Home » Checkpoint

Category Archives: Checkpoint

CheckPoint 156-210 Exam, Sale Discount CheckPoint 156-210 Dump Online

Welcome to download the newest Dumpsoon 1Z0-060 dumps:

Don’t leave your fate to boring books, you should sooner trust FLYDUMPS CheckPoint 156-210 exam sample questions. If you prefer the course on FLYDUMPS CheckPoint 156-210 exam sample questions, then you will need to attend their class and their classroom sessions are quite expensive. FLYDUMPS CheckPoint 156-210 pdf could be the passport for your career life since it covers everything needed to pass CheckPoint 156-210 exam. CheckPoint 156-210 Testing Engine are composed by current and active Information Technology experts, who use their experience in preparing you for your future CheckPoint 156-210 exam sample questions available at FLYDUMPS will save you money, and get you started on the right road to making more with your new found skills.

QUESTION 177
When you disable a rule the rule is NOT disabled until you verify your Security Policy.
A. True
B. False

Correct Answer: B
QUESTION 178
Static Source NAT translates public internal source IP addresses to private external source IP addresses.
A. True
B. False.

Correct Answer: B
QUESTION 179
What is the command that lists the interfaces to which VPN-1/FireWall-1 bound?
A. Fw ct1 iflist
B. Ifconfig -a
C. Ifconfig \all
D. Netstat -m
E. Cp bind -all

Correct Answer: A
QUESTION 180
Your customer has created a rule so that every time a user wants to go to Internet, that user must be authenticated. Which if the following is the best authentication method for roaming users, such as doctors updating patient records at various floor stations in a hospital?
A. Session
B. User
C. Client
D. Connection
E. None of the above.

Correct Answer: B QUESTION 181
Which command utility allows verification of the Security Policy installed on a firewall module?
A. Fw ct1 pstat.
B. Fw printlic.
C. Fw stat.
D. Fw ver.
E. Fw pol.

Correct Answer: C QUESTION 182
You are a firewall administrator with one Management Server managing 3 different Enforcement Modules. One of the Enforcement Modules does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is the most likely cause?
A. No master file was created.
B. License for multiple firewalls has expired.
C. The firewall has NOT been rebooted.
D. The firewall was NOT listed in the Install On column of the rule.
E. The firewall is listed as “Managed by another Management Module (external)” in the Workstation Properties dialog box.

Correct Answer: E QUESTION 183
In the Install On column of a rule, when you select a specific firewall object as the only configuration object, that rule is enforced on all firewalls with in the network, with related configurations.
A. True
B. False.

Correct Answer: B QUESTION 184
As an administrator, you want to force your users to authenticate. You have selected Client Authentication as your authentication scheme. Users will be using a Web browser to authenticate. On which TCP port will authentication be performed?
A. 23
B. 80
C. 259
D. 261
E. 900

Correct Answer: E QUESTION 185
Once installed the VPN-1/FireWall-1 NG resides directly below what layer of the TCP/IP stack?

A. Data
B. Transport
C. Physical
D. Application
E. Network

Correct Answer: E QUESTION 186
Client Authentication rules should be placed above the Stealth rule, so users can authenticate to the firewall.
A. True
B. False

Correct Answer: A QUESTION 187
The following rule base tells you any automatically created NAT rules have simply hidden but have not been deleted from the Rule Base.
A. True
B. False

Correct Answer: B QUESTION 188
You are using static Destination NAT. You have VPN-1/FireWall-1 NG running on Windows NT/Solaris platform. By default, routing occurs after the address translation when the packet is passing form the client towards the server.
A. True
B. False

Correct Answer: B QUESTION 189
Which if the following statements are FALSE?
A. Dynamic NAT cannot be used for protocols where the port number cannot be changed.
B. Dynamic NAT cannot be used when an external server must distinguish between clients bases on their IP addresses.
C. With Dynamic NAT, packet’s source port numbers are modified.
D. In Dynamic NAT, public internal addresses are hidden behind a single private external address using dynamically assigned port numbers to distinguish between them.
E. Dynamically assigned post numbers are used to distinguish between hidden private addresses.

Correct Answer: D QUESTION 190
When you modify a User Template, any users already operating under that template will be updates to the new template properties.
A. True
B. False

Correct Answer: B QUESTION 191
Installation time for creating network objects will decrease if you list machine names and IP addresses in the hosts files.
A. True
B. False

Correct Answer: A QUESTION 192
Consider the following network: No Original Packet Translated Packet Source Destination Service Source Destination Service The administrator wants to take all the local and DMZ hosts behind the gateway except the HTTP server
192.9.200.9. The http server will be providing public services and must be accessible from Internet. Select the best NAT solution below that meets these requirements.
A. Use automatic NAT that creates a static NAT to the HTTP server.
B. To hide the private addresses set the address translation for Private Net.
C. To hide the private address set the address translation for 192.9.200.0.
D. Use automatic NAT rule creation to hide NAT Local net and private Net.
E. Both A and D.

Correct Answer: E QUESTION 193
What NAT made is necessary if you want to start and HTTP session on a Reserved or Illegal IP address?
A. Static Source.
B. Static destination.
C. Dynamic
D. None of the above.

Correct Answer: B
QUESTION 194
With SecureUpdate you are able to: (Select all that apply)
A. Change Central Licenses to Local Licenses
B. Track current installed versions of Check Point and OPSEC products
C. Update Check Point and OPSEC software remotely from a central location
D. Centrally manage Licenses
E. Perform a new installation of VPN-1/FW-1 remotely

Correct Answer: BCD
QUESTION 195
Which is false about SIC communications?
A. A.VPN Certificates, such as those for IKE are used for secure communications
B. B.The Policy Editior initiates an SSL based connection with the Management Server
C. The Policy Editor must be defined as being authorised to use the Management Server
D. The Management Server verifies that the Clients IP address belongs to an authorised Policy Editor Client

Correct Answer: A

Looking to become a certified Adobe professional? Would you like to reduce or minimize your CheckPoint 156-210 certification cost? Do you want to pass all of the Microsoft certification? If you answered YES, then look no further. Flydumps.com offers you the best CheckPoint 156-210 exam certification test questions which cover all core topics and certification requirements.

Welcome to download the newest Dumpsoon 1Z0-060 dumps: http://www.dumpsoon.com/1Z0-060.html

Aruba ACCP-V6 Practise Questions, The Most Effective Aruba ACCP-V6 Actual Test On Our Store

CheckPoint 156-215 Study Guide, Download CheckPoint 156-215 PDF&VCE Online Store

Welcome to download the newest Pass4itsure 400-101 dumps:

Top IT industry experts and professionals make sure that the students get thoroughly researched 100% authentic answers. Flydumps CheckPoint 156-215 exam sample questions includes CheckPoint 156-215 exam questions answers and online CheckPoint 156-215 is extremely important for the real CheckPoint 156-215 certification. Flydumps simulator exam containing 90 questions is designed in a way that could help you pass the exam with no other books or helping materials and more effective. With our Cisco 642-618 exam sample questions you will feel on top of the illusive CheckPoint 156-215 exam.

QUESTION 182
Which command allows verification of the Security Policy name and install date on a Security Gateway?
“Pass Any Exam. Any Time.” – www.actualtests.com 73 Checkpoint 156-215.75 Exam
A. fw show policy
B. fw ctl pstat -policy
C. fw stat -l
D. fwver-p

Correct Answer: C
QUESTION 183
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
A. Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.
B. Restore the entire database, except the user database, and then create the new user and user group.
C. Restore the entire database, except the user database.
D. Run fwm dbexport -l filename. Restore the database. Then, run fwm dbimport -l filename to import the users.

Correct Answer: C
QUESTION 184
Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. Policy Package management
B. dbexport/dbimport
C. Database Revision Control
D. upgrade_export/upgrade_import

Correct Answer: C
QUESTION 185
Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote Gateway after reboot?
A. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
B. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
C. Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
D. The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.

Correct Answer: D
QUESTION 186
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?
A. Pop-up alert script
B. User-defined alert script
C. Custom scripts cannot be executed through alert scripts
D. SNMP trap alert script

Correct Answer: B QUESTION 187
Which of the following is NOT useful to verify whether or NOT a Security Policy is active on a Gateway?
A. Check the name of Security Policy of the appropriate Gateway in Smart Monitor.
B. Cpstat fw ?f policy
C. fw stat
D. fw ctl get string active_secpol “Pass Any Exam. Any Time.” – www.actualtests.com 75 Checkpoint 156-215.75 Exam

Correct Answer: D
QUESTION 188
Of the following, what parameters will not be preserved when using Database Revision Control? 1) Simplified mode Rule Bases 2) Traditional mode Rule Bases 3) Secure Platform WebUI Users 4) SIC certificates 5) SmartView Tracker audit logs 6) SmartView Tracker traffic logs 7) Implied Rules 8) IPS Profiles 9) Blocked connections 10) Manual NAT rules 11) VPN communities 12) Gateway route table 13) Gateway licenses
A. 3, 4, 5, 6, 9, 12, 13
B. 5, 6, 9, 12, 13
C. 1, 2, 8, 10, 11
D. 2, 4, 7, 10, 11

Correct Answer: A QUESTION 189
Which of the following describes the default behavior of an R75 Security Gateway?
“Pass Any Exam. Any Time.” – www.actualtests.com 76 Checkpoint 156-215.75 Exam
A. Traffic is filtered using controlled port scanning.
B. All traffic is expressly permitted via explicit rules.
C. Traffic not explicitly permitted is dropped.
D. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.

Correct Answer: C
QUESTION 190
When you use the Global Properties’ default settings on R75, which type of traffic will be dropped if no explicit rule allows the traffic?
A. SmartUpdate connections
B. Firewall logging and ICA key-exchange information
C. Outgoing traffic originating from the Security Gateway
D. RIP traffic

Correct Answer: D
QUESTION 191
You have installed a R75 Security Gateway on SecurePlatform. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy. When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?
A. The new Gateway’s temporary license has expired.
B. The object was created with Node > Gateway.
C. The Gateway object is not specified in the first policy rule column Install On.
D. No Masters file is created for the new Gateway.

Correct Answer: B
QUESTION 192
“Pass Any Exam. Any Time.” – www.actualtests.com 77 Checkpoint 156-215.75 Exam Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:
A. Are used for securing internal network communications between the SmartDashboard and the Security Management Server.
B. For R75 Security Gateways are created during the Security Management Server installation.
C. Decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.
D. Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.

Correct Answer: D
QUESTION 193
John is the Security Administrator in his company. He installs a new R75 Security Management Server and a new R75 Gateway. He now wants to establish SIC between them. After entering the activation key, the message “Trust established” is displayed in SmartDashboard, but SIC still does not seem to work because the policy won’t install and interface fetching still does not work. What might be a reason for this?
A. This must be a human error.
B. The Gateway’s time is several days or weeks in the future and the SIC certificate is not yet valid.
C. SIC does not function over the network.
D. It always works when the trust is established.
Correct Answer: B
QUESTION 194
A _______ rule is used to prevent all traffic going to the R75 Security Gateway.
A. Cleanup
B. Reject
C. Stealth
D. IPS “Pass Any Exam. Any Time.” – www.actualtests.com 78 Checkpoint 156-215.75 Exam

Correct Answer: C
QUESTION 195
In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy / Global Properties / FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to communicate to the Security Gateway on port ______.
A. 256
B. 80
C. 900
D. 259

Correct Answer: A
QUESTION 196
Your internal network is configured to be 10.1.1.0/24. This network is behind your perimeter R75 Gateway, which connections to your ISP provider. How do you configure the Gateway to allow this network to go out to the internet?
A. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.
B. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.
C. Use automatic Static NAT for network 10.1.1.0/24.
D. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.

Correct Answer: B
QUESTION 197
Which specific R75 GUI would you use to add an address translation rule?
A. SmartConsole “Pass Any Exam. Any Time.” – www.actualtests.com 79 Checkpoint 156-215.75 Exam
B. SmartDashboard
C. SmartNAT
D. SmartView Monitor

Correct Answer: B
QUESTION 198
You are a Security Administrator who has installed Security Gateway R75 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner’s access for HTTP and FTP only, you did the following:
1.
Created manual Static NAT rules for the Web server.

2.
Created the following settings in the Global Properties’ Network Address Translation screen
-Allow bi-directional NAT*

Translate destination on client side

A.
Yes, This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet.

B.
Yes, Both of these settings are only application to automatically NAT rules.

C.
No, The first setting is not applicable. The second setting will reduce performance, by translating traffic in the kernel nearest the intranet server.

D.
No. The first setting is only applicable to automatic NAT rules. The second setting is necessary to make sure there are no conflicts between NAT and anti-spoofing.
Do you above settings limit the partner’s access?

Correct Answer: D
QUESTION 199
You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global Properties / NAT.)
When you run fw monitor on the R75 Security Gateway and then start a new HTTP connection from host
10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into 10.10.10.5?
“Pass Any Exam. Any Time.” – www.actualtests.com 80 Checkpoint 156-215.75 Exam
A. i=inbound kernel, before the virtual machine
B. O=outbound kernel, after the virtual machine
C. o=outbound kernel, before the virtual machine
D. I=inbound kernel, after the virtual machine

Correct Answer: D
QUESTION 200
You have configured a remote site Gateway that supports your boss’s access from his home office using a DSL dialup connection. Everything worked fine yesterday, but today all connectivity is lost. Your initial investigation results in “nobody has touched anything”, which you can support by taking a look in SmartView Tracker Management. What is the problem and what can be done about it?
A. You cannot use NAT and a dialup connection.
B. The NAT configuration is not correct; you can only use private IP addresses in a static NAT setup.
C. A static NAT setup may not work with DSL, since the external IP may change. Hide NAT behind the Gateway is the preferred method here.
D. According to published limitations of Security Gateway R75, there’s a bug with NAT. A restart of the Gateway will help here.

