Home » CheckPoint Certification

Category Archives: CheckPoint Certification

CheckPoint 156-210 Exam, Sale Discount CheckPoint 156-210 Dump Online

Welcome to download the newest Dumpsoon 1Z0-060 dumps:

Don’t leave your fate to boring books, you should sooner trust FLYDUMPS CheckPoint 156-210 exam sample questions. If you prefer the course on FLYDUMPS CheckPoint 156-210 exam sample questions, then you will need to attend their class and their classroom sessions are quite expensive. FLYDUMPS CheckPoint 156-210 pdf could be the passport for your career life since it covers everything needed to pass CheckPoint 156-210 exam. CheckPoint 156-210 Testing Engine are composed by current and active Information Technology experts, who use their experience in preparing you for your future CheckPoint 156-210 exam sample questions available at FLYDUMPS will save you money, and get you started on the right road to making more with your new found skills.

QUESTION 177
When you disable a rule the rule is NOT disabled until you verify your Security Policy.
A. True
B. False

Correct Answer: B
QUESTION 178
Static Source NAT translates public internal source IP addresses to private external source IP addresses.
A. True
B. False.

Correct Answer: B
QUESTION 179
What is the command that lists the interfaces to which VPN-1/FireWall-1 bound?
A. Fw ct1 iflist
B. Ifconfig -a
C. Ifconfig \all
D. Netstat -m
E. Cp bind -all

Correct Answer: A
QUESTION 180
Your customer has created a rule so that every time a user wants to go to Internet, that user must be authenticated. Which if the following is the best authentication method for roaming users, such as doctors updating patient records at various floor stations in a hospital?
A. Session
B. User
C. Client
D. Connection
E. None of the above.

Correct Answer: B QUESTION 181
Which command utility allows verification of the Security Policy installed on a firewall module?
A. Fw ct1 pstat.
B. Fw printlic.
C. Fw stat.
D. Fw ver.
E. Fw pol.

Correct Answer: C QUESTION 182
You are a firewall administrator with one Management Server managing 3 different Enforcement Modules. One of the Enforcement Modules does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is the most likely cause?
A. No master file was created.
B. License for multiple firewalls has expired.
C. The firewall has NOT been rebooted.
D. The firewall was NOT listed in the Install On column of the rule.
E. The firewall is listed as “Managed by another Management Module (external)” in the Workstation Properties dialog box.

Correct Answer: E QUESTION 183
In the Install On column of a rule, when you select a specific firewall object as the only configuration object, that rule is enforced on all firewalls with in the network, with related configurations.
A. True
B. False.

Correct Answer: B QUESTION 184
As an administrator, you want to force your users to authenticate. You have selected Client Authentication as your authentication scheme. Users will be using a Web browser to authenticate. On which TCP port will authentication be performed?
A. 23
B. 80
C. 259
D. 261
E. 900

Correct Answer: E QUESTION 185
Once installed the VPN-1/FireWall-1 NG resides directly below what layer of the TCP/IP stack?

A. Data
B. Transport
C. Physical
D. Application
E. Network

Correct Answer: E QUESTION 186
Client Authentication rules should be placed above the Stealth rule, so users can authenticate to the firewall.
A. True
B. False

Correct Answer: A QUESTION 187
The following rule base tells you any automatically created NAT rules have simply hidden but have not been deleted from the Rule Base.
A. True
B. False

Correct Answer: B QUESTION 188
You are using static Destination NAT. You have VPN-1/FireWall-1 NG running on Windows NT/Solaris platform. By default, routing occurs after the address translation when the packet is passing form the client towards the server.
A. True
B. False

Correct Answer: B QUESTION 189
Which if the following statements are FALSE?
A. Dynamic NAT cannot be used for protocols where the port number cannot be changed.
B. Dynamic NAT cannot be used when an external server must distinguish between clients bases on their IP addresses.
C. With Dynamic NAT, packet’s source port numbers are modified.
D. In Dynamic NAT, public internal addresses are hidden behind a single private external address using dynamically assigned port numbers to distinguish between them.
E. Dynamically assigned post numbers are used to distinguish between hidden private addresses.

Correct Answer: D QUESTION 190
When you modify a User Template, any users already operating under that template will be updates to the new template properties.
A. True
B. False

Correct Answer: B QUESTION 191
Installation time for creating network objects will decrease if you list machine names and IP addresses in the hosts files.
A. True
B. False

Correct Answer: A QUESTION 192
Consider the following network: No Original Packet Translated Packet Source Destination Service Source Destination Service The administrator wants to take all the local and DMZ hosts behind the gateway except the HTTP server
192.9.200.9. The http server will be providing public services and must be accessible from Internet. Select the best NAT solution below that meets these requirements.
A. Use automatic NAT that creates a static NAT to the HTTP server.
B. To hide the private addresses set the address translation for Private Net.
C. To hide the private address set the address translation for 192.9.200.0.
D. Use automatic NAT rule creation to hide NAT Local net and private Net.
E. Both A and D.

Correct Answer: E QUESTION 193
What NAT made is necessary if you want to start and HTTP session on a Reserved or Illegal IP address?
A. Static Source.
B. Static destination.
C. Dynamic
D. None of the above.

Correct Answer: B
QUESTION 194
With SecureUpdate you are able to: (Select all that apply)
A. Change Central Licenses to Local Licenses
B. Track current installed versions of Check Point and OPSEC products
C. Update Check Point and OPSEC software remotely from a central location
D. Centrally manage Licenses
E. Perform a new installation of VPN-1/FW-1 remotely

Correct Answer: BCD
QUESTION 195
Which is false about SIC communications?
A. A.VPN Certificates, such as those for IKE are used for secure communications
B. B.The Policy Editior initiates an SSL based connection with the Management Server
C. The Policy Editor must be defined as being authorised to use the Management Server
D. The Management Server verifies that the Clients IP address belongs to an authorised Policy Editor Client

Correct Answer: A

Looking to become a certified Adobe professional? Would you like to reduce or minimize your CheckPoint 156-210 certification cost? Do you want to pass all of the Microsoft certification? If you answered YES, then look no further. Flydumps.com offers you the best CheckPoint 156-210 exam certification test questions which cover all core topics and certification requirements.

Welcome to download the newest Dumpsoon 1Z0-060 dumps: http://www.dumpsoon.com/1Z0-060.html

Aruba ACCP-V6 Practise Questions, The Most Effective Aruba ACCP-V6 Actual Test On Our Store

CheckPoint 156-215 Study Guide, Download CheckPoint 156-215 PDF&VCE Online Store

Welcome to download the newest Pass4itsure 400-101 dumps:

Top IT industry experts and professionals make sure that the students get thoroughly researched 100% authentic answers. Flydumps CheckPoint 156-215 exam sample questions includes CheckPoint 156-215 exam questions answers and online CheckPoint 156-215 is extremely important for the real CheckPoint 156-215 certification. Flydumps simulator exam containing 90 questions is designed in a way that could help you pass the exam with no other books or helping materials and more effective. With our Cisco 642-618 exam sample questions you will feel on top of the illusive CheckPoint 156-215 exam.

QUESTION 182
Which command allows verification of the Security Policy name and install date on a Security Gateway?
“Pass Any Exam. Any Time.” – www.actualtests.com 73 Checkpoint 156-215.75 Exam
A. fw show policy
B. fw ctl pstat -policy
C. fw stat -l
D. fwver-p

Correct Answer: C
QUESTION 183
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
A. Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.
B. Restore the entire database, except the user database, and then create the new user and user group.
C. Restore the entire database, except the user database.
D. Run fwm dbexport -l filename. Restore the database. Then, run fwm dbimport -l filename to import the users.

Correct Answer: C
QUESTION 184
Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. Policy Package management
B. dbexport/dbimport
C. Database Revision Control
D. upgrade_export/upgrade_import

Correct Answer: C
QUESTION 185
Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote Gateway after reboot?
A. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
B. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
C. Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
D. The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.

Correct Answer: D
QUESTION 186
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?
A. Pop-up alert script
B. User-defined alert script
C. Custom scripts cannot be executed through alert scripts
D. SNMP trap alert script

Correct Answer: B QUESTION 187
Which of the following is NOT useful to verify whether or NOT a Security Policy is active on a Gateway?
A. Check the name of Security Policy of the appropriate Gateway in Smart Monitor.
B. Cpstat fw ?f policy
C. fw stat
D. fw ctl get string active_secpol “Pass Any Exam. Any Time.” – www.actualtests.com 75 Checkpoint 156-215.75 Exam

Correct Answer: D
QUESTION 188
Of the following, what parameters will not be preserved when using Database Revision Control? 1) Simplified mode Rule Bases 2) Traditional mode Rule Bases 3) Secure Platform WebUI Users 4) SIC certificates 5) SmartView Tracker audit logs 6) SmartView Tracker traffic logs 7) Implied Rules 8) IPS Profiles 9) Blocked connections 10) Manual NAT rules 11) VPN communities 12) Gateway route table 13) Gateway licenses
A. 3, 4, 5, 6, 9, 12, 13
B. 5, 6, 9, 12, 13
C. 1, 2, 8, 10, 11
D. 2, 4, 7, 10, 11

Correct Answer: A QUESTION 189
Which of the following describes the default behavior of an R75 Security Gateway?
“Pass Any Exam. Any Time.” – www.actualtests.com 76 Checkpoint 156-215.75 Exam
A. Traffic is filtered using controlled port scanning.
B. All traffic is expressly permitted via explicit rules.
C. Traffic not explicitly permitted is dropped.
D. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.

Correct Answer: C
QUESTION 190
When you use the Global Properties’ default settings on R75, which type of traffic will be dropped if no explicit rule allows the traffic?
A. SmartUpdate connections
B. Firewall logging and ICA key-exchange information
C. Outgoing traffic originating from the Security Gateway
D. RIP traffic

Correct Answer: D
QUESTION 191
You have installed a R75 Security Gateway on SecurePlatform. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy. When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?
A. The new Gateway’s temporary license has expired.
B. The object was created with Node > Gateway.
C. The Gateway object is not specified in the first policy rule column Install On.
D. No Masters file is created for the new Gateway.

Correct Answer: B
QUESTION 192
“Pass Any Exam. Any Time.” – www.actualtests.com 77 Checkpoint 156-215.75 Exam Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:
A. Are used for securing internal network communications between the SmartDashboard and the Security Management Server.
B. For R75 Security Gateways are created during the Security Management Server installation.
C. Decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.
D. Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.

Correct Answer: D
QUESTION 193
John is the Security Administrator in his company. He installs a new R75 Security Management Server and a new R75 Gateway. He now wants to establish SIC between them. After entering the activation key, the message “Trust established” is displayed in SmartDashboard, but SIC still does not seem to work because the policy won’t install and interface fetching still does not work. What might be a reason for this?
A. This must be a human error.
B. The Gateway’s time is several days or weeks in the future and the SIC certificate is not yet valid.
C. SIC does not function over the network.
D. It always works when the trust is established.
Correct Answer: B
QUESTION 194
A _______ rule is used to prevent all traffic going to the R75 Security Gateway.
A. Cleanup
B. Reject
C. Stealth
D. IPS “Pass Any Exam. Any Time.” – www.actualtests.com 78 Checkpoint 156-215.75 Exam

Correct Answer: C
QUESTION 195
In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy / Global Properties / FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to communicate to the Security Gateway on port ______.
A. 256
B. 80
C. 900
D. 259

Correct Answer: A
QUESTION 196
Your internal network is configured to be 10.1.1.0/24. This network is behind your perimeter R75 Gateway, which connections to your ISP provider. How do you configure the Gateway to allow this network to go out to the internet?
A. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.
B. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.
C. Use automatic Static NAT for network 10.1.1.0/24.
D. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.

Correct Answer: B
QUESTION 197
Which specific R75 GUI would you use to add an address translation rule?
A. SmartConsole “Pass Any Exam. Any Time.” – www.actualtests.com 79 Checkpoint 156-215.75 Exam
B. SmartDashboard
C. SmartNAT
D. SmartView Monitor

Correct Answer: B
QUESTION 198
You are a Security Administrator who has installed Security Gateway R75 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner’s access for HTTP and FTP only, you did the following:
1.
Created manual Static NAT rules for the Web server.

2.
Created the following settings in the Global Properties’ Network Address Translation screen
-Allow bi-directional NAT*

Translate destination on client side

A.
Yes, This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet.

B.
Yes, Both of these settings are only application to automatically NAT rules.

C.
No, The first setting is not applicable. The second setting will reduce performance, by translating traffic in the kernel nearest the intranet server.

D.
No. The first setting is only applicable to automatic NAT rules. The second setting is necessary to make sure there are no conflicts between NAT and anti-spoofing.
Do you above settings limit the partner’s access?

Correct Answer: D
QUESTION 199
You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global Properties / NAT.)
When you run fw monitor on the R75 Security Gateway and then start a new HTTP connection from host
10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into 10.10.10.5?
“Pass Any Exam. Any Time.” – www.actualtests.com 80 Checkpoint 156-215.75 Exam
A. i=inbound kernel, before the virtual machine
B. O=outbound kernel, after the virtual machine
C. o=outbound kernel, before the virtual machine
D. I=inbound kernel, after the virtual machine

Correct Answer: D
QUESTION 200
You have configured a remote site Gateway that supports your boss’s access from his home office using a DSL dialup connection. Everything worked fine yesterday, but today all connectivity is lost. Your initial investigation results in “nobody has touched anything”, which you can support by taking a look in SmartView Tracker Management. What is the problem and what can be done about it?
A. You cannot use NAT and a dialup connection.
B. The NAT configuration is not correct; you can only use private IP addresses in a static NAT setup.
C. A static NAT setup may not work with DSL, since the external IP may change. Hide NAT behind the Gateway is the preferred method here.
D. According to published limitations of Security Gateway R75, there’s a bug with NAT. A restart of the Gateway will help here.

Correct Answer: C

This is the reason why this program is highly recommended to all those students who are serious about passing out CheckPoint 156-215 ECSS. You will find CheckPoint 156-215 ECSS exam which you will require when CheckPoint 156-215 ECSS exam you have to test your knowledge and skills. Without them you will not be able to get information about what your areas of expertise are. It has been seen that students are feeling quite at home in presence of CheckPoint 156-215 ECSS exam as they provide them a chance to take a sigh of relief and they need not to spend hours in their studies for the certification. A great number of candidates for Exam have already been benefited themselves with the amazing study material of questions CheckPoint 156-215 ECSS study materials.

Welcome to download the newest Pass4itsure 400-101 dumps: http://www.pass4itsure.com/400-101.html

Avaya 3102 Certification Exam, Best Quality Avaya 3102 Exam Dumps With The Knowledge And Skills

CheckPoint 156-210 Exams, Offer CheckPoint 156-210 Vce Dumps For Download

Welcome to download the newest Examwind JN0-360 dumps:

Each Answers in CheckPoint 156-210 study guides are checked by the concerned professional to provide you the best quality dumps. If you are looking to get certified in short possible time, you will never find quality product than Flydumps.

QUESTION 127
As a firewall administrator you encounter the following you error message:
Authentication for command failed.
What is the most logical reasoning for thus type of error message?

A. The Rule Base has been corrupted.
B. The kernel cannot communicate with the management module.
C. The administrator does not have the ability to push the policy.
D. Remote encryption keys cannot be fetched.
E. Client authentication has failed.

Correct Answer: B
QUESTION 128
Your customer has created a rule so that every time a user wants to go to the Internet, that user must be authenticated. Firewall load is a concern for the customer. Which authentication method does not result in any additional connections to the firewall?
A. Session
B. User
C. Client
D. Connection
E. None of the above.

Correct Answer: A
QUESTION 129
What variable is used to extend the interval of the Timeout in a NAT to prevent a hidden UDP connection from losing its port?
A. Fwx_udp_todefaultextend.
B. Fwx_udp_expdefaultextend.
C. Fwx_udp_todefaultext
D. Fwx_udp_timeout.
E. Fwx_udp_expiration.
Correct Answer: D
QUESTION 130
To hide data filed in the log viewer:
A. Select Hide from the Log Viewer menu.
B. Right-click anywhere in a column of the Log Viewer GUI and select Show Details.
C. Right-click anywhere in the column of the Log Viewer GUI and select Disable.
D. Right-click anywhere in the column of the Log Viewer GUI and select Hide.
E. Select Hide from the Log Viewer tool bar.

Correct Answer: D
QUESTION 131
You are following the procedure to setup user authentication for TELNET to prompt for a distinct destination. This allows the firewall to simulate a TELNET Proxy. After you defined the user on the Firewall and use VPN-1/FireWall-1 Authentication, you would:
A. Stop the Firewall.
B. Restart the Firewall.
C. Start the Policy Editor and go to Manage service, and edit TELNET service.
D. Ensure that the Authentication method is enabled in the firewall object.
E. Ensure that there are no existing rules already allowing TELNET.

Correct Answer: D
QUESTION 132
You have the VPN-1/Firewall-1 NG product installed. The following Rule Base order correctly implements Implicit Client Authentication fort HTTP. No. SOURCE DESTINATION SERVICE ACTION 1 All *Any TCP ftp User Auth [email protected] 2 All [email protected] *Any TCP http User Auth
A. True
B. False

Correct Answer: B
QUESTION 133
What is the software package through which all Check Point products use infrastructure services?
A. Cpstart/cpstop.
B. Check Point Registry.
C. CPD
D. Watch Dog for critical services.
E. SVN Foundation.

Correct Answer: E
QUESTION 134
Choose the BEST response to finish this statement. A Firewall:
A. Prevents unauthorized to or from a secured network.
B. Prevents unauthorized to or from a unsecured network.
C. Prevents authorized access to or from an Intranet.
D. Prevents authorized access to or from an Internet.
E. Prevents macro viruses from infecting the network.
Correct Answer: A
QUESTION 135
Where is the external if file located in VPN1/Firewall-1 NG?
A. FWDIR conf directory.
B. Database directory.
C. State directory.
D. Temp Directory.
E. Not used in VPN1/Firewall-1 NG.

Correct Answer: E
QUESTION 136
Which log viewer mode allows you to actually see the contents of the files HTTP-ed by the corporation’s Chief Executive Officer?
A. Security Log.
B. Active Connections Log.
C. Accounting Log.
D. Administrative Log.
E. None of the above.

Correct Answer: E
QUESTION 137
When you select the alert radio button on the topology tab of the interface properties window:
A. The action specified in the Action element of the Rule Base is taken.
B. The action specified in the Anti-Spoofing Alert field in the Global properties window is taken.
C. The action specified in the Pop up Alter Command in the Global properties window is taken.
D. Both A and B.
E. Both B and C.

Correct Answer: E
QUESTION 138
You are the firewall administrator with one management server managing one firewall. The system status displays a computer icon with a ‘!’ symbol in the status column. Which of the following is the most likely cause?
A. The destination object has been defined as external.
B. The Rule Base is unable to resolve the IP address.
C. The firewall has been halted.
D. The firewall is unprotected, no security policy is loaded.
E. Nothing is wrong.
Correct Answer: D
QUESTION 139
System Administrators use session authentication when they want users to:
A. Authenticate each time they use a supported service.
B. Authenticate all services.
C. Use only TENET, FTP, RLOGIN, and HTTP services.
D. Authenticate once, and then be able to use any service until logging off.
E. Both B and D
Correct Answer: B
QUESTION 140
Your customer has created a rule so that every time a user wants to go to Internet, that user must be authenticated. The customer requires an authentication scheme that provides transparency for the user and granular control for the administrator. User must also be able to log in from any location. Based on this information, which authentication schemes meets the customer’s needs?
A. Session
B. User
C. Client
D. Dual
E. Reverse

Correct Answer: B QUESTION 141
Implementing Dynamic NAT would enable an internal machine behind the firewall to act as an FTP Server for external clients.
A. True
B. False

Correct Answer: B QUESTION 142
The Enforcement Module (part if the VPN-1/FireWall-1 Module):
A. Examines all communications according to an Enterprise Security Policy.
B. Is installed on a host enforcement point.
C. Can provide authentication and Content Security features at the application level.
D. Us usually installed on a multi-homed machine.
E. All of the above.

Correct Answer: E QUESTION 143
In most cases when you are building the Rule Base you should place the Stealth Rule above all other rules except:
A. Clean up rules.
B. Implicit Riles.
C. Client Authentication Rules.
D. Pseudo Rules.
E. Default Rules.

Correct Answer: C QUESTION 144
If you change the inspection order of any of the implied rules under the Security Policy Setup, does it change the order in which the rules are enforced?
A. True
B. False

Correct Answer: A QUESTION 145
The fw fetch command allows an administrator to specify which Security Policy a remote enforcement module retrieves.
A. True
B. False

Correct Answer: A
QUESTION 146
You can edit VPE objects before they are actualized (translated from virtual network objects to real).
A. True
B. False.

Correct Answer: B
QUESTION 147
Stateful inspection is a firewall technology introduced in Checkpoint VPN-1/Firewall-1 software. It is designed to meet which if the following security requirements?
1.
Scan information from all layers in the packet.

2.
Save state information derived from previous communications, such as the outgoing Port command of an FTP session, so that incoming data communication can be verified against it.

3.
Allow state information derived from other applications access through the firewall for authorized services only, such as previously authenticated users.

4.
Evaluate and manipulate flexible expressions based on communication and application derived state information.
A. 1, 2, 3
B. 1, 3, 4
C. 1, 2, 4
D. 2, 3, 4
E. 1, 2, 3, 4

Correct Answer: E
QUESTION 148
If the security policy editor or system status GUI is open, you can open the log viewer GUI from the window menu.
A. True
B. False
Correct Answer: A
QUESTION 149
NAT can NOT be configured on which of the objects?
A. Hosts
B. Gateways
C. Networks
D. Users
E. Routers

Correct Answer: D
QUESTION 150
Your customer has created a rule so that every user wants to go to Internet, that user must be authenticated. Which is the best method of authentication for users who must use specific computers for Internet access?
A. Session
B. User
C. Client
D. Connection
E. None of the above.

Correct Answer: C
QUESTION 151
Which of the following describes the behavior of VPN-1/Firewall-1 NG?
A. Traffic not expressly prohibited is permitted.
B. Traffic not expressly permitted is prohibited.
C. TELNET, SMTP and HTTP are allowed by default.
D. Secure connections are authorized by default, unsecured connections are not.
E. All traffic is controlled by explicit rules.

Correct Answer: B
QUESTION 152
New users are created from templates. What is the name of the standard template from which you would create a new user?
A. New
B. User
C. Group
D. Standard User.
E. Default

Correct Answer: E
QUESTION 153
In a distributed management environment, the firewall administrator has removed the default check from Accept VPN-1/Firewall-1 control connections under the Security Policy tab of the properties setup dialogue box. In order for the management module and the Firewall to communicate, you must create a rule to allow the Management Module to communicate to the firewall on which port?
A. 80
B. 256
C. 259
D. 900
E. 23
Correct Answer: B
QUESTION 154
What is the command for installing a Security Policy from a *.W file?
A. Fw gen and then the name of the .W file.
B. Fw load and then the name of .W file.
C. Fw regen and then the name of the .W file.
D. Fw reload and then the directory location of the .W file.
E. Fw import and then the name of the .W file.

Correct Answer: B
QUESTION 155
In the Check Point Configuration Too, you create a GUI administrator with Read Only privileges. This allows the Firewall-1 administrator for the authorized GUI client (GUI workstation) privileges to change network object, and create and install rules.
A. True
B. False

Correct Answer: B QUESTION 156
Hybrid Authentication allows VPN-1/Firewall-1 NG to authenticate SecuRemote/SecureClient, using which of the following?
A. RADIUS
B. 3DES
C. TACACS
D. Any authentication method supported by VPN-1/Firewall-1.
E. Both A and C.

Correct Answer: D QUESTION 157
In order to install a new Security Policy on a remote firewall, what command must be issued on the remote firewall?
A. Fw unload all all.
B. Fw load new.
C. Cp clear policy.
D. None of the above, the command cp policy remove is issued from the manager.
E. None of the above, the new policy will automatically overwrite the existing policy.

Correct Answer: E QUESTION 158
As a firewall administrator if you want to log packets dropped by “implicit drop anything not covered” rules, you must explicitly define a Clean-up rule. This must be the last rule in the rule base.
A. True
B. False

Correct Answer: A QUESTION 159
Fully Automatic Client authentication provides authentication for all protocols, whether supported by these protocols or not.
A. True
B. False

Correct Answer: A QUESTION 160
VPN-1/Firewall-1 NG differs from Packet filtering and Application Layer Gateways, because?
A. VPN-1/Firewall-1 NG provides only minimal logging and altering mechanism.
B. VPN-1/Firewal-1 NG uses Stateful inspection which allows packet to be examined at the top of the layers of the OSI model.
C. VPN-1/Firewall-1 NG has access to a limited part of the packet header only.
D. VPN-1/Firewall-1NG requires a connection from a client to a firewall and firewall to a server.
E. VPN-1/Firewall-1 NG has access to packets passing through key locations in a network.

Correct Answer: B
QUESTION 161
AlphaBravo Corp has 72 privately addressed internal addresses. Each network is a piece of the 10-net subnetted to a class C address. AlphaBravo uses Dynamic NAT and hides all of the internal networks behind the external IP addresses of the Firewall. The Firewall administrator for AlphaBravo has noticed that policy installation takes significantly longer since adding all 72 internal networks to the address translation rule. What should the Firewall administrator do to reduce the time it takes to install a policy?
A. Create an object for the entire 10-net and use the object for the translation rule instead of the individual network objects.
B. Use automatic NAT rule creation on each network object. Hide the network behind the firewall’s external IP addresses.
C. Match packets to the state table, so packets are not dropped. Increase the size of the NAT tables.
D. Reinstall the Firewall and Security Policy Editor. The policy is corrupting Firewall’s binaries.
E. Increase the size of state table. Use automatic NAT rule creation to hide the networks behind an IP address other than firewall’s external IP.

Correct Answer: A
QUESTION 162
How does VPN-1/Firewall-1 NG implement Transparent authentication?
A. Unknown user receive error messages indicating that the firewalled gateway does not know the user names on the gateway.
B. VPN-1/Firewall-1 NG prompts for user names even through the authentication data may not be recognized by the firewall’s user database.
C. VPN-1/Firewall-1 NG allows connections, but hides the firewall from authenticated users.
D. Unknown users error messages indicating that the host does not know the users names on the server.
E. VPN-1/Firewall-1 NG does not allow connections from users who do not know the name of the firewall.

Correct Answer: C
QUESTION 163
When creating user authentication rule, select intersect with user database for source and destination to allow access according to the source specified in the rules.
A. True
B. False

Correct Answer: B
QUESTION 164
A connection initiated by the client in the figure below will be hidden behind the IP address of the interface
through which the connection was routed on the server side if the gateway (behind either interface 2 or
interface 3). Specifying 0.0.0.0 as the address is convenient because of network address translation (NAT)
is performed dynamically. And if the IP addresses of the gateway are changed, it is not necessary to
reconfigure the NAT parameters.
Which of the following is true about the following figure?
A. A connection initiated by the client will be hidden behind the IP address of the exit interface.
B. A connection initiated by the server will be hidden behind the IP address of the exit interface.
C. A connection initiated by the server will be hidden by the IP address of the client.
D. Source addresses of outbound packets from the client will be translated to 0.0.0.0.
E. Source addresses of outbound packets from the server will be translated to 0.0.0.0.

Correct Answer: A QUESTION 165
Which if the following statements about Client Authentication are FALSE?
A. In contrast to User Authentication, which allows access per user, Client Authentication allows access per ID address.
B. Authentication is by user name and password, but is the host machine (client) that is granted access.
C. Client Authentication is more secure than User Authentication, because it allows multiple users and connections from an authorized IP address or host.
D. Client Authentication enables administration to grant access privileges to a specific IP address after successful authentication.

Correct Answer: C QUESTION 166
When you make a rule, the rule is not enforces as part of your Security Policy.
A. True
B. False

Correct Answer: B QUESTION 167
Which of the following user actions would you insert as an INTERNAL Authentication scheme?
A. The user enters the security dynamics passcode.
B. The user prompted for a response from the RADIUS server.
C. The user prompted for a response from the AXENT server.
D. The user prompted for a response from the TACACS server.
E. The user enters an operating system account password.

Correct Answer: E QUESTION 168
When configuring Static NAT, you cannot map the routable IP address to the external IP address of the Firewall if attempted, the security policy installation fails with the following error “rule X conflicts with rule Y”.
A. True
B. False

Correct Answer: A QUESTION 169
The advantage of client authentication is that it can be used for any number of connections and for any services, but authentication is only valid for a specified length of time.
A. True

B. False Correct Answer: B QUESTION 170
You have set up Static NAT on a VPN-1/Firewall-1 to allow Internet traffic to an internal web server. You notice that any HTTP attempts to that machine being dropped in the log due to rule 0. Which of the following is the most likely cause?
A. Spoofing on the internal interface us set to Network defined by Interface IP and Net Mask.
B. Spoofing on the external interface is set to Not Defined.
C. You do NOT have a rule that allows HTTP access to the internal Web Server.
D. You do NOT have a rule that allows HTTP from the Web Server to Any destination.
E. None of the above.

Correct Answer: C QUESTION 171
As a firewall administrator, you are required to create VPN-1/Firewall-1 users for authentication. When you create a user for user authentication, the data is stored in the?
A. Inspect Engine.
B. Rule base.
C. Users database
D. Rulebase fws file
E. Inspect module.

Correct Answer: C QUESTION 172
If users authenticated successfully, they have matched the User and Authentication rule restriction of the user group to which they belong.
A. True
B. False

Correct Answer: A QUESTION 173
The only way to unblock BLOCKED connections by deleting all the blocking rules from the Rule base.
A. True
B. False

Correct Answer: B QUESTION 174
When you perform a cp fetch, what can you expect from this command?
A. Firewall retrieves the user database from the tables on the Management Module.
B. Firewall retrieves the inspection code from the remote Management Module and installs it to the kernel.
C. Management module retrieves the IP address of the target specified in the command.
D. Management module retrieves the interface information for the target specified in the command.
E. None of the above.

Correct Answer: B QUESTION 175
Each incoming UDP packet is locked up in the list of pending connections. Packets are delivered if they are _________.
A. A request.
B. A response to a request.
C. Source routed.
D. Allowed by the Rule Base.
E. Both B and D.

Correct Answer: E
QUESTION 176
Assume an NT system. What is the default expiration for a Dynamic NAT connection NOT showing any TCP activity?
A. 30 Seconds.
B. 60 Seconds.
C. 330 Seconds.
D. 660 Seconds.
E. 3600 Seconds.

Correct Answer: E

Buying all CheckPoint 156-210 exam sample questions can guarantee you to pass your first CheckPoint 156-210 exam. If you do not pass the exam,FLYDUMPS will full refund to you. You can also free online download the part of FLYDUMPS’s CheckPoint 156-210 exam practice questions and answers as a try. After your understanding of our reliability, I believe you will quickly add FLYDUMPS’s CheckPoint 156-210 exam sample questions to your cart. FLYDUMPS will achieve your dream. FLYDUMPS is a website to achieve dreams of many IT people. FLYDUMPS provide candidates participating in the IT certification exams the information they want to help them pass the CheckPoint 156-210 exam.

Welcome to download the newest Examwind JN0-360 dumps: http://www.examwind.com/jn0-360.html

SAP C-HANATEC-1 Preparation Materials, Provides Best SAP C-HANATEC-1 Test Engine With 100% Pass Rate

CheckPoint 156-510 Exam Tests, Useful CheckPoint 156-510 Exam Download Is Your Best Choice

FLYDUMPS ensures the quality and value of the CheckPoint 156-510 exam sample questions, and one hundred percent pass the exam, let you can pass the CheckPoint 156-510 exam successfully in your first studying. In addition, Killtest provide you with high-quality CheckPoint 156-510exam sample questions to help you learn more about the CheckPoint 156-510 examination of information, learning more knowledge of the entire examination, complete your dream of entering the IT Dream. FLYDUMPS CheckPoint 156-510 exam sample questions are based on the actual template of CheckPoint 156-510 Exam. You will learn all the tactics and techniques in FLYDUMPS CheckPoint 156-510 exam sample questions.

