-use policies
D. Continuing education
E. Nondisclosure agreements
Correct Answer: A
QUESTION 56
Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.
A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field
Correct Answer: C
QUESTION 57
Organizations _______ risk, when they convince another entity to assume the risk for them.
A. Elevate
B. Assume
C. Deny
D. Transfer
E. Mitigate
Correct Answer: D
QUESTION 58
A(n) _______________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact
E. Aggregated data set
Correct Answer: A
QUESTION 59
To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.
At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?
A. ABC Company will never recoup the cost of this safeguard.
B. Less than 7 years
C. Less than 3 years
D. Less than 1 year
E. Less than 5 years
Correct Answer: B
QUESTION 60
ABC Corporation’s network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?
A. Single sign-on
B. Decentralized access control
C. Hybrid access control
D. Layered access control
E. Mandatory access control
Correct Answer: D
QUESTION 61
The items listed below are examples of ___________________ controls.
*Smart cards *Access control lists *Authentication servers *Auditing
A. Role-based
B. Administrative
C. Technical
D. Physical
E. Mandatory
Correct Answer: C
QUESTION 62
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
A. are required standards in health care and banking.
B. provide redundant systems and data backups.
C. control who is allowed to view and modify information.
D. are academic models not suitable for implementation.
E. set standards for acceptable media-storage devices.
Correct Answer: C
QUESTION 63
_______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
C. Network
D. Pattern matching
E. Host
Correct Answer: B
QUESTION 64
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
A. Leased-line security
B. Salami attacks
C. Unauthorized network connectivity
D. Distributed denial-of-service attacks
E. Secure access to remote organizational resources
Correct Answer: E
QUESTION 65
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A QUESTION 66
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages
Correct Answer: ABE
QUESTION 67
Which type of access management uses information about job duties and positions, to indicate subjects’ clearance levels?
A. Discretionary
B. Role-based
C. Nondiscretionary
D. Hybrid
E. Mandatory
Correct Answer: B
QUESTION 68
When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)
A. Discover the information daily activities yield.
B. Meet with adversaries.
C. Perform business impact analysis surveys.
D. Scrutinize their organizations’ daily activities.
E. Analyze indicators, to determine the information an adversary can glean ?both from routine and nonroutine activities.
Correct Answer: ADE
QUESTION 69
Which of the following can be stored on a workstation? (Choose TWO.)
A. Payroll information
B. Data objects used by many employees
C. Databases
D. Interoffice memo
E. Customer correspondence
Correct Answer: DE
QUESTION 70
How is bogus information disseminated?
A. Adversaries sort through trash to find information.
B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
C. Adversaries use movement patterns as indicators of activity.
D. Adversaries take advantage of a person’s trust and goodwill.
E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.
Correct Answer: E
QUESTION 71
Which type of access management allows subjects to control some access of objects for other subjects?
A. Discretionary
B. Hybrid
C. Mandatory
D. Role-based
E. Nondiscretionary
Correct Answer: A
QUESTION 72
Which of the following are enterprise administrative controls? (Choose TWO.)
A. Network access control
B. Facility access control
C. Password authentication
D. Background checks
E. Employee handbooks
Correct Answer: DE
QUESTION 73
You are preparing a machine that will be used as a dedicated Web server.
Which of the following services should NOT be removed?
A. E. IRC
B. SMTP
C. FTP
D. HTTP
E. PVP
Correct Answer: D
QUESTION 74
A new U.S. Federal Information Processing Standard specifies a
cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive,
but unclassified, information. What is the name of this Standard?
A. Triple DES
B. Blowfish
C. AES
D. CAST
E. RSA
Correct Answer: C
QUESTION 75
If a firewall receives traffic not explicitly permitted by its security policy, what should the firewall do?
A. Nothing
B. Do not log and drop the traffic.
C. Log and drop the traffic.
D. Log and pass the traffic.
E. Do not log and pass the traffic.
Correct Answer: C
QUESTION 76
Which of the following statements about encryption’s benefits is false? Encryption can: (Choose TWO.)
A. significantly reduce the chance information will be modified by unauthorized entities.
B. only be used to protect data in transit. Encryption provides no protection to stored data.
C. allow private information to be sent over public networks, in relative safety.
D. significantly reduce the chance information will be viewed by unauthorized entities.
E. prevent information from being destroyed by malicious entities, while in transit.
Correct Answer: BE
QUESTION 77
Which principle of secure design states that a security mechanism’s methods must be testable?
A. Separation of privilege
B. Least common mechanism
C. Complete mediation
D. Open design
E. Economy of mechanism
Correct Answer: D
QUESTION 78
What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan
Correct Answer: E
QUESTION 79
A(n) ______________________________ is a quantitative review of risks, to determine how an organization will continue to function, in the event a risk is realized.