Correct Answer: C

This is the reason why this program is highly recommended to all those students who are serious about passing out CheckPoint 156-215 ECSS. You will find CheckPoint 156-215 ECSS exam which you will require when CheckPoint 156-215 ECSS exam you have to test your knowledge and skills. Without them you will not be able to get information about what your areas of expertise are. It has been seen that students are feeling quite at home in presence of CheckPoint 156-215 ECSS exam as they provide them a chance to take a sigh of relief and they need not to spend hours in their studies for the certification. A great number of candidates for Exam have already been benefited themselves with the amazing study material of questions CheckPoint 156-215 ECSS study materials.

Welcome to download the newest Pass4itsure 400-101 dumps: http://www.pass4itsure.com/400-101.html

Avaya 3102 Certification Exam, Best Quality Avaya 3102 Exam Dumps With The Knowledge And Skills

CheckPoint 156-210 Exams, Offer CheckPoint 156-210 Vce Dumps For Download

Welcome to download the newest Examwind JN0-360 dumps:

Each Answers in CheckPoint 156-210 study guides are checked by the concerned professional to provide you the best quality dumps. If you are looking to get certified in short possible time, you will never find quality product than Flydumps.

QUESTION 127
As a firewall administrator you encounter the following you error message:
Authentication for command failed.
What is the most logical reasoning for thus type of error message?

A. The Rule Base has been corrupted.
B. The kernel cannot communicate with the management module.
C. The administrator does not have the ability to push the policy.
D. Remote encryption keys cannot be fetched.
E. Client authentication has failed.

Correct Answer: B
QUESTION 128
Your customer has created a rule so that every time a user wants to go to the Internet, that user must be authenticated. Firewall load is a concern for the customer. Which authentication method does not result in any additional connections to the firewall?
A. Session
B. User
C. Client
D. Connection
E. None of the above.

Correct Answer: A
QUESTION 129
What variable is used to extend the interval of the Timeout in a NAT to prevent a hidden UDP connection from losing its port?
A. Fwx_udp_todefaultextend.
B. Fwx_udp_expdefaultextend.
C. Fwx_udp_todefaultext
D. Fwx_udp_timeout.
E. Fwx_udp_expiration.
Correct Answer: D
QUESTION 130
To hide data filed in the log viewer:
A. Select Hide from the Log Viewer menu.
B. Right-click anywhere in a column of the Log Viewer GUI and select Show Details.
C. Right-click anywhere in the column of the Log Viewer GUI and select Disable.
D. Right-click anywhere in the column of the Log Viewer GUI and select Hide.
E. Select Hide from the Log Viewer tool bar.

Correct Answer: D
QUESTION 131
You are following the procedure to setup user authentication for TELNET to prompt for a distinct destination. This allows the firewall to simulate a TELNET Proxy. After you defined the user on the Firewall and use VPN-1/FireWall-1 Authentication, you would:
A. Stop the Firewall.
B. Restart the Firewall.
C. Start the Policy Editor and go to Manage service, and edit TELNET service.
D. Ensure that the Authentication method is enabled in the firewall object.
E. Ensure that there are no existing rules already allowing TELNET.

Correct Answer: D
QUESTION 132
You have the VPN-1/Firewall-1 NG product installed. The following Rule Base order correctly implements Implicit Client Authentication fort HTTP. No. SOURCE DESTINATION SERVICE ACTION 1 All *Any TCP ftp User Auth [email protected] 2 All [email protected] *Any TCP http User Auth
A. True
B. False

Correct Answer: B
QUESTION 133
What is the software package through which all Check Point products use infrastructure services?
A. Cpstart/cpstop.
B. Check Point Registry.
C. CPD
D. Watch Dog for critical services.
E. SVN Foundation.

Correct Answer: E
QUESTION 134
Choose the BEST response to finish this statement. A Firewall:
A. Prevents unauthorized to or from a secured network.
B. Prevents unauthorized to or from a unsecured network.
C. Prevents authorized access to or from an Intranet.
D. Prevents authorized access to or from an Internet.
E. Prevents macro viruses from infecting the network.
Correct Answer: A
QUESTION 135
Where is the external if file located in VPN1/Firewall-1 NG?
A. FWDIR conf directory.
B. Database directory.
C. State directory.
D. Temp Directory.
E. Not used in VPN1/Firewall-1 NG.

Correct Answer: E
QUESTION 136
Which log viewer mode allows you to actually see the contents of the files HTTP-ed by the corporation’s Chief Executive Officer?
A. Security Log.
B. Active Connections Log.
C. Accounting Log.
D. Administrative Log.
E. None of the above.

Correct Answer: E
QUESTION 137
When you select the alert radio button on the topology tab of the interface properties window:
A. The action specified in the Action element of the Rule Base is taken.
B. The action specified in the Anti-Spoofing Alert field in the Global properties window is taken.
C. The action specified in the Pop up Alter Command in the Global properties window is taken.
D. Both A and B.
E. Both B and C.

Correct Answer: E
QUESTION 138
You are the firewall administrator with one management server managing one firewall. The system status displays a computer icon with a ‘!’ symbol in the status column. Which of the following is the most likely cause?
A. The destination object has been defined as external.
B. The Rule Base is unable to resolve the IP address.
C. The firewall has been halted.
D. The firewall is unprotected, no security policy is loaded.
E. Nothing is wrong.
Correct Answer: D
QUESTION 139
System Administrators use session authentication when they want users to:
A. Authenticate each time they use a supported service.
B. Authenticate all services.
C. Use only TENET, FTP, RLOGIN, and HTTP services.
D. Authenticate once, and then be able to use any service until logging off.
E. Both B and D
Correct Answer: B
QUESTION 140
Your customer has created a rule so that every time a user wants to go to Internet, that user must be authenticated. The customer requires an authentication scheme that provides transparency for the user and granular control for the administrator. User must also be able to log in from any location. Based on this information, which authentication schemes meets the customer’s needs?
A. Session
B. User
C. Client
D. Dual
E. Reverse

Correct Answer: B QUESTION 141
Implementing Dynamic NAT would enable an internal machine behind the firewall to act as an FTP Server for external clients.
A. True
B. False

Correct Answer: B QUESTION 142
The Enforcement Module (part if the VPN-1/FireWall-1 Module):
A. Examines all communications according to an Enterprise Security Policy.
B. Is installed on a host enforcement point.
C. Can provide authentication and Content Security features at the application level.
D. Us usually installed on a multi-homed machine.
E. All of the above.

Correct Answer: E QUESTION 143
In most cases when you are building the Rule Base you should place the Stealth Rule above all other rules except:
A. Clean up rules.
B. Implicit Riles.
C. Client Authentication Rules.
D. Pseudo Rules.
E. Default Rules.

Correct Answer: C QUESTION 144
If you change the inspection order of any of the implied rules under the Security Policy Setup, does it change the order in which the rules are enforced?
A. True
B. False

Correct Answer: A QUESTION 145
The fw fetch command allows an administrator to specify which Security Policy a remote enforcement module retrieves.
A. True
B. False

Correct Answer: A
QUESTION 146
You can edit VPE objects before they are actualized (translated from virtual network objects to real).
A. True
B. False.

Correct Answer: B
QUESTION 147
Stateful inspection is a firewall technology introduced in Checkpoint VPN-1/Firewall-1 software. It is designed to meet which if the following security requirements?
1.
Scan information from all layers in the packet.

2.
Save state information derived from previous communications, such as the outgoing Port command of an FTP session, so that incoming data communication can be verified against it.

3.
Allow state information derived from other applications access through the firewall for authorized services only, such as previously authenticated users.

4.
Evaluate and manipulate flexible expressions based on communication and application derived state information.
A. 1, 2, 3
B. 1, 3, 4
C. 1, 2, 4
D. 2, 3, 4
E. 1, 2, 3, 4

Correct Answer: E
QUESTION 148
If the security policy editor or system status GUI is open, you can open the log viewer GUI from the window menu.
A. True
B. False
Correct Answer: A
QUESTION 149
NAT can NOT be configured on which of the objects?
A. Hosts
B. Gateways
C. Networks
D. Users
E. Routers

Correct Answer: D
QUESTION 150
Your customer has created a rule so that every user wants to go to Internet, that user must be authenticated. Which is the best method of authentication for users who must use specific computers for Internet access?
A. Session
B. User
C. Client
D. Connection
E. None of the above.

Correct Answer: C
QUESTION 151
Which of the following describes the behavior of VPN-1/Firewall-1 NG?
A. Traffic not expressly prohibited is permitted.
B. Traffic not expressly permitted is prohibited.
C. TELNET, SMTP and HTTP are allowed by default.
D. Secure connections are authorized by default, unsecured connections are not.
E. All traffic is controlled by explicit rules.

Correct Answer: B
QUESTION 152
New users are created from templates. What is the name of the standard template from which you would create a new user?
A. New
B. User
C. Group
D. Standard User.
E. Default

Correct Answer: E
QUESTION 153
In a distributed management environment, the firewall administrator has removed the default check from Accept VPN-1/Firewall-1 control connections under the Security Policy tab of the properties setup dialogue box. In order for the management module and the Firewall to communicate, you must create a rule to allow the Management Module to communicate to the firewall on which port?
A. 80
B. 256
C. 259
D. 900
E. 23
Correct Answer: B
QUESTION 154
What is the command for installing a Security Policy from a *.W file?
A. Fw gen and then the name of the .W file.
B. Fw load and then the name of .W file.
C. Fw regen and then the name of the .W file.
D. Fw reload and then the directory location of the .W file.
E. Fw import and then the name of the .W file.

Correct Answer: B
QUESTION 155
In the Check Point Configuration Too, you create a GUI administrator with Read Only privileges. This allows the Firewall-1 administrator for the authorized GUI client (GUI workstation) privileges to change network object, and create and install rules.
A. True
B. False

Correct Answer: B QUESTION 156
Hybrid Authentication allows VPN-1/Firewall-1 NG to authenticate SecuRemote/SecureClient, using which of the following?
A. RADIUS
B. 3DES
C. TACACS
D. Any authentication method supported by VPN-1/Firewall-1.
E. Both A and C.

Correct Answer: D QUESTION 157
In order to install a new Security Policy on a remote firewall, what command must be issued on the remote firewall?
A. Fw unload all all.
B. Fw load new.
C. Cp clear policy.
D. None of the above, the command cp policy remove is issued from the manager.
E. None of the above, the new policy will automatically overwrite the existing policy.

Correct Answer: E QUESTION 158
As a firewall administrator if you want to log packets dropped by “implicit drop anything not covered” rules, you must explicitly define a Clean-up rule. This must be the last rule in the rule base.
A. True
B. False

Correct Answer: A QUESTION 159
Fully Automatic Client authentication provides authentication for all protocols, whether supported by these protocols or not.
A. True
B. False

Correct Answer: A QUESTION 160
VPN-1/Firewall-1 NG differs from Packet filtering and Application Layer Gateways, because?
A. VPN-1/Firewall-1 NG provides only minimal logging and altering mechanism.
B. VPN-1/Firewal-1 NG uses Stateful inspection which allows packet to be examined at the top of the layers of the OSI model.
C. VPN-1/Firewall-1 NG has access to a limited part of the packet header only.
D. VPN-1/Firewall-1NG requires a connection from a client to a firewall and firewall to a server.
E. VPN-1/Firewall-1 NG has access to packets passing through key locations in a network.

Correct Answer: B
QUESTION 161
AlphaBravo Corp has 72 privately addressed internal addresses. Each network is a piece of the 10-net subnetted to a class C address. AlphaBravo uses Dynamic NAT and hides all of the internal networks behind the external IP addresses of the Firewall. The Firewall administrator for AlphaBravo has noticed that policy installation takes significantly longer since adding all 72 internal networks to the address translation rule. What should the Firewall administrator do to reduce the time it takes to install a policy?
A. Create an object for the entire 10-net and use the object for the translation rule instead of the individual network objects.
B. Use automatic NAT rule creation on each network object. Hide the network behind the firewall’s external IP addresses.
C. Match packets to the state table, so packets are not dropped. Increase the size of the NAT tables.
D. Reinstall the Firewall and Security Policy Editor. The policy is corrupting Firewall’s binaries.
E. Increase the size of state table. Use automatic NAT rule creation to hide the networks behind an IP address other than firewall’s external IP.

Correct Answer: A
QUESTION 162
How does VPN-1/Firewall-1 NG implement Transparent authentication?
A. Unknown user receive error messages indicating that the firewalled gateway does not know the user names on the gateway.
B. VPN-1/Firewall-1 NG prompts for user names even through the authentication data may not be recognized by the firewall’s user database.
C. VPN-1/Firewall-1 NG allows connections, but hides the firewall from authenticated users.
D. Unknown users error messages indicating that the host does not know the users names on the server.
E. VPN-1/Firewall-1 NG does not allow connections from users who do not know the name of the firewall.