QUESTION 127
What is the name of the traffic capture tool that is available on Unix platforms?
A. Network monitor
B. Snoop
C. Sniffer
D. Tcpdump
Correct Answer: B
QUESTION 128
When initially setting up high availability, where would you enable the high availability services?
A. The cpconfig utility
B. The fwstart script
C. The management server global properties screen
D. The gateway cluster properties screen
Correct Answer: A
QUESTION 129
What is true about hardening the operating system of a firewall gateway?
A. It is only necessary on a Solaris platform
B. It is necessary on both Solaris and NT platforms
C. It is not necessary
D. It is only necessary on an NT platform

Correct Answer: B QUESTION 130
What command would you use to initiate a packet capture on a Unix machine?
A. snoop -o filename
B. tcpdump -i filename
C. snoop -i filename
D. tcpdump -o filename

Correct Answer: A QUESTION 131
If you use the -a option in the “fw dbexport” command to export a subset of the possible user attributes. What happens if you import the exported file back into the FW-1 user database using the “fw import” command?
A. The database is merged with the subset database
B. You will get a warning, stating that you may delete part of your database
C. The process will error with no change to the original database
D. The database is overwritten with the subset database

Correct Answer: D QUESTION 132
How do you remake a connection between a management server and a firewall module, if not using backward compatibility?
A. Reboot
B. Bounce the management server
C. Remake the SIC connection
D. Remake the putkey association

Correct Answer: C QUESTION 133
What is true about the following command? snoop -i filename | more
A. The file named “filename” contains raw captured traffic
B. It analyses captured traffic
C. It will continue the display until it ends
D. It captures traffic

Correct Answer: AB QUESTION 134
When configuring automatic synchronization for HA management modules, which is NOT a valid trigger for the synchronization to take place?
A. When the policy is installed
B. When the policy is saved
C. Regularly after a specified period
D. When you log off the GUI client

Correct Answer: D
QUESTION 135
To create synchronization between gateways in NG, which file do you need to edit?
A. conf.sync
B. sync.conf
C. None
D. rulebases.fws

Correct Answer: C
QUESTION 136
When a primary gateway cluster member fails another will take over. When the primary recovers what is true?
A. The action depends on the configuration of the ClusterXL screen of the cluster properties
B. The primary always resumes primary function
C. The action depends on the configuration of the Cluster member gateway general properties
D. The primary will become a lower priority and not resume its primary function

Correct Answer: A
QUESTION 137
When exporting a checkpoint user database for importation to an LDAP server, what format should the output file take?
A. LDAP
B. Binary
C. LDIF
D. HTTP
Correct Answer: C
QUESTION 138
Which of the following are termed CPMAD global parameters?
A. MAD_Memory
B. MAD_syn_attack_action
C. MAD_number_of_connection_attempts
D. MAD_anti_spoofing_mode AC
Correct Answer: AC
QUESTION 139
What is true about the effects of configuring a high MAD_clean_interval in CPMAD?
A. It reduces CPU utilization
B. It increases CPU utilization
C. It decreases memory usage
D. It increases memory usage

Correct Answer: AD QUESTION 140
What is the meaning of the “collision” status when seen against a secondary management module?
A. Synchronization was attempted from both primary and secondary at the same time
B. The primary management module database lags behind the secondary
C. Both the primary and secondary management module have independently updated databases since the last synchronization
D. Synchronization has failed due to network problems

Correct Answer: C QUESTION 141
If you want to use information from a cpinfo file produced by a Windows platform, you first need to perform a series of operations to extract the file concerned. True or false?
A. False
B. True

Correct Answer: A QUESTION 142
What command would you use on a Solaris machine to increase the amount of memory allocated to the kernel to approximately 16Mbytes?
A. set fw:fwhmem=0x16
B. set fw:fwhmem=0x10
C. set fw:fwhmem=0x1000000
D. set fw:fwhmem=0x16000000

Correct Answer: C QUESTION 143
How would you specify the primary member of a gateway cluster?
A. On the gateway cluster properties screen select “cluster members”, then arrange priority sequence using the increase and decrease priority buttons
B. On the gateway cluster properties screen select “cluster members”, then select priority number (1 is the highest)
C. On the member gateway properties general screen arrange priority sequence using the increase and decrease priority buttons
D. On the member gateway properties general screen select priority number (1 is the highest)

Correct Answer: A QUESTION 144
Which debug option will gather information regarding the accept or drop action performed on traffic?
A. ioctl
B. packet
C. driver
D. kbuf

Correct Answer: B QUESTION 145
Which of the following files is held on a management module and cotains the whole rulebase?
A. rulebases_5_0.C
B. objects.C
C. objects_5_0.C
D. rulebases_5_0.fws

Correct Answer: D
QUESTION 146
In the peer status area of the high availability management module screen of the active server, there are defined status levels that can apply to a peer module. Which status implies that a secondary module has a later version of the database than the primary?
A. Advanced
B. Lagging
C. Collision
D. Never Synchronized

Correct Answer: A
QUESTION 147
On a Windows platform, you can enable VPN and IKE logging by setting an environment variable. What is the command to do that?
A. Setenv VPN_DEBUG 1
B. Setenv VPN_DEBUG 0
C. Set VPN_DEBUG=0
D. Set VPN_DEBUG=1

Correct Answer: D
QUESTION 148
To configure a fully overlapping encryption domain, what type of group(s) do you need to configure?
A. A group containing both gateways and all the networks they protect
B. A group containing both gateways only
C. A group containing all the networks that both gateways protect
D. Two groups, one containing both gateways and the networks that one protects. The other containing both gateways and the networks the other protects.

Correct Answer: A
QUESTION 149
What is the approximate memory requirement of a simple (I.e. not authenticated or encrypted) connection in VPN-1/FW-1?
A. 3 Kbytes
B. 70 bytes
C. 10 bytes
D. 1 Kbytes

Correct Answer: B
QUESTION 150
If you want to run the cpinfo utility to gather diagnostic information for a problematic enforcement module in a distributed system, what is true?
A. You should run cpinfo on the enforcement module only
B. You should run cpinfo on all the modules in the distributed system
C. You should run cpinfo on both the management and enforcement modules
D. You should run cpinfo on the management module only

Correct Answer: C QUESTION 151
Which two types of overlapping encryption domains are supported by FW-1?
A. Partial overlap
B. Full overlap
C. Proper subset
D. Partial subset

Correct Answer: BC QUESTION 152
Which is NOT a valid log file maintained on the SecuRemote client?
A. sr_watchdog_tde.log
B. sr_service_<serial number>.log
C. sr_background_tde.log
D. sr_gui_tde.log

Correct Answer: C QUESTION 153
Which debug option will gather information about input/output control messages, such as loading of FW-1 or kernel to daemon communications?
A. kbuf
B. ioctl
C. misc
D. driver

Correct Answer: B QUESTION 154
It is not possible to use two gateways running a standalone installation in an MEP environment. True or false?
A. False
B. True

Correct Answer: B QUESTION 155
How would you use a policy editor gui in local mode when using FW-1 NG FP-2?
A. Enter *local in the “management server” box of the GUI login screen
B. Check the “demo mode” box of the GUI login screen
C. Enter demo_mode in the “management server” box of the GUI login screen
D. Enter *local in the “user name” box of the GUI login screen

Correct Answer: AB QUESTION 156
How would you restart CPMAD on a firewall?
A. $FWDIR/conf/fwstart
B. $FWDIR/bin/cpmad
C. $FWDIR/cpmad/fwstart
D. $FWDIR/bin/fwstart

Correct Answer: D QUESTION 157
What is used by FW-1 to create a SIC certificate?
A. External CA
B. Putkey
C. LDAP
D. Internal CA

Correct Answer: D QUESTION 158
How would you find more information about the “fw tab” options?
A. fw tab help
B. fw tab -h
C. fw tab -?
D. fw tab options -h

Correct Answer: B QUESTION 159
What is contained in the rulebases.fws file?
A. Auditing information
B. All rulebases
C. All rulebases plus auditing information
D. Only the rulebase from the last load

Correct Answer: B QUESTION 160
When using management high availability, you can synchronize from the primary or secondary management server. True or false?
A. False
B. True

Correct Answer: A QUESTION 161
On a SecuRemote client, in which directory are the log files located?
A. $CPDIR/log
B. $SCDIR/log
C. $SRDIR/log
D. $FWDIR/log

Correct Answer: C QUESTION 162
If you were having problems with a CVP server, you may want to capture traffic to and from the server. What could you do to get this information?
A. Run “fw monitor” for port 18182 on the interface connected to the management server
B. Run “fw monitor” for port 18182 on the interface connected to the CVP server
C. Run “fw monitor” for port 18181 on the interface connected to the management server
D. Run “fw monitor” for port 18181 on the interface connected to the CVP server

Correct Answer: D
QUESTION 163
When using backward compatibility, what is true?
A. It restricts inter-module communications to the putkey method
B. It allows the management of 4.1 gateways
C. It restricts inter-module communication to the SIC method
D. It allows the use of the old putkey function

Correct Answer: BD
QUESTION 164
Why would you disable NetBEUI on a FW-1 Windows Platform?
A. It can cause FW-1 to crash
B. It clashes with internal FW-1 protocols
C. It is an inefficient protocol
D. It is a security risk
Correct Answer: D
QUESTION 165
What does “resolver_ttl” do in relation to SecuRemote configuration?
A. Specifies the interval in seconds between RDP status queries
B. Specifies that RDP status queries are sent automatically
C. Specifies the number of seconds that a Securemote client waits for a reply to a RDP status query
D. Controls the time to live when accessing a DNS server
Correct Answer: C

By the use of CheckPoint 156-510 exam sample questions along with most relevant CheckPoint 156-510 questions and answers as they are an ideal study tool to pass CheckPoint 156-510 test in very first try. FLYDUMPS CheckPoint 156-510 exam sample questions are developed by our team of IT experts. Send us a scanned copy of your failed exam and we will promptly proceed to refund. The last package which is certainly not the least but a royal pack, which can give you full preparation on the subject and provide you 100 per cent guarantee of clearing the CheckPoint 156-510 exam sample questions. We are all well aware that a major problem in the IT industry is that there is a lack of quality questions answers.

Checkpoint 156-215 Dumps, First-hand Checkpoint 156-215 Exam Online Shop

Not only will you be given theoretical, but also given practical labs which will give you even more practice than before. Our site offers you a comprehensive look at the best prospects available in Checkpoint 156-215 exam sample questions throughout the Industry. The Checkpoint 156-215 exam sample questions offered by FLYDUMPS is very comprehensive and covers all exam questions that need to be covered to pass the Checkpoint 156-215 exam. Professionals and experts at FLYDUMPS are very dedicated and they prepare Checkpoint 156-215 exam sample questions with great effort. In our Checkpoint 156-215 exam sample questions you will the accurate and up-to-date information.

QUESTION 119
You create implicit and explicit rules for the following network. The group object “internal-networks” include networks 10.10.10.0 and 10.10.20.0. Assume “Accept ICMP requests” is enabled as before last in the Global Properties.

Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet, by IP address? ICMP will be:
A. dropped by rule 0
B. dropped by rule 2, the Cleanup Rule
C. accepted by rule 1
D. dropped by the last implicit rule
E. accepted by the implicit rule

Correct Answer: C
QUESTION 120
What does schema checking do?
A. Authenticates users attempting to access resources protected by an NGX Security Gateway.
B. Verifies that every object class, and its associated attributes, is defined in the directory schema.
C. Maps LDAP objects to objects in the NGX objects_5_0.c files.
D. Verifies the Certificate Revocation List for Certificate Validity.
E. Provides topology downloads for SecuRemote and SecureClient users authenticated by an LDAP server.

Correct Answer: B
QUESTION 121
Jill is about to test some rule and object changes suggested in an NGX newsgroup. Which backup and restore solution should Jill use, to ensure she can most easily restore her Security Policy to its previous configuration, after testing the changes?
A. SecurePlatform backup utilities
B. Manual copies of the $FWDIR/conf directory
C. Upgrade_export and upgrade_import commands
D. Policy Package management
E. Database Revision Control

Correct Answer: E
QUESTION 122
You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule
A. internalclear>All-GwToGw
B. Communities>Communities
C. Internalclear>ExternalClear
D. Internalclear>Communities
E. Internalclear>Allcommunities

Correct Answer: E
QUESTION 123
Review the following rules and note the Client Authentication Action properties screen, as shown in the
exhibit.
After being authenticated by the Security Gateway when a user starts an HTTP connection to a Web site
the user tries to FTP to another site using the command line. What happens to the user?
The….

A. FTP session is dropprd by the implicit Cleanup Rule.
B. User is prompted from the FTP site only, and does not need to enter username nad password for the Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication by the Security Gateway again.

Correct Answer: B
QUESTION 124
What is the command to see the licenses of the Security Gateway Certkiller from your SmartCenter Server?
A. print Certkiller
B. fw licprint Certkiller
C. fw tab -t fwlic Certkiller
D. cplic print Certkiller
E. fw lic print Certkiller
Correct Answer: D
QUESTION 125
Ophelia is the security Administrator for a shipping company. Her company uses a custom application to update the distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateways Rule Base includes a rule to accept this traffic. Ophelia needs to be notified, via atext message to her cellular phone, whenever traffic is accepted on this rule. Which of the following options is MOST appropriate for Ophelia’s requirement?
A. User-defined alert script
B. Logging implied rules
C. SmartViewMonitor
D. Pop-up API
E. SNMP trap

Correct Answer: A
QUESTION 126
Which of the following is the final step in an NGXbackup?
A. Test restoration in a non-production environment, using the upgradeimport command
B. Move the *.tgz file to another location
C. Run the upgradeexport command
D. Copy the conf directory to another location
E. Run the cpstop command

Correct Answer: B
QUESTION 127
Which mechanism is used to export Check Point logs to third party applications?
A. OPSE
B. CPLogManager
C. LEA
D. SmartViewTracker
E. ELA

Correct Answer: C
QUESTION 128
In NGX, what happens if a Distinguished Name (ON) is NOT found in LADP?
A. NGX takes the common-name value from the Certificate subject, and searches the LADP account unit for a matching user id
B. NGX searches the internal database for the username
C. The Security Gateway uses the subject of the Certificate as the ON for the initial lookup
D. If the first request fails or if branches do not match, NGX tries to map the identity to the user id attribute
E. When users authenticate with valid Certificates, the Security Gateway tries to map the identities with users registered in the extemal LADP user database
Correct Answer: D
QUESTION 129
Which command allows you to view the contents of an NGX table?
A. fw tab -s <tablename>-
B. fw tab -t <tablename>-
C. fw tab -u <tablename>-
D. fw tab -a <tablename>-
E. fw tab -x <tablename>-

Correct Answer: B QUESTION 130
The following is cphaprobstate command output from a New Mode High Availability cluster member:

Which machine has the highest priority?
A. 192.168.1.2,since its number is 2
B. 192.168.1.1,because its number is 1
C. This output does not indicate which machine has the highest priority
D. 192.168.1.2, because its state is active

Correct Answer: B
QUESTION 131
What do you use to view an NGX Security Gateway’s status, including CPU use, amount of virtual memory, percent of free hard-disk space, and version?
A. SmartLSM
B. SmartViewTracker
C. SmartUpdate
D. SmartViewMonitor
E. SmartViewStatus

Correct Answer: D
QUESTION 132
Which of the following commands is used to restore NGX configuration information?
A. cpcontig
B. cpinfo-i
C. restore
D. fwm dbimport
E. upgradeimport

Correct Answer: E
QUESTION 133
Which of the following commands shows full synchronizalion status?
A. cphaprob -i list
B. cphastop
C. fw ctl pstat
D. cphaprob -a if
E. fw hastat
Correct Answer: C
QUESTION 134
Which VPN Community object is used to configure VPN routing within the SmartDashboard?
A. Star
B. Mesh
C. Remote Access
D. Map

Correct Answer: A
QUESTION 135
If you are experiencing LDAP issues, which of the following should you check?
A. Secure lnternal Cornrnunicalions(SIC)
B. VPN tunneling
C. Overlapping VPN Domains
D. NGX connectivity
E. VPN Load Balancing

Correct Answer: D
QUESTION 136
Which operating system is not supported byVPN-1 SecureClient?
A. IPS0 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 7 0
E. MacOS X

Correct Answer: A
QUESTION 137
Which Check Point QoS feature issued to dynamically allocate relative portions of available bandwidth?
A. Guarantees
B. Differentiated Services
C. Limits
D. Weighted Fair Queueing
E. Low Latency Queueinq

Correct Answer: D
QUESTION 138
You are running a VPN-1 NG with Application Intelligence R54 SecurePlatform VPN-1 Pro Gateway. The Gateway also serves as a Policy Server. When you run patch add cd from the NGX CD, what does this command allow you to upgrade?
A. Only VPN-1 Pro Security Gateway
B. Both the operating system (OS) and all Check Point products
C. All products, except the Policy Server
D. On~ the patch utility is upgraded using this command
E. Only the OS

Correct Answer: B
QUESTION 139
Amanda is compiling traffic statistics for Certkiller .com’s Internet activity during production hours. How could she use SmartView Monitor to find this information? By
A. using the “Traffic Counters” settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day
B. -monitoring each specific user’s Web traffic use.
C. Viewing total packets passed through the Security Gateway
D. selecting the “Tunnels” view, and generating a report on the statistics
E. configuring a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway

Correct Answer: A
QUESTION 140
Certkiller is the Security Administrator for a software-development company. To isolate the corporate network from the developer’s network, Certkiller installs an internal Security Gateway. Jack wants to optimize the performance of this Gateway. Which of the following actions is most likely to improve the Gateway’s performance?
A. Remove unused Security Policies from Policy Packages
B. Clear all Global Properties check boxes, and use explicit rules
C. Use groups within groups in the manual NAT Rule Base
D. Put the least-used rules at the top of the Rule Base
E. Use domain objects in rules, where possible

Correct Answer: A
QUESTION 141
Certkiller is the Security Administrator for a chain of grocery stores. Each grocery store is protected by a Security Gateway. Certkiller is generating a report for the information-technology audit department. The report must include the name of the Security Policy installed on each remote Security Gateway, the date and time the Security Policy was installed, and general performance statistics (CPU Use, average CPU time, active real memory, etc.). Which SmartConsole application should Certkiller use to gather this information?
A. SmartUpdate
B. SmartView Status
C. SmartView Tracker
D. SmartLSM
E. SmartView Monitor

Correct Answer: E
QUESTION 142
How can you reset Secure Internal Communications (SIC) between a SmartCenter Server and Security Gateway?
A. Run the command fwm sicreset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security-Gateway from SmartDashboard
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the actrvation key Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC)
C. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of SmartCenter Server>-.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key>- <IP Address of security Gateway>-.
E. Re-install the Security Gateway
Correct Answer: B QUESTION 143
Which NGX feature or command allows Security Administrators to revert to earlier versions of the Security Policy without changing object configurations?
A. upgradeexport/upgradeimport
B. Policy Package management
C. fwm dbexport/fwm dbimport
D. cpconfig
E. Database Revision Control

Correct Answer: B
QUESTION 144
Certkiller is the Security Administrator for Certkiller .com’s large geographically distributed network. The internet connection at one of her remote sites failed during the weekend, and the Security Gateway logged locally for over 48 hours. Certkiller is concerned that the logs may have consumed most of the free space on the Gateway’s hard disk. Which SmartConsole application should Certkiller use, to view the percent of free hard-disk space on the remote Security Gateway?
A. SmartView Status
B. SmartView Tracker
C. SmartUpdate
D. SmartView Monitor
E. SmartLSM

Correct Answer: D
QUESTION 145
Certkiller is recently hired as the Security Administrator for a public relations company. Certkiller’s manager has asked her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Certkiller must propose a plan based on the following required and desired results Required Result #1: Do not purchase new hardware Required Result #2: Use configuration changes that do not reduce security Desired Result #1: Reduce the number of explicit rules in the Rule Base Desired Result #2: Reduce the volume of logs Desired Result #3: Improve the Gateway’s performance Proposed Solution: Certkiller recommends the following changes to the Gateway’s configuration:
1.
Replace all domain objects with network and group objects.

2.
Stop logging Domain Name over UDP (queries)

3.
Use Global Properties, instead of explicit rules, to control ICMP. VRRP, and RIP. Does Certkiller’s proposed solution meet the required and desired result s?
A. The solution meets the required results, and two of the desired results
B. The solution does not meet the required results
C. The solution meets all required results, and none of the desired results
D. The solution meets all required and desired results
E. The solution meets the required results, and one of the desired results
Correct Answer: A
QUESTION 146
What is a Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and SmartDefense Policies
B. The specific Policy used by Eventia Reporter to configure log-management practices
C. The state of the Policy once installed on a Security Gateway
D. A Policy created by Eventia Reporter to generate logs
E. The collective name of the logs generated by Eventia Reporter

Correct Answer: B
QUESTION 147
To change an existing ClusterXL cluster object from Multicast to Unicast mode, what configuration change must be made?
A. Change the cluster mode to Unicast on the cluster object Reinstall the Security Policy
B. Reset Secure Internal Communications (SIC) on the cluster-member objects. Reinstall the Security Policy
C. Run cpstop and cpstart, to reenable High Availability on both objects. Select Pivot mode in cpconfig
D. Change the cluster mode to Unicast on the cluster-member object
E. Switch the internal network’s default Security Gateway to the pivot machine’s IP address
Correct Answer: A

Checkpoint 156-215 exam from FLYDUMPS will certainly assist you in gaining the knowledge and experience needed to study. Many of our customers claim that the Checkpoint 156-215 exam included in our study guide are a great compliment to already popular CCB-400 exam sample questions. FLYDUMPS Checkpoint 156-215 exam can guarantee that combined with proper effort, Checkpoint 156-215 exam questions will certainly boost your chance of passing the Checkpoint 156-215 exam. FLYDUMPS Checkpoint 156-215 exam follows the same syllabus followed by actual Checkpoint 156-215 certification exam, we also constantly upgrade our Checkpoint 156-215 exam so you always get the best and updated information.

CheckPoint 156-215 Dumps PDF, Best Quality CheckPoint 156-215 Demo Free Download Online Shop

Because CheckPoint 156-215 exam has changed recently,Flydumps presents the new version of CheckPoint 156-215 exam practice test, which helps candidates to pass the CheckPoint 156-215 exam easily.The exam dumps covers all aspect of CheckPoint 156-215 exam.You can visit our website to free CheckPoint 156-215 exam download the New Version VCE Player.

QUESTION 106
A Security Policy has several database versions. What configuration remains the same no matter which version is used?
A. Objects_5_0.C
B. fwauth.NDB
C. Rule Bases_5_0.fws
D. Internal Certificate Authority (ICA) certificate

Correct Answer: D QUESTION 107
You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do?
A. Create network objects that restrict all applicable rules to only certain networks.
B. Run separate SmartConsole instances to login and configure each Security Gateway directly.
C. Create a separate Security Policy package for each remote Security Gateway.
D. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.

Correct Answer: C QUESTION 108
Which rules are not applied on a first-match basis?
A. Client Authentication
B. Session Authentication
C. User Authentication
D. Cleanup

Correct Answer: C QUESTION 109
Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?
A. All connections are reset, so a policy install is recommended during announced downtime only.
B. Users being authenticated by Client Authentication have to re-authenticate.
C. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.
D. All FTP downloads are reset; users have to start their downloads again.

Correct Answer: B QUESTION 110
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are
defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule.
D. A Rule Base can always be installed on any Check Point firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C
QUESTION 111
A ___________ rule is used to prevent all traffic going to the R75 Security Gateway.
A. Cleanup
B. Stealth
C. Reject
D. IPS

Correct Answer: B
QUESTION 112
In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy > Global Properties > FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to communicate to the Security Gateway on port __________.
A. 259
B. 256
C. 80
D. 900

Correct Answer: B
QUESTION 113
To check the Rule Base, some rules can be hidden so they do not distract the administrator from the unhidden rules. Assume that only rules accepting HTTP or SSH will be shown. How do you accomplish this?
A. This cannot be configured since two selections (Service, Action) are not possible.
B. Ask your reseller to get a ticket for Check Point SmartUse and deliver him the Security Management Server cpinfo file.
C. In SmartDashboard menu, select Search > Rule Base Queries. In the window that opens, create a new Query, give it a name (e.g. “HTTP_SSH”) and define a clause regarding the two services HTTP and SSH. When having applied this, define a second clause for the action Accept and combine them with the Boolean operator AND.
D. In SmartDashboard, right-click in the column field Service > Query Column. Then, put the services HTTP and SSH in the list. Do the same in the field Action and select Accept here.
Correct Answer: C
QUESTION 114
What CANNOT be configured for existing connections during a policy install?
A. Reset all connections
B. Re-match connections
C. Keep all connections
D. Keep data connections
Correct Answer: A QUESTION 115
What is the purpose of a Stealth Rule?
A. To permit implied rules.
B. To drop all traffic to the management server that is not explicitly permitted.
C. To prevent users from connecting directly to the gateway.
D. To permit management traffic.

Correct Answer: C QUESTION 116
Which of these Security Policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible.
B. Using domain objects in rules when possible.
C. Using groups within groups in the manual NAT Rule Base.
D. Putting the least-used rule at the top of the Rule Base.

Correct Answer: A QUESTION 117
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:Required:
Allow only network 192.168.10.0 and 192.168.20.0 to go out to Internet, using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assume you enable all the settings in the NAT page of Global Properties.
How do you achieve this requirement?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter
200.200.200.5 as the hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group object. Create a manual NAT rule like the following: Original source -groupobject; Destination – any; Service – any; Translated source – 200.200.200.5; Destination -original; Service – original.

Correct Answer: C
QUESTION 118
Because of pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?
A. Allow bi-directional NAT is not checked in Global Properties.
B. Translate destination on client side is not checked in Global Properties under Manual NAT Rules.
C. Manual NAT rules are not configured correctly.
D. Routing is not configured correctly.

Correct Answer: B
QUESTION 119
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Two, one for outbound, one for inbound
B. Only one, inbound
C. Only one, outbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection

Correct Answer: C
QUESTION 120
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?
A. Translates many source IP addresses into one source IP address
B. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
C. Translates many destination IP addresses into one destination IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Correct Answer: A
QUESTION 121
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Source
B. Static Destination
C. Dynamic Destination
D. Hide

Correct Answer: D
QUESTION 122
NAT can NOT be configured on which of the following objects?
A. Host
B. HTTP Logical Server
C. Address Range
D. Gateway

Correct Answer: B
QUESTION 123
Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?
A. Hide Address Translation
B. Static Destination Address Translation
C. Port Address Translation
D. Dynamic Source Address Translation

Correct Answer: B
QUESTION 124
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet. What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
B. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
C. Place a static host route on the firewall for the valid IP address to the internal Web server.
D. Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.

Correct Answer: D
QUESTION 125
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by antispoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.
C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.
D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.
Correct Answer: D
QUESTION 126
Which NAT option applicable for Automatic NAT applies to Manual NAT as well?
A. Translate destination on client-side
B. Enable IP Pool NAT
C. Allow bi-directional NAT
D. Automatic ARP configuration

Correct Answer: A
QUESTION 127
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure Automatic Static NAT on network 10.10.20.0/24.
B. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule.
C. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24.
D. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service.

Correct Answer: C
QUESTION 128
You have three servers located in a DMZ, using private IP addresses. You want internal users from 10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.

What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?
A. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers.
B. When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface.
C. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.
D. When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ’s
interface. Correct Answer: C QUESTION 129 An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of ____________.
A. None of these
B. source NAT
C. destination NAT
D. client side NAT

Correct Answer: B QUESTION 130
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the _________.
A. source on client side
B. source on server side
C. destination on client side
D. destination on server side

Correct Answer: C QUESTION 131
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. A static route for the NAT IP must be added to the Gateway’s upstream router.
B. Automatic ARP must be unchecked in the Global Properties.
C. Nothing else must be configured.
D. A static route must be added on the Security Gateway to the internal host.

Correct Answer: D QUESTION 132
When translation occurs using automatic Hide NAT, what also happens?
A. The destination port is modified.
B. Nothing happens.
C. The destination is modified.
D. The source port is modified.

Correct Answer: D QUESTION 133
The fw monitor utility is used to troubleshoot which of the following problems?
A. Address translation
B. Log Consolidation Engine
C. User data base corruption
D. Phase two key negotiation

Correct Answer: A
QUESTION 134
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

A. This is an example of Hide NAT.
B. This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.
C. There is not enough information provided in the Wireshark capture to determine the NAT settings.
D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Correct Answer: D
QUESTION 135
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. VLAN tagging cannot be defined for any hosts protected by the Gateway.
B. The Security Gateway’s ARP file must be modified.
C. It is not necessary to add a static route to the Gateway’s routing table.
D. It is necessary to add a static route to the Gateway’s routing table.

Correct Answer: C

Each Answers in CheckPoint 156-215 study guides are checked by the concerned professional to provide you the best quality dumps. If you are looking to get certified in short possible time, you will never find quality product than Flydumps.com.

CheckPoint 156-215 Dumps PDF, Best Quality CheckPoint 156-215 Demo Free Download Online Shop

Checkpoint 156-215 Dumps, Helpful Checkpoint 156-215 PDF Exams With 100% Pass Rate

 

Where to free download the new Checkpoint 156-215 exam questions to pass the exam easily? Now,Flydumps has publised the new version of Checkpoint 156-215 exam dumps with new added exam questions.you can also get free VCE and PDF, and the new Checkpoint 156-215 practice tests ensure your exam 100% pass. Visit Flydumps.com to get the 100% pass ensure!

QUESTION 74
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.

Correct Answer: C
QUESTION 75
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.
D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.

Correct Answer: C
QUESTION 76
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. cthtool
B. ifconfig a
C. eth_set
D. mii_tool

Correct Answer: C
QUESTION 77
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. clish -c set routing active enable
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd on admin

Correct Answer: D QUESTION 78
Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.
A. I
B. O
C. o
D. i

Correct Answer: B QUESTION 79
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?
A. fw monitor -e “accept;” > /tmp/monitor.txt
B. fw monitor -e “accept;” -f > /tmp/monitor.txt
C. fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D. fw monitor -e “accept;” -w /tmp/monitor.txt

Correct Answer: A QUESTION 80
The button Get Address, found on the Host Node Object > General Properties page, will retrieve what?
A. The domain name
B. The fully qualified domain name
C. The Mac address
D. The IP address

Correct Answer: D QUESTION 81
When you change an implicit rule’s order from last to first in global properties, how do you make the change take effect?
A. Select save from the file menu
B. Reinstall the security policy
C. Select install database from the policy menu
D. Run fw fetch from the security gateway

Correct Answer: B QUESTION 82
You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is enabled as Before last in Global Properties.
Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet by IP address? ICMP will be:
A. dropped by rule 0.
B. dropped by rule 2, the Cleanup Rule.
C. accepted by rule 1.
D. dropped by the last Implicit rule.

Correct Answer: C QUESTION 83
Anti-Spoofing is typically set up on which object type?
A. Host
B. Domain
C. Network
D. Security Gateway

Correct Answer: D QUESTION 84
Spoofing is a method of:
A. Hiding your firewall from unauthorized users.
B. Disguising an illegal IP address behind an authorized IP address through port address Translation.
C. Making packets appear as if they come from an authorized IP address
D. Detecting people using false or wrong authentication logins.

Correct Answer: C QUESTION 85
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.

Correct Answer: B QUESTION 86
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215.75 Exam You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.
5) Install the security policy.
A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5

Correct Answer: B
QUESTION 87
You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message:
What is the reason for this behavior?
A. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup / Initialize).
B. The Gateway was not rebooted, which is necessary to change the SIC key.
C. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Correct Answer: C
QUESTION 88
Which rule should be the Cleanup Rule in the Rule Base?
A. Last. It serves a logging function before the implicit drop.
B. Last, it explicitly drops otherwise accepted traffic
C. Before last followed by the Stealth Rule.
D. First, it explicitly accepts otherwise dropped traffic.
Correct Answer: A
QUESTION 89
What are the two basic rules which should be used by all Security Administrators?
A. Administrator Access and Stealth rules
B. Cleanup and Administrator Access rules
C. Network Traffic and Stealth rules
D. Cleanup and Stealth rules
Correct Answer: D
QUESTION 90
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Use the search utility in SmartDashboard to view all hidden rules Select the relevant rule and click Disable Rule(s).
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
D. Hidden rules are already effectively disabled from Security Gateway enforcement.