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
Correct Answer: C
QUESTION 80
Internal intrusions are loosely divided into which categories? (Choose TWO.)
A. Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
B. Attempts by insiders to access resources, without proper access rights.
C. Attempts by insiders to access external resources, without proper access rights.
D. Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
E. Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.
Correct Answer: BE
QUESTION 81
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization’s security policy.
C. Enables the administrator to monitor the configuration of remote computers.
D. Prevents attackers from penetrating headquarters’ Security Gateway.
E. Confirms that a remote configuration complies with the organization’s security policy.
Correct Answer: BCE
Ensure that you are provided with only the best and most updated CheckPoint 156-110 Certification training materials, we also want you to be able to access CheckPoint 156-110 easily, whenever you want.We provide all our CheckPoint 156-110 Certification exam training material in PDF format, which is a very common format found in all computers and gadgets. Now we add the latest CheckPoint 156-110 content and to print and share content.
The 100% valid latest CheckPoint 156-510 question answers ensure you 100% pass! And now we are offering the free CheckPoint 156-510 new version along with the VCE format Checkpoint 156-815 practice test. Free download more new CheckPoint 156-510 PDF and VCE on Flydumps.com.
QUESTION 51
The -u option on fwd designates that this enforcement module allows SecuRemote connections. This option is on by default, true or false?
A. False
B. True
Correct Answer: B QUESTION 52
IP pools can be used in MEP configurations for what purpose?
A. To allow multiple connections from one client
B. To ensure that valid addresses are assigned to clients
C. To reserve connections for clients
D. To prevent asymmetric routing issues
Correct Answer: D QUESTION 53
In a high availability management module situation, in normal circumstances what is true?
A. The primary module is limited to read only access, a secondary can grant read/write access
B. The primary and secondary modules can both grant read/write access
C. The primary and secondary modules are both limited to read only access once initialized
D. The primary module can grant read/write access, a secondary is limited tot read only access
Correct Answer: D QUESTION 54
When displaying FW-1 statistics using the “fw ctl pstat” command, you may see negative values for kernel memory. What is true about this?
A. There is a memory fault
B. FW-1 is currently not active
C. This does not indicate a problem
D. Memory is being over utilized
Correct Answer: C QUESTION 55
To get the most efficient operation, you should place the rules most often matched at the bottom of the rulebase, and the rules least often matched at the top. True or false?
A. False
B. True
Correct Answer: A QUESTION 56
Which default ports are used by LDAP?
A. Port 636 for a standard connection
B. Port 389 for a standard connection
C. Port 389 for a SSL connection
D. Port 636 for a SSL connection
Correct Answer: BD
QUESTION 57
What is the default value for the timeout on cached users, applied when using an LDAP server as a user database?
A. 300 secs
B. 0 secs (ie no caching)
C. 600 secs
D. 900 secs
Correct Answer: D
QUESTION 58
Which two CPMAD parameters are directly used to determine if an attack is taking place?
A. Resolution
B. Action
C. Time_interval
D. Repetitions
E. Mode
Correct Answer: CD
QUESTION 59
In a load sharing SEP configuration, what mechanism is used to ensure that each gateway sees all the traffic it needs to?
A. The gateway cluster IP address is used
B. The receiving gateway forwards the packets to the others
C. All packets are broadcast
D. Each gateways is sent the packets separately
Correct Answer: A
QUESTION 60
Which is the correct format on a Windows platform to enable debug mode in fwd on an enforcement module only server?
A. fwd -d -n
B. fwd -d
C. fw d -d -n
D. fw d -d
Correct Answer: D
QUESTION 61
When configuring an MEP VPN facility, you would specify a backup gateway in the VPN screen of the gateway properties window. What could be the reason for the backup gateway not being available in the drop down list?
A. The backup gateway is already a backup to another gateway
B. The backup gateway is not running VPN-1
C. The backup gateway is not defined as an internal object on this gateway
D. The backup gateway is not defined as an external object on this gateway
Correct Answer: C
We provide CheckPoint 156-510 help and information on a wide range of issues. CheckPoint 156-510 is professional and confidential and your issues will be replied within 12 hous. CheckPoint 156-510 free to send us any questions and we always try our best to keeping our Customers Satisfied.
ATTENTION: Get your CheckPoint 156-315 certification easily with,Flydumps latest CheckPoint 156-315 exam dumps. All the up-to-date questions and answers were added to the new version.Go to the site Flydumps.com to get more CheckPoint 156-315 exam
information.
QUESTION 61
How can you prevent delay-sensitive applications, such as video and voice traffic, from being dropped due to long queues when using a Check Point QoS solution?