Correct Answer: C
QUESTION 163
When creating user authentication rule, select intersect with user database for source and destination to allow access according to the source specified in the rules.
A. True
B. False

Correct Answer: B
QUESTION 164
A connection initiated by the client in the figure below will be hidden behind the IP address of the interface
through which the connection was routed on the server side if the gateway (behind either interface 2 or
interface 3). Specifying 0.0.0.0 as the address is convenient because of network address translation (NAT)
is performed dynamically. And if the IP addresses of the gateway are changed, it is not necessary to
reconfigure the NAT parameters.
Which of the following is true about the following figure?
A. A connection initiated by the client will be hidden behind the IP address of the exit interface.
B. A connection initiated by the server will be hidden behind the IP address of the exit interface.
C. A connection initiated by the server will be hidden by the IP address of the client.
D. Source addresses of outbound packets from the client will be translated to 0.0.0.0.
E. Source addresses of outbound packets from the server will be translated to 0.0.0.0.

Correct Answer: A QUESTION 165
Which if the following statements about Client Authentication are FALSE?
A. In contrast to User Authentication, which allows access per user, Client Authentication allows access per ID address.
B. Authentication is by user name and password, but is the host machine (client) that is granted access.
C. Client Authentication is more secure than User Authentication, because it allows multiple users and connections from an authorized IP address or host.
D. Client Authentication enables administration to grant access privileges to a specific IP address after successful authentication.

Correct Answer: C QUESTION 166
When you make a rule, the rule is not enforces as part of your Security Policy.
A. True
B. False

Correct Answer: B QUESTION 167
Which of the following user actions would you insert as an INTERNAL Authentication scheme?
A. The user enters the security dynamics passcode.
B. The user prompted for a response from the RADIUS server.
C. The user prompted for a response from the AXENT server.
D. The user prompted for a response from the TACACS server.
E. The user enters an operating system account password.

Correct Answer: E QUESTION 168
When configuring Static NAT, you cannot map the routable IP address to the external IP address of the Firewall if attempted, the security policy installation fails with the following error “rule X conflicts with rule Y”.
A. True
B. False

Correct Answer: A QUESTION 169
The advantage of client authentication is that it can be used for any number of connections and for any services, but authentication is only valid for a specified length of time.
A. True

B. False Correct Answer: B QUESTION 170
You have set up Static NAT on a VPN-1/Firewall-1 to allow Internet traffic to an internal web server. You notice that any HTTP attempts to that machine being dropped in the log due to rule 0. Which of the following is the most likely cause?
A. Spoofing on the internal interface us set to Network defined by Interface IP and Net Mask.
B. Spoofing on the external interface is set to Not Defined.
C. You do NOT have a rule that allows HTTP access to the internal Web Server.
D. You do NOT have a rule that allows HTTP from the Web Server to Any destination.
E. None of the above.

Correct Answer: C QUESTION 171
As a firewall administrator, you are required to create VPN-1/Firewall-1 users for authentication. When you create a user for user authentication, the data is stored in the?
A. Inspect Engine.
B. Rule base.
C. Users database
D. Rulebase fws file
E. Inspect module.

Correct Answer: C QUESTION 172
If users authenticated successfully, they have matched the User and Authentication rule restriction of the user group to which they belong.
A. True
B. False

Correct Answer: A QUESTION 173
The only way to unblock BLOCKED connections by deleting all the blocking rules from the Rule base.
A. True
B. False

Correct Answer: B QUESTION 174
When you perform a cp fetch, what can you expect from this command?
A. Firewall retrieves the user database from the tables on the Management Module.
B. Firewall retrieves the inspection code from the remote Management Module and installs it to the kernel.
C. Management module retrieves the IP address of the target specified in the command.
D. Management module retrieves the interface information for the target specified in the command.
E. None of the above.

Correct Answer: B QUESTION 175
Each incoming UDP packet is locked up in the list of pending connections. Packets are delivered if they are _________.
A. A request.
B. A response to a request.
C. Source routed.
D. Allowed by the Rule Base.
E. Both B and D.

Correct Answer: E
QUESTION 176
Assume an NT system. What is the default expiration for a Dynamic NAT connection NOT showing any TCP activity?
A. 30 Seconds.
B. 60 Seconds.
C. 330 Seconds.
D. 660 Seconds.
E. 3600 Seconds.

Correct Answer: E

Buying all CheckPoint 156-210 exam sample questions can guarantee you to pass your first CheckPoint 156-210 exam. If you do not pass the exam,FLYDUMPS will full refund to you. You can also free online download the part of FLYDUMPS’s CheckPoint 156-210 exam practice questions and answers as a try. After your understanding of our reliability, I believe you will quickly add FLYDUMPS’s CheckPoint 156-210 exam sample questions to your cart. FLYDUMPS will achieve your dream. FLYDUMPS is a website to achieve dreams of many IT people. FLYDUMPS provide candidates participating in the IT certification exams the information they want to help them pass the CheckPoint 156-210 exam.

Welcome to download the newest Examwind JN0-360 dumps: http://www.examwind.com/jn0-360.html

SAP C-HANATEC-1 Preparation Materials, Provides Best SAP C-HANATEC-1 Test Engine With 100% Pass Rate

CheckPoint 156-510 Exam Tests, Useful CheckPoint 156-510 Exam Download Is Your Best Choice

FLYDUMPS ensures the quality and value of the CheckPoint 156-510 exam sample questions, and one hundred percent pass the exam, let you can pass the CheckPoint 156-510 exam successfully in your first studying. In addition, Killtest provide you with high-quality CheckPoint 156-510exam sample questions to help you learn more about the CheckPoint 156-510 examination of information, learning more knowledge of the entire examination, complete your dream of entering the IT Dream. FLYDUMPS CheckPoint 156-510 exam sample questions are based on the actual template of CheckPoint 156-510 Exam. You will learn all the tactics and techniques in FLYDUMPS CheckPoint 156-510 exam sample questions.

QUESTION 127
What is the name of the traffic capture tool that is available on Unix platforms?
A. Network monitor
B. Snoop
C. Sniffer
D. Tcpdump
Correct Answer: B
QUESTION 128
When initially setting up high availability, where would you enable the high availability services?
A. The cpconfig utility
B. The fwstart script
C. The management server global properties screen
D. The gateway cluster properties screen
Correct Answer: A
QUESTION 129
What is true about hardening the operating system of a firewall gateway?
A. It is only necessary on a Solaris platform
B. It is necessary on both Solaris and NT platforms
C. It is not necessary
D. It is only necessary on an NT platform

Correct Answer: B QUESTION 130
What command would you use to initiate a packet capture on a Unix machine?
A. snoop -o filename
B. tcpdump -i filename
C. snoop -i filename
D. tcpdump -o filename

Correct Answer: A QUESTION 131
If you use the -a option in the “fw dbexport” command to export a subset of the possible user attributes. What happens if you import the exported file back into the FW-1 user database using the “fw import” command?
A. The database is merged with the subset database
B. You will get a warning, stating that you may delete part of your database
C. The process will error with no change to the original database
D. The database is overwritten with the subset database

Correct Answer: D QUESTION 132
How do you remake a connection between a management server and a firewall module, if not using backward compatibility?
A. Reboot
B. Bounce the management server
C. Remake the SIC connection
D. Remake the putkey association

Correct Answer: C QUESTION 133
What is true about the following command? snoop -i filename | more
A. The file named “filename” contains raw captured traffic
B. It analyses captured traffic
C. It will continue the display until it ends
D. It captures traffic

Correct Answer: AB QUESTION 134
When configuring automatic synchronization for HA management modules, which is NOT a valid trigger for the synchronization to take place?
A. When the policy is installed
B. When the policy is saved
C. Regularly after a specified period
D. When you log off the GUI client

Correct Answer: D
QUESTION 135
To create synchronization between gateways in NG, which file do you need to edit?
A. conf.sync
B. sync.conf
C. None
D. rulebases.fws

Correct Answer: C
QUESTION 136
When a primary gateway cluster member fails another will take over. When the primary recovers what is true?
A. The action depends on the configuration of the ClusterXL screen of the cluster properties
B. The primary always resumes primary function
C. The action depends on the configuration of the Cluster member gateway general properties
D. The primary will become a lower priority and not resume its primary function

Correct Answer: A
QUESTION 137
When exporting a checkpoint user database for importation to an LDAP server, what format should the output file take?
A. LDAP
B. Binary
C. LDIF
D. HTTP
Correct Answer: C
QUESTION 138
Which of the following are termed CPMAD global parameters?
A. MAD_Memory
B. MAD_syn_attack_action
C. MAD_number_of_connection_attempts
D. MAD_anti_spoofing_mode AC
Correct Answer: AC
QUESTION 139
What is true about the effects of configuring a high MAD_clean_interval in CPMAD?
A. It reduces CPU utilization
B. It increases CPU utilization
C. It decreases memory usage
D. It increases memory usage

Correct Answer: AD QUESTION 140
What is the meaning of the “collision” status when seen against a secondary management module?
A. Synchronization was attempted from both primary and secondary at the same time
B. The primary management module database lags behind the secondary
C. Both the primary and secondary management module have independently updated databases since the last synchronization
D. Synchronization has failed due to network problems

Correct Answer: C QUESTION 141
If you want to use information from a cpinfo file produced by a Windows platform, you first need to perform a series of operations to extract the file concerned. True or false?
A. False
B. True

Correct Answer: A QUESTION 142
What command would you use on a Solaris machine to increase the amount of memory allocated to the kernel to approximately 16Mbytes?
A. set fw:fwhmem=0x16
B. set fw:fwhmem=0x10
C. set fw:fwhmem=0x1000000
D. set fw:fwhmem=0x16000000

Correct Answer: C QUESTION 143
How would you specify the primary member of a gateway cluster?
A. On the gateway cluster properties screen select “cluster members”, then arrange priority sequence using the increase and decrease priority buttons
B. On the gateway cluster properties screen select “cluster members”, then select priority number (1 is the highest)
C. On the member gateway properties general screen arrange priority sequence using the increase and decrease priority buttons
D. On the member gateway properties general screen select priority number (1 is the highest)

Correct Answer: A QUESTION 144
Which debug option will gather information regarding the accept or drop action performed on traffic?
A. ioctl
B. packet
C. driver
D. kbuf

Correct Answer: B QUESTION 145
Which of the following files is held on a management module and cotains the whole rulebase?
A. rulebases_5_0.C
B. objects.C
C. objects_5_0.C
D. rulebases_5_0.fws

Correct Answer: D
QUESTION 146
In the peer status area of the high availability management module screen of the active server, there are defined status levels that can apply to a peer module. Which status implies that a secondary module has a later version of the database than the primary?
A. Advanced
B. Lagging
C. Collision
D. Never Synchronized

Correct Answer: A
QUESTION 147
On a Windows platform, you can enable VPN and IKE logging by setting an environment variable. What is the command to do that?
A. Setenv VPN_DEBUG 1
B. Setenv VPN_DEBUG 0
C. Set VPN_DEBUG=0
D. Set VPN_DEBUG=1

Correct Answer: D
QUESTION 148
To configure a fully overlapping encryption domain, what type of group(s) do you need to configure?
A. A group containing both gateways and all the networks they protect
B. A group containing both gateways only
C. A group containing all the networks that both gateways protect
D. Two groups, one containing both gateways and the networks that one protects. The other containing both gateways and the networks the other protects.

Correct Answer: A
QUESTION 149
What is the approximate memory requirement of a simple (I.e. not authenticated or encrypted) connection in VPN-1/FW-1?
A. 3 Kbytes
B. 70 bytes
C. 10 bytes
D. 1 Kbytes

Correct Answer: B
QUESTION 150
If you want to run the cpinfo utility to gather diagnostic information for a problematic enforcement module in a distributed system, what is true?
A. You should run cpinfo on the enforcement module only
B. You should run cpinfo on all the modules in the distributed system
C. You should run cpinfo on both the management and enforcement modules
D. You should run cpinfo on the management module only

Correct Answer: C QUESTION 151
Which two types of overlapping encryption domains are supported by FW-1?
A. Partial overlap
B. Full overlap
C. Proper subset
D. Partial subset

Correct Answer: BC QUESTION 152
Which is NOT a valid log file maintained on the SecuRemote client?
A. sr_watchdog_tde.log
B. sr_service_<serial number>.log
C. sr_background_tde.log
D. sr_gui_tde.log

Correct Answer: C QUESTION 153
Which debug option will gather information about input/output control messages, such as loading of FW-1 or kernel to daemon communications?
A. kbuf
B. ioctl
C. misc
D. driver

Correct Answer: B QUESTION 154
It is not possible to use two gateways running a standalone installation in an MEP environment. True or false?
A. False
B. True

Correct Answer: B QUESTION 155
How would you use a policy editor gui in local mode when using FW-1 NG FP-2?
A. Enter *local in the “management server” box of the GUI login screen
B. Check the “demo mode” box of the GUI login screen
C. Enter demo_mode in the “management server” box of the GUI login screen
D. Enter *local in the “user name” box of the GUI login screen

Correct Answer: AB QUESTION 156
How would you restart CPMAD on a firewall?
A. $FWDIR/conf/fwstart
B. $FWDIR/bin/cpmad
C. $FWDIR/cpmad/fwstart
D. $FWDIR/bin/fwstart

Correct Answer: D QUESTION 157
What is used by FW-1 to create a SIC certificate?
A. External CA
B. Putkey
C. LDAP
D. Internal CA

Correct Answer: D QUESTION 158
How would you find more information about the “fw tab” options?
A. fw tab help
B. fw tab -h
C. fw tab -?
D. fw tab options -h