Correct Answer: C QUESTION 91
A Stealth rule is used to:
A. Use the Security Gateway to hide the border router from internal attacks.
B. Cloak the type of Web server in use behind the Security Gateway.
C. Prevent communication to the Security Gateway itself.
D. Prevent tracking of hosts behind the Security Gateway.

Correct Answer: C QUESTION 92
A Clean-up rule is used to:
A. Drop without logging connections that would otherwise be dropped and logged fry default
B. Log connections that would otherwise be accepted without logging by default.
C. Log connections that would otherwise be dropped without logging by default.
D. Drop without logging connections that would otherwise be accepted and logged by default

Correct Answer: C QUESTION 93
Which statement is TRUE about implicit rules?
A. They are derived from Global Properties and explicit object properties.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. You create them in SmartDashboard.
D. Changes to the Security Gateway’s default settings do not affect implicit rules.

Correct Answer: A QUESTION 94
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. First
B. Before Last
C. Last
D. After Stealth Rule

Correct Answer: C QUESTION 95
In a distributed management environment, the administrator has removed all default check boxes from the Policy / Global Properties / Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 259
B. 257
C. 900
D. 256

Correct Answer: B QUESTION 96
Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

A. Nothing at all
B. Modify the Source or Destination columns in Rule 4
C. Remove the service HTTPS from the Service column in Rule A
D. Modify the VPN column in Rule 2 to limit access to specific traffic

Correct Answer: D
QUESTION 97
A Security Policy has several database versions. What configuration remains the same no matter which version is used?
A. Rule Bases_5_0.fws
B. Internal Certificate Authority (ICA) certificate
C. Fwauth.NDB
D. Objects_5_0.C

Correct Answer: B
QUESTION 98
You are working with multiple Security Gateways that enforce a common set of rules. To minimize the number of policy packages, which one of the following would you choose to do?
A. Install a separate local Security Management Server and SmartConsole for each remote Security Gateway.
B. Create a separate Security Policy package for each remote Security Gateway and specify Install On / Gateways.
C. Create a single Security Policy package with Install On / Target defined whenever a unique rule is required for a specific Gateway.
D. Run separate SmartDashbord instance to login and configure each Security Gateway directly.

Correct Answer: C QUESTION 99
Which rules are not applied on a first-match basis?
A. Cleanup
B. User Authentication
C. Session Authentication
D. Client Authentication

Correct Answer: B QUESTION 100
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard main menu go to Policy / Policy Installation / Targets and select the correct firewall to be put into the list via Specific Targets.
D. A Rule Base can always be installed on any Check Point firewall object It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C QUESTION 101
Which of these security policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible
B. Putting the least-used rule at the top of the Rule Base
C. Using groups within groups in the manual NAT Rule Base
D. Using domain objects in rules when possible

Correct Answer: A QUESTION 102
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows: RequireD. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.

200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add and ARP entry for 200.200.200.5 for the MAC “Pass Any Exam. Any Time.”
-www.actualtests.com 58
Checkpoint 156-215.75 Exam
address of 200.200.200.3.

B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24. and 192.168.20.0/24. Add the two network objects. Create a manual NAT rule like the following Original source group object; Destination any Service -any, Translated source 200.200.200.5; Destination original, Service original.

Correct Answer: C
QUESTION 103
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Only one, outbound
B. Two, one for outbound, one for inbound
C. Only one, inbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection
Correct Answer: A QUESTION 104
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?
A. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
B. Translates many destination IP addresses into one destination IP address
C. Translates many source IP addresses into one source IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Correct Answer: C
QUESTION 105
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Destination
B. Hide
C. Dynamic Destination
D. Static Source

Correct Answer: B
QUESTION 106
NAT can be implemented on which of the following lists of objects?
A. Host, Network
B. Host, User
C. Domain, Network
D. Network, Dynamic Object

Correct Answer: A
QUESTION 107
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the external interface of the firewall and the Internet. What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Place a static host route on the firewall for the valid IP address to the internal Web server.
B. Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.
C. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
D. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.

Correct Answer: B
QUESTION 108
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External.Change topology to Others +.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External
C. The Global Properties setting Translate destination on client side is checked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Uncheck the Global Properties setting Translate destination on client side
D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

Correct Answer: D
QUESTION 109
Which NAT option applicable for Automatic NAT applies to Manual NAT as well?
A. Allow bi-directional NAT
B. Automatic ARP configuration
C. Enable IP Pool NAT
D. Translate destination on client-side

Correct Answer: D
QUESTION 110
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service
B. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24
C. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule
D. Configure Automatic Static NAT on network 10.10.20.0/24
Correct Answer: B
QUESTION 111
You have three servers located in a DMZ, using private IP addresses. You want internal users from
10.10.10.x
to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.

A.
When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers

B.
When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.

C.
When connecting to internal network 10 10.10 x. configure Hide NAT for the DMZ servers.

D.
When connecting to the internal network 10.10.10x, configure Hide Nat for the DMZ network behind the DMZ interface of the Security Gateway
What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?
Correct Answer: B
QUESTION 112
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the_________.
A. source on client side
B. destination on server side
C. destination on client side
D. source on server side

Correct Answer: C
QUESTION 113
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. Automatic ARP must be unchecked in the Global Properties.
B. A static route must be added on the Security Gateway to the internal host.
C. Nothing else must be configured.
D. A static route for the NAT IP must be added to the Gateway’s upstream router.
Correct Answer: B
QUESTION 114
When translation occurs using automatic Hide NAT, what also happens?
A. Nothing happens.
B. The source port is modified.
C. The destination port is modified.
D. The destination is modified.

Correct Answer: B
QUESTION 115
The fw monitor utility is used to troubleshoot which of the following problems?
A. Phase two key negotiation
B. User data base corruption
C. Address translation
D. Log Consolidation Engine

Correct Answer: C
QUESTION 116
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

A. There is not enough information provided in the Wireshark capture to determine NAT settings.
B. This is an example hide NAT.
C. There is an example of Static NAT and translate destination on client side unchecked in Global Properties.
D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Correct Answer: D
QUESTION 117
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. It is necessary to add a static route to the Gateway’s routing table.
B. The Security Gateway’s ARP file must be modified.
C. It is not necessary to add a static route to the Gateway’s routing table.
D. VLAN tagging cannot be defined for any hosts protected by the Gateway.

Correct Answer: C QUESTION 118
Static NAT connections, by default, translate on which firewall kernel inspection point?
A. Post-inbound
B. Eitherbound
C. Inbound
D. Outbound

Correct Answer: C QUESTION 119
In a Hide NAT connection outbound, which portion of the packet is modified?
A. Source IP address and destination port
B. Destination IP address and destination port
C. Source IP address and source port
D. Destination IP address and destination port

Correct Answer: C QUESTION 120
You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the order of the rules if both methods are used together? Give the best answer.
A. The Administrator decides on the order of the rules by shifting the corresponding rules up and down.
B. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range
C. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range
D. The position of the rules depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Correct Answer: B QUESTION 121
Which answers are TRUE? Automatic Static NAT CANNOT be used when: i) NAT decision is based on the destination port ii) Source and Destination IP both have to be translated iii) The NAT rule should only be installed on a dedicated Gateway only iv) NAT should be performed on the server side
A. (i), (ii), and (iii)
B. (i), and (ii)
C. (ii) and (iv)
D. only (i)

Correct Answer: D QUESTION 122
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue?
A. The packet has been sent out through a VPN tunnel unencrypted.
B. An IPSO ACL has blocked the outbound passage of the packet.
C. A SmartDefense module has blocked the packet
D. It is an issue with NAT

Correct Answer: D
QUESTION 123
A marketing firm’s networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Status
C. SmartView Monitor
D. SmartDashboard

Correct Answer: D
QUESTION 124
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together

Correct Answer: D
QUESTION 125
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules
Correct Answer: B

Flydumps.com provides you with the most reliable practice exams to master Checkpoint 156-215 Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These test questions provide you with the experience of taking the Checkpoint 156-215 actual test.

Checkpoint 156-215 Dumps, Helpful Checkpoint 156-215 PDF Exams With 100% Pass Rate

CheckPoint 156-215 Study Guide, Real CheckPoint 156-215 Exam Cost On Our Store

[The Newest Dumps] Real CheckPoint 156-215 exam dumps revised by experts, they were updated with the change of the Software Certifications CSQA,covering all the whole aspects of CheckPoint 156-215 exam. Just have a training of Flydumps CheckPoint 156-215 exam questions to guarantee your 100% pass.

QUESTION 135
In a distributed management environment, the administrator has removed all default check boxes from the Policy / Global Properties / Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 259
B. 257 “Pass Any Exam. Any Time.” – www.actualtests.com 54 Checkpoint 156-215.75 Exam
C. 900
D. 256

Correct Answer: B
QUESTION 136
Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

A. Nothing at all
B. Modify the Source or Destination columns in Rule 4
C. Remove the service HTTPS from the Service column in Rule A
D. Modify the VPN column in Rule 2 to limit access to specific traffic

Correct Answer: D
QUESTION 137
A Security Policy has several database versions. What configuration remains the same no matter which version is used?
A. Rule Bases_5_0.fws “Pass Any Exam. Any Time.” – www.actualtests.com 55 Checkpoint 156-215.75 Exam
B. Internal Certificate Authority (ICA) certificate
C. Fwauth.NDB
D. Objects_5_0.C

Correct Answer: B
QUESTION 138
You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify Security administration, which one of the following would you choose to do?
A. Create a separate Security Policy package for each remote Security Gateway
B. Run separate SmartConsole instances to login and configure each Security Gateway directly
C. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
D. Create network objects that restrict all applicable rules to only certain networks

Correct Answer: A
QUESTION 139
You are working with multiple Security Gateways that enforce a common set of rules. To minimize the number of policy packages, which one of the following would you choose to do?
A. Install a separate local Security Management Server and SmartConsole for each remote Security Gateway.
B. Create a separate Security Policy package for each remote Security Gateway and specify Install On / Gateways.
C. Create a single Security Policy package with Install On / Target defined whenever a unique rule is required for a specific Gateway.
D. Run separate SmartDashbord instance to login and configure each Security Gateway directly.

Correct Answer: C
QUESTION 140
Which rules are not applied on a first-match basis?
“Pass Any Exam. Any Time.” – www.actualtests.com 56 Checkpoint 156-215.75 Exam
A. Cleanup
B. User Authentication
C. Session Authentication
D. Client Authentication
Correct Answer: B
QUESTION 141
Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?
A. Users being authenticated by Client Authentication have to re-authenticate.
B. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.
C. All FTP downloads are reset; users have to start their downloads again.
D. All connections are reset, so a policy install is recommended during announced downtime only.

Correct Answer: A QUESTION 142
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard main menu go to Policy / Policy Installation / Targets and select the correct firewall to be put into the list via Specific Targets.
D. A Rule Base can always be installed on any Check Point firewall object It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C
QUESTION 143
Which of these security policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible
B. Putting the least-used rule at the top of the Rule Base
C. Using groups within groups in the manual NAT Rule Base
D. Using domain objects in rules when possible
Correct Answer: A
QUESTION 144
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:

RequireD. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.
200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add and ARP entry for 200.200.200.5 for the MAC “Pass Any Exam. Any Time.”
-www.actualtests.com 58 Checkpoint 156-215.75 Exam
address of 200.200.200.3.
B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24. and 192.168.20.0/24. Add the two network objects. Create a manual NAT rule like the following Original source 璯roup object; Destination ?any Service ? any, Translated source ?200.200.200.5; Destination ?original, Service ?original.

Correct Answer: C
QUESTION 145
Because of a pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?
A. Allow bi-directional NAT is not checked in Global Properties.
B. Manual NAT rules are not configured correctly.
C. Translate destination on client side is not checked in Global Properties under manual NAT rules.
D. Routing is not configured correctly.

Correct Answer: C
QUESTION 146
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Only one, outbound
B. Two, one for outbound, one for inbound “Pass Any Exam. Any Time.” – www.actualtests.com 59 Checkpoint 156-215.75 Exam
C. Only one, inbound
D. Two, both outbound, one for the real IP connection and one for the NAT IP connection

Correct Answer: A
QUESTION 147
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?
A. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
B. Translates many destination IP addresses into one destination IP address
C. Translates many source IP addresses into one source IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Correct Answer: C
QUESTION 148
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?
A. Static Destination B. Hide
C. Dynamic Destination
D. Static Source

Correct Answer: B QUESTION 149
NAT can NOT be configured on which of the following objects?
“Pass Any Exam. Any Time.” – www.actualtests.com 60 Checkpoint 156-215.75 Exam
A. Address Range
B. HTTP Logical Server
C. Host
D. Gateway

Correct Answer: B QUESTION 150
NAT can be implemented on which of the following lists of objects?
A. Host, Network
B. Host, User
C. Domain, Network
D. Network, Dynamic Object

Correct Answer: A QUESTION 151
Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?
A. Static Destination Address Translation
B. Port Address Translation
C. Dynamic Source Address Translation
D. Hide Address Translation

Correct Answer: A QUESTION 152
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the external interface of the firewall and the Internet.
“Pass Any Exam. Any Time.” – www.actualtests.com 61 Checkpoint 156-215.75 Exam What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Place a static host route on the firewall for the valid IP address to the internal Web server.
B. Place a static ARP entry on the ISP router for the valid IP address to the firewall’s external address.
C. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
D. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.

Correct Answer: B QUESTION 153
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External.Change topology to Others +.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External
C. The Global Properties setting Translate destination on client side is checked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Uncheck the Global Properties setting Translate destination on client side
D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

Correct Answer: D
QUESTION 154
Which NAT option applicable for Automatic NAT applies to Manual NAT as well?
A. Allow bi-directional NAT
B. Automatic ARP configuration
C. Enable IP Pool NAT
D. Translate destination on client-side “Pass Any Exam. Any Time.” – www.actualtests.com 62 Checkpoint 156-215.75 Exam

Correct Answer: D
QUESTION 155
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service
B. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24
C. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule
D. Configure Automatic Static NAT on network 10.10.20.0/24
Correct Answer: B
QUESTION 156
You have three servers located in a DMZ, using private IP addresses. You want internal users from
10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.
What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?
“Pass Any Exam. Any Time.” – www.actualtests.com 63 Checkpoint 156-215.75 Exam A. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers

B. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.
C. When connecting to internal network 10 10.10 x. configure Hide NAT for the DMZ servers.
D. When connecting to the internal network 10.10.10x, configure Hide Nat for the DMZ network behind the DMZ interface of the Security Gateway

Correct Answer: B
QUESTION 157
An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of __________.
A. None of these
B. source NAT
C. destination NAT
D. client side NAT

Correct Answer: B
QUESTION 158
A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the_________.
A. source on client side
B. destination on server side
C. destination on client side
D. source on server side

Correct Answer: C
QUESTION 159
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. Automatic ARP must be unchecked in the Global Properties.
B. A static route must be added on the Security Gateway to the internal host.
C. Nothing else must be configured.
D. A static route for the NAT IP must be added to the Gateway’s upstream router.

Correct Answer: B QUESTION 160
When translation occurs using automatic Hide NAT, what also happens?
A. Nothing happens.
B. The source port is modified.
C. The destination port is modified.
D. The destination is modified. “Pass Any Exam. Any Time.” – www.actualtests.com 65 Checkpoint 156-215.75 Exam

Correct Answer: B
QUESTION 161
The fw monitor utility is used to troubleshoot which of the following problems?
A. Phase two key negotiation
B. User data base corruption
C. Address translation
D. Log Consolidation Engine

Correct Answer: C QUESTION 162
The fw monitor utility would be best to troubleshoot which of the following problems?
A. An error occurs when editing a network object in SmartDashboard
B. A statically NATed Web server behind a Security Gateway cannot be reached from the Internet.
C. You get an invalid ID error in SmartView Tracker for phase 2 IKE key negotiations.
D. A user in the user database is corrupt.

Correct Answer: B QUESTION 163
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.
“Pass Any Exam. Any Time.” – www.actualtests.com 66 Checkpoint 156-215.75 Exam

A. There is not enough information provided in the Wireshark capture to determine NAT settings.
B. This is an example hide NAT.
C. There is an example of Static NAT and translate destination on client side unchecked in Global Properties.
D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Correct Answer: D QUESTION 164
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. It is necessary to add a static route to the Gateway’s routing table.
B. The Security Gateway’s ARP file must be modified.
C. It is not necessary to add a static route to the Gateway’s routing table.
D. VLAN tagging cannot be defined for any hosts protected by the Gateway.

Correct Answer: C QUESTION 165
Secure Internal Communications (SIC) is completely NAT-tolerant because it is based on:
A. MAC addresses.
B. SIC names.
C. SIC is not NAT-tolerant. “Pass Any Exam. Any Time.” – www.actualtests.com 67 Checkpoint 156-215.75 Exam
D. IP addresses.

Correct Answer: B QUESTION 166
Static NAT connections, by default, translate on which firewall kernel inspection point?
A. Post-inbound
B. Eitherbound
C. Inbound
D. Outbound

Correct Answer: C QUESTION 167
In a Hide NAT connection outbound, which portion of the packet is modified?
A. Source IP address and destination port
B. Destination IP address and destination port
C. Source IP address and source port
D. Destination IP address and destination port

Correct Answer: C QUESTION 168
You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the order of the rules if both methods are used together? Give the best answer.
A. The Administrator decides on the order of the rules by shifting the corresponding rules up and down. “Pass Any Exam. Any Time.” – www.actualtests.com 68
Checkpoint 156-215.75 Exam
B. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range
C. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range
D. The position of the rules depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Correct Answer: B
QUESTION 169
Which answers are TRUE? Automatic Static NAT CANNOT be used when:
i) NAT decision is based on the destination port
ii) Source and Destination IP both have to be translated
iii) The NAT rule should only be installed on a dedicated Gateway only
iv) NAT should be performed on the server side
A. (i), (ii), and (iii)
B. (i), and (ii)
C. (ii) and (iv)
D. only (i)

Correct Answer: D
QUESTION 170
In order to have full control, you decide to use Manual NAT entries instead of Automatic NAT rules. Which of the following is NOT true?
A. When using Static NAT, you must enter ARP entries for the Gateway on all hosts that are using the NAT Gateway with that Gateway’s internal interface IP address.
B. When using Static NAT, you must add proxy ARP entries to the Gateway for all hiding addresses.
C. If you chose Automatic NAT instead, all necessary entries are done for you.
D. When using Dynamic Hide NAT with an address that is not configured on a Gateway interface, “Pass Any Exam. Any Time.” – www.actualtests.com 69 Checkpoint 156-215.75 Exam you need to add a proxy ARP entry for that address.

Correct Answer: A
QUESTION 171
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue?
A. The packet has been sent out through a VPN tunnel unencrypted.
B. An IPSO ACL has blocked the outbound passage of the packet.
C. A SmartDefense module has blocked the packet
D. It is an issue with NAT

Correct Answer: D
QUESTION 172
A marketing firm’s networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Status
C. SmartView Monitor
D. SmartDashboard

Correct Answer: D
QUESTION 173
Which statement below describes the most correct strategy for implementing a Rule Base?
A. Add the Stealth Rule before the last rule. “Pass Any Exam. Any Time.” – www.actualtests.com 70 Checkpoint 156-215.75 Exam
B. Umit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Place a network-traffic rule above the administrator access rule.

Correct Answer: C
QUESTION 174
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together

Correct Answer: D
QUESTION 175
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules
Correct Answer: B
QUESTION 176
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping IPS rules with dynamic drop rules
B. Grouping reject and drop rules after the Cleanup Rule “Pass Any Exam. Any Time.” -www.actualtests.com 71 Checkpoint 156-215.75 Exam
C. Placing more restrictive rules before more permissive rules
D. Grouping authentication rules with QOS rules
Correct Answer: C
QUESTION 177
You would use the Hide Rule feature to:
A. Make rules invisible to incoming packets.
B. View only a few rules without the distraction of others
C. Hide rules from read-only administrators.
D. Hide rules from a SYN/ACK attack.

Correct Answer: B QUESTION 178
When you add a resource object to a rule, which of the following occurs?
A. All packets that match the resource will be dropped.
B. All packets matching that rule are either encrypted or decrypted by the defined resource.
C. All packets matching the resource service are analyzed through an application-layer proxy.
D. Users attempting to connect to the destination of the rule will be required to authenticate.

Correct Answer: C QUESTION 179
You are a Security Administrator using one Security Management Server managing three different firewalls. One of the firewalls does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?
A. The firewall object has been created but SIC has not yet been established.
B. The license for this specific firewall has expired. “Pass Any Exam. Any Time.” – www.actualtests.com 72 Checkpoint 156-215.75 Exam
C. The firewall has failed to sync with the Security Management Server for 60 minutes.
D. The firewall is not listed in the Policy Installation Targets screen for this policy package.

Correct Answer: D QUESTION 180
Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway’s Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this rule. Which of the following would work BEST for your purpose?
A. SmartView Monitor Threshold
B. SNMP trap
C. Logging implied rules
D. User-defined alert script

Correct Answer: D QUESTION 181

Flydumps.com takes in the latest CheckPoint 156-215 questions in the CheckPoint 156-215 exam materials so that our material should be always the latest and the most relevant. We know that CheckPoint 156-215 examination  wouldn’t repeat the same set of questions all the time. Microsoft certification examinations are stringent and focus is often kept on updated technology trends. The CheckPoint 156-215 exam questions organized by the professionals will help to condition your mind to promptly grasp what you could be facing in the CheckPoint 156-215 cert examination.

CheckPoint 156-215 Study Guide, Real CheckPoint 156-215 Exam Cost On Our Store

CheckPoint 156-210 Exam Questions, Valid and updated CheckPoint 156-210 Certification Exams Online

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html

You can pass CheckPoint 156-210 exam if you get a complete hold of CheckPoint 156-210 dumps. What’s more, all the CheckPoint 156-210 Certification exams Q and A provided by Flydumps is the latest.

QUESTION 101
You are working with multiple firewalls that have extensive Rule Bases. To simplify administration task, which of the following should you choose to do?
A. Create Network range objects that restrict all applicable rules to only certain networks.
B. Run separate GUI clients for external and internal firewalls.
C. Eliminate all possible contradictory rules such as stealth and clean-up rules.
D. Save a different Rule Base for each remote firewall.
E. None of the above.

Correct Answer: D
QUESTION 102
Currently, the Accounting Department is FTP-ing a file in the bank. Which Log Viewer Module would show you the activity occurring at the present time?
A. Security Log.
B. Active Connections Log.
C. Accounting Log-
D. Administrative Log.
E. None of the above.
Correct Answer: B
QUESTION 103
With Blocking Scope default settings, a selected connection is terminated:
A. And all further attempts to establish a connection from the same source IP address to the same destination IP address and port will be blocked.
B. But all further attempts to establish connections from this specific source IP address will be authenticated before being denied.
C. And all further attempts to establish connections to this specific destination IP address will be denied.
D. And all further attempts to establish a connection from the same source IP address to the firewall’s IP address will be blocked.
E. Both A and D.

Correct Answer: A
QUESTION 104
Consider the following Rule Base for VPN-1/Firewall-1 NG. Assuming the default settings in global properties have NOT changed, ICMP would be allowed through the firewall. No SOURCE SERVICE ACTION TRACK
DESTINATION
1 Any Web_Server http Accept Long
2 Any Any Any Any Long
A. True
B. False

Correct Answer: B
QUESTION 105
Which is the correct rule in the following Rule Base? No SOURCE SERVICE ACTION TRACK DESTINATION
1 Any Any Session Log Auth [email protected]
2 Chicago Any Session Log Auth [email protected]
3 Any Any Session Log Auth [email protected]
4 Any Any User Log Auth [email protected]
A. Rule 2
B. Rule 1
C. Rule 3
D. Rule 4
E. None of the rules allow access.

Correct Answer: B
QUESTION 106
In the Client Authentication Action Properties window (below), for the required Sign On Method section, Manual is selected.

This means:
A. If a connection matches the Rule Base the service is an authenticated service, the client is signed on after a successful authentication.
B. The user must initiate the Client Authentication Session to the gateway.
C. If a connection using any service matches Rule Base, the client is authenticated.
D. If authentication is successful, access is granted from the network that initiated the connection.
E. The user must TELNET to the target server on port 259.

Correct Answer: B
QUESTION 107
Changes made to the Security Policy do not take effect on the Enforcement Module until the administrator performs which of the following actions?
A. Saves the policy.
B. Verifies the policy.
C. Install the policy.
D. Stops firewall services on the Enforcement Module.
E. Stops firewall services on the Management module.
Correct Answer: C
QUESTION 108
Consider the following network: The public servers are a web form. Since the web servers accepts and initiate connections Dynamic translation is required.

A. True
B. False

Correct Answer: B QUESTION 109
The fw fetch command perform the following function:
A. Attempts to fetch the policy from the Management Server.
B. Fetches users from the Management server.
C. Produces an output screen of the Rule Base.
D. Fetches the logs.
E. Fetches the systems status.

Correct Answer: A QUESTION 110
Inclement weather and a UPS-failure cause a firewall to reboot. Earlier that day a tornado destroyed the building where the firewall’s Management Module was located. The Management Module was not recovered and has not been replaced. Bases on the scenario, which of the following statements is FALSE?
A. The firewall will continue to enforce the last rule base installed.
B. The firewall will log locally.
C. The firewall will fetch the last installed policy form local host and install it.
D. Communication between the firewall and the replacement Management Module must be established before the replacement Management Module can install a policy on the firewall.
E. Because the firewall cannot contact the Management Module, no policy will be installed.

Correct Answer: E QUESTION 111
When configuring Anti-Spoofing for VPN-1/FireWall-1 NG on the firewall interfaces, all of the following are valid address choices except:
A. Network defined by Interface IP and Net Mask.
B. Not Defined.
C. Security Policy Installed.
D. Specific
E. None of the above.

Correct Answer: C
QUESTION 112
The security administrator for the following configuration only allows members of the localnet managers group access files in BigBen (the FTP Server)

Select below the rule that allows local managers to access the FTP server from any location. No SOURCE SERVICE ACTION
DESTINATION
1 BigBen ftp User Auth [email protected]
2 BigBen ftp Client Auth [email protected]_London
3 BigBen ftp Session Auth [email protected] 4 BigBen ftp User Auth [email protected]_Tokyo
A. Rule 1.
B. Rule 2.
C. Rule 3.
D. Rule 4.
E. None of these rules allow access.

Correct Answer: A QUESTION 113
Assume that you are working on a Windows NT operating system. What is the default expiration for a Dynamic NAT connection NOT showing any UDP activity?
A. 30 Seconds.
B. 60 Seconds.
C. 40 Seconds.
D. 600 Seconds.
E. 3000 Seconds.

Correct Answer: C QUESTION 114
Assume there has been no change made to default policy properties. To allow a telnet connection into your
network, you must create two rules.
One to allow the initial Telnet connection in.
One to allow the destination machine to send information back to the client.

A. True
B. False

Correct Answer: B QUESTION 115
In Windows NT to force log entries other than the default directory.
A. You must use the cpconfig command.
B. Change the fwlog environment variable.
C. Modify the registry.
D. Change the directory in log viewer.
E. Use the fw log switch command.

Correct Answer: C QUESTION 116
For most installations, the Clean-Up rule should be the last rule in Rule Base.
A. True
B. False

Correct Answer: A QUESTION 117
What complements are necessary for VPN-1/FireWall-1 NG to scan e-mail, passing through the firewall, for macro viruses?
A. UFP and OPSEC-certified scanning product.
B. CVP and OPSEC-certified virus scanning product.
C. UFP and CVP.
D. UFP, CVP and OPSEC-certified content filter.
E. None of the above, VPN-1/FireWall-1 NG scans for macro viruses by default.

Correct Answer: B QUESTION 118
Why would you want to verify a Security Policy before installation?
A. To install Security Policy cleanly.
B. To check up the enforcement-point firewall for errors.
C. To identify conflicting rules in your Security Policy.
D. To compress the Rule Base for faster installation
E. There us no benefit verifying a Security Policy before installing it.

Correct Answer: C
QUESTION 119
To completely setup Static NAT, you ONLY have to select Add Automatic Address Translation rules on the NAT tab, and specify a public NAT IP address.
A. True
B. False

Correct Answer: B
QUESTION 120
If you configure the Minutes interval for a firewall in the User Authentication session timeout box, as shown below on the Authentication Tab of the Workstations properties window, users of one time password must re-authenticate for each request during this time period.
A. True
B. False

Correct Answer: B
QUESTION 121
What does a status of Untrusted tell you?
A. A VPN-1/Firewall-1 NG firewall module has been compromised.
B. A gateway cannot be reached.
C. A module is installed and responding to status checks, but the status is problematic.
D. A gateway is connected, but the management module is not the master of the module installed on the gateway.
E. None of the above.

Correct Answer: D
QUESTION 122
Omanan Enterprises has the premier reclamation system for scrap aluminum in the western hemisphere. Then phenomenal growth over the last 10 years has led to the decision to establish a presence in the Internet in order to their customers. To that end, Omanan Enterprise network administrator, Jason has acquired a Web Server, and email server and 14 IP addresses from their ISP. Jason also purchased a Checkpoint VPN-1/FireWall-1 stand alone gateway module, with these interfaces, to protect Omanan enterprises’ corporate data their ISP will be providing DNS services. The Web Server and email server must have Static routable IP addresses. The eight member executive counsel of Omanan Enterprises would to have routable IP addresses also, so that they can video-conference with the company’s suppliers. Omanan Enterprises’ remaining 200 employees would like to have access to Internet, and the executive counsel believe that granting them access might improve company morale. Jason installs and configured Checkpoint VPN-1/FireWall1 stand alone Gateway module at the perimeter of Omanan Enterprises corporate LAN. He uses the 3rd NIC in the stand alone firewall gateway module to create DMZ. Jason installs the Web server and the email server on the DMZ. He creates tools and objects on the checkpoint VPN-1/FireWall-1 stand alone gateway module to allow HTTP, POP3 and SMTP from the Internet to the DMZ. He Creates objects to represent the web and email server and configures them for Static NAT. Jason reconfigures his DHCP server so that each of the members of the executive counsel has reserved IP address. He then sues those reservations co create Statically NAT-ed objects on the Checkpoint VPN/ Firewall-1 Standalone Gateway module. Jason creates another object represents the internal network he
configures this object for Dynamic NAT. He adds a rule allowing HTTP traffic from the internal network to
any destination. Jason created an additional rule to allow POP3 and SMTP traffic between the internal
networks and DMZ.
Choose the one phrase below that best describes Jason’s proposal.

A. The proposed solution meets the required objectives and none of the desired objectives.
B. The proposed solution meets the required objectives and only one of the desired objectives.
C. The proposed solution meets the required objectives and all desired objectives.
D. The proposed solution does not meet the required objective.

Correct Answer: C
QUESTION 123
Anna is a security administrator setting up User Authentication for the first time. She has correctly configured her Authentication rule, but authentication still does not work. What is the Check Point recommended way to troubleshoot this issue?
A. Verify the properties of the user attempting authentication and the authentication method selected in the Authentication Properties of your firewall object.
B. Verify the firewall settings of your firewall object, and the properties for the user attempting encryption and authentication.
C. Verify the properties for the user attempting authentication and make sure that the file Stealth Authentication method is selected in the Authentication properties of both the peer gateway object and your firewall object.
D. Verify both Client and User Authentication, and the authentication method selected in the Authentication properties of your Firewall object.
E. Re-import Schema from the VPN-1/FireWall-1 NG installation CD.