A. Low latency class
B. DiffServ rule
C. Guaranteed per connection
D. Weighted Fair Queuing
E. Guaranteed per VoIP rule
Correct Answer: A
QUESTION 62
Certkiller is a Security Administrator preparing to implement a VPN solution for her multi-site organization
Certkiller.com. To comply with industry regulations,
Mrs. Bill VPN solution must meet the following requirements:
*
Portability: standard
*
Key management: Automatic, external PKI
*
Session keys: Changed at configured times during a connection’s lifetime
*
key length: No less than 128-bit
*
Data integrity: Secure against inversion and brute-force attacks
What is the most appropriate setting Jack should choose?
A. IKE VPNs: AES encryption for IKE Phase 1, and DES encryption for Phase 2; SHA1 ash
B. IKE VPNs: SHA1 encryption for IKE Phase 1, and MD5 encryption for Phase 2; AES hash
C. IKE VPNs: CAST encryption IKE Phase 1, and SHA1 encryption for Phase 2; DES hash
D. IKE VPNs: AES encryption for IKE Phase 1, and AES encryption for Phase 2; SHA1 hash
E. IKE VPNs: DES encryption for IKE Phase 1, and 3DES encryption for Phase 2; MD5 hash
Correct Answer: D
QUESTION 63
Your current VPN-1 NG Application Intelligence (AI) R55 stand-alone VPN-1 Pro Gateway and SmartCenter Server run on SecurePlatform. You plan to implement VPN-1 NGX in a distributed environment, where the existing machine will be the SmartCenter Server, and a new machine will be the VPN-1 Pro Gateway only. You need to migrate the NG with AI R55 SmartCenter Server configuration, including such items as Internal Certificate Authority files, databases, and Security Policies. How do you request a new license for this VPN-1 NGX upgrade?
A. Request a VPN-1 NGX SmartCenter Server license, using the new machine’s IP addres. Request a new local license for the NGX VPN-1 Pro Gateway.
B. Request a VPN-1 NGX SmartCenter Server license, using the new machine’s IP addres. Request a new central license for the NGX VPN-1 Pro Gateway.
C. Request a new VPN-1 NGX SmartCenter Server license, using the NG with AI SmartCenter Server IP address. Request a new central license for the NGX VPN-1 Pro Gateway.
D. Request a VPN-1 NGX SmartCenter Server license, using the NG with AI SmartCenter Server IP address. Request a new central license for the NGX VPN-1 Pro Gateway, licenses for the existing SmartCenter Server IP address.
Correct Answer: C
QUESTION 64
Certkiller is a Security Administrator for Certkiller.com. Certkiller.com has two sites using pre-shared secrets in its VPN. The two sites are Boston and New York. Jack has just been informed that a new office is opening in Houston, and she must enable all three sites to connect via the VPN to each other. Three Security Gateways are managed by the same SmartCenter Server, behind the New York Security Gateway. Mrs. Bill decides to switch from a pre-shared secrets to Certificates issued by the Internal Certificate Authority (ICA). After creating the Houston gateway object with the proper VPN domain, what are Certkiller’s remaining steps?
1.
Disable “Pre-shared Secret” on the Boston and New York gateway objects.
2.
Add the Houston gateway object into the New York and Boston’s mesh VPN Community.
3.
Manually generate ICA Certificates for all three Security Gateways.
4.
Configure “Traditional mode VPN configuration” in the Houston gateway object’s VPN screen.
5.
Reinstall the Security Policy on all three Security Gateways
A. 1-2-5
B. 1-3-4-5
C. 1-2-3-5
D. 1-2-4-5
E. 1-2-3-4
Correct Answer: C QUESTION 65
Which component functions as the Internal Cerrificate Authority for VPN-1 NGX?
A. VPN-1 Certificate Manager
B. SmartCenter Server
C. SmartLSM
D. Policy Server
E. Security Gateway
Correct Answer: B
QUESTION 66
Which Security Server can perform content-security tasks, but CANNOT perform authentication tasks?
A. FTP
B. SMTP
C. Telnet
D. HTTP
E. rlogin
Correct Answer: B
QUESTION 67
Certkiller.com has two headquarters, one in Los Angeles and one in Mumbai. Each headquarter includes several branch offices. The branch office only need to communicate with the headquarter in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for VPN communities among the branch offices and their headquarters, and between the two headquarters? VNP communities comprised of:
A. Two star and one mesh community; each start Community is set up for each site, with headquarters as the center of the Community, and branches as satellites. The mesh Communities are between Mumbai and Los Angeles headquarters.
B. Three mesh Communities: one for Los Angeles and its branches, one for Mumbai headquarters and its branches, and one for Los Angeles and Mumbai headquarters.
C. Two mesh Communities, one for each headquarters; and one start Community, in which Los Angeles is the center of the Community and Mumbai is the satellite.