Correct Answer: B QUESTION 159
What is contained in the rulebases.fws file?
A. Auditing information
B. All rulebases
C. All rulebases plus auditing information
D. Only the rulebase from the last load

Correct Answer: B QUESTION 160
When using management high availability, you can synchronize from the primary or secondary management server. True or false?
A. False
B. True

Correct Answer: A QUESTION 161
On a SecuRemote client, in which directory are the log files located?
A. $CPDIR/log
B. $SCDIR/log
C. $SRDIR/log
D. $FWDIR/log

Correct Answer: C QUESTION 162
If you were having problems with a CVP server, you may want to capture traffic to and from the server. What could you do to get this information?
A. Run “fw monitor” for port 18182 on the interface connected to the management server
B. Run “fw monitor” for port 18182 on the interface connected to the CVP server
C. Run “fw monitor” for port 18181 on the interface connected to the management server
D. Run “fw monitor” for port 18181 on the interface connected to the CVP server

Correct Answer: D
QUESTION 163
When using backward compatibility, what is true?
A. It restricts inter-module communications to the putkey method
B. It allows the management of 4.1 gateways
C. It restricts inter-module communication to the SIC method
D. It allows the use of the old putkey function

Correct Answer: BD
QUESTION 164
Why would you disable NetBEUI on a FW-1 Windows Platform?
A. It can cause FW-1 to crash
B. It clashes with internal FW-1 protocols
C. It is an inefficient protocol
D. It is a security risk
Correct Answer: D
QUESTION 165
What does “resolver_ttl” do in relation to SecuRemote configuration?
A. Specifies the interval in seconds between RDP status queries
B. Specifies that RDP status queries are sent automatically
C. Specifies the number of seconds that a Securemote client waits for a reply to a RDP status query
D. Controls the time to live when accessing a DNS server
Correct Answer: C

By the use of CheckPoint 156-510 exam sample questions along with most relevant CheckPoint 156-510 questions and answers as they are an ideal study tool to pass CheckPoint 156-510 test in very first try. FLYDUMPS CheckPoint 156-510 exam sample questions are developed by our team of IT experts. Send us a scanned copy of your failed exam and we will promptly proceed to refund. The last package which is certainly not the least but a royal pack, which can give you full preparation on the subject and provide you 100 per cent guarantee of clearing the CheckPoint 156-510 exam sample questions. We are all well aware that a major problem in the IT industry is that there is a lack of quality questions answers.

Checkpoint 156-215 Dumps, First-hand Checkpoint 156-215 Exam Online Shop

Not only will you be given theoretical, but also given practical labs which will give you even more practice than before. Our site offers you a comprehensive look at the best prospects available in Checkpoint 156-215 exam sample questions throughout the Industry. The Checkpoint 156-215 exam sample questions offered by FLYDUMPS is very comprehensive and covers all exam questions that need to be covered to pass the Checkpoint 156-215 exam. Professionals and experts at FLYDUMPS are very dedicated and they prepare Checkpoint 156-215 exam sample questions with great effort. In our Checkpoint 156-215 exam sample questions you will the accurate and up-to-date information.

QUESTION 119
You create implicit and explicit rules for the following network. The group object “internal-networks” include networks 10.10.10.0 and 10.10.20.0. Assume “Accept ICMP requests” is enabled as before last in the Global Properties.

Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet, by IP address? ICMP will be:
A. dropped by rule 0
B. dropped by rule 2, the Cleanup Rule
C. accepted by rule 1
D. dropped by the last implicit rule
E. accepted by the implicit rule

Correct Answer: C
QUESTION 120
What does schema checking do?
A. Authenticates users attempting to access resources protected by an NGX Security Gateway.
B. Verifies that every object class, and its associated attributes, is defined in the directory schema.
C. Maps LDAP objects to objects in the NGX objects_5_0.c files.
D. Verifies the Certificate Revocation List for Certificate Validity.
E. Provides topology downloads for SecuRemote and SecureClient users authenticated by an LDAP server.

Correct Answer: B
QUESTION 121
Jill is about to test some rule and object changes suggested in an NGX newsgroup. Which backup and restore solution should Jill use, to ensure she can most easily restore her Security Policy to its previous configuration, after testing the changes?
A. SecurePlatform backup utilities
B. Manual copies of the $FWDIR/conf directory
C. Upgrade_export and upgrade_import commands
D. Policy Package management
E. Database Revision Control

Correct Answer: E
QUESTION 122
You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule
A. internalclear>All-GwToGw
B. Communities>Communities
C. Internalclear>ExternalClear
D. Internalclear>Communities
E. Internalclear>Allcommunities

Correct Answer: E
QUESTION 123
Review the following rules and note the Client Authentication Action properties screen, as shown in the
exhibit.
After being authenticated by the Security Gateway when a user starts an HTTP connection to a Web site
the user tries to FTP to another site using the command line. What happens to the user?
The….

A. FTP session is dropprd by the implicit Cleanup Rule.
B. User is prompted from the FTP site only, and does not need to enter username nad password for the Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication by the Security Gateway again.

Correct Answer: B
QUESTION 124
What is the command to see the licenses of the Security Gateway Certkiller from your SmartCenter Server?
A. print Certkiller
B. fw licprint Certkiller
C. fw tab -t fwlic Certkiller
D. cplic print Certkiller
E. fw lic print Certkiller
Correct Answer: D
QUESTION 125
Ophelia is the security Administrator for a shipping company. Her company uses a custom application to update the distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateways Rule Base includes a rule to accept this traffic. Ophelia needs to be notified, via atext message to her cellular phone, whenever traffic is accepted on this rule. Which of the following options is MOST appropriate for Ophelia’s requirement?
A. User-defined alert script
B. Logging implied rules
C. SmartViewMonitor
D. Pop-up API
E. SNMP trap

Correct Answer: A
QUESTION 126
Which of the following is the final step in an NGXbackup?
A. Test restoration in a non-production environment, using the upgradeimport command
B. Move the *.tgz file to another location
C. Run the upgradeexport command
D. Copy the conf directory to another location
E. Run the cpstop command

Correct Answer: B
QUESTION 127
Which mechanism is used to export Check Point logs to third party applications?
A. OPSE
B. CPLogManager
C. LEA
D. SmartViewTracker
E. ELA

Correct Answer: C
QUESTION 128
In NGX, what happens if a Distinguished Name (ON) is NOT found in LADP?
A. NGX takes the common-name value from the Certificate subject, and searches the LADP account unit for a matching user id
B. NGX searches the internal database for the username
C. The Security Gateway uses the subject of the Certificate as the ON for the initial lookup
D. If the first request fails or if branches do not match, NGX tries to map the identity to the user id attribute
E. When users authenticate with valid Certificates, the Security Gateway tries to map the identities with users registered in the extemal LADP user database
Correct Answer: D
QUESTION 129
Which command allows you to view the contents of an NGX table?
A. fw tab -s <tablename>-
B. fw tab -t <tablename>-
C. fw tab -u <tablename>-
D. fw tab -a <tablename>-
E. fw tab -x <tablename>-

Correct Answer: B QUESTION 130
The following is cphaprobstate command output from a New Mode High Availability cluster member:

Which machine has the highest priority?
A. 192.168.1.2,since its number is 2
B. 192.168.1.1,because its number is 1
C. This output does not indicate which machine has the highest priority
D. 192.168.1.2, because its state is active

Correct Answer: B
QUESTION 131
What do you use to view an NGX Security Gateway’s status, including CPU use, amount of virtual memory, percent of free hard-disk space, and version?
A. SmartLSM
B. SmartViewTracker
C. SmartUpdate
D. SmartViewMonitor
E. SmartViewStatus

Correct Answer: D
QUESTION 132
Which of the following commands is used to restore NGX configuration information?
A. cpcontig
B. cpinfo-i
C. restore
D. fwm dbimport
E. upgradeimport

Correct Answer: E
QUESTION 133
Which of the following commands shows full synchronizalion status?
A. cphaprob -i list
B. cphastop
C. fw ctl pstat
D. cphaprob -a if
E. fw hastat
Correct Answer: C
QUESTION 134
Which VPN Community object is used to configure VPN routing within the SmartDashboard?
A. Star
B. Mesh
C. Remote Access
D. Map

Correct Answer: A
QUESTION 135
If you are experiencing LDAP issues, which of the following should you check?
A. Secure lnternal Cornrnunicalions(SIC)
B. VPN tunneling
C. Overlapping VPN Domains
D. NGX connectivity
E. VPN Load Balancing

Correct Answer: D
QUESTION 136
Which operating system is not supported byVPN-1 SecureClient?
A. IPS0 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 7 0
E. MacOS X

Correct Answer: A
QUESTION 137
Which Check Point QoS feature issued to dynamically allocate relative portions of available bandwidth?
A. Guarantees
B. Differentiated Services
C. Limits
D. Weighted Fair Queueing
E. Low Latency Queueinq

Correct Answer: D
QUESTION 138
You are running a VPN-1 NG with Application Intelligence R54 SecurePlatform VPN-1 Pro Gateway. The Gateway also serves as a Policy Server. When you run patch add cd from the NGX CD, what does this command allow you to upgrade?
A. Only VPN-1 Pro Security Gateway
B. Both the operating system (OS) and all Check Point products
C. All products, except the Policy Server
D. On~ the patch utility is upgraded using this command
E. Only the OS

Correct Answer: B
QUESTION 139
Amanda is compiling traffic statistics for Certkiller .com’s Internet activity during production hours. How could she use SmartView Monitor to find this information? By
A. using the “Traffic Counters” settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day
B. -monitoring each specific user’s Web traffic use.
C. Viewing total packets passed through the Security Gateway
D. selecting the “Tunnels” view, and generating a report on the statistics
E. configuring a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway

Correct Answer: A
QUESTION 140
Certkiller is the Security Administrator for a software-development company. To isolate the corporate network from the developer’s network, Certkiller installs an internal Security Gateway. Jack wants to optimize the performance of this Gateway. Which of the following actions is most likely to improve the Gateway’s performance?
A. Remove unused Security Policies from Policy Packages
B. Clear all Global Properties check boxes, and use explicit rules
C. Use groups within groups in the manual NAT Rule Base
D. Put the least-used rules at the top of the Rule Base
E. Use domain objects in rules, where possible

Correct Answer: A
QUESTION 141
Certkiller is the Security Administrator for a chain of grocery stores. Each grocery store is protected by a Security Gateway. Certkiller is generating a report for the information-technology audit department. The report must include the name of the Security Policy installed on each remote Security Gateway, the date and time the Security Policy was installed, and general performance statistics (CPU Use, average CPU time, active real memory, etc.). Which SmartConsole application should Certkiller use to gather this information?
A. SmartUpdate
B. SmartView Status
C. SmartView Tracker
D. SmartLSM
E. SmartView Monitor

Correct Answer: E
QUESTION 142
How can you reset Secure Internal Communications (SIC) between a SmartCenter Server and Security Gateway?
A. Run the command fwm sicreset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security-Gateway from SmartDashboard
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the actrvation key Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC)
C. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of SmartCenter Server>-.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of security Gateway>-.
E. Re-install the Security Gateway
Correct Answer: B QUESTION 143
Which NGX feature or command allows Security Administrators to revert to earlier versions of the Security Policy without changing object configurations?
A. upgradeexport/upgradeimport
B. Policy Package management
C. fwm dbexport/fwm dbimport
D. cpconfig
E. Database Revision Control

Correct Answer: B
QUESTION 144
Certkiller is the Security Administrator for Certkiller .com’s large geographically distributed network. The internet connection at one of her remote sites failed during the weekend, and the Security Gateway logged locally for over 48 hours. Certkiller is concerned that the logs may have consumed most of the free space on the Gateway’s hard disk. Which SmartConsole application should Certkiller use, to view the percent of free hard-disk space on the remote Security Gateway?
A. SmartView Status
B. SmartView Tracker
C. SmartUpdate
D. SmartView Monitor
E. SmartLSM

Correct Answer: D
QUESTION 145
Certkiller is recently hired as the Security Administrator for a public relations company. Certkiller’s manager has asked her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Certkiller must propose a plan based on the following required and desired results Required Result #1: Do not purchase new hardware Required Result #2: Use configuration changes that do not reduce security Desired Result #1: Reduce the number of explicit rules in the Rule Base Desired Result #2: Reduce the volume of logs Desired Result #3: Improve the Gateway’s performance Proposed Solution: Certkiller recommends the following changes to the Gateway’s configuration:
1.
Replace all domain objects with network and group objects.

2.
Stop logging Domain Name over UDP (queries)

3.
Use Global Properties, instead of explicit rules, to control ICMP. VRRP, and RIP. Does Certkiller’s proposed solution meet the required and desired result s?
A. The solution meets the required results, and two of the desired results
B. The solution does not meet the required results
C. The solution meets all required results, and none of the desired results
D. The solution meets all required and desired results
E. The solution meets the required results, and one of the desired results
Correct Answer: A
QUESTION 146
What is a Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and SmartDefense Policies
B. The specific Policy used by Eventia Reporter to configure log-management practices
C. The state of the Policy once installed on a Security Gateway
D. A Policy created by Eventia Reporter to generate logs
E. The collective name of the logs generated by Eventia Reporter

Correct Answer: B
QUESTION 147
To change an existing ClusterXL cluster object from Multicast to Unicast mode, what configuration change must be made?
A. Change the cluster mode to Unicast on the cluster object Reinstall the Security Policy
B. Reset Secure Internal Communications (SIC) on the cluster-member objects. Reinstall the Security Policy
C. Run cpstop and cpstart, to reenable High Availability on both objects. Select Pivot mode in cpconfig
D. Change the cluster mode to Unicast on the cluster-member object
E. Switch the internal network’s default Security Gateway to the pivot machine’s IP address
Correct Answer: A

Checkpoint 156-215 exam from FLYDUMPS will certainly assist you in gaining the knowledge and experience needed to study. Many of our customers claim that the Checkpoint 156-215 exam included in our study guide are a great compliment to already popular CCB-400 exam sample questions. FLYDUMPS Checkpoint 156-215 exam can guarantee that combined with proper effort, Checkpoint 156-215 exam questions will certainly boost your chance of passing the Checkpoint 156-215 exam. FLYDUMPS Checkpoint 156-215 exam follows the same syllabus followed by actual Checkpoint 156-215 certification exam, we also constantly upgrade our Checkpoint 156-215 exam so you always get the best and updated information.