Correct Answer: A
QUESTION 124
Session authentication provides an authentication method NOT supported by protocols that can be integrated with any application. No. Source Service Action Track Install On Destination
1.
Any Local_Net telnet Accept Long Gateways

2.
Any Accept Long Gateways Pub Pub Server1 Server2
A. True
B. False

Correct Answer: A
QUESTION 125
How do recover communications between your management module and enforcement module if you lock yourself out via a rule policy that is configured incorrectly?
A. Cp delete all all.
B. Cp pause all all.
C. Cp stop all all.
D. Cp unload all all.
E. Cp push all all.
Correct Answer: D QUESTION 126
You have set up a firewall and management module on one NT box and a remote module on a different location. You receive only sporadic logs from the local firewall and only and control message from remote firewall. All rules on both firewalls are logging and you know the traffic is flowing through the firewall using these rules. All the firewall related services are running and you are using NAT and you receive few logs from the local firewall. What actions from the choices below would you perform to find out why you cannot see logs?
A. Make sure there is no masters file in SFWDIR/conf on the remote module.
B. Make sure there is no masters file in SFWDIR/conf on the local NT box.
C. See if you can do a fwfetch from the module.
D. Run the fw logexport -t -n from the command line prompt on the remote module.
E. Use pulist.exe from the Windows NT resource kit.

Correct Answer: C

Flydumps is a website to improve the pass rate of CheckPoint 156-210 exam. Senior IT experts in the Passcert constantly developed a variety of successful programs of passing CheckPoint 156-210 exam, so the results of their research can 100% guarantee you CheckPoint 156-210 exam for one time. Flydumps CheckPoint 156-210 are very effective and many people who have passed a number of IT certification exams used the CheckPoint 156-210 dumps provided by Flydumps. Some of them who have passed the CheckPoint 156-210 also use Passcert products. Selecting Flydumps means choosing a success.

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html

CheckPoint 156-210 Exam Questions, Valid and updated CheckPoint 156-210 Certification Exams Online

CheckPoint 156-110 PDF Download, Helpful CheckPoint 156-110 Practice Exam Latest Version PDF&VCE

Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html

Flydumps presents the highest quality of CheckPoint 156-110 practice material which helps candidates to pass the CheckPoint 156-110 exams in the first attempt.The dumps are the latest, authenticated by expert and covering each and every aspect of CheckPoint 156-110 exam.

QUESTION 81
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization’s security policy.
C. Enables the administrator to monitor the configuration of remote computers.
D. Prevents attackers from penetrating headquarters’ Security Gateway.
E. Confirms that a remote configuration complies with the organization’s security policy.

Correct Answer: BCE
QUESTION 82
Which of the following is likely in a small-business environment?
A. Most small businesses employ a full-time information-technology staff.
B. Resources are available as needed.
C. Small businesses have security personnel on staff.
D. Most employees have experience with information security.
E. Security budgets are very small.

Correct Answer: E
QUESTION 83
ABC Corporation’s network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?
A. Role-based access control
B. Three-factor authentication
C. Single sign-on
D. Hybrid access control
E. Mandatory sign-on

Correct Answer: E
QUESTION 84
Which type of Business Continuity Plan (BCP) test involves shutting down a primary site, bringing an alternate site on-line, and moving all operations to the alternate site?
A. Parallel
B. Full interruption
C. Checklist
D. Structured walkthrough
E. Simulation
Correct Answer: B
QUESTION 85
A(n) _______ is the first step for determining which technical information assets should be protected.
A. Network diagram
B. Business Impact Analysis
C. Office floor plan
D. Firewall
E. Intrusion detection system

Correct Answer: A
QUESTION 86
Which of the following is an example of a simple, physical-access control?
A. Lock
B. Access control list
C. Background check
D. Token
E. Firewall

Correct Answer: A
QUESTION 87
Which of the following best describes an external intrusion attempt on a local-area network (LAN)?
A. Internal users try to gain unauthorized access to information assets outside the organizational perimeter.
B. External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization’s information assets.
C. External users attempt to access public resources.
D. External intruders attempt exploitation of vulnerabilities, to remove their own access.
E. Internal users perform inappropriate acts on assets to which they have been given rights or permissions.

Correct Answer: B
QUESTION 88
Maintenance of the Business Continuity Plan (BCP) must be integrated with an organization’s _______________ process.
A. Change-control
B. Disaster-recovery
C. Inventory-maintenance
D. Discretionary-budget
E. Compensation-review
Correct Answer: A
QUESTION 89
Which types of security solutions should a home user deploy? (Choose TWO.)
A. Managed Security Gateway
B. Access control lists on a router
C. Personal firewall
D. Network intrusion-detection system
E. Anti-virus software
Correct Answer: CE QUESTION 90
You are a system administrator for a pool of Web servers. The vendor who sells your Web server posts a patch and sample exploit for a newly discovered vulnerability. You will take all of the actions listed below. Which of the following actions should you take first?
A. Run the sample exploit against a test server.
B. Run the sample exploit against a production server.
C. Apply the patch to all production servers.
D. Test the patch on a production server.
E. Test the patch on a non-production server.

Correct Answer: A
QUESTION 91
_______ is a method of tricking users into revealing passwords, or other sensitive information.
A. Dumpster diving
B. Means testing
C. Social engineering
D. Risk
E. Exposure

Correct Answer: C
QUESTION 92
Which of the following equations results in the Single Loss Expectancy for an asset?
A. Asset Value x % Of Loss From Realized Exposure
B. Asset Value x % Of Loss From Realized Threat
C. Annualized Rate of Occurrence / Annualized Loss Expectancy
D. Asset Value x % Of Loss From Realized Vulnerability
E. Annualized Rate of Occurrence x Annualized Loss Expectancy

Correct Answer: B
QUESTION 93
Which encryption algorithm has the highest bit strength?
A. AES
B. Blowfish
C. DES
D. CAST
E. Triple DES

Correct Answer: A
QUESTION 94
_________________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.
A. Symmetric-key exchange
B. Steganography
C. Transposition cipher
D. Asymmetric-key encryption
E. Simple substitution cipher
Correct Answer: C QUESTION 95
Which of the following are appropriate uses of asymmetric encryption? (Choose THREE.)
A. Authentication
B. Secure key-exchange mechanisms
C. Public Web site access
D. Data-integrity checking
E. Sneaker net

Correct Answer: ABD
QUESTION 96
What is the purpose of resource isolation?
A. To reduce the level of broadcast traffic on physical segments.
B. To ensure that anyone accessing a resource has appropriate integrity.
C. To automate the creation of access control lists and Trusted Computing Bases.
D. To enforce access controls, and clearly separate resources from each other.
E. To make people buy more computers than they really need.

Correct Answer: D
QUESTION 97
Why should user populations be segmented?
A. To allow resources to be shared among employees
B. To allow appropriate collaboration, and prevent inappropriate resource sharing
C. To prevent appropriate collaboration
D. To provide authentication services
E. To prevent the generation of audit trails from gateway devices

Correct Answer: B
QUESTION 98
A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.
A. ACL
B. Reference monitor
C. State machine
D. TCB
E. Router
Correct Answer: B
QUESTION 99
Who should have physical access to network-connectivity devices and corporate servers?
A. Customers and clients
B. Accounting, information-technology, and auditing staff
C. Managers and C-level executives
D. Only appropriate information-technology personnel
E. Only the maintenance staff
Correct Answer: D
QUESTION 100

Which of the following represents a valid reason for testing a patch on a nonproduction system, before applying it to a production system?
A. Patches may re-enable services previously disabled.
B. Patches are a kind of virus.
C. Patches always overwrite user data.
D. Only patches on vendor-pressed CDs can be trusted.
E. Patches usually break important system functionality.

Correct Answer: A
QUESTION 101
How do virtual corporations maintain confidentiality?
A. Encryption
B. Checksum
C. Data hashes
D. Redundant servers
E. Security by obscurity

Correct Answer: A
QUESTION 102
Enterprise employees working remotely require access to data at an organization’s headquarters. Which of the following is the BEST method to transfer this data?
A. Standard e-mail
B. Faxed information
C. Dial-in access behind the enterprise firewall
D. Virtual private network
E. CD-ROMs shipped with updated versions of the data

Correct Answer: D
QUESTION 103
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A
QUESTION 104
A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.
A. ACL
B. Reference monitor
C. State machine
D. TCB
E. Router
Correct Answer: B
QUESTION 105
Digital signatures are typically provided by a ____________________, where a third party verifies a key’s authenticity.
A. Network firewall
B. Security administrator
C. Domain controller
D. Certificate Authority
E. Hash function

Correct Answer: D
QUESTION 106
Which of the following is a cost-effective solution for securely transmitting data between remote offices?
A. Standard e-mail
B. Fax machine
C. Virtual private network
D. Bonded courier
E. Telephone

Correct Answer: C
QUESTION 107
Which of the following is the MOST important consideration, when developing security- awareness training materials?
A. Training material should be accessible and attractive.
B. Delivery mechanisms should allow easy development of additional materials, to complement core material.
C. Security-awareness training materials should never contradict an organizational security policy.
D. Appropriate language should be used to facilitate localization, should training materials require translation.
E. Written documentation should be archived, in case of disaster.
Correct Answer: C
QUESTION 108
Why should the number of services on a server be limited to required services?
A. Every open service represents a potential vulnerability.
B. Closed systems require special connectivity services.
C. Running extra services makes machines more efficient.
D. All services are inherently stable and secure.
E. Additional services make machines more secure.
Correct Answer: A

Flydumps ensures that the first time you take the exam will be able to pass the exam to obtain the exam certification. Because CheckPoint 156-110 provide to you the highest quality analog CheckPoint 156-110 Exam will take you into the exam step by step. Flydumps guarantee that Latest CheckPoint 156-110 exam help you to pass the exam successfully.

Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html

CheckPoint 156-110 PDF Download, Helpful CheckPoint 156-110 Practice Exam Latest Version PDF&VCE

CheckPoint 156-510 Dumps PDF, Prepare for the CheckPoint 156-510 Exam

 

Welcome to download the newest Pass4itsure eada10 VCE dumps: http://www.pass4itsure.com/eada10.html

Are you struggling for the CheckPoint 156-510 exam? Good news,Flydumps IT technical experts have collected and certified 445 questions and answers which are updated to cover the knowledge points and enhance candidates’abilities.With CheckPoint 156-510 preparation tests you can pass the exam easily and go further on Microsoft career path.

QUESTION 101
When using the cphaprob command to list the interfaces on the local machine and their status, which form would you use?
A. cphaprob -I
B. cphaprob if
C. cphaprob ports
D. cphaprob list if

Correct Answer: B
QUESTION 102
If you have previously started debugging on the firewall, how would you cancel debugging?
A. fw ctl debug 0
B. fw ctl debug can
C. fw ctl debug stop
D. fw ctl dbstop

Correct Answer: A
QUESTION 103
In a fully overlapping encryption domain, a SecuRemote client will encrypt with the first gateway to reply. All subsequent connections will remain with that gateway for a set period. How long is that period?
A. 60 secs
B. 5 mins
C. 10 mins
D. 30 secs

Correct Answer: A
QUESTION 104
Which is NOT a valid entity in the LDAP tree structure?
A. OU
B. C
C. CN
D. CU

Correct Answer: D
QUESTION 105
Checkpoint provides several command line utilities to assist with the integration of LDAP servers. Which of the following is NOT one of them?
A. ldapsearch
B. ldapcompare
C. ldapmodify
D. ldapfind
Correct Answer: D
QUESTION 106
If you have a Unix core dump, in which directory will the dump be created?
A. In the directory from which the executable that caused the dump is running
B. In the directory given by the command “# find / -name core”
C. In a directory named /dump
D. in the root directory
Correct Answer: AB QUESTION 107
What command would you use to check the current status of high availability gateways within a cluster?
A. cphaprob list
B. cphaprob report
C. cphaprob state
D. cphaprob register

Correct Answer: C QUESTION 108
If you run the “fw debug fwd on” command, where is the output directed to?
A. The kernel buffer
B. The screen
C. To a file called $FWDIR/log/fwd.elg
D. To a file called $FWDIR/conf/fwd_output.log

Correct Answer: C QUESTION 109
On a Unix system, what is the output from the command “# file core”
A. The size of the file named core
B. A textual listing of the contents of the file named core
C. The name of the executable that generated the core dump
D. The location of the file named core

Correct Answer: C QUESTION 110
What is true about high availability management modules?
A. Primary and secondary modules can be on different platforms, but must run the same build of FW1
B. Primary and Secondary modules must be on the same platform
C. The active primary module cannot be manually switched to secondary
D. They are only supported on distributed installations

Correct Answer: BD QUESTION 111
Which command would you use to enable debugging of IKE only?
A. fw debug ikeon
B. fwm debug ikeon
C. vpn debug ikeon
D. vpn debug on ikeon

Correct Answer: C QUESTION 112
In a proper subset encryption domain, to which gateway will SecuRemote attempt to create an encrypted connection?
A. SecuRemote will chose the gateway with the lowest cost
B. SecuRemote will prefer its primary gateway if both respond
C. SecuRemote will choose the gateway closest to the server
D. SecuRemote will use the first gateway to respond

Correct Answer: C QUESTION 113
Which type of overlapping encryption domain can be described as one domain being entirely contained within another domain?
A. Full overlap
B. Partial overlap
C. Proper subset
D. Partial subset

Correct Answer: C QUESTION 114
Where can a User Authority Server be installed?
A. A Windows machine with just a FW-1 enforcement module installed
B. A Solaris machine with just a FW-1 management module installed
C. A Solaris or Windows machine with any FW-1 module installed
D. A Windows Domain Controller

Correct Answer: CD QUESTION 115
If VPN-1/FW-1 has a blue screen crash on a Windows NT platform, there is an extra file you should include in those sent to Checkpoint for analysis. Which is that extra file?
A. WINNT\system.dmp
B. WINNT\user.dmp
C. WINNT\memory.dmp
D. WINNT\core.dmp

Correct Answer: C QUESTION 116
In the following DN, which part is the root?
CN= John Doe, ou= Sales, o= Acme Corp, C= US

A. Acme Corp
B. John Doe
C. Sales
D. US

Correct Answer: D QUESTION 117
Which files are useful in the case of a Windows NT Dr. Watson error?
A. WINNT\memory.dmp
B. WINNT\drwtsn32.log
C. WINNT\system.dmp
D. WINNT\user.dmp Correct Answer: ABD
QUESTION 118
Why is a sniffer a security risk?
A. It can create a DOS attack
B. It can cause a firewall to crash
C. It can emulate an authorized workstation
D. It can record traffic, which may include clear text passwords

Correct Answer: D
QUESTION 119
When exporting a user database using the “fw dbexport” command. What is the default file used?
A. $FWDIR/user/def_file
B. $FWDIR/conf/user_def_file
C. $FWDIR/bin/user_def_file
D. $FWDIR/conf/user_export_file

Correct Answer: B
QUESTION 120
How can you analyze a file captured by the fw monitor utility?
A. Snoop
B. Snort
C. Spock
D. Sniff

Correct Answer: A
QUESTION 121
What is the name of the protocol analyzer that ships with WindowsNT/SMS?
A. Tcpdump
B. Network monitor
C. Snoop
D. Sniffer
Correct Answer: B
QUESTION 122
From where would you enable load sharing in an MEP configuration?
A. Global properties > VPN-1 Net > Advanced then select “enable load sharing in MEP configuration”
B. Global properties > Remote Access > Advanced then select “enable load sharing in MEP configuration”
C. Cluster properties > general tab >, select “enable load sharing in MEP configuration”
D. Global properties > VPN-1 Pro > Advanced then select “enable load sharing in MEP configuration”
Correct Answer: D
QUESTION 123
How would FW-1 communicate securely with an LDAP server?
A. SIC
B. Certificates
C. RDP
D. SSL

Correct Answer: D
QUESTION 124
What is meant by a promiscuous mode network capture tool?
A. It can run on any platform
B. It can monitor all traffic on the network not just that intended
C. for the adapter in the device
D. It can put traffic onto the network
E. It can emulate any other device on the network

Correct Answer: B
QUESTION 125
Which parameter would you use on the “fw dbexport” command in order to specify that exported users are to be added under the “o=Acme Corp, c=US” branch?
A. -s “o=Acme Corp, c=US”
B. -a “o=Acme Corp, c=US”
C. -k “o=Acme Corp, c=US”
D. -b “o=Acme Corp, c=US”

Correct Answer: A
QUESTION 126
What is not included in the output of the “fw ctl pstat” command?
A. System memory statistics
B. Policy name
C. Encryption statistics
D. Hash memory statistics
E. Translation statistics

Correct Answer: B

The importance of certification in the field of IT cannot be denied, so FLYDUMPS CheckPoint 156-510 practice test would be the best guide for you. We are so surprised to see countless opportunities after passing the HDI exam. FLYDUMPS proved to be the best source of help for me and the products offered by FLYDUMPS enabled me to achieve the desired results. If you want to pass the HDI Certified Specialist exam, the most reliable source is FLYDUMPS CheckPoint 156-510 practice test. CheckPoint 156-510 practice test supplied by IBM which can be very helpful support materials and can provide great amount of help, while preparing for CheckPoint 156-510 test.

Pass4itsure eada10 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/eada10.html

CheckPoint 156-510 Dumps PDF, Prepare for the CheckPoint 156-510 Exam

CheckPoint 156-315 VCE Files, The Most Recommended CheckPoint 156-315 Dumps PDF Online Store

Welcome to download the newest Pass4itsure C2180-374 VCE dumps: http://www.pass4itsure.com/C2180-374.html

Flydumps is the best place for preparing IT Certifications as we are providing latest and guaranteed questions for all certifications. We offer you the ultimate preparation resource of CheckPoint 156-315 exam question. Wondering what could be this effective? It is our training material which serves as a guide to achieving your dream as a certified professional.

QUESTION 98
What is a Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and SmartDefense Policies
B. The specific Policy used by Eventia Reporter to configure log-management practices
C. The state of the Policy once installed on a Security Gateway
D. A Policy created by Eventia Reporter to generate logs
E. The collective name of the logs generated by Eventia Reporter

Correct Answer: B
QUESTION 99
To change an existing ClusterXL cluster object from Multicast to Unicast mode, what configuration change must be made?
A. Change the cluster mode to Unicast on the cluster object Reinstall the Security Policy
B. Reset Secure Internal Communications (SIC) on the cluster-member objects. Reinstall the Security Policy
C. Run cpstop and cpstart, to reenable High Availability on both objects. Select Pivot mode in cpconfig
D. Change the cluster mode to Unicast on the cluster-member object
E. Switch the internal network’s default Security Gateway to the pivot machine’s IP address

Correct Answer: A
QUESTION 100
You have two Nokia Appliances: one IP530 and on IP380. Both appliances have IPSO 3.9 and VPN-1 Pro NGX installed in a distributed deployment. Can they be members of a gateway cluster?
A. No, because the Gateway versions must be the same on both security gateways.
B. Yes, as long as they have the same IPSO version and the same VPN-1 Pro version
C. No, because members of a security gateway cluster must be in installed as stand-alone deployments.
D. Yes, because both gateways are from Nokia, whether they have the same VPN-1 PRO version or not.
E. No, because the appliances must be of the same model (Both should be IP530 or IP380).
Correct Answer: B
QUESTION 101
Which Security Server can perform authentication tasks, but CANNOT perform content security tasks?
A. Telnet
B. HTTP
C. rlogin
D. FTP
E. SMTP

Correct Answer: AC
QUESTION 102
Which operating system is NOT supported by VPN-1 SecureClient?
A. IPSO 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 8.0
E. MacOS X

Correct Answer: A
QUESTION 103
Problems sometimes occur when distributing IPSec packets to a few machines in a Load Sharing Multicast mode cluster, even though the machines have the same source and destination IP addresses. What is the best Load Sharing method for preventing this type of problem?
A. Load Sharing based on IP addresses, ports, and serial peripheral interfaces (SPI)
B. Load Sharing based on SPIs only.
C. Load Sharing based on IP addresses only
D. Load Sharing based on SPIs and ports only
E. Load Sharing based on IP addresses and ports

Correct Answer: C
QUESTION 104
Your primary SmartCenter Server is installed on a SecrePlatform Pro machine, which is also a VPN-1 Pro Gateway. You want to implement Management High Availability (HA). You have a spare machine to configure as the secondary SmartCenter Server. How do you configure the new machine to be the standby SmartCenter Server, without making any changes to the existing primary SmartCenter Server? (changes can include uninstalling and reinstalling)
A. You cannot configure Mangement HA, when either the primary or secondary SmartCenter Server is running on a VPN-1 Pro Gateway.
B. The new machine cannot be installed as the Internal Certificate Authority on its own.
C. The secondary Server cannot be installed on a SecurePlatform Pro machine alone.
D. Install the secondary Server on a spare machine. Add the new machine to the same network as the primary Server.
Correct Answer: A
QUESTION 105
VPN-1 NGX supports VoIP traffic in all of the following environments, EXCEPT which environment?
A. H.323
B. SIP
C. MEGACO
D. SCCP
E. MGCP
Correct Answer: C
QUESTION 106
Certkiller is a Security Administrator preparing to implement a VPN solution for her multi-site organization Certkiller .com. To comply with industry regulations, Mrs. Bill VPN solution must meet the following requirements:
*
Portability: standard

*
Key management: Automatic, external PKI

*
Session keys: Changed at configured times during a connection’s lifetime

*
key length: No less than 128-bit

*
Data integrity: Secure against inversion and brute-force attacks
What is the most appropriate setting Jack should choose?
A. IKE VPNs: AES encryption for IKE Phase 1, and DES encryption for Phase 2; SHA1 ash
B. IKE VPNs: SHA1 encryption for IKE Phase 1, and MD5 encryption for Phase 2; AES hash
C. IKE VPNs: CAST encryption IKE Phase 1, and SHA1 encryption for Phase 2; DES hash
D. IKE VPNs: AES encryption for IKE Phase 1, and AES encryption for Phase 2; SHA1 hash
E. IKE VPNs: DES encryption for IKE Phase 1, and 3DES encryption for Phase 2; MD5 hash
Correct Answer: D
QUESTION 107
Which Security Server can perform content-security tasks, but CANNOT perform authentication tasks?
A. FTP
B. SMTP
C. Telnet
D. HTTP
E. rlogin
Correct Answer: B Exam B
QUESTION 1
You work a network administrator for Certkiller .com. You configure a Check Point QoS Rule Base with two rules: an H.323 rule with a weight of 10, and the Default Rule with a weight of 10. The H.323 rule includes a per-connection guarantee of 384 Kbps, and a per-connection limit of 512 Kbps. The per-connection guarantee is for four connections, and no additional connections are allowed in the Action properties. If traffic passing through the QoS Module matches both rules, which of the following is true?
A. Neither rule will be allocated more than 10% of available bandwidth.
B. The H.323 rule will consume no more than 2048 Kbps of available bandwidth.
C. 50% of available bandwidth will be allocated to the H.323 rule.
D. 50% of available bandwidth will be allocated to the Default Rule
E. Each H.323 connection will receive at least 512 Kbps of bandwidth.
Correct Answer: B
QUESTION 2
Certkiller .com has many VPN-1 Edge gateways at various branch offices, to allow VPN-1 SecureClient users to access Certkiller .com resources. For security reasons, Certkiller .com’s Secure policy requires all Internet traffic initiated behind the VPN-1 Edge gateways first be inspected by your headquarters’ VPN-1 Pro Security Gateway. How do you configure VPN routing in this star VPN Community?
A. To the Internet an other targets only
B. To the center and other satellites, through the center
C. To the center only
D. To the center, or through the center to other satellites, then to the Internet and other VPN targets
Correct Answer: D
QUESTION 3
You are preparing to configure your VoIP Domain Gatekeeper object. Which two other object should you have created first?
A. An object to represent the IP phone network, AND an object to represent the host on which the proxy is installed.
B. An object to represent the PSTN phone network, AND an object to represent the IP phone network
C. An object to represent the IP phone network, AND an object to represent the host on which the gatekeeper is installed.
D. An object to represent the Q.931 service origination host, AND an object to represent the H.245 termination host
E. An object to represent the call manager, AND an object to represent the host on which the transmission router is installed.
Correct Answer: C

QUESTION 4
Which Check Point QoS feature is used to dynamically allocate relative portions of available bandwidth?
A. Guarantees
B. Differentiated Services
C. Limits
D. Weighted Fair Queuing
E. Low Latency Queing
Correct Answer: D
QUESTION 5
Which operating system is NOT supported by VPN-1 SecureClient?
A. IPSO 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 8.0
E. MacOS X
Correct Answer: A
QUESTION 6
You want to upgrade a SecurePlatform NG with Application Intelligence (AI) R55 Gateway to SecurePlatform NGX R60 via SmartUpdate.Which package is needed in the repository before upgrading?
A. SVN Foundation and VPN-1 Express/Pro
B. VNP-1 and FireWall-1
C. SecurePlatform NGX R60
D. SVN Founation
E. VPN-1 Pro/Express NGX R60
Correct Answer: C
QUESTION 7
Exhibit:

The exhibit displays the cphaprob state command output from a New Mode High Availability cluster member. Which machine has the highest priority?
A. 192.168.1.2, since its number is 2.
B. 192.168.1.1, because its number is 1.
C. This output does not indicate which machine has the highest priority.
D. 192.168.1.2, because its stats is active
Correct Answer: B QUESTION 8
Exhibit: Certkiller tries to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. Certkiller sees the screen displayed in the exhibit. What is the problem?

A. Jack must enable directional_match(true) in the object_5_0.c file on SmartCenter server.
B. Jack must enable Advanced Routing on each Security Gateway
C. Jack must enable VPN Directional Match on the VPN Advanced screen, in Global properties.
D. Jack must enable a dynamic-routing protocol, such as OSPF, on the Gateways.
E. Jack must enable VPN Directional Match on the gateway object’s VPN tab.

Correct Answer: C
QUESTION 9
Where can a Security Administator adjust the unit of measurement (bps, Kbps or Bps), for Check Point QoS bandwidth?
A. Global Properties
B. QoS Class objects
C. Check Point gateway object properties
D. $CPDIR/conf/qos_props.pf
E. Advanced Action options in each QoS rule.
Correct Answer: A
QUESTION 10
Certkiller is the Security Administrator for Certkiller .com. Certkiller .com FTP servers have old hardware and software. Certain FTP commands cause the FTP servers to malfunction. Upgrading the FTP Servers is not an option this time. Which of the following options will allow Certkiller to control which FTP commands pass through the Security Gateway protecting the FTP servers?
A. Global Properties->Security Server ->Security Server->Allowed FTP Commands
B. SmartDefense->Application Intelligence->FTP Security Server
C. Rule Base->Action Field->Properties
D. Web Intelligence->Application Layer->FTP Settings
E. FTP Service Object->Advanced->Blocked FTP Commands
Correct Answer: B
QUESTION 11
You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule?
A. internal_clear>All-GwToGw
B. Communities>Communities
C. Internal_clear>External_Clear
D. Internal_clear>Communities
E. Internal_clear>All_communities
Correct Answer: E
QUESTION 12
You receive an alert indicating a suspicious FTP connection is trying to connect to one of your internal hosts. How do you block the connection in real time and verify the connection is successfully blocked?
A. Highlight the suspicious connection in SmartView Tracker>Active mode. Block the connection using Tools>Block Intruder menu. Use the active mode to confirm that the suspicious connection does not reappear.
B. Highlight the suspicious connection in SmartView Tracker>Log mode. Block the connection using Tools>Block Intruder menu. Use the Log mode to confirm that the suspicious connection does not reappear.
C. Highlight the suspicious connection in SmartView Tracker>Active mode. Block the connection using Tools>Block Intruder menu. Use the active mode to confirm that the suspicious connection is dropped.
D. Highlight the suspicious connection in SmartView Tracker>Log mode. Block the connection using Tools>Block Intruder menu. Use the Log mode to confirm that the suspicious connection is dropped.
Correct Answer: C
QUESTION 13
Exhibit: Certkiller is using a mesh VPN Community to create a site-to-site VPN. The VPN properties in this mesh Community is displayed in the exhibit. Which of the following statements are true?

A. If Jack changes the settings, “Perform key exchange encryption with” from “3DES” to “DES”, she will enhance the VPN Community’s security and reduce encryption overhead.
B. Mrs Bill must change the data-integrity settings for this VPN Community. MD5 is incompatible with AES.
C. If Certkiller changes the setting “Perform IPSec data encryption with” from “AES-128” to “3DES”, Jack will increase the encryption overhead.
D. Her VPN Community will perform IKE Phase 1 key-exchange encryption, using the longest key VPN-1 NGX supports.
Correct Answer: C
QUESTION 14
Exhibit: You are preparing computers for a new ClusterXL deployment. For your cluster, you plan to use three machines with the configurations displayed in the exhibit. Are these machines correctly configured for a ClusterXL deployment?

A. Yes, these machines are configured correctly for a ClusterXL deployment.
B. No, QuadCards are not supported with ClusterXL.
C. No, all machines in a cluster must be running on the same OS.
D. No, al cluster must have an even number of machines.
E. No, ClusterXL is not supported on Red Hat Linux.
Correct Answer: C
QUESTION 15
You want only RAS signals to pass through H.323 Gatekeeper and other H.323 protocols, passing directly between end points. Which routing mode in the VoIP Domain Gatekeeper do you select?
A. Direct
B. Direct and Call Setup
C. Call Setup
D. Call Setup and Call Control
Correct Answer: A
QUESTION 16
Certkiller is concerned that a denial-of-service (DoS) attack may affect her VPN Communities. She decides to implement IKE DoS protection. Jack needs to minimize the performance impact of implementing this new protectdion. Which of the following configurations is MOST appropriate for Mrs. Bill?
A. Set Support IKE DoS protection from identified source to “Puzzles”, and Support IKE DoS protection from unidentified source to “Stateless”
B. Set Support IKE DoS protection from identified source, and Support IKE DoS protection from unidentified soruce to “Puzzles”
C. Set Support IKE DoS protection from identified source to “Stateless”, and Support IKE DoS protection from unidentified source to “Puzzles”.
D. Set Support IKE DoS protection from identified source, and “Support IKE DoS protection” from unidentified source to “Stateless”.
E. Set Support IKE DoS protection from identified source to “Stateless”, and Support IKE DoS protection from unidentified source to “None”.
Correct Answer: D
QUESTION 17
You have a production implementation of Management High Availability, at Version VPN-1 NG with application Intelligence R55. You must upgrade two SmartCenter Servers to VPN-1. What is the correct procedure?
A. 1. Synchronize the two SmartCenter Servers
2.
Upgrade the secondary SmartCenter Server.

3.
Upgrade the primary SmartCenter Server.

4.
Configure both SmartCenter Server host objects version to VPN-1 NGX

5.
Synchronize the Servers again.
B. 1. Synchronize the two SmartCenter Servers 2. Perform an advanced upgrade the primary SmartCenter Server.
3.
Upgrade the secondary SmartCenter Server.

4.
Configure both SmartCenter Server host objects to version VPN-1 NGX.

5.
Synchronize the Servers again
C. 1. Perform an advanced upgrade on the primary SmartCenter Server.
2.
Configure the primary SmartCenter Server host object to version VPN.1 NGX.

3.
Synchronize the primary with the secondary SmartCenter Server.

4.
Upgrade the secondary SmartCenter Server.

5.
Configure the secondary SmartCenter Server host object to version VPN-1 NGX.

6.
Synchronize the Servers again.
D. 1. Synchronize the two SmartCenter Servers.
2.
Perform an advanced upgrade on the primary SmartCenter Server.