D. Two mesh Communities, one for each headquarters; and one start Community, in which Mumbai is the center of the Community and Los Angeles is the satellite.
Correct Answer: A
QUESTION 68
Certkiller wants to protect internal users from malicious Java code, but Jack does not want to strop Java
scripts.
Which is the best configuration option?
A. Use the URI resource to block Java code
B. Use CVP in the URI resource to block Java code
C. Use the URI resource to strop ActiveX tags
D. Use the URI resource to strop applet tags
E. Use the URI resource to strop script tags
Correct Answer: A
QUESTION 69
You want to block corporate-internal-net and localnet from accessing Web sites containing inappropriate content. You are using WebTrends for URL filtering. You have disabled VPN-1 Control connections in the Global properties. Review the diagram and the Security Policies for Certkiller 1 and Certkiller 2 in the exhibit provided. Corporate users and localnet users receive message “Web cannot be displayed”. In SmartView Tracker, you see the connections are dropped with the message “content security is not reachable”. What is the problem, and how do you fix it?
A. The connection from Certkiller 2 to the internal WebTrends server is not allowed in the Policy. Fix: Add a rule in Certkiller 1’s Policy to allow source WebTrendsServer, destination Certkiller 2, service TCP port 18182, and action accept.
B. The connection from Certkiller 2 to the WebTrends server is not allowed in the Policy. Fix: Add a rule in Certkiller 2’s Policy with Source Certkiller 2, destination WebTrends server, service TCP port 18182, and action accept.
C. The connection from Certkiller 1 to the internal WebTrends server is not allowed in the Policy Fix: Add a rule in Certkiller 2’s Policy with source WebTrendsServer, destination Certkiller 1, service TCP port 18182, and action accept.
D. The connection from Certkiller 1 to the internal WebTrends server is not allowed in the Policy. Fix: Add a rule in Certkiller 2’s Policy with source Certkiller 1, destination WebTrends server, service TCP port 18182, and action accept.
E. The connection from Certkiller 1 to the internal WebTrends server is not allowed in the Policy. Fix: Add a rule in Certkiller 1’s Policy to allow source Certkiller 1, destination WebTrends server, service TCP port 18182, and action accept.
Correct Answer:
QUESTION 70
Which service type does NOT invoke a Security Server?
A. HTTP
B. FTP
C. Telnet
D. CIFS
E. SMTP
Correct Answer: D
QUESTION 71
Review the following rules and note the Client Authentication Action properties screen, as shown in the exhibit.
After being authenticated by the Security Gateway when a user starts an HTTP connection to a Web site the user tries to FTP to another site using the command line. What happens to the user? The….
A. FTP session is dropprd by the implicit Cleanup Rule.
B. User is prompted from the FTP site only, and does not need to enter username and password for the Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication by the Security Gateway again.
Correct Answer: B
QUESTION 72
What is the command to see the licenses of the Security Gateway Certkiller from your SmartCenter Server?
A. print Certkiller
B. fw licprint Certkiller
C. fw tab -t fwlic Certkiller
D. cplic print Certkiller
E. fw lic print Certkiller
Correct Answer: D
QUESTION 73
Ophelia is the security Administrator for a shipping company. Her company uses a custom application to update the distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateways Rule Base includes a rule to accept this traffic. Ophelia needs to be notified, via atext message to her cellular phone, whenever traffic is accepted on this rule. Which of the following options is MOST appropriate for Ophelia’s requirement?
A. User-defined alert script
B. Logging implied rules
C. SmartViewMonitor
D. Pop-up API
E. SNMP trap
Correct Answer: A
QUESTION 74
Choose the BEST sequence for configuring user management on SmartDashboard, for use with an LDAP server:
A. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP server using an OPSEC application.
B. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP resource object.
C. Enable LDAP in Global Properties, configure a host-node object for the LDAP Server, and configure a server object for the LDAP Account Unit.
D. Configure a server object for the LDAP Account Unit, and create an LDAP resource object.
E. Configure a workstation object for the LDAP server, configure a server object for the LDAP Account Unit, and enable LDAP in Global Properties.
Correct Answer: A
QUESTION 75
Which of the following is the final step in an NGXbackup?
A. Test restoration in a non-production environment, using the upgradeimport command
B. Move the *.tgz file to another location
C. Run the upgradeexport command
D. Copy the conf directory to another location
E. Run the cpstop command
Correct Answer: B
Preparing CheckPoint 156-315 exam is not difficult now.You can prepare from CheckPoint 156-315 Certification or Microsoft 70-576 dumps.Here we have mentioned some sample questions.You can use our CheckPoint 156-315 study material notes for test preparation. Latest CheckPoint 156-815 study material available.