CheckPoint 156-215 Dumps PDF, Best Quality CheckPoint 156-215 Demo Free Download Online Shop

Because CheckPoint 156-215 exam has changed recently,Flydumps presents the new version of CheckPoint 156-215 exam practice test, which helps candidates to pass the CheckPoint 156-215 exam easily.The exam dumps covers all aspect of CheckPoint 156-215 exam.You can visit our website to free CheckPoint 156-215 exam download the New Version VCE Player.

QUESTION 106
A Security Policy has several database versions. What configuration remains the same no matter which version is used?
A. Objects_5_0.C
B. fwauth.NDB
C. Rule Bases_5_0.fws
D. Internal Certificate Authority (ICA) certificate

Correct Answer: D QUESTION 107
You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do?
A. Create network objects that restrict all applicable rules to only certain networks.
B. Run separate SmartConsole instances to login and configure each Security Gateway directly.
C. Create a separate Security Policy package for each remote Security Gateway.
D. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.

Correct Answer: C QUESTION 108
Which rules are not applied on a first-match basis?
A. Client Authentication
B. Session Authentication
C. User Authentication
D. Cleanup

Correct Answer: C QUESTION 109
Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?
A. All connections are reset, so a policy install is recommended during announced downtime only.
B. Users being authenticated by Client Authentication have to re-authenticate.
C. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.
D. All FTP downloads are reset; users have to start their downloads again.

Correct Answer: B QUESTION 110
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are
defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule.
D. A Rule Base can always be installed on any Check Point firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C
QUESTION 111
A ___________ rule is used to prevent all traffic going to the R75 Security Gateway.
A. Cleanup
B. Stealth
C. Reject
D. IPS

Correct Answer: B
QUESTION 112
In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy > Global Properties > FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to communicate to the Security Gateway on port __________.
A. 259
B. 256
C. 80
D. 900

Correct Answer: B
QUESTION 113
To check the Rule Base, some rules can be hidden so they do not distract the administrator from the unhidden rules. Assume that only rules accepting HTTP or SSH will be shown. How do you accomplish this?
A. This cannot be configured since two selections (Service, Action) are not possible.
B. Ask your reseller to get a ticket for Check Point SmartUse and deliver him the Security Management Server cpinfo file.
C. In SmartDashboard menu, select Search > Rule Base Queries. In the window that opens, create a new Query, give it a name (e.g. “HTTP_SSH”) and define a clause regarding the two services HTTP and SSH. When having applied this, define a second clause for the action Accept and combine them with the Boolean operator AND.
D. In SmartDashboard, right-click in the column field Service > Query Column. Then, put the services HTTP and SSH in the list. Do the same in the field Action and select Accept here.
Correct Answer: C
QUESTION 114
What CANNOT be configured for existing connections during a policy install?
A. Reset all connections
B. Re-match connections
C. Keep all connections
D. Keep data connections
Correct Answer: A QUESTION 115
What is the purpose of a Stealth Rule?
A. To permit implied rules.
B. To drop all traffic to the management server that is not explicitly permitted.
C. To prevent users from connecting directly to the gateway.
D. To permit management traffic.

Correct Answer: C QUESTION 116
Which of these Security Policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible.
B. Using domain objects in rules when possible.
C. Using groups within groups in the manual NAT Rule Base.
D. Putting the least-used rule at the top of the Rule Base.

Correct Answer: A QUESTION 117
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:Required:
Allow only network 192.168.10.0 and 192.168.20.0 to go out to Internet, using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assume you enable all the settings in the NAT page of Global Properties.
How do you achieve this requirement?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter
200.200.200.5 as the hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group object. Create a manual NAT rule like the following: Original source -groupobject; Destination – any; Service – any; Translated source – 200.200.200.5; Destination -original; Service – original.

Correct Answer: C
QUESTION 118
Because of pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?
A. Allow bi-directional NAT is not checked in Global Properties.
B. Translate destination on client side is not checked in Global Properties under Manual NAT Rules.
C. Manual NAT rules are not configured correctly.
D. Routing is not configured correctly.

Correct Answer: B
QUESTION 119
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Two, one for outbound, one for inbound
B. Only one, inbound
C. Only one, outbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection

Correct Answer: C
QUESTION 120
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?
A. Translates many source IP addresses into one source IP address
B. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
C. Translates many destination IP addresses into one destination IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Correct Answer: A
QUESTION 121
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Source
B. Static Destination
C. Dynamic Destination
D. Hide

Correct Answer: D
QUESTION 122
NAT can NOT be configured on which of the following objects?
A. Host
B. HTTP Logical Server
C. Address Range
D. Gateway

Correct Answer: B
QUESTION 123
Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?
A. Hide Address Translation
B. Static Destination Address Translation
C. Port Address Translation
D. Dynamic Source Address Translation

Correct Answer: B
QUESTION 124
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet. What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
B. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
C. Place a static host route on the firewall for the valid IP address to the internal Web server.
D. Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.

Correct Answer: D
QUESTION 125
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by antispoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.
C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.
D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.
Correct Answer: D
QUESTION 126
Which NAT option applicable for Automatic NAT applies to Manual NAT as well?
A. Translate destination on client-side
B. Enable IP Pool NAT
C. Allow bi-directional NAT
D. Automatic ARP configuration

Correct Answer: A
QUESTION 127
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure Automatic Static NAT on network 10.10.20.0/24.
B. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule.
C. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24.
D. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service.

Correct Answer: C
QUESTION 128
You have three servers located in a DMZ, using private IP addresses. You want internal users from 10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.

What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?
A. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers.
B. When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface.
C. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.
D. When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ’s
interface. Correct Answer: C QUESTION 129 An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of ____________.
A. None of these
B. source NAT
C. destination NAT
D. client side NAT

Correct Answer: B QUESTION 130
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the _________.
A. source on client side
B. source on server side
C. destination on client side
D. destination on server side

Correct Answer: C QUESTION 131
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. A static route for the NAT IP must be added to the Gateway’s upstream router.
B. Automatic ARP must be unchecked in the Global Properties.
C. Nothing else must be configured.
D. A static route must be added on the Security Gateway to the internal host.

Correct Answer: D QUESTION 132
When translation occurs using automatic Hide NAT, what also happens?
A. The destination port is modified.
B. Nothing happens.
C. The destination is modified.
D. The source port is modified.

Correct Answer: D QUESTION 133
The fw monitor utility is used to troubleshoot which of the following problems?
A. Address translation
B. Log Consolidation Engine
C. User data base corruption
D. Phase two key negotiation

Correct Answer: A
QUESTION 134
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

A. This is an example of Hide NAT.
B. This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.
C. There is not enough information provided in the Wireshark capture to determine the NAT settings.
D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Correct Answer: D
QUESTION 135
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. VLAN tagging cannot be defined for any hosts protected by the Gateway.
B. The Security Gateway’s ARP file must be modified.
C. It is not necessary to add a static route to the Gateway’s routing table.
D. It is necessary to add a static route to the Gateway’s routing table.

Correct Answer: C

Each Answers in CheckPoint 156-215 study guides are checked by the concerned professional to provide you the best quality dumps. If you are looking to get certified in short possible time, you will never find quality product than Flydumps.com.

CheckPoint 156-215 Dumps PDF, Best Quality CheckPoint 156-215 Demo Free Download Online Shop

Checkpoint 156-215 Dumps, Helpful Checkpoint 156-215 PDF Exams With 100% Pass Rate

 

Where to free download the new Checkpoint 156-215 exam questions to pass the exam easily? Now,Flydumps has publised the new version of Checkpoint 156-215 exam dumps with new added exam questions.you can also get free VCE and PDF, and the new Checkpoint 156-215 practice tests ensure your exam 100% pass. Visit Flydumps.com to get the 100% pass ensure!

QUESTION 74
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.

Correct Answer: C
QUESTION 75
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.
D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.

Correct Answer: C
QUESTION 76
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. cthtool
B. ifconfig a
C. eth_set
D. mii_tool

Correct Answer: C
QUESTION 77
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. clish -c set routing active enable
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd on admin

Correct Answer: D QUESTION 78
Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.
A. I
B. O
C. o
D. i

Correct Answer: B QUESTION 79
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?
A. fw monitor -e “accept;” > /tmp/monitor.txt
B. fw monitor -e “accept;” -f > /tmp/monitor.txt
C. fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D. fw monitor -e “accept;” -w /tmp/monitor.txt

Correct Answer: A QUESTION 80
The button Get Address, found on the Host Node Object > General Properties page, will retrieve what?
A. The domain name
B. The fully qualified domain name
C. The Mac address
D. The IP address

Correct Answer: D QUESTION 81
When you change an implicit rule’s order from last to first in global properties, how do you make the change take effect?
A. Select save from the file menu
B. Reinstall the security policy
C. Select install database from the policy menu
D. Run fw fetch from the security gateway

Correct Answer: B QUESTION 82
You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is enabled as Before last in Global Properties.
Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet by IP address? ICMP will be:
A. dropped by rule 0.
B. dropped by rule 2, the Cleanup Rule.
C. accepted by rule 1.
D. dropped by the last Implicit rule.

Correct Answer: C QUESTION 83
Anti-Spoofing is typically set up on which object type?
A. Host
B. Domain
C. Network
D. Security Gateway

Correct Answer: D QUESTION 84
Spoofing is a method of:
A. Hiding your firewall from unauthorized users.
B. Disguising an illegal IP address behind an authorized IP address through port address Translation.
C. Making packets appear as if they come from an authorized IP address
D. Detecting people using false or wrong authentication logins.

Correct Answer: C QUESTION 85
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.

Correct Answer: B QUESTION 86
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215.75 Exam You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.
5) Install the security policy.
A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5

Correct Answer: B
QUESTION 87
You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message:
What is the reason for this behavior?
A. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup / Initialize).
B. The Gateway was not rebooted, which is necessary to change the SIC key.
C. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Correct Answer: C
QUESTION 88
Which rule should be the Cleanup Rule in the Rule Base?
A. Last. It serves a logging function before the implicit drop.
B. Last, it explicitly drops otherwise accepted traffic
C. Before last followed by the Stealth Rule.
D. First, it explicitly accepts otherwise dropped traffic.
Correct Answer: A
QUESTION 89
What are the two basic rules which should be used by all Security Administrators?
A. Administrator Access and Stealth rules
B. Cleanup and Administrator Access rules
C. Network Traffic and Stealth rules
D. Cleanup and Stealth rules
Correct Answer: D
QUESTION 90
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Use the search utility in SmartDashboard to view all hidden rules Select the relevant rule and click Disable Rule(s).
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
D. Hidden rules are already effectively disabled from Security Gateway enforcement.

Correct Answer: C QUESTION 91
A Stealth rule is used to:
A. Use the Security Gateway to hide the border router from internal attacks.
B. Cloak the type of Web server in use behind the Security Gateway.
C. Prevent communication to the Security Gateway itself.
D. Prevent tracking of hosts behind the Security Gateway.

Correct Answer: C QUESTION 92
A Clean-up rule is used to:
A. Drop without logging connections that would otherwise be dropped and logged fry default
B. Log connections that would otherwise be accepted without logging by default.
C. Log connections that would otherwise be dropped without logging by default.
D. Drop without logging connections that would otherwise be accepted and logged by default

Correct Answer: C QUESTION 93
Which statement is TRUE about implicit rules?
A. They are derived from Global Properties and explicit object properties.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. You create them in SmartDashboard.
D. Changes to the Security Gateway’s default settings do not affect implicit rules.

Correct Answer: A QUESTION 94
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. First
B. Before Last
C. Last
D. After Stealth Rule

Correct Answer: C QUESTION 95
In a distributed management environment, the administrator has removed all default check boxes from the Policy / Global Properties / Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 259
B. 257
C. 900
D. 256

Correct Answer: B QUESTION 96
Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

A. Nothing at all
B. Modify the Source or Destination columns in Rule 4
C. Remove the service HTTPS from the Service column in Rule A
D. Modify the VPN column in Rule 2 to limit access to specific traffic

Correct Answer: D
QUESTION 97
A Security Policy has several database versions. What configuration remains the same no matter which version is used?
A. Rule Bases_5_0.fws
B. Internal Certificate Authority (ICA) certificate
C. Fwauth.NDB
D. Objects_5_0.C

Correct Answer: B
QUESTION 98
You are working with multiple Security Gateways that enforce a common set of rules. To minimize the number of policy packages, which one of the following would you choose to do?
A. Install a separate local Security Management Server and SmartConsole for each remote Security Gateway.
B. Create a separate Security Policy package for each remote Security Gateway and specify Install On / Gateways.
C. Create a single Security Policy package with Install On / Target defined whenever a unique rule is required for a specific Gateway.
D. Run separate SmartDashbord instance to login and configure each Security Gateway directly.