3.
Configure the primary SmartCenter Server host object to version VPN-1 NGX.

4.
Synchronize the two servers again.

5.
Upgrade the secondary SmartCenter Server.

6.
Configure the secondary SmartCenter Server host object to version VPN-1 NGX.

7.
Synchronize the Servers again.
Correct Answer: A
QUESTION 18
In a distributed VPN-1 Pro NGX environment, where is the Internal Certificate Authority (ICA) installed?
A. On the Security Gateway
B. Certificate Manager Server
C. On the Policy Server
D. On the Smart View Monitor
E. On the primary SmartCenter Server
Correct Answer: E
QUESTION 19
Assume an intruder has compromised your current IKE Phase 1 and Phase 2 keys. Which of the following options will end the intruder’s access, after the next Phase 2 exchange occurs?
A. Phase 3 Key Revocation
B. Perfect Forward Secrecy
C. MD5 Hash Completion
D. SH1 Hash Completion
E. DES Key Reset
Correct Answer: B
QUESTION 20
You set up a mesh VPN community, so your internal networks can access your partner’s network, and vice versa. Your Security Policy encrypts only FTP and HTTP traffic through a VPN tunnel. All other traffic among your internal and partner networks is sent in clear text. How do you configure the VPN community?
A. Disable “accept all encrypted traffic”, and put FTP and HTTP in the Excluded services in the Community object. Add a rule in the Security Policy for services FTP and http, with the Community object in the VPN field.
B. Disable “accept all encrypted traffic” in the Community, and add FTP and HTTP services to the Security Policy, with that Community object in the VPN field.
C. Enable “accept all encrypted traffic”, but put FTP and HTTP in the Excluded services in the Community. Add a rule in the Security Policy, with services FTP and http, and the Community object in the VPN field.
D. Put FTP and HTTP in the Excluded services in the Community object. Then add a rule in the Security Policy to allow Any as the service with the Community object in the VPN field.
Correct Answer: B
QUESTION 21
To change an existing ClusterXL cluster object from Multicast to Unicast mode, what configuration change must be made?
A. Change the cluster mode to Unicast on the cluster object. Reinstall the Security Policy.
B. Restart Secure Internal Communications (SIC) on the cluster-member objects. Reinstall the Security Policy.
C. Run cpstop and cpstart, to re-enable High Availability on both projects. Select Pivot mode in cpconfig.
D. Change the cluster mode to Unicast on the cluster-member object.
E. Switch the internal network’s default Security Gateway to the pivot machine’s IP address.
Correct Answer: A
QUESTION 22
Certkiller is notified by blacklist.org that her site has been reported as a spam relay, due to her SMTP server being unprotected. Mrs. Bill decides to implement an SMTP Security Server, to prevent the server from being a spam relay. Which of the following is the most efficient configuration method?
A. Configure the SMTP Security Server to perform MX resolving.
B. Configure the SMTP Security Server to perform filtering, based on IP address and SMTP protocols.
C. Configure the SMTP Security Server to work with an OPSEC based product, for content checking.
D. Configure the SMTP Security Server to apply a generic “from” address to all outgoing mail.
E. Configure the SMTP Security Server to allow only mail to or from names, within Jack’s corporate domain.
Correct Answer: E
QUESTION 23
You have an internal FTP server, and you allow downloading, but not uploading.
Assume Network Address Translation is set up correctly, and you want to add an inbound rule with:

Source: Any
Destination: FTP Server
Service: an FTP resource object.

How do you configure the FTP resource object and the action column in the rule to achieve this goal?
A. Enable only the “Get” method in the FTP Resource Properties, and use this method in the rule, with action accept.
B. Enable only the “Get” method in the FTP Resource Properties, and use it in the rule, with action drop.
C. Enable both “Put” and “Get” methods in the FTP Resource Properties and use them in the rule, with action drop.
D. Disable “Get” and “Put” methods in the FTP Resource Properties and use it in the rule, with action accept.
E. Enable only the “Put” method in the FTP Resource Properties and use it in the rule, with action accept.
Correct Answer: A
QUESTION 24
If you check the box “Use Aggressive Mode”, in the IKE properties dialog box:
A. The standard three-packet IKE Phase 1 exchange is replaced by a six-packet exchange.
B. The standard six-packet IKE Phase 2 exchange is replaced by a three-packet exchange.
C. The standard three-packet IKE Phase 2 exchange is replaced by a six-packet exchange.
D. The standard six-packet IKE Phase 1 exchange is replaced by a three-packet exchange.
E. The standard six-packet IKE Phase 1 exchange is replaced by a twleve-packet exchange.
Correct Answer: D
QUESTION 25
Which of the following commands shows full synchronization status?
A. cphaprob -i list
B. chpastop
C. fw ctl pstat
D. cphaprob -a if
E. fw hastat
Correct Answer: C
QUESTION 26
Which VPN community object is used to configure VPN routing within the SmartDashboard?
A. star
B. mesh
C. Remote access
D. Map
Correct Answer: A
QUESTION 27
The following rule contains an FTP resource object in the Service field:
Source: local_net Destination: Any Service: FTP-resource object Action: Accept
How do you define the FTP Resource Properties>Match tab to prevent internal users from sending corporate files to external FTP servers, while allowing users to retrieve files?
A. Enable the “Get” method on the match tab.
B. Disable “Get” and “Put” methods on the Match tab.
C. Enable the “Put” and “Get” methods.
D. Enable the “Put” method only on the match tab.
E. Disable the “Put” method globally.
Correct Answer: A

QUESTION 28
What is the consequence of clearing the “Log VoIP Connection” box in the Global Properties?
A. Dropped VoIP traffic is logged, but accepted VoIP traffic is not logged.
B. VoIP protocol-specific log fields are not included in SmartView Tracker entries.
C. The log field setting in rules for VoIP protocols are ignored.
D. IP addresses are used, instead of object names, in log entries that reference VoIP Domain objects.
E. The SmartCenter Server stops importing logs from VoIP servers.
Correct Answer: B QUESTION 29
Exhibit:

The exhibit is a cphaprob state command output from a ClusterXL New mode high Availability member. When a member 192.168.1.2 fails over and restarts, which member will become active?
A. 192.168.1.2
B. 192.168.1.1
C. Both members’ state will be standby.
D. Both members’ state will be active.

Correct Answer: B
QUESTION 30
Which of the following actions is most likely to improve the performance of Check Point QoS?
A. Turn “per rule guarantees” into “peer connection guarantees”.
B. Install Check Point QoS only on the external interfaces of the QoS Module.
C. Put the most frequently used rules at the bottom of the QoS Rule Base.
D. Turn “per rule limits” into “per connection limits”
E. Define weights in the Default Rule in multiples of 10.
Correct Answer: B
QUESTION 31
How would you configure a rule in a Security Policy to allow SIP traffic from end point Net_A to end point Net_B, through an NGX Security Gateway?
A. Net_A/Net_B/sip/accept
B. Net_A/Net_B/sip and sip_any/accept
C. Net_A/Net_B/VoIP_any/accept
D. Net_A/Net_B/VoIP /accept
Correct Answer: A
QUESTION 32
You want to upgrade a cluster with two members to VPN-1 NGX. The SmartCenter Server and both members are version VPN-1/FireWall-1 NG FP3, with the latest Hotfix. What is the correct upgrade procedure?
1.
Change the version, in the General Properties of the gateway-cluster object.

2.
Upgrade the SmartCenter Server, and reboot after upgrade

3.
Runt cpstop on one member, while leaving the other member running. Upgrade one member at a time, and reboot after upgrade.

4.
Reinstall the Security Policy
A. 3, 2, 1, 4
B. 2, 4, 3, 1
C. 1, 3, 2, 4
D. 2, 3, 1, 4
E. 1, 2, 3, 4
Correct Answer: D
QUESTION 33
How can you completely tear down a specific VPN tunnel in an intranet IKE VPN deployment?
A. Run the command vpn tu on the Security Gateway, and choose the option “Delete all IPSec+IKE SAs for ALL peers and users”.
B. Run the command vpn tu on the SmartCenter Server, and choose the option “Delete all IPSec+IKE SAs for ALL peers and users”.
C. Run the command vpn tu on the Security Gateway, and choose the option “Delete all IPSec+IKE SAs for a given peer (GW)”.
D. Run the command vpn tu on the Security Gateway, and choose the option “Delete all IPSec SAs for a given user (Client)”.
E. Run the command vpn tu on the Security Gateway, and choose the option “Delete all IPSec SAs for ALL peers and users”.
Correct Answer: A
QUESTION 34
You are preparing to deploy a VPN-1 Pro Gateway for VPN-1 NGX. You have five systems to choose from for the new Gateway, and you must conform to the following requirements:
*
Operating-System vendor’s license agreements

*
Check Point’s license agreement

*
Minimum operating-system hardware specification

*
Minimum Gateway hardware specification

*
Gateway installed on a supported operating system (OS)
Which machine meets ALL of the requirements?
A. Processor 1.1 GHz RAM: 512 MB Hard disk: 10 GB OS: Windows 2000 Workstation
B. Processor 2.0 GHz RAM: 512 MB Hard disk: 10 GB OS: Windows ME
C. Processor 1.5 GHz RAM: 256 MB Hard disk: 20 GB OS: Red Hat Linux 8.0
D. Processor 1.67 GHz RAM: 128 MB Hard disk: 5 GB OS: FreeBSD
E. Processor 2.2 GHz RAM: 256 MB Hard disk: 20 GB OS: Windows 2000 Server
Correct Answer: E
QUESTION 35
You are configuring the VoIP Domain object for an H.323 environment, protected by VPN-1 NGX. Which VoIP Domain object type can you use?
A. Transmission Router
B. Gatekeeper
C. Call Manager
D. Proxy
E. Call Agent
Correct Answer: B
QUESTION 36
Certkiller has configured a Common Internet File System (CIFS) resource to allow access to the public partition of Certkiller .com’s file server, on \\Certkiller 13\logigame\files\public. Mrs. Bill receives reports that users are unable to access the shared partition, unless they use the file server’s IP address. Which of the following is a possible cause?
A. Mapped shares do not allow administrative locks.
B. The CIFS resource is not configured to use Windows name resolution.
C. Access violations are not logged.
D. Remote registry access is blocked.
E. Null CIFS sessions are blocked.
Correct Answer: B
QUESTION 37
Certkiller is creating rules and objects to control VoIP traffic in her organization ( Certkiller .com), through a VPN-1 NGX Security Gateway. Mrs. Bill creates VoIP Domain SIP objects to represent each of Certkiller .com’s three SIP gateways. Jack then creates a simple group to contain the VoIP Domain SIP objects. When Jack attempts to add the VoIP Domain SIP objects to the group, they are not listed. What is the problem?
A. The related end-points domain specifies an address range.
B. VoIP Domain SIP objects cannot be placed in simple groups.
C. The installed VoIP gateways specify host objects.
D. The VoIP gateway object must be added to the group, before the VoIP Domain SIP object is eligible to be added to the group.
E. The VoIP Domain SIP object’s name contains restricted characters.
Correct Answer: B
QUESTION 38
You have two Nokia Appliances: one IP530 and on IP380. Both appliances have IPSO 3.9 and VPN-1 Pro NGX installed in a distributed deployment. Can they be members of a gateway cluster?
A. No, because the Gateway versions must be the same on both security gateways.
B. Yes, as long as they have the same IPSO version and the same VPN-1 Pro version
C. No, because members of a security gateway cluster must be in installed as stand-alone deployments.
D. Yes, because both gateways are from Nokia, whether they have the same VPN-1 PRO version or not.
E. No, because the appliances must be of the same model (Both should be IP530 or IP380).
Correct Answer: B
QUESTION 39
Exhibit: You work as a network administrator at Certkiller .com. Your network includes ClusterXL running Multicast mode on two members, as shown in this topology exhibit. Your network is expanding, and you need to add new interfaces: 10.10.10.1/24 on Member A, and 10.10.10.2/24 on Member B. The virtual IP address for interface 10.10.10.0/24 is 10.10.10.3. What is the correct procedure to add these interfaces?

A. 1. Use the ifconfig command to configure and enable the new interface.
2.
Run cpstop and cpstart on both members at the same time.

3.
Update the topology in the cluster object for the cluster and both members.

4.
Install the Security Policy.
B. 1. Disable “cluster membership” from one Gateway via cpconfig.
2.
Configure the new interface via sysconfig from the “non-member” Gateway.

3.
Re-enable “Cluster membership” on the Gateway.

4.
Perform the same step on the other Gateway.

5.
Update the topology in the cluster object for the cluster and members.

6.
Install the Security Policy
C. 1. Run cpstop on one member, and configure the new interface via sysconfig.
2.
Run cpstart on the member. Repeat the same steps on another member.

3.
Update the new topology in the cluster object for the cluster and members.

4.
Install the Security Policy.
D. 1. Use sysconfig to configure the new interfaces on both members.
2.
Update the topology in the cluster object for the cluster and both members.

3.
Install the Security Policy.
Correct Answer: C
QUESTION 40
Problems sometimes occur when distributing IPSec packets to a few machines in a Load Sharing Multicast mode cluster, even though the machines have the same source and destination IP addresses. What is the best Load Sharing method for preventing this type of problem?
A. Load Sharing based on IP addresses, ports, and serial peripheral interfaces (SPI)
B. Load Sharing based on SPIs only.
C. Load Sharing based on IP addresses only
D. Load Sharing based on SPIs and ports only
E. Load Sharing based on IP addresses and ports
Correct Answer: C

QUESTION 41
Exhibit:

State synchronization is enabled on both members in a cluster, and the Security Policy is successfully installed. No protocols or services have been unselected for “selective sync”. The exhibit is the fw tab -t connections -s output from both members. Is State synchronization working properly between the two members?
A. Members Certkiller 1 and Certkiller 2 are synchronized, because ID for both members are identical in the connection table
B. The connections-table output is incomplete. You must run the cphaprob state command, to determine if members Certkiller 1 and Certkiller 2 are synchronized.
C. Members Certkiller 1 and Certkiller 2 are not synchronized, because #PEAK for both members is not close in the connections table.
D. Members Certkiller 1 and Certkiller 2 are synchronized, because #SLINKS are identical in the connections table.
E. Members Certkiller 1 and Certkiller 2 are not synchronized, because #VALS in the connection table are not close.
Correct Answer: E
QUESTION 42
Exhibit:

The exhibit illustrates how a VPN-1 SecureClient user tries to establish a VPN host in the external_net and internal_net from the Internet. How is the Security Gateway VPN Domain created?
A. Internal Gateway VPN domain = internal_net, External VPN Domain = external net + external gateway object + internal_net.
B. Internal Gateway VPN domain = internal_net, External Gateway VPN Domain = external net + internal gateway object
C. Internal Gateway VPN domain = internal_net, External Gateway VPN Domain = internal_net + external net
D. Internal Gateway VPN domain = internal_net, External Gateway VPN Domain = internal VPN domain + internal gateway object + external net
Correct Answer: D
QUESTION 43
Regarding QoS guarantees and limits, which of the following statements is FALSE?
A. The guarantee of a sub-rule cannot be greater than the guarantee defined for the rule above it.
B. If the guarantee is defined in a sub-rule, a guarantee must be defined for the rule above it.
C. A rule guarantee must not be less than the sum defined in the guarantees’ sub-rules.
D. If both a rule and per-connection limit are defined for a rule, the per-connection limit must not be greater than the rule limit.
E. If both a limit and guarantee per rule are defined in a QoS rule, the limit must be smaller than the guarantee.
Correct Answer: E
QUESTION 44
You plan to install a VPN-1 Pro Gateway for VPN-1 NGX at Certkiller .com’s headquarters. You have a single Sun SPARC Solaris 9 machines for VPN-1 Pro enterprise implementation. You need this machine to inspect traffic and keep configuration files. Which Check Point software package do you install?
A. VPN-1 Pro Gateway and primary SmartCenter Server
B. Policy Server and primary SmartCenter Server
C. ClusterXL and SmartCenter Server
D. VPN-1 Pro Gateway
E. SmartCenter Server
Correct Answer: A
QUESTION 45
By default, a standby SmartCenter Server is automatically synchronized by an active SmartCenter Server, when:
A. The Security Policy is installed.
B. The Security Policy is saved.
C. The user database is installed.
D. The Security Administrator logs in to the standby SmartCenter server, for the first time.
E. The standby SmartCenter Server starts for the first time.
Correct Answer: A
QUESTION 46
Your primary SmartCenter Server is installed on a SecrePlatform Pro machine, which is also a VPN-1 Pro Gateway. You want to implement Management High Availability (HA). You have a spare machine to configure as the secondary SmartCenter Server. How do you configure the new machine to be the standby SmartCenter Server, without making any changes to the existing primary SmartCenter Server? (changes can include uninstalling and reinstalling)
A. You cannot configure Mangement HA, when either the primary or secondary SmartCenter Server is running on a VPN-1 Pro Gateway.
B. The new machine cannot be installed as the Internal Certificate Authority on its own.
C. The secondary Server cannot be installed on a SecurePlatform Pro machine alone.
D. Install the secondary Server on a spare machine. Add the new machine to the same network as the primary Server.
Correct Answer: A
QUESTION 47
Certkiller configures an HTTP Security Server to work with the content vectoring protocol to screen forbidden sites. Jack has created a URI resource object using CVP with the following settings:
*
Use CVP

*
Allow CVP server to modify content

*
Return data after content is approved
Mrs. Bill adds two rules to her Rule Base: one to inspect HTTP traffic going to known forbidden sites, the other to allow all other HTTP traffic. Certkiller sees HTTP traffic going to those problematic sites is not prohibited. What could cause this behavior?
A. The Security Server Rule is after the general HTTP Accept Rule.
B. The Security Server is not communicating with the CVP server.
C. The Security Server is not configured correctly.
D. The Security Server is communicating with the CVP server, but no restriction is defined in the CVP server.
Correct Answer: A
QUESTION 48
You must set up SIP with proxy for your network. IP phones are in the 172.16.100.0 network. The Rigistrar and proxy are installed on host 172.16.100.100. To allow handover enforcement for outbound calls from SIP-net to network Net_B on the Internet, you have defined the following object:
*
Network object: SIP-net 172.16.100.0/24

*
SIP-gateway: 172.16.100.100

*
VoIP Domain Object: VoIP_domain_A
1.
End-point domain: SIP-net

2.
VoIP gateway installed at: SIP-gateway host object
How should you configure the rule`?
A. SIP-Gateway/Net_B/sip_any/accept
B. VoIP_domain/Net_B/sip/accept
C. SIP-Gateway/Net_B/sip/accept
D. VoIP_domain_A/Net_B/sip_any; and sip/accept
E. VoIP_Gateway_A/Net_B/sip_any/accept
Correct Answer: A
QUESTION 49
How does a standby SmartCenter Server receive logs from all Security Gateways, when an active SmartCenter Server fails over?
A. The remote Gateways must set up SIC with the secondary SmartCenter Server, for logging.
B. Establish Secure Internal Communictions (SIC) between the primary and secondary Servers. The secondary Server can then receive logs from the Gateways, when the active Server fails over.
C. On the Log Server screen (from the Logs and Master tree on the gateway object’s General Properties screen), add the secondary SmartCenter Server object as the additional log server. Reinstall the Security Policy.
D. Create a Check Point host object to represent the standby SmartCenter Server. Then select “Secondary SmartCenter Server” and “Log Server”, from the list of Check Point Products on the General properties screen.
E. The secondary Server’s host name and IP address must be added to the Masters file, on the remote Gateways.
Correct Answer: C QUESTION 50
Exhibit:

You are preparing a lab for a ClusterXL environment, with the topology shown in the exhibit.
*
Vip internal cluster IP=172.16.10.1; Vip external cluster IP=192.168.10.3

*
Cluster Member 1: four NICs, three enabled: qfe0: 192.168.10.1/24, qfe1: 10.10.10.1/24, qfe2: 172.16.10.1/24

*
Cluster Member 2: five NICs, three enabled: hme0: 192.168.10.2/24, eth1: 10.10.10.2/24, eth2: 172.16.10.2/24

*
Member Network tab on internal-cluster interfaces: is 10.10.10.0, 255.255.255.0

*
SmartCenter Pro Server: 172.16.10.3
External interfaces 192.168.10.1 and 192.168.10.2 connect to a Virtual Local Area Network (VLAN) switch. The upstream router connects to the same VLAN switch. Internal interfaces 10.10.10.1 and 10.10.10.2 connect to a hub. There is no other machine in the 10.10.01.0 network. 172.19.10.0 is the synchronization network. What is the problem with this configuration?
A. The SmartCenter Pro Server cannot be in synchronization network.
B. There is no problem with configuration. It is correct.
C. Members do not have the same number of NICs.
D. The internal network does not have a third cluster member.
E. Cluster members cannot use the VLAN switch. They must use hubs.

Correct Answer: B
QUESTION 51
Your VPN Community includes three Security Gateways. Each Gateway has its own internal network defined as a VPN Domain. You must test the VPN-1 NGX route-based VPN feature, without stopping the VPN. What is the correct order of steps?
A. 1. Add a new interface on each Gateway.
2.
Remove the newly added network from the current VPN domain for each Gateway.

3.
Create VTIs on each Gateway, to point to the other two peers

4.
Enable advanced routing on all three Gateways.
B. 1. Add a new interface on each Gateway.
2.
Remove the newly added network from the current VPN domain in each gateway object.

3.
Create VTIs on each gateway object, to point to the other two peers

4.
Add static routes on three Gateways, to route the new network to each peer’s VTI interface..
C. 1. Add a new interface on each Gateway.
2.
Add the newly added network into the existingVPN domain for each Gateway.

3.
Create VTIs on each gateway object, to point to the other two peers

4.
Enable advanced routing on all three Gateways.
D. 1. Add a new interface on each Gateway.
2.
Add the newly added network into the existingVPN domain for each Gateway.

3.
Create VTIs on each Gateway, to point to the other two peers

4.
Add static routes on three Gateways, to route the new network to each peer’s VTI interface
Correct Answer: B
QUESTION 52
How does ClusterXL Unicast mode handle new traffic?
A. The pivot machine receives and inspects all new packets, and synchronizes the connections with other members.
B. Only the pivot machine receives all packets. It runs an algorithm to determine which member should process the packets.
C. All members receive packets. The SmartCenter Server decides which member will process the packets. Other members simply drop the packets.
D. All cluster members process all packets, and members synchronize with each other.
Correct Answer: B
QUESTION 53
You are configuring the VoIP Domain object for a SIP environment, protected by VPN-1 NGX. Which VoIP Domain object type can you use?
A. Call Manager
B. Gateway
C. Call Agent
D. Gatekeeper
E. Proxy
Correct Answer: E

QUESTION 54
VPN-1 NGX supports VoIP traffic in all of the following environments, EXCEPT which environment?
A. H.323
B. SIP
C. MEGACO
D. SCCP
E. MGCP
Correct Answer: C
QUESTION 55
You plan to incorporate OPSEC servers, such as Websense and Trend Micro, to do content filtering. Which segments is the BEST location for these OPSEC servers, when you consider Security Server performance and data security?
A. On the Security Gateway
B. Internal network, where users are located
C. On the Internet
D. DMZ network, where application servers are located
E. Dedicated segment of the network
Correct Answer: E
QUESTION 56
You are reviewing SmartView Tracker entries, and see a Connection Rejection on a Check Point QoS rule., What causes the Connection Rejection?
A. No QoS rule exist to match the rejected traffic.
B. The number of guaranteed connections is exceeded. The rule’s properties are not set to accept additional connections.
C. The Constant Bit Rate for a Low Latency Class has been exceeded by greater than 10%, and the Maximal Delay is set below requirements.
D. Burst traffic matching the Default Rule is exhausting the Check Point QoS global packet buffers.
E. The guarantee of one of the rule’s sub-rules exceeds the guarantee in the rule itself.
Correct Answer: B
QUESTION 57
Which of the following QoS rule-action properties is an Advanced action type, only available in Traditional mode?
A. Guarantee Allocation
B. Rule weight
C. Apply rule only to encrypted traffic
D. Rule limit
E. Rule guarantee
Correct Answer: A
QUESTION 58
Which Check Point QoS feature marks the Type of Service (ToS) byte in the IP header?
A. Guarantees
B. Low Latency Queuing
C. Differentiated Services
D. Weighted Fair Queing
E. Limits
Correct Answer: C
QUESTION 59
Which of the following TCP port numbers is used to connect the VPN-1 Gateway to the Content Vector Protocol (CVP) server?
A. 18182
B. 18180
C. 18181
D. 17242
E. 1456
Correct Answer: C QUESTION 60

VPN-1 NGX includes a resource mechanism for working with the Common Internet File System (CIFS). However, this service only provides a limited level of actions for CIFs security. Which of the following services is NOT provided by a CIFS resource?
A. Long access share
B. Block Remote Registry Access
C. Log mapped shares
D. Allow MS print shares
Correct Answer: A
QUESTION 61
How can you prevent delay-sensitive applications, such as video and voice traffic, from being dropped due to long queues when using a Check Point QoS solution?
A. Low latency class
B. DiffServ rule
C. Guaranteed per connection
D. Weighted Fair Queuing
E. Guaranteed per VoIP rule
Correct Answer: D
QUESTION 62
Certkiller is a Security Administrator preparing to implement a VPN solution for her multi-site organization Certkiller .com. To comply with industry regulations, Mrs. Bill VPN solution must meet the following requirements:
*
Portability: standard

*
Key management: Automatic, external PKI

*
Session keys: Changed at configured times during a connection’s lifetime

*
key length: No less than 128-bit

*
Data integrity: Secure against inversion and brute-force attacks
What is the most appropriate setting Jack should choose?
A. IKE VPNs: AES encryption for IKE Phase 1, and DES encryption for Phase 2; SHA1 ash
B. IKE VPNs: SHA1 encryption for IKE Phase 1, and MD5 encryption for Phase 2; AES hash
C. IKE VPNs: CAST encryption IKE Phase 1, and SHA1 encryption for Phase 2; DES hash
D. IKE VPNs: AES encryption for IKE Phase 1, and AES encryption for Phase 2; SHA1 hash
E. IKE VPNs: DES encryption for IKE Phase 1, and 3DES encryption for Phase 2; MD5 hash
Correct Answer: D
QUESTION 63
Your current VPN-1 NG Application Intelligence (AI) R55 stand-alone VPN-1 Pro Gateway and SmartCenter Server run on SecurePlatform. You plan to implement VPN-1 NGX in a distributed environment, where the existing machine will be the SmartCenter Server, and a new machine will be the VPN-1 Pro Gateway only. You need to migrate the NG with AI R55 SmartCenter Server configuration, including such items as Internal Certificate Authority files, databases, and Security Policies. How do you request a new license for this VPN-1 NGX upgrade?
A. Request a VPN-1 NGX SmartCenter Server license, using the new machine’s IP addres. Request a new local license for the NGX VPN-1 Pro Gateway.
B. Request a VPN-1 NGX SmartCenter Server license, using the new machine’s IP addres. Request a new central license for the NGX VPN-1 Pro Gateway.
C. Request a new VPN-1 NGX SmartCenter Server license, using the NG with AI SmartCenter Server IP address. Request a new central license for the NGX VPN-1 Pro Gateway.
D. Request a VPN-1 NGX SmartCenter Server license, using the NG with AI SmartCenter Server IP address. Request a new central license for the NGX VPN-1 Pro Gateway, licenses for the existing SmartCenter Server IP address.
Correct Answer: C
QUESTION 64
Certkiller is a Security Administrator for Certkiller .com. Certkiller .com has two sites using pre-shared secrets in its VPN. The two sites are Boston and New York. Jack has just been informed that a new office is opening in Houston, and she must enable all three sites to connect via the VPN to each other. Three Security Gateways are managed by the same SmartCenter Server, behind the New York Security Gateway.
Mrs. Bill decides to switch from a pre-shared secrets to Certificates issued by the Internal Certificate Authority (ICA). After creating the Houston gateway object with the proper VPN domain, what are Certkiller’s remaining steps?
1.
Disable “Pre-shared Secret” on the Boston and New York gateway objects.

2.
Add the Houston gateway object into the New York and Boston’s mesh VPN Community.

3.
Manually generate ICA Certificates for all three Security Gateways.

4.
Configure “Traditional mode VPN configuration” in the Houston gateway object’s VPN screen.

5.
Reinstall the Security Policy on all three Security Gateways
A. 1, 2, 5
B. 1, 3, 4, 5
C. 1, 2, 3, 5
D. 1, 2, 4, 5
E. 1, 2, 3, 4
Correct Answer: C
QUESTION 65
Which component functions as the Internal Cerrificate Authority for VPN-1 NGX?
A. VPN-1 Certificate Manager
B. SmartCenter Server
C. SmartLSM
D. Policy Server
E. Security Gateway
Correct Answer: B

QUESTION 66
Which Security Server can perform content-security tasks, but CANNOT perform authentication tasks?
A. FTP
B. SMTP
C. Telnet
D. HTTP
E. rlogin
Correct Answer: B
QUESTION 67
Certkiller .com has two headquarters, one in Los Angeles and one in Mumbai. Each headquarter includes several branch offices. The branch office only need to communicate with the headquarter in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for VPN communities among the branch offices and their headquarters, and between the two headquarters? VNP communities comprised of:
A. two star and one mesh community; each start Community is set up for each site, with headquarters as the center of the Community, and branches as satellites. The mesh Communities are between Mumbai and Los Angeles headquarters.
B. Three mesh Communities: one for Los Angeles and its branches, one for Mumbai headquarters and its branches, and one for Los Angeles and Mumbai headquarters.
C. Two mesh Communities, one for each headquarters; and one start Community, in which Los Angeles is the center of the Community and Mumbai is the satellite.
D. Two mesh Communities, one for each headquarters; and one start Community, in which Mumbai is the center of the Community and Los Angeles is the satellite.
Correct Answer: A
QUESTION 68
Certkiller wants to protect internal users from malicious Java code, but Jack does not want to strop Java scripts. Which is the best configuration option?
A. Use the URI resource to block Java code
B. Use CVP in the URI resource to block Java code
C. Use the URI resource to strop ActiveX tags
D. Use the URI resource to strop applet tags
E. Use the URI resource to strop script tags
Correct Answer: A
QUESTION 69
Which Security Server can perform authentication tasks, but CANNOT perform content security tasks?
A. Telnet
B. HTTP
C. rlogin
D. FTP
E. SMTP
Correct Answer: AC
QUESTION 70
Which service type does NOT invoke a Security Server?
A. HTTP
B. FTP
C. Telnet
D. CIFS
E. SMTP
Correct Answer: D
QUESTION 71
Which operating system is NOT supported by VPN-1 SecureClient?
A. IPSO 3.9
B. Windows XP SP2
C. Windows 2000 Professional
D. RedHat Linux 8.0
E. MacOS X
Correct Answer: A
QUESTION 72
You are preparing computers for a new ClusterXL deployment. For your cluster, you plan to use three machines with the configurations displayed in the exhibit. Are these machines correctly configured for a ClusterXL deployment?
A. Yes, these machines are configured correctly for a ClusterXL deployment.
B. No, QuadCards are not supported with ClusterXL.
C. No, all machines in a cluster must be running on the same OS.
D. No, al cluster must have an even number of machines.
E. No, ClusterXL is not supported on Red Hat Linux.
Correct Answer: C
QUESTION 73
Certkiller is notified by blacklist.org that her site has been reported as a spam relay, due to her SMTP server being unprotected. Mrs. Bill decides to implement an SMTP Security Server, to prevent the server from being a spam relay. Which of the following is the most efficient configuration method?
A. Configure the SMTP Security Server to perform MX resolving.
B. Configure the SMTP Security Server to perform filtering, based on IP address and SMTP protocols.
C. Configure the SMTP Security Server to work with an OPSEC based product, for content checking.
D. Configure the SMTP Security Server to apply a generic “from” address to all outgoing mail.
E. Configure the SMTP Security Server to allow only mail to or from names, within Jack’s corporate domain.
Correct Answer: E
QUESTION 74

The exhibit is a cphaprob state command output from a ClusterXL New mode high Availability member.
When a member 192.168.1.2 fails over and restarts, which member will become active?
A. 192.168.1.2
B. 192.168.1.1
C. Both members’ state will be standby.
D. Both members’ state will be active.
Correct Answer: B
QUESTION 75

You work as a network administrator at Certkiller.com. Your network includes ClusterXL running Multicast mode on two members, as shown in this topology exhibit.
Your network is expanding, and you need to add new interfaces: 10.10.10.1/24 on Member A, and 10.10.10.2/24 on Member B. The virtual IP address for interface 10.10.10.0/24 is 10.10.10.3.
What is the correct procedure to add these interfaces?
A. 1. Use the ifconfig command to configure and enable the new interface.
2.
Run cpstop and cpstart on both members at the same time.

3.
Update the topology in the cluster object for the cluster and both members.

4.
Install the Security Policy.
B. 1. Disable “cluster membership” from one Gateway via cpconfig.
2.
Configure the new interface via sysconfig from the “non-member” Gateway.

3.
Re-enable “Cluster membership” on the Gateway.

4.
Perform the same step on the other Gateway.

5.
Update the topology in the cluster object for the cluster and members.

6.
Install the Security Policy
C. 1. Run cpstop on one member, and configure the new interface via sysconfig.
2.
Run cpstart on the member. Repeat the same steps on another member.