Correct Answer: C QUESTION 99
Which rules are not applied on a first-match basis?
A. Cleanup
B. User Authentication
C. Session Authentication
D. Client Authentication

Correct Answer: B QUESTION 100
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard main menu go to Policy / Policy Installation / Targets and select the correct firewall to be put into the list via Specific Targets.
D. A Rule Base can always be installed on any Check Point firewall object It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C QUESTION 101
Which of these security policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible
B. Putting the least-used rule at the top of the Rule Base
C. Using groups within groups in the manual NAT Rule Base
D. Using domain objects in rules when possible

Correct Answer: A QUESTION 102
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows: RequireD. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.

200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add and ARP entry for 200.200.200.5 for the MAC “Pass Any Exam. Any Time.”
-www.actualtests.com 58
Checkpoint 156-215.75 Exam
address of 200.200.200.3.

B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24. and 192.168.20.0/24. Add the two network objects. Create a manual NAT rule like the following Original source group object; Destination any Service -any, Translated source 200.200.200.5; Destination original, Service original.

Correct Answer: C
QUESTION 103
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Only one, outbound
B. Two, one for outbound, one for inbound
C. Only one, inbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection
Correct Answer: A QUESTION 104
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?
A. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
B. Translates many destination IP addresses into one destination IP address
C. Translates many source IP addresses into one source IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Correct Answer: C
QUESTION 105
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Destination
B. Hide
C. Dynamic Destination
D. Static Source

Correct Answer: B
QUESTION 106
NAT can be implemented on which of the following lists of objects?
A. Host, Network
B. Host, User
C. Domain, Network
D. Network, Dynamic Object

Correct Answer: A
QUESTION 107
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the external interface of the firewall and the Internet. What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Place a static host route on the firewall for the valid IP address to the internal Web server.
B. Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.
C. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
D. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.

Correct Answer: B
QUESTION 108
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External.Change topology to Others +.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External
C. The Global Properties setting Translate destination on client side is checked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Uncheck the Global Properties setting Translate destination on client side
D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

Correct Answer: D
QUESTION 109
Which NAT option applicable for Automatic NAT applies to Manual NAT as well?
A. Allow bi-directional NAT
B. Automatic ARP configuration
C. Enable IP Pool NAT
D. Translate destination on client-side

Correct Answer: D
QUESTION 110
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service
B. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24
C. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule
D. Configure Automatic Static NAT on network 10.10.20.0/24
Correct Answer: B
QUESTION 111
You have three servers located in a DMZ, using private IP addresses. You want internal users from
10.10.10.x
to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.

A.
When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers

B.
When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.

C.
When connecting to internal network 10 10.10 x. configure Hide NAT for the DMZ servers.

D.
When connecting to the internal network 10.10.10x, configure Hide Nat for the DMZ network behind the DMZ interface of the Security Gateway
What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?
Correct Answer: B
QUESTION 112
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the_________.
A. source on client side
B. destination on server side
C. destination on client side
D. source on server side

Correct Answer: C
QUESTION 113
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. Automatic ARP must be unchecked in the Global Properties.
B. A static route must be added on the Security Gateway to the internal host.
C. Nothing else must be configured.
D. A static route for the NAT IP must be added to the Gateway’s upstream router.
Correct Answer: B
QUESTION 114
When translation occurs using automatic Hide NAT, what also happens?
A. Nothing happens.
B. The source port is modified.
C. The destination port is modified.
D. The destination is modified.

Correct Answer: B
QUESTION 115
The fw monitor utility is used to troubleshoot which of the following problems?
A. Phase two key negotiation
B. User data base corruption
C. Address translation
D. Log Consolidation Engine

Correct Answer: C
QUESTION 116
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

A. There is not enough information provided in the Wireshark capture to determine NAT settings.
B. This is an example hide NAT.
C. There is an example of Static NAT and translate destination on client side unchecked in Global Properties.
D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Correct Answer: D
QUESTION 117
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. It is necessary to add a static route to the Gateway’s routing table.
B. The Security Gateway’s ARP file must be modified.
C. It is not necessary to add a static route to the Gateway’s routing table.
D. VLAN tagging cannot be defined for any hosts protected by the Gateway.

Correct Answer: C QUESTION 118
Static NAT connections, by default, translate on which firewall kernel inspection point?
A. Post-inbound
B. Eitherbound
C. Inbound
D. Outbound

Correct Answer: C QUESTION 119
In a Hide NAT connection outbound, which portion of the packet is modified?
A. Source IP address and destination port
B. Destination IP address and destination port
C. Source IP address and source port
D. Destination IP address and destination port

Correct Answer: C QUESTION 120
You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the order of the rules if both methods are used together? Give the best answer.
A. The Administrator decides on the order of the rules by shifting the corresponding rules up and down.
B. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range
C. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range
D. The position of the rules depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Correct Answer: B QUESTION 121
Which answers are TRUE? Automatic Static NAT CANNOT be used when: i) NAT decision is based on the destination port ii) Source and Destination IP both have to be translated iii) The NAT rule should only be installed on a dedicated Gateway only iv) NAT should be performed on the server side
A. (i), (ii), and (iii)
B. (i), and (ii)
C. (ii) and (iv)
D. only (i)

Correct Answer: D QUESTION 122
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue?
A. The packet has been sent out through a VPN tunnel unencrypted.
B. An IPSO ACL has blocked the outbound passage of the packet.
C. A SmartDefense module has blocked the packet
D. It is an issue with NAT

Correct Answer: D
QUESTION 123
A marketing firm’s networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Status
C. SmartView Monitor
D. SmartDashboard

Correct Answer: D
QUESTION 124
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together

Correct Answer: D
QUESTION 125
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules
Correct Answer: B

Flydumps.com provides you with the most reliable practice exams to master Checkpoint 156-215 Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These test questions provide you with the experience of taking the Checkpoint 156-215 actual test.

Checkpoint 156-215 Dumps, Helpful Checkpoint 156-215 PDF Exams With 100% Pass Rate

CheckPoint 156-215 Study Guide, Real CheckPoint 156-215 Exam Cost On Our Store

[The Newest Dumps] Real CheckPoint 156-215 exam dumps revised by experts, they were updated with the change of the Software Certifications CSQA,covering all the whole aspects of CheckPoint 156-215 exam. Just have a training of Flydumps CheckPoint 156-215 exam questions to guarantee your 100% pass.

QUESTION 135
In a distributed management environment, the administrator has removed all default check boxes from the Policy / Global Properties / Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 259
B. 257 “Pass Any Exam. Any Time.” – www.actualtests.com 54 Checkpoint 156-215.75 Exam
C. 900
D. 256

Correct Answer: B
QUESTION 136
Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

A. Nothing at all
B. Modify the Source or Destination columns in Rule 4
C. Remove the service HTTPS from the Service column in Rule A
D. Modify the VPN column in Rule 2 to limit access to specific traffic

Correct Answer: D
QUESTION 137
A Security Policy has several database versions. What configuration remains the same no matter which version is used?
A. Rule Bases_5_0.fws “Pass Any Exam. Any Time.” – www.actualtests.com 55 Checkpoint 156-215.75 Exam
B. Internal Certificate Authority (ICA) certificate
C. Fwauth.NDB
D. Objects_5_0.C

Correct Answer: B
QUESTION 138
You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify Security administration, which one of the following would you choose to do?
A. Create a separate Security Policy package for each remote Security Gateway
B. Run separate SmartConsole instances to login and configure each Security Gateway directly
C. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
D. Create network objects that restrict all applicable rules to only certain networks

Correct Answer: A
QUESTION 139
You are working with multiple Security Gateways that enforce a common set of rules. To minimize the number of policy packages, which one of the following would you choose to do?
A. Install a separate local Security Management Server and SmartConsole for each remote Security Gateway.
B. Create a separate Security Policy package for each remote Security Gateway and specify Install On / Gateways.
C. Create a single Security Policy package with Install On / Target defined whenever a unique rule is required for a specific Gateway.
D. Run separate SmartDashbord instance to login and configure each Security Gateway directly.

Correct Answer: C
QUESTION 140
Which rules are not applied on a first-match basis?
“Pass Any Exam. Any Time.” – www.actualtests.com 56 Checkpoint 156-215.75 Exam
A. Cleanup
B. User Authentication
C. Session Authentication
D. Client Authentication
Correct Answer: B
QUESTION 141
Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?
A. Users being authenticated by Client Authentication have to re-authenticate.
B. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.
C. All FTP downloads are reset; users have to start their downloads again.
D. All connections are reset, so a policy install is recommended during announced downtime only.

Correct Answer: A QUESTION 142
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard main menu go to Policy / Policy Installation / Targets and select the correct firewall to be put into the list via Specific Targets.
D. A Rule Base can always be installed on any Check Point firewall object It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C
QUESTION 143
Which of these security policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible
B. Putting the least-used rule at the top of the Rule Base
C. Using groups within groups in the manual NAT Rule Base
D. Using domain objects in rules when possible
Correct Answer: A
QUESTION 144
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:

RequireD. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.
200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add and ARP entry for 200.200.200.5 for the MAC “Pass Any Exam. Any Time.”
-www.actualtests.com 58 Checkpoint 156-215.75 Exam
address of 200.200.200.3.
B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24. and 192.168.20.0/24. Add the two network objects. Create a manual NAT rule like the following Original source 璯roup object; Destination ?any Service ? any, Translated source ?200.200.200.5; Destination ?original, Service ?original.

Correct Answer: C
QUESTION 145
Because of a pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?
A. Allow bi-directional NAT is not checked in Global Properties.
B. Manual NAT rules are not configured correctly.
C. Translate destination on client side is not checked in Global Properties under manual NAT rules.
D. Routing is not configured correctly.

Correct Answer: C
QUESTION 146
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Only one, outbound
B. Two, one for outbound, one for inbound “Pass Any Exam. Any Time.” – www.actualtests.com 59 Checkpoint 156-215.75 Exam
C. Only one, inbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection

Correct Answer: A
QUESTION 147
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?
A. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
B. Translates many destination IP addresses into one destination IP address
C. Translates many source IP addresses into one source IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Correct Answer: C
QUESTION 148
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Destination B. Hide
C. Dynamic Destination
D. Static Source

Correct Answer: B QUESTION 149
NAT can NOT be configured on which of the following objects?
“Pass Any Exam. Any Time.” – www.actualtests.com 60 Checkpoint 156-215.75 Exam
A. Address Range
B. HTTP Logical Server
C. Host
D. Gateway

Correct Answer: B QUESTION 150
NAT can be implemented on which of the following lists of objects?
A. Host, Network
B. Host, User
C. Domain, Network
D. Network, Dynamic Object

Correct Answer: A QUESTION 151
Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?
A. Static Destination Address Translation
B. Port Address Translation
C. Dynamic Source Address Translation
D. Hide Address Translation

Correct Answer: A QUESTION 152
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the external interface of the firewall and the Internet.
“Pass Any Exam. Any Time.” – www.actualtests.com 61 Checkpoint 156-215.75 Exam What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Place a static host route on the firewall for the valid IP address to the internal Web server.
B. Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.
C. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
D. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.

Correct Answer: B QUESTION 153
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External.Change topology to Others +.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External
C. The Global Properties setting Translate destination on client side is checked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Uncheck the Global Properties setting Translate destination on client side
D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

Correct Answer: D
QUESTION 154
Which NAT option applicable for Automatic NAT applies to Manual NAT as well?
A. Allow bi-directional NAT
B. Automatic ARP configuration
C. Enable IP Pool NAT
D. Translate destination on client-side “Pass Any Exam. Any Time.” – www.actualtests.com 62 Checkpoint 156-215.75 Exam

Correct Answer: D
QUESTION 155
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service
B. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24
C. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule
D. Configure Automatic Static NAT on network 10.10.20.0/24
Correct Answer: B
QUESTION 156
You have three servers located in a DMZ, using private IP addresses. You want internal users from
10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.
What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?
“Pass Any Exam. Any Time.” – www.actualtests.com 63 Checkpoint 156-215.75 Exam A. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers

B. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.
C. When connecting to internal network 10 10.10 x. configure Hide NAT for the DMZ servers.
D. When connecting to the internal network 10.10.10x, configure Hide Nat for the DMZ network behind the DMZ interface of the Security Gateway

Correct Answer: B
QUESTION 157
An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of __________.
A. None of these
B. source NAT
C. destination NAT
D. client side NAT

Correct Answer: B
QUESTION 158
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the_________.
A. source on client side
B. destination on server side
C. destination on client side
D. source on server side

Correct Answer: C
QUESTION 159
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. Automatic ARP must be unchecked in the Global Properties.
B. A static route must be added on the Security Gateway to the internal host.
C. Nothing else must be configured.
D. A static route for the NAT IP must be added to the Gateway’s upstream router.

Correct Answer: B QUESTION 160
When translation occurs using automatic Hide NAT, what also happens?
A. Nothing happens.
B. The source port is modified.
C. The destination port is modified.
D. The destination is modified. “Pass Any Exam. Any Time.” – www.actualtests.com 65 Checkpoint 156-215.75 Exam

Correct Answer: B
QUESTION 161
The fw monitor utility is used to troubleshoot which of the following problems?
A. Phase two key negotiation
B. User data base corruption
C. Address translation
D. Log Consolidation Engine

Correct Answer: C QUESTION 162
The fw monitor utility would be best to troubleshoot which of the following problems?
A. An error occurs when editing a network object in SmartDashboard
B. A statically NATed Web server behind a Security Gateway cannot be reached from the Internet.
C. You get an invalid ID error in SmartView Tracker for phase 2 IKE key negotiations.
D. A user in the user database is corrupt.

Correct Answer: B QUESTION 163
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.
“Pass Any Exam. Any Time.” – www.actualtests.com 66 Checkpoint 156-215.75 Exam

A. There is not enough information provided in the Wireshark capture to determine NAT settings.
B. This is an example hide NAT.
C. There is an example of Static NAT and translate destination on client side unchecked in Global Properties.
D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Correct Answer: D QUESTION 164
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. It is necessary to add a static route to the Gateway’s routing table.
B. The Security Gateway’s ARP file must be modified.
C. It is not necessary to add a static route to the Gateway’s routing table.
D. VLAN tagging cannot be defined for any hosts protected by the Gateway.

Correct Answer: C QUESTION 165
Secure Internal Communications (SIC) is completely NAT-tolerant because it is based on:
A. MAC addresses.
B. SIC names.
C. SIC is not NAT-tolerant. “Pass Any Exam. Any Time.” – www.actualtests.com 67 Checkpoint 156-215.75 Exam
D. IP addresses.

Correct Answer: B QUESTION 166
Static NAT connections, by default, translate on which firewall kernel inspection point?
A. Post-inbound
B. Eitherbound
C. Inbound
D. Outbound

Correct Answer: C QUESTION 167
In a Hide NAT connection outbound, which portion of the packet is modified?
A. Source IP address and destination port
B. Destination IP address and destination port
C. Source IP address and source port
D. Destination IP address and destination port

Correct Answer: C QUESTION 168
You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the order of the rules if both methods are used together? Give the best answer.
A. The Administrator decides on the order of the rules by shifting the corresponding rules up and down. “Pass Any Exam. Any Time.” – www.actualtests.com 68
Checkpoint 156-215.75 Exam
B. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range
C. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range
D. The position of the rules depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Correct Answer: B
QUESTION 169
Which answers are TRUE? Automatic Static NAT CANNOT be used when:
i) NAT decision is based on the destination port
ii) Source and Destination IP both have to be translated
iii) The NAT rule should only be installed on a dedicated Gateway only
iv) NAT should be performed on the server side
A. (i), (ii), and (iii)
B. (i), and (ii)
C. (ii) and (iv)
D. only (i)

Correct Answer: D
QUESTION 170
In order to have full control, you decide to use Manual NAT entries instead of Automatic NAT rules. Which of the following is NOT true?
A. When using Static NAT, you must enter ARP entries for the Gateway on all hosts that are using the NAT Gateway with that Gateway’s internal interface IP address.
B. When using Static NAT, you must add proxy ARP entries to the Gateway for all hiding addresses.
C. If you chose Automatic NAT instead, all necessary entries are done for you.
D. When using Dynamic Hide NAT with an address that is not configured on a Gateway interface, “Pass Any Exam. Any Time.” – www.actualtests.com 69 Checkpoint 156-215.75 Exam you need to add a proxy ARP entry for that address.

Correct Answer: A
QUESTION 171
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue?
A. The packet has been sent out through a VPN tunnel unencrypted.
B. An IPSO ACL has blocked the outbound passage of the packet.
C. A SmartDefense module has blocked the packet
D. It is an issue with NAT

Correct Answer: D
QUESTION 172
A marketing firm’s networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Status
C. SmartView Monitor
D. SmartDashboard

Correct Answer: D
QUESTION 173
Which statement below describes the most correct strategy for implementing a Rule Base?
A. Add the Stealth Rule before the last rule. “Pass Any Exam. Any Time.” – www.actualtests.com 70 Checkpoint 156-215.75 Exam
B. Umit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Place a network-traffic rule above the administrator access rule.

Correct Answer: C
QUESTION 174
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together

Correct Answer: D
QUESTION 175
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules
Correct Answer: B
QUESTION 176
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping IPS rules with dynamic drop rules
B. Grouping reject and drop rules after the Cleanup Rule “Pass Any Exam. Any Time.” -www.actualtests.com 71 Checkpoint 156-215.75 Exam
C. Placing more restrictive rules before more permissive rules
D. Grouping authentication rules with QOS rules
Correct Answer: C
QUESTION 177
You would use the Hide Rule feature to:
A. Make rules invisible to incoming packets.
B. View only a few rules without the distraction of others
C. Hide rules from read-only administrators.
D. Hide rules from a SYN/ACK attack.

Correct Answer: B QUESTION 178
When you add a resource object to a rule, which of the following occurs?
A. All packets that match the resource will be dropped.
B. All packets matching that rule are either encrypted or decrypted by the defined resource.
C. All packets matching the resource service are analyzed through an application-layer proxy.
D. Users attempting to connect to the destination of the rule will be required to authenticate.

Correct Answer: C QUESTION 179
You are a Security Administrator using one Security Management Server managing three different firewalls. One of the firewalls does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?
A. The firewall object has been created but SIC has not yet been established.
B. The license for this specific firewall has expired. “Pass Any Exam. Any Time.” – www.actualtests.com 72 Checkpoint 156-215.75 Exam
C. The firewall has failed to sync with the Security Management Server for 60 minutes.
D. The firewall is not listed in the Policy Installation Targets screen for this policy package.

Correct Answer: D QUESTION 180
Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway’s Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this rule. Which of the following would work BEST for your purpose?
A. SmartView Monitor Threshold
B. SNMP trap
C. Logging implied rules
D. User-defined alert script

Correct Answer: D QUESTION 181

Flydumps.com takes in the latest CheckPoint 156-215 questions in the CheckPoint 156-215 exam materials so that our material should be always the latest and the most relevant. We know that CheckPoint 156-215 examination  wouldn’t repeat the same set of questions all the time. Microsoft certification examinations are stringent and focus is often kept on updated technology trends. The CheckPoint 156-215 exam questions organized by the professionals will help to condition your mind to promptly grasp what you could be facing in the CheckPoint 156-215 cert examination.

CheckPoint 156-215 Study Guide, Real CheckPoint 156-215 Exam Cost On Our Store

CheckPoint 156-210 Exam Questions, Valid and updated CheckPoint 156-210 Certification Exams Online

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html

You can pass CheckPoint 156-210 exam if you get a complete hold of CheckPoint 156-210 dumps. What’s more, all the CheckPoint 156-210 Certification exams Q and A provided by Flydumps is the latest.

QUESTION 101
You are working with multiple firewalls that have extensive Rule Bases. To simplify administration task, which of the following should you choose to do?
A. Create Network range objects that restrict all applicable rules to only certain networks.
B. Run separate GUI clients for external and internal firewalls.
C. Eliminate all possible contradictory rules such as stealth and clean-up rules.
D. Save a different Rule Base for each remote firewall.
E. None of the above.

Correct Answer: D
QUESTION 102
Currently, the Accounting Department is FTP-ing a file in the bank. Which Log Viewer Module would show you the activity occurring at the present time?
A. Security Log.
B. Active Connections Log.
C. Accounting Log-
D. Administrative Log.
E. None of the above.
Correct Answer: B
QUESTION 103
With Blocking Scope default settings, a selected connection is terminated:
A. And all further attempts to establish a connection from the same source IP address to the same destination IP address and port will be blocked.
B. But all further attempts to establish connections from this specific source IP address will be authenticated before being denied.
C. And all further attempts to establish connections to this specific destination IP address will be denied.
D. And all further attempts to establish a connection from the same source IP address to the firewall’s IP address will be blocked.
E. Both A and D.

Correct Answer: A
QUESTION 104
Consider the following Rule Base for VPN-1/Firewall-1 NG. Assuming the default settings in global properties have NOT changed, ICMP would be allowed through the firewall. No SOURCE SERVICE ACTION TRACK
DESTINATION
1 Any Web_Server http Accept Long
2 Any Any Any Any Long
A. True
B. False

Correct Answer: B
QUESTION 105
Which is the correct rule in the following Rule Base? No SOURCE SERVICE ACTION TRACK DESTINATION
1 Any Any Session Log Auth [email protected]
2 Chicago Any Session Log Auth [email protected]
3 Any Any Session Log Auth [email protected]
4 Any Any User Log Auth [email protected]
A. Rule 2
B. Rule 1
C. Rule 3
D. Rule 4
E. None of the rules allow access.

Correct Answer: B
QUESTION 106
In the Client Authentication Action Properties window (below), for the required Sign On Method section, Manual is selected.

This means:
A. If a connection matches the Rule Base the service is an authenticated service, the client is signed on after a successful authentication.
B. The user must initiate the Client Authentication Session to the gateway.
C. If a connection using any service matches Rule Base, the client is authenticated.
D. If authentication is successful, access is granted from the network that initiated the connection.
E. The user must TELNET to the target server on port 259.

Correct Answer: B
QUESTION 107
Changes made to the Security Policy do not take effect on the Enforcement Module until the administrator performs which of the following actions?
A. Saves the policy.
B. Verifies the policy.
C. Install the policy.
D. Stops firewall services on the Enforcement Module.
E. Stops firewall services on the Management module.
Correct Answer: C
QUESTION 108
Consider the following network: The public servers are a web form. Since the web servers accepts and initiate connections Dynamic translation is required.

A. True
B. False

Correct Answer: B QUESTION 109
The fw fetch command perform the following function:
A. Attempts to fetch the policy from the Management Server.
B. Fetches users from the Management server.
C. Produces an output screen of the Rule Base.
D. Fetches the logs.
E. Fetches the systems status.

Correct Answer: A QUESTION 110
Inclement weather and a UPS-failure cause a firewall to reboot. Earlier that day a tornado destroyed the building where the firewall’s Management Module was located. The Management Module was not recovered and has not been replaced. Bases on the scenario, which of the following statements is FALSE?
A. The firewall will continue to enforce the last rule base installed.
B. The firewall will log locally.
C. The firewall will fetch the last installed policy form local host and install it.
D. Communication between the firewall and the replacement Management Module must be established before the replacement Management Module can install a policy on the firewall.
E. Because the firewall cannot contact the Management Module, no policy will be installed.

Correct Answer: E QUESTION 111
When configuring Anti-Spoofing for VPN-1/FireWall-1 NG on the firewall interfaces, all of the following are valid address choices except:
A. Network defined by Interface IP and Net Mask.
B. Not Defined.
C. Security Policy Installed.
D. Specific
E. None of the above.

Correct Answer: C
QUESTION 112
The security administrator for the following configuration only allows members of the localnet managers group access files in BigBen (the FTP Server)

Select below the rule that allows local managers to access the FTP server from any location. No SOURCE SERVICE ACTION
DESTINATION
1 BigBen ftp User Auth [email protected]
2 BigBen ftp Client Auth [email protected]_London
3 BigBen ftp Session Auth [email protected] 4 BigBen ftp User Auth [email protected]_Tokyo
A. Rule 1.
B. Rule 2.
C. Rule 3.
D. Rule 4.
E. None of these rules allow access.

Correct Answer: A QUESTION 113
Assume that you are working on a Windows NT operating system. What is the default expiration for a Dynamic NAT connection NOT showing any UDP activity?
A. 30 Seconds.
B. 60 Seconds.
C. 40 Seconds.
D. 600 Seconds.
E. 3000 Seconds.

Correct Answer: C QUESTION 114
Assume there has been no change made to default policy properties. To allow a telnet connection into your
network, you must create two rules.
One to allow the initial Telnet connection in.
One to allow the destination machine to send information back to the client.

A. True
B. False

Correct Answer: B QUESTION 115
In Windows NT to force log entries other than the default directory.
A. You must use the cpconfig command.
B. Change the fwlog environment variable.
C. Modify the registry.
D. Change the directory in log viewer.
E. Use the fw log switch command.

Correct Answer: C QUESTION 116
For most installations, the Clean-Up rule should be the last rule in Rule Base.
A. True
B. False

Correct Answer: A QUESTION 117
What complements are necessary for VPN-1/FireWall-1 NG to scan e-mail, passing through the firewall, for macro viruses?
A. UFP and OPSEC-certified scanning product.
B. CVP and OPSEC-certified virus scanning product.
C. UFP and CVP.
D. UFP, CVP and OPSEC-certified content filter.
E. None of the above, VPN-1/FireWall-1 NG scans for macro viruses by default.

Correct Answer: B QUESTION 118
Why would you want to verify a Security Policy before installation?
A. To install Security Policy cleanly.
B. To check up the enforcement-point firewall for errors.
C. To identify conflicting rules in your Security Policy.
D. To compress the Rule Base for faster installation
E. There us no benefit verifying a Security Policy before installing it.

Correct Answer: C
QUESTION 119
To completely setup Static NAT, you ONLY have to select Add Automatic Address Translation rules on the NAT tab, and specify a public NAT IP address.
A. True
B. False

Correct Answer: B
QUESTION 120
If you configure the Minutes interval for a firewall in the User Authentication session timeout box, as shown below on the Authentication Tab of the Workstations properties window, users of one time password must re-authenticate for each request during this time period.
A. True
B. False

Correct Answer: B
QUESTION 121
What does a status of Untrusted tell you?
A. A VPN-1/Firewall-1 NG firewall module has been compromised.
B. A gateway cannot be reached.
C. A module is installed and responding to status checks, but the status is problematic.
D. A gateway is connected, but the management module is not the master of the module installed on the gateway.
E. None of the above.