3.
Update the new topology in the cluster object for the cluster and members.

4.
Install the Security Policy.
D. 1. Use sysconfig to configure the new interfaces on both members.
2.
Update the topology in the cluster object for the cluster and both members.

3.
Install the Security Policy.

Correct Answer: C
QUESTION 76
VPN-1 NGX includes a resource mechanism for working with the Common Internet File System (CIFS).
However, this service only provides a limited level of actions for
CIFs security. Which of the following services is NOT provided by a CIFS resource?

A. Long access share
B. Block Remote Registry Access
C. Log mapped shares
D. Allow MS print shares
Correct Answer: A
QUESTION 77
Which service type does NOT invoke a Security Server?
A. HTTP
B. FTP
C. Telnet
D. CIFS
E. SMTP
Correct Answer: D
QUESTION 78
Jack’s project is to define the backup and restore section of his organization’s disaster recovery plan for his organization’s distributed NGX installation. Jack must meet the following required and desired objectives.
*
Required Objective The security policy repository must be backed up no less frequent~ than every 24 hours

*
Desired Objective The NGX components that enforce the Security Policies should be backed up no less frequently than once a week

*
Desired Objective Back up NGX logs no less frequently than once a week Jack’s disaster recovery plan is as follows. See exhibit.

Jack’s plan:
A. Meets the required objective but does not meet either desired objective
B. Does not meet the required objective
C. Meets the required objective and only one desired objective
D. Meets the required objective and both desired objectives
Correct Answer: D
QUESTION 79
Which VPN Community object is used to configure VPN routing within the SmartDashboard?
A. Star
B. Mesh
C. Remote Access
D. Map
Correct Answer: A

We also provide FLYDUMPS CheckPoint 156-315 practice test download in case there is an update by the vendor. Our team of experts keeps the exam updated and accurate. Before decide to take FLYDUMPS CheckPoint 156-315 test, just check the free demo we offer. FLYDUMPS CheckPoint 156-315 test are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development. If you prepare for the exam using our FLYDUMPS CheckPoint 156-315 practice test, we guarantee your success in the first attempt.

Pass4itsure C2180-374 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/C2180-374.html

CheckPoint 156-315 VCE Files, The Most Recommended CheckPoint 156-315 Dumps PDF Online Store

Checkpoint 156-215 Demo Exam, Useful Checkpoint 156-215 PDF Latest Version PDF&VCE

Welcome to download the newest Jumpexam C2090-611 VCE dumps: http://www.jumpexam.com/C2090-611.html

Flydumps guarantee your Checkpoint 156-215 exam success with our Exam Resources. Checkpoint 156-215 exam are the latest and developed by experience’s IT certification Professionals working in today’s prospering companies and data centers.All our Checkpoint 156-215 exam dumps including Checkpoint 156-215 exam questions which guarantee you can 100% success Checkpoint 156-215 exam in your first try exam.

QUESTION 90
Certkiller is the Security Administrator for an online bookstore. Customers connect to a variety of Web servers to place orders, change orders, and check status of their orders. Mrs. Bill checked every box in the Web Intelligence tab, and installed the Security Policy, She ran penetration test through the Security Gateway, to determine if the Web servers were protected from cross-site scripting attacks. The penetration test indicated the Web servers were still vulnerable. Which of the following might correct the problem?
A. The penetration software Certkiller is using is malfunctioning and is reporting a false-positive.
B. Certkiller must create resource objects, and use them in the rule allowing HTTP traffic to the Web servers.
C. Certkiller needs to check the “Products > Web Server” box on the host node objects representing his Web servers.
D. Certkiller needs to check the “Web Intelligence” box in the SmartDefense > HTTP Properties.
E. Certkiller needs to configure the Security Gateway protecting the Web servers as a Web server.

Correct Answer: C
QUESTION 91
You create two Policy Packages for two NGX Security Gateways. For the first Policy Package, you select Security and Address Translation and QoS Policy. For the second Policy Package, you selected Security and Address Translation and Desktop Security Policy. In the first Policy Package, you enable host-based port scan from the SmartDefense tab. You save and install the policy to the relevant Gateway object. How is the port scan configured on the second Policy Package’s SmartDefense tab?
A. Host-based port scan is disabled by default.
B. Host-based port scan is enabled, because SmartDefense settings are global.
C. Host-based port scan is enabled but it is not highlighted.
D. There is no SmartDefense tab in the second Policy Package.
Correct Answer: B
QUESTION 92
A digital signature:
A. Uniquely encodes the receiver of the key.
B. Provides a secure key exchange mechanism over the Internet.
C. Guarantees the authenticity and integrity of a message.
D. Automatically changes the shared keys.
E. Decrypts data to its original form.

Correct Answer: C
QUESTION 93
You are setting up a Virtual Private Network, and must select an encryption scheme. Your data is extremely business sensitive and you want maximum security for your data communications. Which encryption scheme would you select?
A. Tunneling mode encryption
B. In-place encryption
C. Either one will work without compromising performance

Correct Answer: A
QUESTION 94
You have just started a new job as the Security Administrator for Certkiller . Your boss has asked you to ensure that peer-to-peer file sharing is not allowed past the corporate Security Gateway. Where should you configure this?
A. SmartDashboard > SmartDefense
B. SmartDashboard > WebDefense
C. By editing the file $FWDIR/conf/application_intelligence.C
D. SmartDashboard > Policy > Global Properties > Malicious Activity Detection
E. SmartDashboard > Web Intelligence

Correct Answer: A
QUESTION 95
Amy is configuring a User Authentication rule for the technical-support department to access an intranet server. What is the correct statement?
A. The Security Server first checks if there is any rule tat does not require authentication for this type of connection.
B. The User Authentication rule must be placed above the Stealth Rule.
C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
D. Amy can only use the rule for Telnet, FTP, and rlogin services.
E. Amy can limit the authentication attempts in the Authentication tab of the User Properties screen.

Correct Answer: A
QUESTION 96
How can you unlock an administrator’s account, which was been locked due to SmartCenter Access settings in Global Properties?
A. Type fwm lock_admin -ua from the command line of the SmartCenter Server.
B. Clear the “locked” box from the user’s General Properties in SmartDashboard.
C. Type fwm unlock_admin -ua from the command line of the SmartCenter Server.
D. Type fwm unlock_admin -ua from the command line of the Security Gateway.
E. Delete the file admin.lock in the $FWDIR/tmp/ directory of the SmartCenter Server.
Correct Answer: A
QUESTION 97
How many administrators can be created during installation of the SmartCenter Server?
A. Only one
B. Only one with full access and one with read-only access
C. As many as you want
D. Depends on the license installed on the SmartCenter Server
E. Specified in the Global Properties
Correct Answer: A
QUESTION 98
Which SmartConsole tool verifies the installed Security Policy name?
A. SmartView Status
B. Eventia Reporter
C. SmartView Server
D. SmartUpdate
E. SmartView Tracker

Correct Answer: E
QUESTION 99
Ilse manages a distributed NGX installation for Certkiller .com. Ilse needs to know which Security Gateways have licenses that will expire within the next 30 days. Which SmartConsole application should Ilse use to gather this information?
A. SmartView Monitor
B. SmartUpdate
C. SmartDashboard
D. SmartView Tracker
E. SmartView Status

Correct Answer: B
QUESTION 100
Herman is attempting to configure a site-to-site VPN with one of his firm’s business partner. Herman thinks Phase 2 negotiations are failing. Which SmartConsole application should Herman use to confirm his suspicions?
A. SmartUpdate
B. SmartView Tracker
C. SmartView Monitor
D. SmartDashboard
E. SmartView Status

Correct Answer: C
QUESTION 101
How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?
A. Launch cpconfig and select “Administrators”.
B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security Administrator’s password.
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the “Password” portion of the file. The log in to the account without password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator’s account. Recreate the account with the same name.
Correct Answer: E
QUESTION 102
What happens when you select File > Export from the SmartView Tracker menu?
A. It is not possible to export an old log file, only save and switch in SmartView Tracker.
B. Current logs are exported to a new *.log file.
C. Exported log entries are still viewable in SmartView Tracker.
D. Exported log entries are deleted from fw.log.
E. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.

Correct Answer: C
QUESTION 103
Which type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets?
A. SMURF
B. Small PMTU
C. Host System Hogging
D. LAN
E. SYN-Flood

Correct Answer: B
QUESTION 104
What is the proper command for exporting users in LDAP format?
A. fw dbexport -f c:\temp\users.txt
B. fw dbimport -f c:\temp\users.ldif -l -s “o=YourCity.com,c=YourCountry”
C. fw dbimport -f c:\temp\users.ldap
D. fw dbexport -f c:\temp\users.ldap -l -s
E. fw dbexport -f c:\temp\users.ldif -l -s “o=YourCity.com,c=YourCountry”

Correct Answer: E
QUESTION 105
Shauna is troubleshooting a Security Gateway that is dropping all traffic whenever the most recent Security Policy is installed. Working at the Security Gateway, Shauna needs to uninstall the Policy, but keep the processes running so she can see if there is an issue with the Gateway’s firewall tables. Which of the following commands will do this?
A. fw dbload 10.1.1.5
B. fw unload 10.1.1.5
C. cprestart
D. fw tab -x -u
E. cpstop

Correct Answer: D
QUESTION 106
You have blocked an IP address via the Block Intruder feature of SmartView Tracker. How can you see the addresses you have blocked?
A. In SmartView Status click the Blocked Intruder tab.
B. Run fwm blocked_view.
C. Run fw sam -va.
D. Run fw tab -t sam_blocked_ips.
E. In SmartView Tracker, click the Active tab, and the actively blocked connections display.

Correct Answer: D
QUESTION 107
Your internal Web server in the DMZ has IP address 172.16.10.1/24. A particular network from the Internet tries to access this Web server. You need to set up some type of Network Address Translation (NAT), so that NAT occurs only from the HTTP service, and only from the remote network as the source. The public IP address for the Web server is 200.200.200.1. All properties in the NAT screen of Global Properties are
enabled.
Select the correct NAT rules, so NAT happens ONLY between “web_dallas” and the remote network.

A. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules above the automatic Hide NAT rules for the 172.16.10.0 network.

3.
Select “HTTP” in the Service column of both manual NAT rules.

4.
Enter an ARP entry and route on the Security Gateway’s OS.
B. 1. Enable NAT on the web_dallas object, select “static”, and enter “200.200.200.1” in the General Properties screen.
2.
Specify “HTTP” in the automatic Static Address Translation rules.

3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
C. 1. Enable NAT on the web_dallas object, select “hide”, and enter “200.200.200.1” for the Hide NAT IP address.
2.
Specify “HTTP” in the Address Translation rules that are generated automatically.

3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
D. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules below the Automatic Hide NAT rules for network 172.16.10.0, in the Address Translation Rule Base.

3.
Select “HTTP” in the Service column of both manual NAT rules.

4.
Enter an ARP entry and route on the Security Gateway’s OS.

Correct Answer: A
QUESTION 108
Using SmartDefense how do you notify the Security Administrator that malware is scanning specific ports? By enabling:
A. Network Port scan
B. Host Port scan
C. Malware Scan protection
D. Sweep Scan protection
E. Malicious Code Protector

Correct Answer: D
QUESTION 109
Jack’s project is to define the backup and restore section of his organization’s disaster recovery plan for his
organization’s distributed NGX installation. Jack must meet the following required and desired objectives:
Required objective: The security policy repository must be backed up no less frequently than every 24
hours.
Desired objective: The NGX components that enforce the Security Policies should be backed up no less
frequently than once a week.
Desired objective: Back up NGX logs no less frequently than once a week. Administrators should be able
to view backed up logs in SmartView Tracker.
Jack’s disaster recovery plan is as follows:
Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure
the organization’s routine backup software to back up the files created by the upgrade_export command.
Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night.
Use the cron utility to run the upgrade_export command each Saturday night on the Log Servers.
Configure an automatic, nightly logexport. Configure the organization’s routine backup software to back up
the export log every night.
Jack’s plan:

A. Meets the required objective but does not meet either desired objective.
B. Meets the required objective and both desired objectives.
C. Meets the required objective and only one desired objective.
D. Does not meet the required objective.

Correct Answer: B
QUESTION 110
Anna is working at Certkiller .com, together with three other Security Administrators. Which SmartConsole tool should she use to check changes to rules or object properties other administrators made?
A. SmartDashboard
B. SmartView Tracker
C. Eventia Tracker
D. Eventia Monitor
E. SmartView Monitor

Correct Answer: B
QUESTION 111
When you find a suspicious connection from a problematic host, you want to block everything from that whole network, not just the host. You want to block this for an hour, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Create a Suspicious Activity rule in SmartView Tracker.
B. Create a Suspicious Activity Rule in SmartView.
C. Create an “FW SAM” rule in SmartView Monitor.
D. Select “block intruder” from the Tools menu in the SmartView Tracker.

Correct Answer: B
QUESTION 112
Your internal network is using 10.1.1.0/24. This network is behind your perimeter NGX VPN-1 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet?
A. Use automatic Static NAT for network 10.1.1.0/24.
B. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.
C. Use manual Static NAT on the client side for network 10.1.1.0/24
D. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.
E. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.

Correct Answer: D
QUESTION 113
Which of these changes to a Security Policy optimizes Security Gateway performance?
A. Using domain objects in rules when possible
B. Using groups within groups in the manual NAT Rule Base
C. Putting the least-used rule at the top of the Rule Base
D. Logging rules as much as possible
E. Removing old or unused Security Policies from Policy Packages

Correct Answer: E
QUESTION 114
Nelson is a consultant. He is at a customer’s site reviewing configuration and logs as a part of a security audit. Nelson sees logs accepting POP3 traffic, but he does not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause? The POP3:
A. service is a VPN-1 Control Connection.
B. rule is hidden.
C. service is accepted in Global Properties.
D. service cannot be controlled by NGX.
E. rule is disabled.

Correct Answer: B
QUESTION 115
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Open the Rule Menu, and select Hide and View hidden rules. Select the rule, right-click, and select Disable.
B. Uninstall the Security Policy, and the disable the rule.
C. When a rule is hidden, it is automatically disabled. You do not need to disable the rule again.
D. Run cpstop and cpstart on the SmartCenter Server, then disable the rule.
E. Clear Hide from Rules drop-down menu, then right-click and select “Disable Rule(s)”.

Correct Answer: E
QUESTION 116
Mary is the IT auditor for a bank. One of her responsibilities is reviewing the Security Administrators activity and comparing it to the change log. Which application should Mary use to view Security Administrator activity?
A. NGX cannot display Security Administrator activity
B. SmartView Tracker in Real-Time Mode
C. SmartView Tracker in Audit Mode
D. SmartView Tracker in Log Mode
E. SmartView Tracker in Activity Mode

Correct Answer: C
QUESTION 117
Andrea has created a new gateway object that she will be managing at a remote location. She attempts to install the Security Policy to the new gateway object, but the object does not appear in the “install on” box. Which of the following is the most likely cause?
A. Andrea has created the object using “New Check Point > VPN-1 Edge Embedded Gateway”
B. Andrea created the gateway object using the “New Check Point > Externally Managed VPN Gateway” option from the Network Objects dialog box.
C. Andrea has not configured anti-spoofing on the interfaces on the gateway object.
D. Andrea has not configure Secure Internal Communications (SIC) for the oject.
E. Andrea created the Object using “New Check Point > VPN-1 Pro/Express Security Gateway” option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Correct Answer: B
QUESTION 118
Certkiller is recently hired as the Security Administrator for Certkiller .com. Jack Bill’s manager has asked
her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Certkiller
must propose a plan based on the following required and desired results:
Required Result #1: Do not purchase new hardware.
Required Result #2: Use configuration changes the do not reduce security. Desired Result #1: Reduce the
number of explicit rules in the Rule Base.
Desired Result #2: Reduce the volume of logs.
Desired Result #3: Improve the Gateway’s performance.
Proposed solution:

*
Replace all domain objects with network and group objects.

*
Check “Log implied rules” and “Accept ICMP requests” in Global Properties.

*
Use Global Properties, instead of explicit rules, to control ICMP, VRRP, and RIP. Does Certkiller’s
proposed solution meet the required and desired results?
A. The solution meets all required and desired results.
B. The solution meets all required, and one of the desired results.
C. The solution meets all required, and two of the desired results.
D. The solution meets all required, and none of the desired results.
E. The solution does not meet the required results.

Correct Answer: E

It is not easy to achieve success in the field of information technology. This is because Checkpoint 156-215  competition is very rampant in the industry. In order for you to acquire a successful career in this industry, acquiring the best Checkpoint 156-215 certification is the best thing to do. When selecting an information technology Checkpoint 156-215 certification, it is very significant to look for the right Checkpoint 156-215 that can help you succeed. Make sure that it relates to your career. Do not just select Checkpoint 156-215 certification without reviewing the Checkpoint 156-215 certification if it can help you or not.

Jumpexam C2090-611 dumps with PDF + Premium VCE + VCE Simulator: http://www.jumpexam.com/C2090-611.html

Checkpoint 156-215 Demo Exam, Useful Checkpoint 156-215 PDF Latest Version PDF&VCE

CheckPoint CheckPoint 156-915 Demo Material, 100% Real CheckPoint 156-915 PDF On Store

Welcome to download the newest Pass4itsure 156-915 VCE dumps: https://www.pass4itsure.com/156-915.html

Confronted any fiercer along with fiercer competitors in IT planet, are you terrific strain? Certainly, you are doing. Subsequently you’d far better find the CheckPoint 156-915 to be able to take your job. Right now, A growing number of CheckPoint 156-915 certification will be can come staying to be able to in life. It is terrific in the event that contenders get CheckPoint 156-915 exam sample questions directly from Cisco  Higher education. Candidates can easily gain more experience and knowledge during Cisco University since masters/ specialists will supply training towards the contenders. Before you take CheckPoint 156-915 exam sample questions, any main element how the contenders want to do will be to know about the CheckPoint 156-915 Study guide test training and that will make this happen for any very clear information to learn any CheckPoint 156-915 exam sample questions. Each of the CheckPoint 156-915 Study guide test information and various details are accessible immediately inside Cisco site.

QUESTION 111
When synchronizing clusters, which of the following statements is NOT true?
A. User Authentication connections will be lost by the cluster
B. An SMTP resource connection using CVP will be maintained by the cluster
C. Only cluster members running on the same OS platform can be synchronized
D. In the case of a failover, accounting information on the failed member may be lost despite a properly working synchronization

Correct Answer: B
QUESTION 112
Identify the correct steps performed by SmartUpdate to upgrade a remote Security Gateway. After selecting “Packages: add?from CD”, the:
A. Entire Contents of the CD are copied to the packages directory on the selected remote security gateway
B. Selected Package is copied to the packages directory on the selected remote security gateway
C. Selected package is copied to the package repository on the SmartCenter Server
D. Entire contents of the CD are copied to the Package Repository on the SmartCenter Server

Correct Answer: C
QUESTION 113
What is the command in SecurePlatform Expert shell used to add routes without the use of sysconfig or the WebUI?
A. ip route
B. sysconfig route
C. ifroute
D. ifconfig

Correct Answer: A
QUESTION 114
You want to upgrade a cluster with two members to VPN-1 NGX R65. The SmartCenter server and both
members are version VPN-1/Firewall-1 NG FP3, with the latest Hotfix.
What is the correct upgrade procedure?

1.
Change the version, in the General Properties of the gateway-cluster object

2.
Upgrade the SmartCenter Server and reboot after upgrade

3.
Run cpstop on one member, while leaving the other member running. Upgrade one member at a time and reboot after upgrade

4.
Reinstall the Security Policy:
A. 3,2,1,4
B. 2,3,1,4
C. 1,3,2,4
D. 2,4,3,1
Correct Answer: B
QUESTION 115
Which utility allows you to configure the DHCP service on SecurePlatform from the command line?
A. Cpconfig
B. WebUI
C. Ifconfig
D. Sysconfig
Correct Answer: D
QUESTION 116
In ClusterXL, which of the following processes are defined by default as critical devices?
A. fwd
B. assid
C. cpp
D. fwm

Correct Answer: A
QUESTION 117
Which command line interface utility allows the administrator to verify the name and timestamp of the Security Policy currently installed on a firewall module?
A. fw stat
B. fw ctl pstat
C. cpstat fwd
D. fw ver

Correct Answer: A
QUESTION 118
The command fw fetch causes the:
A. Security gateway to retrieve the compiled policy and inspect code from the SmartCenter Server and install it to the kernel
B. SmartCenter Server to retrieve the debug logs of the target security gateway
C. SmartCenter Server to retrieve the IP addresses of the target security gateway
D. Security Gateway to retrieve the user database information from the tables on the SmartCenter Server

Correct Answer: A
QUESTION 119
Where is it necessary to configure historical records in SmartView Monitor to generate Express reports in Eventia Reporter?
A. In Eventia Reporter, under Standard > Custom
B. In Eventia Reporter, under Express> Network Activity
C. In SmartView Monitor, under Global Properties > Log and Masters
D. In SmartDashboard, the SmartView Monitor page in the VPN-1 Security Gateway object
Correct Answer: D
QUESTION 120
SmartCenter Server
A. Purges the current log file and starts a new log file
B. Saves the current log file names the log file by data and time and starts a new log file
C. Prompts you to enter a filename, then saves the log file
D. Purges the current log and prompts you for the new log’s mode
Correct Answer: B
QUESTION 121
Central License Management allows a Security Administrator to perform which of the following functions?
A. 2,3,4,5
B. Attach and/or delete only NGX Central Licenses to a remote module (not Local Licenses)
C. 2,5,6
D. Check for expired licenses
E. 1,2,5,6
F. Sort licenses and view license properties
G. Delete both NGX Local licenses and Central licenses from a remote module
H. 1,2,3,4,5
I. Add or remove a license to or from the license repository
J. Attach both NGX Central Local licenses to a remote module

Correct Answer: D
QUESTION 122
Which of the following is NOT true for clientless VPN?
A. The Gateway accepts any encryption method that is proposed by the client and supported in the VPN
B. Secure communication is provided between clients and servers that support HTTP
C. User Authentication is supported
D. The Gateway can enforce the use of strong encryption

Correct Answer: B
QUESTION 123
Control connections between the SmartCenter Server and the Gateway are not encryptd by the VPN Community. How are these connections secured?
A. They are not encrypted but are authenticated by the Gateway
B. They are secured by PPTP
C. They are encrypted and authenticated using SIC
D. They are not secured

Correct Answer: C
QUESTION 124
Which VPN-1 NGX R65 component displays the number of packets accepted, rejected and dropped on a specific Security Gateway, in real time?
A. Eventia Analyzer
B. SmartView Status
C. SmartUpdate
D. SmartView Monitor
Correct Answer: A
QUESTION 125
What happens when you select File > Export from the SmartView Tracker Menu?
A. Current logs are exported to a new *.log file
B. Exported log entries are deleted from fw.log
C. Logs in fw.log are exported to a file that can be opened by Microsoft Excel
D. Exported log entries are still viewable in SmartView Tracker
Correct Answer: C
QUESTION 126
Where do you enable popup alerts for SmartDefense settings that have detected suspicious activity?
A. In SmartView Monitor, Select Tools > Alerts
B. In SmartView Tracker, Select tools > Custom commands
C. In SmartDashboard, select global properties > Log and Alert > Alert commands
D. In SmartDashboard, edit the gateway object, select SmartDefense > Alerts

Correct Answer: A QUESTION 127
Which of the following command is a CLI command for VPN-1 NGX R65?
A. fw tab -u
B. fw merge
C. fw shutdown
D. fwprint

Correct Answer: A QUESTION 128
Which SmartConsole component can administrators use to track remote administrative activities?
A. Eventia Reporter
B. SmartView Monitor
C. SmartView Tracker
D. The WebUI

Correct Answer: D

Flydumps CheckPoint 156-915 exam dumps are audited by our certified subject matter experts and published authors for development.Flydumps CheckPoint 156-915 exam dumps are one of the highest quality CheckPoint 156-915 Q&As in the world. It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass CheckPoint 156-915 exam at first.

Pass4itsure 156-915 dumps with PDF + Premium VCE + VCE Simulator: https://www.pass4itsure.com/156-915.html

Checkpoint 156-816 Exam Sample, Useful Checkpoint 156-816 Vce Files With High Quality

Welcome to download the newest Pass4itsure c4040-226 VCE dumps: http://www.pass4itsure.com/c4040-226.html

Technicians know the instruments and test setups. Engineers need good writing and verbal skills. Technicians need to know the Checkpoint 156-816 of real measurements. If you want to succeed as part of your work and even acquire change among the different opposition then simply can come together with adhere to each of our Flydumps Checkpoint 156-816 exam sample questions. All applicants have to be competent in the fundamentals, i.e., Flydumps Checkpoint 156-816 exam sample questions, as well as the specifications which apply to their particular specialty. Flydumps Checkpoint 156-816 exam sample questions, Checkpoint 156-816 Exam has unified the performance tiers into a single file system, consolidating its compositing, computer graphics and stop motion workflows onto a single, shared storage resource, streamlining production operations and improving IT efficiency.

QUESTION 111
In a VSX Gateway cluster, which of the following objects are available by default as installation targets for the Management Virtual System?
A. Internal Virtual Switch cluster object
B. Individual Virtual Systems for each Customer’s cluster member
C. Virtual System cluster of each Customer
D. External Virtual Router cluster object
E. External Virtual Switch cluster object

Correct Answer: D
QUESTION 112
Which of the following VLAN membership types is considered explicit in its propagation?
A. Route-based
B. MAC address-based
C. Port-based
D. Session-based
E. State-based

Correct Answer: C
QUESTION 113
When Virtual Systems are deployed in Bridge mode, they use ____________ to detect failures and forward traffic to another Virtual System in a cluster?
A. BPDU
B. MPLS
C. VRRP
D. OSPF
E. STP
Correct Answer: E
QUESTION 114
Which of the following can function as a Management Server for a VSX Gateway?
A. Provider-1 NGX: Multi -Log Monitor
B. SmartCenter Server
C. Check Point Integrity
D. Security Management Portal
E. VPN-1/FireWall-1 Small Office

Correct Answer: B
QUESTION 115
Which of the following statements is TRUE concerning a VSX NGX deployment?
A. A separate management interface is required for a management network to access and control a VSX Gateway.
B. Multiple VSX Administrators can be configured with granular permission control in a SmartCenter Server management environment.
C. VSX Administrators can manage VSX Gateways and clusters through the Internet. No special management interface is required.
D. The functionality of VSX NGX is based on NG FP0.
E. All VSX virtual devices now share all functions of a standard NGX Security Gateway.

Correct Answer: C
QUESTION 116
Consider the following scenario: You have two VSX Gateways configured for High Availability. Each has one dedicated management interface, one synchronization interface, one external interface, and two interfaces used to connect to protected customer networks. How many cluster interfaces do you have in this configuration?
A. Three; one Management Virtual System cluster, one External Virtual Router cluster, and one Virtual System cluster containing both customer Virtual Systems
B. Five; one VSX Gateway cluster, one Management Virtual System Cluster, one External Virtual Router cluster, and two Virtual System clusters
C. Two; one External Virtual Router cluster, and one cluster containing all Virtual Systems
D. One; one VSX cluster containing all components
E. Four; one Management Virtual System cluster, one External Virtual Router cluster, and two Virtual System clusters

Correct Answer: B
QUESTION 117
Which of the following interfaces are configured by running sysconfig, during installation of a VSX Gateway in a High Availability environment?
A. Synchronization interface
B. Dedicated Customer interface
C. External interface
D. Management interface
E. Any configured VLAN

Correct Answer: D
QUESTION 118
Which process uses an encrypted TCP connection to perform Full Synchronization of VSX Gateways in a cluster?
A. cpd
B. srd
C. fwd
D. synd
E. vpnd

Correct Answer: C
QUESTION 119
Which of the following is NOT a type of physical interface seen in a VSX Gateway?
A. Warp
B. Internal
C. Dedicated management
D. External
E. Synchronization

Correct Answer: A
QUESTION 120
Which of the following virtual devices will NOT fail over, if its interface fails in a VSX High Availability configuration?
A. Virtual System in Bridge mode
B. External Virtual Router
C. Internal Virtual Router
D. Virtual System with VLAN interfaces
E. Management Virtual System interface

Correct Answer: A
QUESTION 121
Both SmartCenter Server and Provider-1 can be used for central configuration, management, and monitoring of multiple VSX Gateways and Virtual Systems. What criteria are used to decide which management model is used?
A. Licensing restrictions and costs, administrative requirements, and operation model
B. The size of the deployment and planned expansion, administrative requirements, and security model
C. The size of the deployment and planned expansion, end-user requirements, operation model, and licensing restrictions
D. The size of the deployment and planned expansion, administrative requirements, operation model, and licensing restrictions
E. The size of the deployment and planned expansion, end-user requirements, and security model

Correct Answer: D
QUESTION 122
The External Virtual Router is associated with a dedicated interface. It is considered to be which type of interface?
A. Warp
B. Synchronization
C. Virtual
D. Physical
E. Symbolic

Correct Answer: D
QUESTION 123
Security Policies enforced by Virtual Systems are applied to __________ connected to the Virtual IP Stack.
A. All interfaces
B. Virtual interfaces
C. Physical interfaces
D. Warp and virtual interfaces
E. Warp interfaces

Correct Answer: A
QUESTION 124
What type of synchronization happens when a Gateway joins a VSX cluster?
A. Partial Synchronization
B. Alpha Synchronization
C. Delta Synchronization
D. Dynamic Synchronization
E. Full Synchronization

Correct Answer: E
QUESTION 125
If you want your customer’s Virtual Systems to give protected hosts access to and from the Internet, which of the following must be configured as a public IP address?
A. Default Gateway IP address of the Virtual Switch
B. Main IP of the customer’s Virtual System
C. Main IP of the Virtual Switch
D. Default Gateway IP address of the Management Virtual System
E. Main IP of the Management Virtual System

Correct Answer: B
QUESTION 126
What is required to prevent loops in Virtual Systems in a Cluster XL environment?
A. BPDU
B. MPLS
C. STP
D. VRRP
E. OSPF

Correct Answer: C
QUESTION 127
When configuring VSX Gateway clustering, the VSX Administrator assigns a unique __________ to each VSX Gateway in the cluster.
A. Synchronization interval
B. Management Server
C. Initial state (Active/Standby)
D. Name
E. Subnet mask

Correct Answer: D
QUESTION 128
You are configuring source-based routing in a VSX Gateway deployment with both External and Internal Virtual Routers. Which of the following functions cannot be configured for the Virtual Systems?
A. Virtual System clustering
B. Anti-spoofing measures
C. Network Address Translation
D. Remote access VPNs
E. Intranet VPNs

Correct Answer: B
QUESTION 129
A Virtual System in Bridge mode:
A. Routes traffic based on layer-3 information.
B. Forwards all traffic received from a switch.
C. Can participate in a VPN.
D. Can perform Network Address Translation.
E. Uses VRRP to manage failover.

Correct Answer: B
QUESTION 130
TRUE or FALSE. A Virtual System in Bridge mode can enforce anti-spoofing definitions.
A. True, anti-spoofing must be manually defined in bridge mode.
B. True, as long as the Virtual System has more than two interfaces defined.
C. True, as long as Network Address Translation is performed.
D. True, anti-spoofing measures are defined automatically in Bridge mode.
E. False, anti-spoofing cannot be configured for Virtual Systems in Bridge mode.

Correct Answer: A
QUESTION 131
Which of the following components controls the synchronization interface for each VSX Gateway?
A. External Virtual Router
B. Management Virtual System
C. Internal Virtual Router
D. VSX Management Server
E. Network Synchronization Server

Correct Answer: B
QUESTION 132
Which of the following VSX Gateway components are unique to, and NOT shared by, each Virtual System?
A. VSX Policy Editor
B. Context Identification Module
C. VSX Inspection Module
D. VSX Management Server
E. Virtual Router
Correct Answer: C
QUESTION 133
When configuring a new Virtual System for your VSX Gateway configuration, what should you do first?
A. Create a new Customer and CMA, to be used as the Virtual System’s Management Server.
B. Open the Admin CMA SmartDashboard, and create a new CMA object to be used as the Virtual System’s Management Server.
C. Add a new Virtual System to the Main Customer, so that the Admin CMA can be used as the Management Server.
D. Open the Global SmartDashboard, and create a new Virtual System object.
E. Open the Admin CMA SmartDashboard, and create a new Virtual System object.

Correct Answer: A
QUESTION 134
Which of the following is a Multi-Context process?
A. cpd
B. synd
C. vsxd
D. gwd
E. psd

Correct Answer: A
QUESTION 135
The __________ interface is configured in a VLAN environment, to allow multiple Virtual Systems to share a single physical interface on a VSX Gateway.
A. Synchronization
B. Warp
C. Symbolic
D. Physical
E. Virtual

Correct Answer: E
QUESTION 136
What is the difference between Single-Context and Multi-Context processes?
A. Single-Context processes are implemented in standard firewall deployments, while only Multi-Context processes are implemented in VSX Gateway deployments.
B. Single-Context processes are shared between VSX Gateways in an HA configuration, while Multi-Context processes are shared between VSX Gateways in a Load Sharing environment.
C. Single-Context processes are ones in which all Virtual Systems share, while Multi-Context processes are unique to each Virtual System.
D. Single-Context processes are implemented in a single VSX Gateway environment, while Multi-Context processes are only implemented in VSX Gateway High Availability (HA).
E. Single-Context processes are unique to each Virtual System on a Gateway, while Multi-Context processes are ones in which all Virtual Systems share.

Correct Answer: E
QUESTION 137
Which of the following is the only interface configured by running sysconfig, during the installation of a VSX Gateway in a single Gateway environment?
A. Synchronization interface
B. Dedicated Customer interface
C. Internal Virtual Router interface
D. Management interface
E. External interface

Correct Answer: D
QUESTION 138
In a standard VSX configuration, each Virtual System is configured with which of the following interfaces?
A. One leading to the Management Virtual System, and one leading to the Internal Virtual Router/Switch
B. One leading to the Management Virtual System, and one leading to the External Virtual Router
C. One leading to a router on the external network, and one for the physical interface leading to the protected network
D. One leading to the External Virtual Router/Switch, and one for the physical interface leading to the protected network
E. One for the physical interface leading to the protected network, and one leading to the Management Virtual System

Correct Answer: D
QUESTION 139
When configuring __________, the interface leading to the External Virtual Router should be set as the main IP address, and should be publicly routable.
A. Anti-spoofing
B. Virtual Systems in Bridge mode
C. Network Address Translation
D. A Virtual Switch
E. VLAN trunking interfaces

Correct Answer: C
QUESTION 140
At installation, the _________ is bound to all configured physical interfaces of a VSX Gateway, UNLESS the interfaces are specifically assigned to another component.
A. VSX Management Server
B. External Virtual Router
C. Synchronization Network
D. Management Virtual System
E. Internal Virtual Router
Correct Answer: D
Worried about Checkpoint 156-816 exam pass results? Adopt most reliable way of exam preparation that is Checkpoint 156-816 exam Questions & Answers with explanations to get reliable Checkpoint 156-816 exam pass result.Flydumps definitely guarantees it!

Pass4itsure c4040-226 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/c4040-226.html

CheckPoint 156-215 Exam Dumps, Pass the CheckPoint 156-215 Exam Test Questions 100% Pass With A High Score

Welcome to download the newest Dumpsoon 70-411 VCE dumps: http://www.dumpsoon.com/70-411.html

100% Valid! Flydumps CheckPoint 156-215 exam questions and answers are tested and approved by Microsoft experts. Furthermore, we are constantly updating our CheckPoint 156-215 exam dumps, 100% guarantee in quality and reliability.

QUESTION 81
How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. Address resolution (ARP, RARP)
C. Name resolution (hosts file, DNS, cache)
D. SNMP Get

Correct Answer: C QUESTION 82
Anti-Spoofing is typically set up on which object type?
A. Network
B. Security Management object
C. Host
D. Security Gateway

Correct Answer: D QUESTION 83
Spoofing is a method of:
A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
B. Making packets appear as if they come from an authorized IP address.
C. Detecting people using false or wrong authentication logins.
D. Hiding your firewall from unauthorized users.

Correct Answer: B QUESTION 84
How can you activate the SNMP daemon on a Check Point Security Management Server?
A. Using the command line, enter snmp_install.
B. Any of these options will work.
C. in SmartDashboard, right-click a Check Point object and select Activate SNMP.
D. From cpconfig, select SNMP extension.

Correct Answer: D QUESTION 85
Which of the following describes the default behavior of an R76 Security Gateway?
A. Traffic is filtered using controlled port scanning.
B. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.
C. All traffic is expressly permitted via explicit rules.
D. Traffic not explicitly permitted is dropped. Correct Answer: D
QUESTION 86
When you use the Global Properties’ default settings on R76, which type of traffic will be dropped if NO explicit rule allows the traffic?
A. Firewall logging and ICA key-exchange information
B. RIP traffic
C. Outgoing traffic originating from the Security Gateway
D. SmartUpdate connections

Correct Answer: B
QUESTION 87
You have installed a R76 Security Gateway on GAiA. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy. When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?
A. The new Gateway’s temporary license has expired.
B. The object was created with Node > Gateway.
C. The Gateway object is not specified in the first policy rule column Install On.
D. No Masters file is created for the new Gateway.

Correct Answer: B
QUESTION 88
Certificates for Security Gateways are created during a simple initialization from _____________.
A. The ICA management tool
B. SmartUpdate
C. sysconfig
D. SmartDashboard

Correct Answer: D
QUESTION 89
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.

Correct Answer: B
QUESTION 90
You installed security management server in a computer using SecurePlatform in the Mega corp home
office. You use IP address 10.1.1.1. You also installed the security Gateway on a second secure platform
computer, which you plan to ship to an other administrator at a mega corp Hub office. What is in the
correct order for pushing SIC certificates to the Gateway before shipping it?

1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and
click initialize and ok.
5) Install the security policy.

A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5

Correct Answer: D
QUESTION 91
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the command cpconfig and put in the same activation key in the Gateway’s object on the Security Management Server. Unfortunately, SIC cannot be established. What is a possible reason for the problem?
A. Joe forgot to exit from cpconfig.
B. The installed policy blocks the communication.
C. The old Gateway object should have been deleted and recreated.
D. Joe forgot to reboot the Gateway.
Correct Answer: A
QUESTION 92
You want to reset SIC between smberlin and sgosaka.

In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message: What is the reason for this behavior?

A. The Gateway was not rebooted, which is necessary to change the SIC key.
B. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
C. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Correct Answer: B
QUESTION 93
John is the Security Administrator in his company. He installs a new R76 Security Management Server and a new R76 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard –
“Trust established”
SIC still does not seem to work because the policy won’t install and interface fetching does not work. What might be a reason for this?
A. It always works when the trust is established
B. This must be a human error.
C. SIC does not function over the network.
D. The Gateway’s time is several days or weeks in the future and the SIC certificate is not yet valid.

Correct Answer: D
QUESTION 94
The SIC certificate is stored in the directory _______________.
A. $CPDIR/conf
B. $FWDIR/database
C. $CPDIR/registry
D. $FWDIR/conf

Correct Answer: A
QUESTION 95
You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the:
A. Default filter.
B. Last policy that was installed.
C. Standard policy.
D. Initial policy.

Correct Answer: D QUESTION 96
Chris has lost SIC communication with his Security Gateway and he needs to re-establish SIC.

What would be the correct order of steps needed to perform this task?
A. 3, 1, 4, 2
B. 2, 3, 1, 4
C. 5, 1, 2, 4
D. 5, 1, 4, 2

Correct Answer: C QUESTION 97
Which rule position in the Rule Base should hold the Cleanup Rule? Why?
A. Last. It explicitly drops otherwise accepted traffic.
B. First. It explicitly accepts otherwise dropped traffic.
C. Last. It serves a logging function before the implicit drop.
D. Before last followed by the Stealth Rule.

Correct Answer: C QUESTION 98
The ____________ and ____________ Rules are the two basic rules which should be used by all Security Administrators?
A. Cleanup; Stealth
B. Administrator Access; Stealth
C. Cleanup; Administrator Access
D. Network Traffic; Stealth

Correct Answer: A QUESTION 99
Which item below in a Security Policy would be enforced first?
A. Network Address Translation
B. Security Policy First rule
C. Administrator-defined Rule Base
D. IP spoofing / IP options

Correct Answer: D QUESTION 100
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Use the search utility in SmartDashboard to view all hidden rules. Select the relevant rule and click Disable Rule(s).
D. Hidden rules are already effectively disabled from Security Gateway enforcement.

Correct Answer: A
QUESTION 101
A Cleanup rule.
A. drops packets without logging connections that would otherwise be dropped and logged by default.
B. logs connections that would otherwise be accepted without logging by default.
C. drops packets without logging connections that would otherwise be accepted and logged by default.
D. logs connections that would otherwise be dropped without logging by default.

Correct Answer: D
QUESTION 102
Which statement is TRUE about implicit rules?
A. You create them in SmartDashboard.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. Changes to the Security Gateway’s default settings do not affect implicit rules.
D. They are derived from Global Properties and explicit object properties.

Correct Answer: D
QUESTION 103
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. After Stealth Rule
B. First
C. Before Last
D. Last

Correct Answer: D
QUESTION 104
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Exclusion of specific services for reporting purposes.
B. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
C. Acceptance of IKE and RDP traffic for communication and encryption purposes.
D. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.

Correct Answer: A
QUESTION 105
In a distributed management environment, the administrator has removed all default check boxes from the Policy > Global Properties > Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 257
B. 256
C. 259
D. 900

Correct Answer: A

All most all IT professionals are familiar with the CheckPoint 156-215 exam and dream to have that top most demanding certification. This is the top level certification from CISCO that is accepted universally. You can get your desired career which you dreamed with passing CheckPoint 156-215 test and getting the certificate.
Dumpsoon 70-411 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/70-411.html

Checkpoint 156-215 Cert Exam, Provide Latest Checkpoint 156-215 Cert Exam With The Knowledge And Skills

Welcome to download the newest Dumpsoon C_TADM51_731 VCE dumps: http://www.dumpsoon.com/MB2-703.html

Do not you know how to choose the Checkpoint 156-215 exam dumps? Being worried about the changed questions? Just try Flydumps new version Checkpoint 156-215 exam dumps. All the new questions and answers were added to the new dumps,visit Flydumps.com to free download Checkpoint 156-215!

QUESTION 51
How can you view cpinfo on a SecurePlatform machine?
A. tcpdump
B. snoop i
C. infotab
D. Text editor, such as vi

Correct Answer: D
QUESTION 52
How is wear on the flash storage device mitigated on appliance diskless platforms?
A. A RAM drive reduces the swap file thrashing which causes fast wear on the device.
B. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
C. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
D. PRAM flash devices are used, eliminating the longevity.

Correct Answer: A
QUESTION 53
In previous versions, the full TCP three-way handshake was sent to the firewall kernel for inspection. How is this improved in the current version of IPSO Flows/SecureXL?
A. Only the initial SYN packet is inspected. The rest are handled by IPSO.
B. Packets are offloaded to a third-party hardware card for near-line inspection.
C. Packets are virtualized to a RAM drive-based FW VM.
D. Resources are proactively assigned using predictive algorithmic techniques.
Correct Answer: A
QUESTION 54
Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:
A. Increase network security by securing administrative communication with a two-factor challenge response authentication.
B. Uniquely identify machines installed with Check Point software only. They have the same function as RSA Authentication Certificates.
C. Are for Security Gateways created during the Security Management Server installation.
D. Can be used for securing internal network communications between the Security Gateway and an OPSEC device.

Correct Answer: D QUESTION 55
Which of the following statements regarding SecureXL and CoreXL is TRUE?
A. SecureXL is an application for accelerating connections.
B. CoreXL enables multi-core processing for program interfaces.
C. SecureXL is only available in R75.
D. CoreXL is included in SecureXL.

Correct Answer: A QUESTION 56
Beginning with R75, Software Blades were introduced. One of the Software Blades is the IPS Software Blade as a replacement for SmartDefense. When buying or upgrading to a bundle, some blades are included, e.g. FW, VPN, IPS in SG103. Which statement is NOT true?
A. The license price includes IPS Updates for the first year.
B. The IPS Software Blade can be used for an unlimited time.
C. There is no need to renew the service contract after one year.
D. After one year, it is mandatory to renew the service contract for the IPS Software Blade because it has been bundled with the license when purchased.

Correct Answer: D QUESTION 57
John is the Security Administrator in his company. He needs to maintain the highest level of security on the firewalls he manages. He is using Check Point R75. Does he need the IPS Software Blade for achieving this goal?
A. No, all IPS protections are active, but can’t be uploaded without the license like SmartDefense.
B. Yes, otherwise no protections can be enabled.
C. Yes, otherwise the firewall will pass all traffic unfiltered and unchecked.
D. No, the Gateway will always be protected and the IPS checks can’t be managed without a license.

Correct Answer: B QUESTION 58
Which command allows you to view the contents of an R75 table?
A. fw tab -x <tablename>
B. fw tab -a <tablename>
C. fw tab -s <tablename>
D. fw tab -t <tablename>

Correct Answer: D QUESTION 59
Your R75 enterprise Security Management Server is running abnormally on Windows 2003 Server. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?
A. 1) Run the latest upgrade_export utility to export the configuration 2) Leave the exported – tgz file in %FWDIR\bin. 3) Install the primary security Management Server on top of the current installation 4) Run upgrade_import to Import the configuration.
B. 1) Insert the R75 CD-ROM. and select the option to export the configuration into a . tgz file 2) Skip any upgrade verification warnings since you are not upgrading. 3) Transfer the. tgz file to another networked machine. 4) Download and run the cpclean utility and reboot. 5) Use the R75 CD_ROM to select the upgrade__import option to import the c
C. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. “Pass Any Exam. Any Time.” – www.actualtests.com 33 Checkpoint 156-215.75 Exam 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.
D. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Transferee .tgz file to another network machine 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Install again using the R75 CD ROM as a primary security management server 5) Reboot and than transfer the .tgz file back to the local\ tem p 6) Run upgcade_import to import the configuration.

Correct Answer: C
QUESTION 60
You need to back up the routing, interface, and DNS configuration information from your R75 SecurePlatform Security Gateway. Which backup-and-restore solution do you use?
A. SecurePlatform backup utilities
B. upgrade_export and upgrade_import commands
C. Database Revision Control
D. Manual copies of the $FWDIR/conf directory

Correct Answer: A
QUESTION 61
Your R75 primary Security Management Server is installed on SecurePlatform. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours.
How do you create this schedule?
A. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
B. Create a time object, and add 48 hours as the interval. Open the Security Gateway object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
C. Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.
D. On a SecurePlatform Security Management Server, this can only be accomplished by configuring the fw logswitch command via the cron utility.
Correct Answer: A
QUESTION 62
Which of the following commands can provide the most complete restoration of an R75 configuration?
A. Cpconfig
B. Upgrade_import
C. fwm dbimport -p
D. cpinfo -recover

Correct Answer: B QUESTION 63
When restoring R75 using the command upgrade > Port. Which of the following items is NOT restored?
A. Licenses
B. Global properties
C. SIC Certificates
D. Route tables

Correct Answer: D QUESTION 64
Your company is running Security Management Server R75 on SecurePlatform, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using SmartDashboard, under Users, select Add New Administrator
B. Using the Web console on SecurePlatform under Product configuration, select Administrators
C. Using SmartDashboard or cpconf ig
D. Using cpconftg on the Security Management Server, choose Administrators

Correct Answer: A QUESTION 65
Which of the following tools is used to generate a Security Gateway R75 configuration report?
A. ethereal
B. cpinfo
C. licview
D. infoview

Correct Answer: B QUESTION 66
What information is provided from the options in this screenshot?

(i)Whether a SIC certificate was generated for the Gateway
(ii)Whether the operating system is SecurePlatform or SecurePlatform Pro
“Pass Any Exam. Any Time.” – www.actualtests.com 38 Checkpoint 156-215.75 Exam (iii)Whether this is a standalone or distributed installation
A. (i), (ii) and (iii)
B. (i) and (iii)
C. (i) and (ii)
D. (ii) and (iii)

Correct Answer: D
QUESTION 67
Peter is your new Security Administrator. On his first working day, he is very nervous and sets the wrong password three times. His account is locked. What can be done to unlock Peter’s account? Give the BEST answer.
A. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Gateway.
B. It is not possible to unlock Peter’s account. You have to install the firewall once again or abstain from Peter’s help.
C. You can unlock Peter’s account by using the command fwm lock_admin -u Peter on the Security Management Server.
D. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Management Server.
Correct Answer: C
QUESTION 68
Which CLI command verifies the number of cores on your firewall machine?
A. fw ctl pstat
B. fw ctl core stat
C. fw ctl multik stat
D. cpstat fw -f core

Correct Answer: C
QUESTION 69
John currently administers a network using single CPU single core servers for the Security Gateways and is running R75. His company is now going to implement VOIP and needs more performance on the Gateways. He is now adding more memory to the systems and also upgrades the CPU to a modern quad core CPU in the server. He wants to use CoreXL technology to benefit from the new performance benchmarks of this technology. How can he achieve this?
A. Nothing needs to be done. SecurePlatform recognized the change during reboot and adjusted all the settings automatically.
B. He just needs to go to cpconfig on the CLI and enable CoreXL. Only a restart of the firewall is required to benefit from CoreXL technology.
C. He needs to reinstall the Gateways because during the initial installation, it was a single-core CPU but the wrong Linux kernel was installed. There is no other upgrade path available.
D. He just needs to go to cpconfig on the CLI and enable CoreXL. After the required reboot he will benefit from the new technology.

Correct Answer: D
QUESTION 70
“Pass Any Exam. Any Time.” – www.actualtests.com 40 Checkpoint 156-215.75 Exam You are running a R75 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?
A. upgrade_export
B. manual backup
C. snapshot
D. backup

Correct Answer: C
QUESTION 71
Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore can be done easily by the command restore and selecting the appropriate backup file.
B. A backup cannot be restored, because the binary files are missing.
C. The restore is not possible because the backup file does not have the same build number (version).
D. The restore is done by selecting Snapshot Management from the boot menu of SecurePlatform.

Correct Answer: A
QUESTION 72
You intend to upgrade a Check Point Gateway from R65 to R75. Prior to upgrading, you want to backup the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?
A. Backup
B. Snapshot
C. Upgrade_export
D. Database_revision

Correct Answer: A
QUESTION 73
Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass through the Gateway running on an IP Appliance running IPSO. What command do you need to run after stopping the firewall service?
A. fw fwd routing
B. ipsofwd on admin
C. fw load routed
D. ipsofwd slowpath

Correct Answer: B

CheckPoint 156-215 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of CheckPoint 156-215 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification
Dumpsoon C_TADM51_731 dumps with PDF + Premium VCE + VCE Simulator: https://www.pass4itsure.com/156-215.html

CheckPoint 156-215 Real Exam Questions And Answers, Most Popular CheckPoint 156-215 Dumps PDF Guaranteed Success

Welcome to download the newest Dumpsoon MB2-700 VCE dumps: http://www.dumpsoon.com/MB2-700.html

New VCE and PDF– You can prepare CheckPoint 156-215 exam in an easy way with Flydumps CheckPoint 156-215 questions and answers.By training our vce dumps with all CheckPoint 156-215 the latest questions,you can pass the exam in the first attempt.

QUESTION 106
What is the officially accepted diagnostic tool for IP appliance support?
A. Ipsinfo
B. Uag-diag
C. CST
D. cpinfo

Correct Answer: C
QUESTION 107
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. cthtool
B. ifconfig ?a
C. eth_set
D. mii_tool

Correct Answer: C
QUESTION 108
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. clish -c set routing active enable
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd on admin “Pass Any Exam. Any Time.” – www.actualtests.com 44 Checkpoint 156-215.75 Exam

Correct Answer: D
QUESTION 109
How many inspection capture points are shown in fw monitor?
A. 2
B. 1
C. Depends on the number of interfaces on the Gateway
D. 4

Correct Answer: D
QUESTION 110
Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.
A. I
B. O
C. o
D. i

Correct Answer: B
QUESTION 111
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?
A. fw monitor -e “accept;” > /tmp/monitor.txt
B. fw monitor -e “accept;” -f > /tmp/monitor.txt
C. fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D. fw monitor -e “accept;” -w /tmp/monitor.txt “Pass Any Exam. Any Time.” – www.actualtests.com 45 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 112
When you run the fw monitor -e “accept;” command, what type of traffic is captured?
A. Only inbound traffic, before and after the inbound inspection.
B. All traffic coming in all directions, before and after inbound and outbound inspection.
C. All traffic accepted by the Rule Base.
D. Only outbound traffic, before and after the outbound inspection.

Correct Answer: B QUESTION 113
The button Get Address, found on the Host Node Object > General Properties page, will retrieve what?
A. The domain name
B. The fully qualified domain name
C. The Mac address
D. The IP address

Correct Answer: D QUESTION 114
You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your
manager gives you the following requirements for controlling DNS traffic:
Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic)
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic)

Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic)
“Pass Any Exam. Any Time.” – www.actualtests.com 46
Checkpoint 156-215.75 Exam
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic)

Desired Result #3: Do not clutter the Rule Base try creating explicit rules for traffic that can be controlled
using Global Properties
To begin, you make the following configuration changes, and install the Security Policy


Select the box Accept Domain Name over TCP (Zone Transfer) in Global Properties


Select the box Accept Domain Name over UDP (Queries) in Global Properties


Select the box Log Implied Rules in Global Properties Do your initial actions meet the required and desired results?

A.
The actions achieve the required results, and two of the desired results.

B.
The actions achieve all required results, but none of the desired results.

C.
The actions do not achieve the required results.

D.
The actions meet all required and desired results.

Correct Answer: A QUESTION 115
When you change an implicit rule’s order from last to first in global properties, how do you make the change take effect?
A. Select save from the file menu
B. Reinstall the security policy
C. Select install database from the policy menu
D. Run fw fetch from the security gateway

Correct Answer: B QUESTION 116
You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is enabled as Before last in Global Properties.
“Pass Any Exam. Any Time.” – www.actualtests.com 47 Checkpoint 156-215.75 Exam Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet by IP address? ICMP will be:
A. dropped by rule 0.
B. dropped by rule 2, the Cleanup Rule.
C. accepted by rule 1.
D. dropped by the last Implicit rule.

Correct Answer: C QUESTION 117
How does the Get Address button, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. SNMP Get
C. Address resolution (ARP. RARP)
D. Name resolution (hosts file, DNS, cache)

Correct Answer: D QUESTION 118
Anti-Spoofing is typically set up on which object type?
A. Host
B. Domain
C. Network
D. Security Gateway

Correct Answer: D QUESTION 119
“Pass Any Exam. Any Time.” – www.actualtests.com 48 Checkpoint 156-215.75 Exam Spoofing is a method of:
A. Hiding your firewall from unauthorized users.
B. Disguising an illegal IP address behind an authorized IP address through port address Translation.
C. Making packets appear as if they come from an authorized IP address
D. Detecting people using false or wrong authentication logins.

Correct Answer: C QUESTION 120
Certificates for Security Gateways are created during a simple initialization from______.
A. SmartUpdate
B. sysconfig
C. The ICA management tool.
D. SmartDashboard Correct Answer: D
QUESTION 121
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.

Correct Answer: B
QUESTION 122
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215.75 Exam You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.
5) Install the security policy.
A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5

Correct Answer: B
QUESTION 123
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the cpconfig command and put in the same activation key in the Gateway’s object on the Security Management Server Unfortunately SIC cannot be established. What is a possible reason for the problem?
A. The installed policy blocks the communication.
B. Joe forgot to reboot the Gateway.
C. Joe forgot to exit from cpconfig.
D. The old Gateway object should have been deleted and recreated.

Correct Answer: C
QUESTION 124
“Pass Any Exam. Any Time.” – www.actualtests.com 50 Checkpoint 156-215.75 Exam You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message: What is the reason for this behavior?
A. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup / Initialize).
B. The Gateway was not rebooted, which is necessary to change the SIC key.
C. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Correct Answer: C QUESTION 125
Which rule should be the Cleanup Rule in the Rule Base?
A. Last. It serves a logging function before the implicit drop.
B. Last, it explicitly drops otherwise accepted traffic
C. Before last followed by the Stealth Rule.
D. First, it explicitly accepts otherwise dropped traffic.

Correct Answer: A QUESTION 126
What are the two basic rules which should be used by all Security Administrators?
A. Administrator Access and Stealth rules
B. Cleanup and Administrator Access rules
C. Network Traffic and Stealth rules “Pass Any Exam. Any Time.” – www.actualtests.com 51 Checkpoint 156-215.75 Exam
D. Cleanup and Stealth rules

Correct Answer: D QUESTION 127
Which item below in a Security Policy would be enforced first?
A. Administrator-defined Rule Base
B. Network Address Translation
C. IP spoofing/IP options
D. Security Policy “First” rule

Correct Answer: C QUESTION 128
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Use the search utility in SmartDashboard to view all hidden rules Select the relevant rule and click Disable Rule(s).
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
D. Hidden rules are already effectively disabled from Security Gateway enforcement.

Correct Answer: C QUESTION 129
A Stealth rule is used to: A. Use the Security Gateway to hide the border router from internal attacks.
B. Cloak the type of Web server in use behind the Security Gateway.
C. Prevent communication to the Security Gateway itself. “Pass Any Exam. Any Time.” – www.actualtests.com 52 Checkpoint 156-215.75 Exam
D. Prevent tracking of hosts behind the Security Gateway.

Correct Answer: C QUESTION 130
A Clean-up rule is used to:
A. Drop without logging connections that would otherwise be dropped and logged fry default
B. Log connections that would otherwise be accepted without logging by default.
C. Log connections that would otherwise be dropped without logging by default.
D. Drop without logging connections that would otherwise be accepted and logged by default

Correct Answer: C QUESTION 131
A ____________ rule is designed to log and drop all other communication that does not match another rule.
A. Stealth
B. Cleanup
C. Reject
D. Anti-Spoofing

Correct Answer: B QUESTION 132
Which statement is TRUE about implicit rules?
A. They are derived from Global Properties and explicit object properties.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. You create them in SmartDashboard.
D. Changes to the Security Gateway’s default settings do not affect implicit rules. “Pass Any Exam. Any Time.” – www.actualtests.com 53 Checkpoint 156-215.75 Exam

Correct Answer: A
QUESTION 133
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. First
B. Before Last
C. Last
D. After Stealth Rule

Correct Answer: C QUESTION 134
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Acceptance of IKE and RDP traffic for communication and encryption purposes.
B. Exclusion of specific services for reporting purposes.
C. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
D. Specific traffic that facilitates functionality, such as logging, management, and key exchange.

Correct Answer: B

Flydumps Free CheckPoint 156-215 exam dumps are audited by our certified subject matter experts and published authors for development. Passtcert CheckPoint 156-215 exam dumps are one of the highest quality CheckPoint 156-215 Q&As in the world.It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass CheckPoint 156-215 exam at first attempt.
Dumpsoon MB2-703 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/MB2-703.html

CheckPoint 156-210 Real Exam, First-hand CheckPoint 156-210 Vce Dumps On Sale

Flydumps practice test training resources are versatile and highly compatible with Microsoft exam formats. We provide up to date resources and comprehensive coverage on CheckPoint 156-210 exam dumps help you to advance your skills.

QUESTION 55
Which Block Intruder options block suspicious connections? (Choose three)
A. Block Connections by Packet Size.
B. Block Access from that Source.
C. Block Connections using Specific Services.
D. Block Access to the Destination.
E. Block Selected Connection.

Correct Answer: BDE
QUESTION 56
Which of the following denial-of-service attacks does SmartDefense defeat? (Choose three)
A. Ping of Death
B. Rouge Applets
C. Teardrop
D. Host System Hogging
E. LAND
Correct Answer: ACE
QUESTION 57
What are the benefit of Stateful Inspection? (Choose two) Stateful Inspection:
A. Shuts down the upper-range ports, to secure an internal network.
B. Uses state information derived from past communications and other applications, to make control decisions for new communication attempts.
C. Leaves the upper range of ports (greater than 1023) open, to allow for file-transfer sessions.
D. Duplicates the number of sessions, acting as a proxy broker between a client and server.
E. Examines every packet, and applies a defined Security Policy to each.
Correct Answer: BE
QUESTION 58
Which of the following are core functions of Application Intelligence? (Choose two)
A. Validating compliance to standards.
B. Validating simple protocols, without controlling application logic.
C. Validating Data and Physical Layer attacks.
D. Limiting the ability of applications to carry malicious data.
E. Allowing Application Layer operations.

Correct Answer: AD
QUESTION 59
One of the functions of the SmartDefense console is to:
A. Add rules to block and log attacks.
B. Configure user options for tracking attacks.
C. Display real-time information about attacks.
D. Configure logging options for attack forensics.
E. Configure auditing and reporting options.

Correct Answer: C
QUESTION 60
The SANS Dshield.org Storm center integrates with SmartDefense, by: (Choose two)
A. Reviewing VPN-1/FireWall-1 logs.
B. Providing Storm Center audit trails.
C. Setting up the SmartDefense Subscription service.
D. Adding the Storm Center Block List report to the Security Policy.
E. Updating SmartDefense attack signatures in real time.

Correct Answer: AD
QUESTION 61
Systems needing to be accessed from the Internet should use which type of address translation?
A. IP Pool NAT
B. Hide NAT
C. NAT cannot be used
D. Static NAT
E. Dynamic NAT

Correct Answer: D
QUESTION 62
VPN-1/FireWall-1 logs are exportable to other applications, such as spreadsheets or databases, using which of the following?
A. FW Log Unification Engine
B. Secure Internal Communications (SIC)
C. Check Point logs are not exportable
D. Log Export Application (LEA)
E. Log Identification Unique ID (LUUID)
Correct Answer: D
QUESTION 63
Which of the following is NOT configured under Application Intelligence in SmartDefense?
A. FTP
B. DNS
C. Dynamic Ports
D. Rlogin
E. VoIP

Correct Answer: C
QUESTION 64
Which type of rule should be placed above the Stealth Rule?
A. User Authentication
B. Client Authentication
C. Network Address Translation
D. Cleanup
E. Session Authentication

Correct Answer: B
QUESTION 65
Bad weather and a UPS failure caused your remote Enforcement Module to reboot. Earlier that day, a tornado destroyed the building where the SmartCenter Server was located. You have not yet recovered or replaced the SmartCenter Server. Which of the following statements is false? (Choose two) Because the Enforcement Module cannot connect to the SmartCenter Server.
A. The Enforcement Module will log locally.
B. The Enforcement Module will continue to enforce the last Security Policy installed.
C. No Security Policy is installed, and all traffic will be dropped.
D. No Security Policy is installed, and all traffic will be allowed.
E. The Enforcement Module attempts to fetch a Security Policy from the SmartCenter Server, and install it.

Correct Answer: AB
QUESTION 66
Which of the following is NOT included in Application Intelligence Web Security?
A. HTTP Worm Catcher
B. Peer-to-Peer traffic over HTTP
C. Cross-Site Scripting
D. HTTP Format Size
E. HTTP Java Blocker
Correct Answer: E
QUESTION 67
Which of the following statements are TRUE of VPN-1/FireWall-1 groups? (Choose two)
A. Groups can be nested in groups.
B. The contents of one group can be imported into another group.
C. Services and network objects can be placed in the same group.
D. User groups can be nested, but network-object groups cannot.
E. Users and services can be placed in the same group.
Correct Answer: AB
QUESTION 68
You have locked yourself out, with a rule or an incorrectly configured Security Policy. What would you do to recover communication between your SmartCenter Server and Enforcement Module?
A. fw push localhost
B. pw unloadlocal
C. fw unlocklocal
D. cpstop localhost
E. cpdelete localhost

Correct Answer: B
QUESTION 69
How does SmartDefense Integrate with network Storm Centers? (Choose two)
A. Security Administrators can decide to send logs to a Storm Center to help other organizations.
B. The SmartDefense Storm Center Module downloads the Block List Report directly, adding it to the Security Policy.
C. Security Administrators must manually compile log files before sending them to Storm Centers.
D. Security Administrators must create network objects for each of the systems on the Storm Center Block List, then install a new Security Policy.
E. By default, logs are automatically delivered to a Storm Center.