Correct Answer: D
QUESTION 122
Omanan Enterprises has the premier reclamation system for scrap aluminum in the western hemisphere. Then phenomenal growth over the last 10 years has led to the decision to establish a presence in the Internet in order to their customers. To that end, Omanan Enterprise network administrator, Jason has acquired a Web Server, and email server and 14 IP addresses from their ISP. Jason also purchased a Checkpoint VPN-1/FireWall-1 stand alone gateway module, with these interfaces, to protect Omanan enterprises’ corporate data their ISP will be providing DNS services. The Web Server and email server must have Static routable IP addresses. The eight member executive counsel of Omanan Enterprises would to have routable IP addresses also, so that they can video-conference with the company’s suppliers. Omanan Enterprises’ remaining 200 employees would like to have access to Internet, and the executive counsel believe that granting them access might improve company morale. Jason installs and configured Checkpoint VPN-1/FireWall1 stand alone Gateway module at the perimeter of Omanan Enterprises corporate LAN. He uses the 3rd NIC in the stand alone firewall gateway module to create DMZ. Jason installs the Web server and the email server on the DMZ. He creates tools and objects on the checkpoint VPN-1/FireWall-1 stand alone gateway module to allow HTTP, POP3 and SMTP from the Internet to the DMZ. He Creates objects to represent the web and email server and configures them for Static NAT. Jason reconfigures his DHCP server so that each of the members of the executive counsel has reserved IP address. He then sues those reservations co create Statically NAT-ed objects on the Checkpoint VPN/ Firewall-1 Standalone Gateway module. Jason creates another object represents the internal network he
configures this object for Dynamic NAT. He adds a rule allowing HTTP traffic from the internal network to
any destination. Jason created an additional rule to allow POP3 and SMTP traffic between the internal
networks and DMZ.
Choose the one phrase below that best describes Jason’s proposal.

A. The proposed solution meets the required objectives and none of the desired objectives.
B. The proposed solution meets the required objectives and only one of the desired objectives.
C. The proposed solution meets the required objectives and all desired objectives.
D. The proposed solution does not meet the required objective.

Correct Answer: C
QUESTION 123
Anna is a security administrator setting up User Authentication for the first time. She has correctly configured her Authentication rule, but authentication still does not work. What is the Check Point recommended way to troubleshoot this issue?
A. Verify the properties of the user attempting authentication and the authentication method selected in the Authentication Properties of your firewall object.
B. Verify the firewall settings of your firewall object, and the properties for the user attempting encryption and authentication.
C. Verify the properties for the user attempting authentication and make sure that the file Stealth Authentication method is selected in the Authentication properties of both the peer gateway object and your firewall object.
D. Verify both Client and User Authentication, and the authentication method selected in the Authentication properties of your Firewall object.
E. Re-import Schema from the VPN-1/FireWall-1 NG installation CD.

Correct Answer: A
QUESTION 124
Session authentication provides an authentication method NOT supported by protocols that can be integrated with any application. No. Source Service Action Track Install On Destination
1.
Any Local_Net telnet Accept Long Gateways

2.
Any Accept Long Gateways Pub Pub Server1 Server2
A. True
B. False

Correct Answer: A
QUESTION 125
How do recover communications between your management module and enforcement module if you lock yourself out via a rule policy that is configured incorrectly?
A. Cp delete all all.
B. Cp pause all all.
C. Cp stop all all.
D. Cp unload all all.
E. Cp push all all.
Correct Answer: D QUESTION 126
You have set up a firewall and management module on one NT box and a remote module on a different location. You receive only sporadic logs from the local firewall and only and control message from remote firewall. All rules on both firewalls are logging and you know the traffic is flowing through the firewall using these rules. All the firewall related services are running and you are using NAT and you receive few logs from the local firewall. What actions from the choices below would you perform to find out why you cannot see logs?
A. Make sure there is no masters file in SFWDIR/conf on the remote module.
B. Make sure there is no masters file in SFWDIR/conf on the local NT box.
C. See if you can do a fwfetch from the module.
D. Run the fw logexport -t -n from the command line prompt on the remote module.
E. Use pulist.exe from the Windows NT resource kit.

Correct Answer: C

Flydumps is a website to improve the pass rate of CheckPoint 156-210 exam. Senior IT experts in the Passcert constantly developed a variety of successful programs of passing CheckPoint 156-210 exam, so the results of their research can 100% guarantee you CheckPoint 156-210 exam for one time. Flydumps CheckPoint 156-210 are very effective and many people who have passed a number of IT certification exams used the CheckPoint 156-210 dumps provided by Flydumps. Some of them who have passed the CheckPoint 156-210 also use Passcert products. Selecting Flydumps means choosing a success.

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html

CheckPoint 156-210 Exam Questions, Valid and updated CheckPoint 156-210 Certification Exams Online

CheckPoint 156-110 PDF Download, Helpful CheckPoint 156-110 Practice Exam Latest Version PDF&VCE

Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html

Flydumps presents the highest quality of CheckPoint 156-110 practice material which helps candidates to pass the CheckPoint 156-110 exams in the first attempt.The dumps are the latest, authenticated by expert and covering each and every aspect of CheckPoint 156-110 exam.

QUESTION 81
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization’s security policy.
C. Enables the administrator to monitor the configuration of remote computers.
D. Prevents attackers from penetrating headquarters’ Security Gateway.
E. Confirms that a remote configuration complies with the organization’s security policy.

Correct Answer: BCE
QUESTION 82
Which of the following is likely in a small-business environment?
A. Most small businesses employ a full-time information-technology staff.
B. Resources are available as needed.
C. Small businesses have security personnel on staff.
D. Most employees have experience with information security.
E. Security budgets are very small.

Correct Answer: E
QUESTION 83
ABC Corporation’s network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?
A. Role-based access control
B. Three-factor authentication
C. Single sign-on
D. Hybrid access control
E. Mandatory sign-on

Correct Answer: E
QUESTION 84
Which type of Business Continuity Plan (BCP) test involves shutting down a primary site, bringing an alternate site on-line, and moving all operations to the alternate site?
A. Parallel
B. Full interruption
C. Checklist
D. Structured walkthrough
E. Simulation
Correct Answer: B
QUESTION 85
A(n) _______ is the first step for determining which technical information assets should be protected.
A. Network diagram
B. Business Impact Analysis
C. Office floor plan
D. Firewall
E. Intrusion detection system

Correct Answer: A
QUESTION 86
Which of the following is an example of a simple, physical-access control?
A. Lock
B. Access control list
C. Background check
D. Token
E. Firewall

Correct Answer: A
QUESTION 87
Which of the following best describes an external intrusion attempt on a local-area network (LAN)?
A. Internal users try to gain unauthorized access to information assets outside the organizational perimeter.
B. External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization’s information assets.
C. External users attempt to access public resources.
D. External intruders attempt exploitation of vulnerabilities, to remove their own access.
E. Internal users perform inappropriate acts on assets to which they have been given rights or permissions.

Correct Answer: B
QUESTION 88
Maintenance of the Business Continuity Plan (BCP) must be integrated with an organization’s _______________ process.
A. Change-control
B. Disaster-recovery
C. Inventory-maintenance
D. Discretionary-budget
E. Compensation-review
Correct Answer: A
QUESTION 89
Which types of security solutions should a home user deploy? (Choose TWO.)
A. Managed Security Gateway
B. Access control lists on a router
C. Personal firewall
D. Network intrusion-detection system
E. Anti-virus software
Correct Answer: CE QUESTION 90
You are a system administrator for a pool of Web servers. The vendor who sells your Web server posts a patch and sample exploit for a newly discovered vulnerability. You will take all of the actions listed below. Which of the following actions should you take first?
A. Run the sample exploit against a test server.
B. Run the sample exploit against a production server.
C. Apply the patch to all production servers.
D. Test the patch on a production server.
E. Test the patch on a non-production server.

Correct Answer: A
QUESTION 91
_______ is a method of tricking users into revealing passwords, or other sensitive information.
A. Dumpster diving
B. Means testing
C. Social engineering
D. Risk
E. Exposure

Correct Answer: C
QUESTION 92
Which of the following equations results in the Single Loss Expectancy for an asset?
A. Asset Value x % Of Loss From Realized Exposure
B. Asset Value x % Of Loss From Realized Threat
C. Annualized Rate of Occurrence / Annualized Loss Expectancy
D. Asset Value x % Of Loss From Realized Vulnerability
E. Annualized Rate of Occurrence x Annualized Loss Expectancy

Correct Answer: B
QUESTION 93
Which encryption algorithm has the highest bit strength?
A. AES
B. Blowfish
C. DES
D. CAST
E. Triple DES

Correct Answer: A
QUESTION 94
_________________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.
A. Symmetric-key exchange
B. Steganography
C. Transposition cipher
D. Asymmetric-key encryption
E. Simple substitution cipher
Correct Answer: C QUESTION 95
Which of the following are appropriate uses of asymmetric encryption? (Choose THREE.)
A. Authentication
B. Secure key-exchange mechanisms
C. Public Web site access
D. Data-integrity checking
E. Sneaker net

Correct Answer: ABD
QUESTION 96
What is the purpose of resource isolation?
A. To reduce the level of broadcast traffic on physical segments.
B. To ensure that anyone accessing a resource has appropriate integrity.
C. To automate the creation of access control lists and Trusted Computing Bases.
D. To enforce access controls, and clearly separate resources from each other.
E. To make people buy more computers than they really need.

Correct Answer: D
QUESTION 97
Why should user populations be segmented?
A. To allow resources to be shared among employees
B. To allow appropriate collaboration, and prevent inappropriate resource sharing
C. To prevent appropriate collaboration
D. To provide authentication services
E. To prevent the generation of audit trails from gateway devices

Correct Answer: B
QUESTION 98
A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.
A. ACL
B. Reference monitor
C. State machine
D. TCB
E. Router
Correct Answer: B
QUESTION 99
Who should have physical access to network-connectivity devices and corporate servers?
A. Customers and clients
B. Accounting, information-technology, and auditing staff
C. Managers and C-level executives
D. Only appropriate information-technology personnel
E. Only the maintenance staff
Correct Answer: D
QUESTION 100

Which of the following represents a valid reason for testing a patch on a nonproduction system, before applying it to a production system?
A. Patches may re-enable services previously disabled.
B. Patches are a kind of virus.
C. Patches always overwrite user data.
D. Only patches on vendor-pressed CDs can be trusted.
E. Patches usually break important system functionality.

Correct Answer: A
QUESTION 101
How do virtual corporations maintain confidentiality?
A. Encryption
B. Checksum
C. Data hashes
D. Redundant servers
E. Security by obscurity

Correct Answer: A
QUESTION 102
Enterprise employees working remotely require access to data at an organization’s headquarters. Which of the following is the BEST method to transfer this data?
A. Standard e-mail
B. Faxed information
C. Dial-in access behind the enterprise firewall
D. Virtual private network
E. CD-ROMs shipped with updated versions of the data

Correct Answer: D
QUESTION 103
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A
QUESTION 104
A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.
A. ACL
B. Reference monitor
C. State machine
D. TCB
E. Router
Correct Answer: B
QUESTION 105
Digital signatures are typically provided by a ____________________, where a third party verifies a key’s authenticity.
A. Network firewall
B. Security administrator
C. Domain controller
D. Certificate Authority
E. Hash function

Correct Answer: D
QUESTION 106
Which of the following is a cost-effective solution for securely transmitting data between remote offices?
A. Standard e-mail
B. Fax machine
C. Virtual private network
D. Bonded courier
E. Telephone

Correct Answer: C
QUESTION 107
Which of the following is the MOST important consideration, when developing security- awareness training materials?
A. Training material should be accessible and attractive.
B. Delivery mechanisms should allow easy development of additional materials, to complement core material.
C. Security-awareness training materials should never contradict an organizational security policy.
D. Appropriate language should be used to facilitate localization, should training materials require translation.
E. Written documentation should be archived, in case of disaster.
Correct Answer: C
QUESTION 108
Why should the number of services on a server be limited to required services?
A. Every open service represents a potential vulnerability.
B. Closed systems require special connectivity services.
C. Running extra services makes machines more efficient.
D. All services are inherently stable and secure.
E. Additional services make machines more secure.
Correct Answer: A

Flydumps ensures that the first time you take the exam will be able to pass the exam to obtain the exam certification. Because CheckPoint 156-110 provide to you the highest quality analog CheckPoint 156-110 Exam will take you into the exam step by step. Flydumps guarantee that Latest CheckPoint 156-110 exam help you to pass the exam successfully.

Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html

CheckPoint 156-110 PDF Download, Helpful CheckPoint 156-110 Practice Exam Latest Version PDF&VCE

Categories

Cisco Exam Dumps

Latest Cisco CCNA dumps

Latest Cisco DevNet dumps

Latest Cisco CCNP dumps

More Cisco CCNP Practice test…

Latest Cisco CCIE dumps

Latest Cisco CCDE dumps

Latest Cisco Special dumps

All Cisco dumps

Microsoft Exam Dumps

Microsoft Azure Exam Dumps

Microsoft Data Exam Dumps

Microsoft Dynamics 365 Exam Dumps

Microsoft 365 Exam Dumps

Microsoft Fundamentals Exam Dumps

Microsoft Certified Exam Dumps

Microsoft MTA Exam Dumps