Correct Answer: AB
QUESTION 70
Which of the following statements is TRUE of transparent authentication in NG with Application Intelligence? (Choose three)
A. Unknown users are prompted three times for a password, and are then disconnected.
B. Unknown users receive error messages, indicating that the Enforcement Module does not recognize user names.
C. NG with Application Intelligence does not allow connections from users who do not know the name or IP address of the Enforcement Module.
D. NG with Application Intelligence prompts for user names, event though authentication data may not be recognized by the Enforcement Module.
E. NG with Application Intelligence allows connections from authenticated users, and does not require that users know the IP address or name of the firewall.

Correct Answer: ADE
QUESTION 71
At Certkiller , auditors are Check Point Security Administrators with a customized permissions profile.
Auditors must have the ability to review information from SmartView Tracker, SmartView Status, and
SmartView Monitoring, but they may not make changes to the information. Auditors are not permitted to
view security Policies or the objects database.
Which of the following settings grants auditors the MOST appropriate set of permissions, based on the
corporate environment, described above for Certkiller ?

A. Read-Only SmartView Reporter
B. Read-Only Monitoring
C. Read-Only Security Policy
D. Read-Only SmartUpdate
E. Read-Only Log Consolidator
Correct Answer: A
QUESTION 72
When are Anti-Spoofing Rules enforced during packet inspection?
A. Before the Cleanup Rule is applied.
B. After the Stealth Rule is applied.
C. Before any rule in the Rule Base is applied.
D. When the packet is authorized by an Accept or Encrypt rule.

Correct Answer: C
QUESTION 73
Which of the following objects are allowed in the Source components of the Rule Base? (Choose two)
A. Host-Node Objects
B. Time Objects
C. LDAP Account Units
D. Services
E. User Groups

Correct Answer: AE
QUESTION 74
Which of the following is TRUE, if you change the inspection order of implied rules?
A. You must stop and start the Enforcement Module, before the changes can take place.
B. After the Security Policy is installed, the order in which rules are enforced changes.
C. You cannot change the inspection order of implied rules.
D. You must stop and start the SmartCenter Server, before the changes can take place.
E. Security Policy installation will fail.

Correct Answer: B
QUESTION 75
Security Administrators use Session Authentication when they want users to: (Choose two)
A. Authenticate for all services.
B. Use only TELNET, FTP, Rlogin, and HTTP services.
C. Use only HTTP and HTTPS services.
D. Authenticate once, and then be able to use any service, until logging off.
E. Log authentication actions locally.

Correct Answer: AD
QUESTION 76
Which of the following statements is TRUE concerning how NG with Application Intelligence handles the authentication of users?
A. Users may have different VPN-1 & FireWall-1 passwords, on Enforcement Modules managed by the same SmartCenter Server.
B. All users on the same gateway must use the same authentication method.
C. All imported users must use the same authentication method and hash.
D. All users in the same group must use the same authentication method and hash.
E. Users may be required to use different authentication methods for different services.
Correct Answer: A
QUESTION 77
Spoofing is a method of: A. Making packets appear as if they came from an authorized source IP address.
B. Hiding your Enforcement Module from unauthorized users.
C. Disguising an invalid IP address behind an authorized IP address.
D. Detecting when someone is attacking your network.
E. Detecting users logging in using false or wrong authentication logins.

Correct Answer: A
QUESTION 78
Which of the following statements is TRUE when modifying user templates?
A. If the user template is modified, all active user connections will be dropped when the modifier user database is installed.
B. All users subsequently created with that template will have the new properties.
C. You must always create new templates. Existing user templates cannot be modified.
D. All users previously created using the template are automatically modified with the new properties.
E. If the user template is modified, you must manually re-establish user-group membership.

Correct Answer: B
QUESTION 79
As a Security Administrator, you want to force users to authenticate. You have selected Client Authentication for the type of authentication. Users will be using a Web browser to authenticate. Which of the following TCP ports will authenticate users?
A. 23
B. 261
C. 80
D. 900
E. 259

Correct Answer: D
QUESTION 80
Which of the following is NOT a step in the Session Authentication process?
A. If authentication is successful, the VPN-1/FireWall-1 Enforcement Module allows connections to pass.
B. The Session Agent prompts users for an authentication password, after Phase 1 of IKE negotiations is complete.
C. Users initiate connections directly to a server.
D. The Session Agent prompts users for authenticated data, and returns the information to the Enforcement Module.
E. The VPN-1/FireWall-1 Enforcement Module intercepts connections, and connects to t he Session Agent.
Correct Answer: C
QUESTION 81
With VPN-1/FireWall-1 central licensing, a license is linked to which of the following?
A. Domain name of the SmartCenter Server.
B. IP address of the Enforcement Module.
C. IP address of the SmartCenter Server.
D. IP address of the SmartConsole
E. Domain name of the Enforcement Module.
Correct Answer: C QUESTION 82
Your organization’s internal programming team developed a proprietary application for accessing the time-
management system. The application uses a custom-designed protocol. As the Security Administrator, you
must control user access to the time-management system.
Which is the BEST authentication method for this scenario?

A. NG with Application Intelligence authentication methods can only be applied to protocols included in the standard, pre-defined suite.
B. Implicit User Authentication
C. User Authentication
D. Session Authentication

Correct Answer: D
QUESTION 83
Which of the following is the BEST authentication for roaming users, such as doctors updating patient records via HTTP at various workstations in a hospital?
A. Client
B. Session
C. User

Correct Answer: C
QUESTION 84
Which of the following statements is specifically TRUE of user groups?
A. Non-authentication rules require a user group in the Source field.
B. Authentication rules require a user group in the Source field.
C. User groups must be created, in order to implement authentication.
D. Authentication rules require a user group in both the Source and Destination field.
E. User groups cannot be used in authentication rules.

Correct Answer: C
QUESTION 85
You have created a SmartConsole Administrator with Read Only privileges in the Check Point
Configuration Tool.
Which of the following actions can this administrator perform? (Choose three)

A. Filter log files in the SmartView Tracker.
B. Review saved policies.
C. Change network object properties.
D. Install policies
E. Log in to the SmartDashboard.

Correct Answer: ABE
QUESTION 86
VPN-1/FireWall-1 supports User Authentication for which of the following services? Select the response below that contains the MOST complete list of supported services.
A. FTP, FTPS, HTTP, HTTPS
B. Rlogin, TELNET, HTTP, FTP
C. POP3, SMTP, HTTPS, FTPS
D. TELNET, HTTP, FTP, SMTP
E. Rlogin, TELNET, HTTP, SMTP
Correct Answer: B QUESTION 87
User Authentication supports all of the following services, EXCEPT:
A. SSH
B. FTP
C. HTTP
D. RLOGIN
E. TELNET
Correct Answer: A QUESTION 88

In the diagram, a group of users in the QA Department requires frequent access to the Palace Server.
Access to Palace is allowed from localnet hosts. Each user can log in at the beginning of the day, and can
use the service for a specified time period and number of sessions. If a user forgets to log out, the
connection to Palace is closed at the end of the authorization period.
Which of the following rules allows access to the Palace Server, from QA users on the local network? QA
users’ source (un the Rule Base) is [email protected]
A. Rule 3
B. Rule 4
C. None of these rules allows access
D. Rule 1
E. Rule 2

Correct Answer: D
QUESTION 89
Which authentication method could be used for H.323 services? (Choose two)
A. Client Authentication
B. VoIP Authentication
C. User Authentication
D. No Authentication can be used for H.323
E. Session Authentication

Correct Answer: AE
QUESTION 90
Which authentication method could be used for SIP services? (Choose two)
A. Client Authentication
B. No authentication can be used for SIP
C. VoIP Authentication
D. Session Authentication
E. User Authentication

Correct Answer: AD
QUESTION 91
When the Client Authentication method requires Manual Sign On, users must connect to which of the following ports?
A. TELNET to port 70, or HTTP to port 443
B. TELNET to port 161, or HTTP to port 136
C. TELNET to port 21, or HTTP to port 80
D. TELNET to port 165, or HTTP to port 514
E. TELNET to port 259, or HTTP to port 900
Correct Answer: E
QUESTION 92
In the Client Authentication Action Properties dialog box, the Manual Sign On method is selected. This means:
A. If a connection matches the Rule Base and the service is an authenticated service, the client is signed on after a successful authentication.
B. The user must TELNET to the target server on port 250.
C. If a connection using any service matches the Rule Base, the client is authenticated.
D. If authentication is successful, access is granted from the network that initiated the connection.
E. the user must initiate a Client Authentication session to the gateway.

Correct Answer: E
QUESTION 93
Which of the following responses is TRUE about creating user templates? (Choose two)
A. By default, users can authenticate 24 hours a day, 7 days a week.
B. If not specific source or destination is selected users can authenticate to any source or destination.
C. If no password options are selected, users will still be able to authenticate, by creating their passwords during login.
D. When you create new users, you must create a new template for each user.
E. If no encryption method is selected, users will only be able to authenticate when they receive their Certificate Authority.

Correct Answer: AB
QUESTION 94
What is the advantage of using VPN-1/FireWall-1 Password for the authentication scheme, rather than using OS Password?
A. The OS Password authentication scheme can only be used with services available to user’s local machine.
B. There is not advantage, because VPN-1/FireWall-1 Password can only be used, if a user has an operating-system account on the network.
C. The OS Password authentication scheme can only be used with users who are present on the local network protected by the Enforcement Module. No external users can be configured for OS Password authentication.
D. VPN-1/FireWall-1 Passwords can be cached on the Enforcement Module. If a user in the user database attempts a connection, that user will not be prompted to re-enter the password.
E. VPN1-/FireWall-1 Passwords can be used, even if a user does not have an operating-system account on the network.

Correct Answer: E
QUESTION 95
Which of the following statements accurately describes VPN-1/FireWall-1 Session Authentication? (Choose three)
A. Session Authentication allows unlimited connections from a single host or IP address.
B. Session Authentication does not result in any additional connections to the Enforcement Module.
C. Session Authentication is restricted to a limited number of service.
D. Session Authentication requires that an authentication agent be installed on client computers.
E. Session Authentication requires an authentication procedure for each connection.

Correct Answer: ABD
QUESTION 96
You have created a rule so that every time a user wants to connect to the Internet using HTTP, that user must be authenticated. You want an authentication scheme that provides transparency for the user, and administrative control for you. The user must be able to log in from any location.
Which authentication scheme meets your needs?
A. Client
B. Session
C. Users

Correct Answer: C
QUESTION 97
The VPN-1/Firewall-1 NG User Interface consists of which of the following elements?
A. Security Policy Editor, Visual Policy Editor and Object tree view.
B. Management Server and VPN-1/FireWall-1 Module.
C. Visual Policy Editor, Object Tree view and inspection Module.
D. Security Policy Server, System GUI and Module Log Viewer.
E. VPN-1/FireWall-1 Module, Inspection Module and Security Server.

Correct Answer: A
QUESTION 98
You are attempting to implement Client Authentication for FTP. You have the accept firewall control connection option unchecked in the Policies and Properties dialog box. In the following Rule base, which rule would prevent a user from performing Client Authentication? No SOURCE DESTINATION SERVICE ACTION 1 Any fw.chicago.com Any drop 2 [email protected] Any ftp Client Encrypt 3 Any localNet http Accept telnet 4 Any Any Any drop
A. Rule 1
B. Rule 2
C. Rule 3
D. Rule 4

Correct Answer: A
QUESTION 99
As a VPN-1/Firewall-1 administrator, you have an undistributed range of IP addresses for which you want to perform address translation. You can simplify your efforts through the use of ADDRESS RANGE.
A. True
B. False

Correct Answer: A
QUESTION 100
In the figure below, Localnet is an internal network with private addresses A corresponding set of public addresses is available as follows: Public IP addresses Private IP addresses 199.203.73.15-199.203.73.115 200.0.0.100-200.0.0.200 The private addresses are translated to public addresses by specifying addresses Translation in the NAT tab of Localnet’s network properties window. Source addresses for the outbound packets from hosts in Localnet will be translated to 199.203.73.12 as shown in the figure below.

A. True
B. False

Correct Answer: B

Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises, CheckPoint 156-210 helps you master the concepts and techniques that will enable you to succeed on the CheckPoint 156-210 exam the first time.

CheckPoint 156-110 Dump Test, Buy Latest CheckPoint 156-110 Certification Exam With Accurate Answers

At Flydumps, we ensure that our CheckPoint 156-110 material is accurate, up to date, and will ensure you pass your certification exam on the first try. If you want to pass your CheckPoint 156-110 exam, Flydumps would be your best choice.

QUESTION 52
Distinguish between the role of the data owner and the role of the data custodian. Complete the following sentence. The data owner is the:
A. department in the organization responsible for the data’s physical storage location. The data custodian is anyone who has access the data for any reason.
B. person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.
C. person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.
D. person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.
E. person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.

Correct Answer: C
QUESTION 53
You are considering purchasing a VPN solution to protect your organization’s information assets. The solution you are reviewing uses RFC-compliant and open-standards encryption schemes. The vendor has submitted the system to a variety of recognized testing authorities. The vendor does not make the source code available to testing authorities. Does this solution adhere to the secure design principle of open design?
A. No, because the software vendor could have changed the code after testing, which is not verifiable.
B. No, because the software vendor submitted the software to testing authorities only, and did not make the software available to the public for testing.
C. Yes, because the methods were tested by recognized testing authorities, and the source code is protected from vandalism.
D. Yes, because the methods are open, and the system does not rely on the secrecy of its internal mechanisms to provide protection.
E. No, because if a software vendor refuses to reveal the source code for a product, it cannot comply with the open-design principle.

Correct Answer: D
QUESTION 54
Which of the following is the BEST method for managing users in an enterprise?
A. Enter user data in a spreadsheet.
B. Implement centralized access control.
C. Deploy Kerberos.
D. Place them in a centralized Lightweight Directory Access Protocol.
E. Use a Domain Name System.

Correct Answer: D
QUESTION 55
____________________ educate(s) security administrators and end users about organizations’ security policies.
A. Security-awareness training
B. Information Security (INFOSEC) briefings
C. Acceptable-use policies
D. Continuing education
E. Nondisclosure agreements

Correct Answer: A
QUESTION 56
Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.
A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field

Correct Answer: C
QUESTION 57
Organizations _______ risk, when they convince another entity to assume the risk for them.
A. Elevate
B. Assume
C. Deny
D. Transfer
E. Mitigate

Correct Answer: D
QUESTION 58
A(n) _______________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact
E. Aggregated data set

Correct Answer: A
QUESTION 59
To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.
At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?
A. ABC Company will never recoup the cost of this safeguard.
B. Less than 7 years
C. Less than 3 years
D. Less than 1 year
E. Less than 5 years

Correct Answer: B
QUESTION 60
ABC Corporation’s network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?
A. Single sign-on
B. Decentralized access control
C. Hybrid access control
D. Layered access control
E. Mandatory access control
Correct Answer: D
QUESTION 61
The items listed below are examples of ___________________ controls.
*Smart cards *Access control lists *Authentication servers *Auditing
A. Role-based
B. Administrative
C. Technical
D. Physical
E. Mandatory

Correct Answer: C
QUESTION 62
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
A. are required standards in health care and banking.
B. provide redundant systems and data backups.
C. control who is allowed to view and modify information.
D. are academic models not suitable for implementation.
E. set standards for acceptable media-storage devices.

Correct Answer: C
QUESTION 63
_______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
C. Network
D. Pattern matching
E. Host

Correct Answer: B
QUESTION 64
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
A. Leased-line security
B. Salami attacks
C. Unauthorized network connectivity
D. Distributed denial-of-service attacks
E. Secure access to remote organizational resources
Correct Answer: E
QUESTION 65
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A QUESTION 66
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages

Correct Answer: ABE
QUESTION 67
Which type of access management uses information about job duties and positions, to indicate subjects’ clearance levels?
A. Discretionary
B. Role-based
C. Nondiscretionary
D. Hybrid
E. Mandatory

Correct Answer: B
QUESTION 68
When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)
A. Discover the information daily activities yield.
B. Meet with adversaries.
C. Perform business impact analysis surveys.
D. Scrutinize their organizations’ daily activities.
E. Analyze indicators, to determine the information an adversary can glean ?both from routine and nonroutine activities.

Correct Answer: ADE
QUESTION 69
Which of the following can be stored on a workstation? (Choose TWO.)
A. Payroll information
B. Data objects used by many employees
C. Databases
D. Interoffice memo
E. Customer correspondence
Correct Answer: DE
QUESTION 70
How is bogus information disseminated?
A. Adversaries sort through trash to find information.
B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
C. Adversaries use movement patterns as indicators of activity.
D. Adversaries take advantage of a person’s trust and goodwill.
E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.

Correct Answer: E
QUESTION 71
Which type of access management allows subjects to control some access of objects for other subjects?
A. Discretionary
B. Hybrid
C. Mandatory
D. Role-based
E. Nondiscretionary

Correct Answer: A
QUESTION 72
Which of the following are enterprise administrative controls? (Choose TWO.)
A. Network access control
B. Facility access control
C. Password authentication
D. Background checks
E. Employee handbooks

Correct Answer: DE
QUESTION 73
You are preparing a machine that will be used as a dedicated Web server.
Which of the following services should NOT be removed?
A. E. IRC
B. SMTP
C. FTP
D. HTTP
E. PVP

Correct Answer: D
QUESTION 74
A new U.S. Federal Information Processing Standard specifies a
cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive,
but unclassified, information. What is the name of this Standard?

A. Triple DES
B. Blowfish
C. AES
D. CAST
E. RSA
Correct Answer: C
QUESTION 75
If a firewall receives traffic not explicitly permitted by its security policy, what should the firewall do?
A. Nothing
B. Do not log and drop the traffic.
C. Log and drop the traffic.
D. Log and pass the traffic.
E. Do not log and pass the traffic.

Correct Answer: C
QUESTION 76
Which of the following statements about encryption’s benefits is false? Encryption can: (Choose TWO.)
A. significantly reduce the chance information will be modified by unauthorized entities.
B. only be used to protect data in transit. Encryption provides no protection to stored data.
C. allow private information to be sent over public networks, in relative safety.
D. significantly reduce the chance information will be viewed by unauthorized entities.
E. prevent information from being destroyed by malicious entities, while in transit.

Correct Answer: BE
QUESTION 77
Which principle of secure design states that a security mechanism’s methods must be testable?
A. Separation of privilege
B. Least common mechanism
C. Complete mediation
D. Open design
E. Economy of mechanism

Correct Answer: D
QUESTION 78
What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan

Correct Answer: E
QUESTION 79
A(n) ______________________________ is a quantitative review of risks, to determine how an organization will continue to function, in the event a risk is realized.
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
Correct Answer: C
QUESTION 80
Internal intrusions are loosely divided into which categories? (Choose TWO.)
A. Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
B. Attempts by insiders to access resources, without proper access rights.
C. Attempts by insiders to access external resources, without proper access rights.
D. Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
E. Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.

Correct Answer: BE

CheckPoint 156-110 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of CheckPoint 156-110 . We provide our customers with the excellent 7×24 hours customer service.We have the most professional EC-COUNCIL 312-50 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our CheckPoint 156-110  free pdf.

Categories

Latest Microsoft Dumps Exam

HOT Microsoft 642-193 Dumps ⇨ PDF & VCE
HOT Microsoft 70-243 Dumps ⇨ PDF & VCE
HOT Microsoft 70-246 Dumps ⇨ PDF & VCE
HOT Microsoft 70-247 Dumps ⇨ PDF & VCE
HOT Microsoft 70-331 Dumps ⇨ PDF & VCE
HOT Microsoft 70-332 Dumps ⇨ PDF & VCE
HOT Microsoft 70-336 Dumps ⇨ PDF & VCE
HOT Microsoft 70-337 Dumps ⇨ PDF & VCE
HOT Microsoft 70-341 Dumps ⇨ PDF & VCE
HOT Microsoft 70-342 Dumps ⇨ PDF & VCE
HOT Microsoft 70-346 Dumps ⇨ PDF & VCE
HOT Microsoft 70-347 Dumps ⇨ PDF & VCE
HOT Microsoft 70-354 Dumps ⇨ PDF & VCE
HOT Microsoft 70-383 Dumps ⇨ PDF & VCE
HOT Microsoft 70-384 Dumps ⇨ PDF & VCE
HOT Microsoft 70-410 Dumps ⇨ PDF & VCE
HOT Microsoft 70-411 Dumps ⇨ PDF & VCE
HOT Microsoft 70-412 Dumps ⇨ PDF & VCE
HOT Microsoft 70-413 Dumps ⇨ PDF & VCE
HOT Microsoft 70-414 Dumps ⇨ PDF & VCE
HOT Microsoft 70-415 Dumps ⇨ PDF & VCE
HOT Microsoft 70-416 Dumps ⇨ PDF & VCE
HOT Microsoft 70-417 Dumps ⇨ PDF & VCE
HOT Microsoft 70-432 Dumps ⇨ PDF & VCE
HOT Microsoft 70-448 Dumps ⇨ PDF & VCE
HOT Microsoft 70-457 Dumps ⇨ PDF & VCE
HOT Microsoft 70-458 Dumps ⇨ PDF & VCE
HOT Microsoft 70-459 Dumps ⇨ PDF & VCE
HOT Microsoft 70-460 Dumps ⇨ PDF & VCE
HOT Microsoft 70-461 Dumps ⇨ PDF & VCE
HOT Microsoft 70-462 Dumps ⇨ PDF & VCE
HOT Microsoft 70-463 Dumps ⇨ PDF & VCE
HOT Microsoft 70-464 Dumps ⇨ PDF & VCE
HOT Microsoft 70-465 Dumps ⇨ PDF & VCE
HOT Microsoft 70-466 Dumps ⇨ PDF & VCE
HOT Microsoft 70-467 Dumps ⇨ PDF & VCE
HOT Microsoft 70-469 Dumps ⇨ PDF & VCE
HOT Microsoft 70-470 Dumps ⇨ PDF & VCE
HOT Microsoft 70-480 Dumps ⇨ PDF & VCE
HOT Microsoft 70-481 Dumps ⇨ PDF & VCE
HOT Microsoft 70-482 Dumps ⇨ PDF & VCE
HOT Microsoft 70-483 Dumps ⇨ PDF & VCE
HOT Microsoft 70-484 Dumps ⇨ PDF & VCE
HOT Microsoft 70-485 Dumps ⇨ PDF & VCE
HOT Microsoft 70-486 Dumps ⇨ PDF & VCE
HOT Microsoft 70-487 Dumps ⇨ PDF & VCE
HOT Microsoft 70-488 Dumps ⇨ PDF & VCE
HOT Microsoft 70-489 Dumps ⇨ PDF & VCE
HOT Microsoft 70-490 Dumps ⇨ PDF & VCE
HOT Microsoft 70-491 Dumps ⇨ PDF & VCE
HOT Microsoft 70-492 Dumps ⇨ PDF & VCE
HOT Microsoft 70-494 Dumps ⇨ PDF & VCE
HOT Microsoft 70-496 Dumps ⇨ PDF & VCE
HOT Microsoft 70-497 Dumps ⇨ PDF & VCE
HOT Microsoft 70-498 Dumps ⇨ PDF & VCE
HOT Microsoft 70-499 Dumps ⇨ PDF & VCE
HOT Microsoft 70-511 Dumps ⇨ PDF & VCE
HOT Microsoft 70-513 Dumps ⇨ PDF & VCE
HOT Microsoft 70-515 Dumps ⇨ PDF & VCE
HOT Microsoft 70-516 Dumps ⇨ PDF & VCE
HOT Microsoft 70-517 Dumps ⇨ PDF & VCE
HOT Microsoft 70-532 Dumps ⇨ PDF & VCE
HOT Microsoft 70-533 Dumps ⇨ PDF & VCE
HOT Microsoft 70-534 Dumps ⇨ PDF & VCE
HOT Microsoft 70-573 Dumps ⇨ PDF & VCE
HOT Microsoft 70-576 Dumps ⇨ PDF & VCE
HOT Microsoft 70-640 Dumps ⇨ PDF & VCE
HOT Microsoft 70-642 Dumps ⇨ PDF & VCE
HOT Microsoft 70-646 Dumps ⇨ PDF & VCE
HOT Microsoft 70-659 Dumps ⇨ PDF & VCE
HOT Microsoft 70-662 Dumps ⇨ PDF & VCE
HOT Microsoft 70-663 Dumps ⇨ PDF & VCE
HOT Microsoft 70-667 Dumps ⇨ PDF & VCE
HOT Microsoft 70-668 Dumps ⇨ PDF & VCE
HOT Microsoft 70-673 Dumps ⇨ PDF & VCE
HOT Microsoft 70-680 Dumps ⇨ PDF & VCE
HOT Microsoft 70-685 Dumps ⇨ PDF & VCE
HOT Microsoft 70-686 Dumps ⇨ PDF & VCE
HOT Microsoft 70-687 Dumps ⇨ PDF & VCE
HOT Microsoft 70-688 Dumps ⇨ PDF & VCE
HOT Microsoft 70-689 Dumps ⇨ PDF & VCE
HOT Microsoft 70-692 Dumps ⇨ PDF & VCE
HOT Microsoft 70-694 Dumps ⇨ PDF & VCE
HOT Microsoft 70-695 Dumps ⇨ PDF & VCE
HOT Microsoft 70-696 Dumps ⇨ PDF & VCE
HOT Microsoft 70-697 Dumps ⇨ PDF & VCE
HOT Microsoft 70-980 Dumps ⇨ PDF & VCE
HOT Microsoft 70-981 Dumps ⇨ PDF & VCE
HOT Microsoft 74-335 Dumps ⇨ PDF & VCE
HOT Microsoft 74-338 Dumps ⇨ PDF & VCE
HOT Microsoft 74-343 Dumps ⇨ PDF & VCE
HOT Microsoft 74-344 Dumps ⇨ PDF & VCE
HOT Microsoft 74-409 Dumps ⇨ PDF & VCE
HOT Microsoft 74-674 Dumps ⇨ PDF & VCE
HOT Microsoft 74-678 Dumps ⇨ PDF & VCE
HOT Microsoft 74-697 Dumps ⇨ PDF & VCE
HOT Microsoft 77-427 Dumps ⇨ PDF & VCE
HOT Microsoft 98-361 Dumps ⇨ PDF & VCE
HOT Microsoft 98-364 Dumps ⇨ PDF & VCE
HOT Microsoft 98-365 Dumps ⇨ PDF & VCE
HOT Microsoft 98-366 Dumps ⇨ PDF & VCE
HOT Microsoft 98-367 Dumps ⇨ PDF & VCE
HOT Microsoft 98-368 Dumps ⇨ PDF & VCE
HOT Microsoft 98-369 Dumps ⇨ PDF & VCE
HOT Microsoft 98-375 Dumps ⇨ PDF & VCE
HOT Microsoft 98-379 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-700 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-701 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-702 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-703 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-704 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-708 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-709 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-866 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-867 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-868 Dumps ⇨ PDF & VCE
HOT Microsoft MB2-876 Dumps ⇨ PDF & VCE
HOT Microsoft MB5-705 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-700 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-701 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-702 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-703 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-704 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-705 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-884 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-885 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-886 Dumps ⇨ PDF & VCE
HOT Microsoft MB6-889 Dumps ⇨ PDF & VCE
HOT Microsoft 70-698 dumps ⇨ PDF & VCE
HOT Microsoft 70-734 dumps ⇨ PDF & VCE
HOT Microsoft 70-741 dumps ⇨ PDF & VCE
HOT Microsoft 70-742 dumps ⇨ PDF & VCE
HOT Microsoft 70-743 dumps ⇨ PDF & VCE
HOT Microsoft 70-761 dumps ⇨ PDF & VCE
HOT Microsoft 70-764 dumps ⇨ PDF & VCE
HOT Microsoft 70-767 dumps ⇨ PDF & VCE
HOT Microsoft 70-765 dumps ⇨ PDF & VCE
HOT Microsoft 70-740 dumps ⇨ PDF & VCE
HOT Microsoft 70-357 dumps ⇨ PDF & VCE
HOT Microsoft 70-398 dumps ⇨ PDF & VCE
HOT Microsoft 70-475 dumps ⇨ PDF & VCE
HOT Microsoft 70-694 dumps ⇨ PDF & VCE
HOT Microsoft 70-348 dumps ⇨ PDF & VCE
HOT Microsoft 70-473 dumps ⇨ PDF & VCE
HOT Microsoft 70-773 dumps ⇨ PDF & VCE
HOT Microsoft 70-774 dumps ⇨ PDF & VCE
HOT Microsoft 70-775 dumps ⇨ PDF & VCE

Latest Citrix Dumps Exam

Latest CompTIA Dumps Exam

Latest Cisco Dumps Exam

HOT Cisco 100-101 Dumps ⇨ PDF & VCE
HOT Cisco 100-105 Dumps ⇨ PDF & VCE
HOT Cisco 200-101 Dumps ⇨ PDF & VCE
HOT Cisco 200-105 Dumps ⇨ PDF & VCE
HOT Cisco 200-120 Dumps ⇨ PDF & VCE
HOT Cisco 200-125 Dumps ⇨ PDF & VCE
HOT Cisco 200-310 Dumps ⇨ PDF & VCE
HOT Cisco 200-355 Dumps ⇨ PDF & VCE
HOT Cisco 200-401 Dumps ⇨ PDF & VCE
HOT Cisco 210-260 Dumps ⇨ PDF & VCE
HOT Cisco 210-060 Dumps ⇨ PDF & VCE
HOT Cisco 210-065 Dumps ⇨ PDF & VCE
HOT Cisco 300-101 Dumps ⇨ PDF & VCE
HOT Cisco 300-115 Dumps ⇨ PDF & VCE
HOT Cisco 300-135 Dumps ⇨ PDF & VCE
HOT Cisco 300-206 Dumps ⇨ PDF & VCE
HOT Cisco 300-207 Dumps ⇨ PDF & VCE
HOT Cisco 300-208 Dumps ⇨ PDF & VCE
HOT Cisco 300-209 Dumps ⇨ PDF & VCE
HOT Cisco 300-070 Dumps ⇨ PDF & VCE
HOT Cisco 300-075 Dumps ⇨ PDF & VCE
HOT Cisco 300-080 Dumps ⇨ PDF & VCE
HOT Cisco 300-085 Dumps ⇨ PDF & VCE
HOT Cisco 400-101 Dumps ⇨ PDF & VCE
HOT Cisco 400-201 Dumps ⇨ PDF & VCE
HOT Cisco 400-051 Dumps ⇨ PDF & VCE
HOT Cisco 350-018 Dumps ⇨ PDF & VCE
HOT Cisco 642-035 Dumps ⇨ PDF & VCE
HOT Cisco 210-250 dumps ⇨ PDF & VCE
HOT Cisco 210-255 dumps ⇨ PDF & VCE
HOT Cisco 200-150 dumps ⇨ PDF & VCE
HOT Cisco 200-155 dumps ⇨ PDF & VCE
HOT Cisco 300-160 dumps ⇨ PDF & VCE
HOT Cisco 300-165 dumps ⇨ PDF & VCE
HOT Cisco 300-170 dumps ⇨ PDF & VCE
HOT Cisco 300-175 dumps ⇨ PDF & VCE
HOT Cisco 300-180 dumps ⇨ PDF & VCE
HOT Cisco 300-210 dumps ⇨ PDF & VCE
HOT Cisco 600-509 dumps ⇨ PDF & VCE
HOT Cisco 600-510 dumps ⇨ PDF & VCE
HOT Cisco 600-512 dumps ⇨ PDF & VCE
HOT Cisco 700-172 dumps ⇨ PDF & VCE
HOT Cisco 700-070 dumps ⇨ PDF & VCE
HOT Cisco 300-560 dumps ⇨ PDF & VCE
HOT Cisco 642-385 dumps ⇨ PDF & VCE
HOT Cisco 810-502 dumps ⇨ PDF & VCE
HOT Cisco 830-506 dumps ⇨ PDF & VCE