FLYDUMPS ensures the quality and value of the CheckPoint 156-510 exam sample questions, and one hundred percent pass the exam, let you can pass the CheckPoint 156-510 exam successfully in your first studying. In addition, Killtest provide you with high-quality CheckPoint 156-510exam sample questions to help you learn more about the CheckPoint 156-510 examination of information, learning more knowledge of the entire examination, complete your dream of entering the IT Dream. FLYDUMPS CheckPoint 156-510 exam sample questions are based on the actual template of CheckPoint 156-510 Exam. You will learn all the tactics and techniques in FLYDUMPS CheckPoint 156-510 exam sample questions.
QUESTION 127
What is the name of the traffic capture tool that is available on Unix platforms?
A. Network monitor
B. Snoop
C. Sniffer
D. Tcpdump
Correct Answer: B
QUESTION 128
When initially setting up high availability, where would you enable the high availability services?
A. The cpconfig utility
B. The fwstart script
C. The management server global properties screen
D. The gateway cluster properties screen
Correct Answer: A
QUESTION 129
What is true about hardening the operating system of a firewall gateway?
A. It is only necessary on a Solaris platform
B. It is necessary on both Solaris and NT platforms
C. It is not necessary
D. It is only necessary on an NT platform
Correct Answer: B QUESTION 130
What command would you use to initiate a packet capture on a Unix machine?
A. snoop -o filename
B. tcpdump -i filename
C. snoop -i filename
D. tcpdump -o filename
Correct Answer: A QUESTION 131
If you use the -a option in the “fw dbexport” command to export a subset of the possible user attributes. What happens if you import the exported file back into the FW-1 user database using the “fw import” command?
A. The database is merged with the subset database
B. You will get a warning, stating that you may delete part of your database
C. The process will error with no change to the original database
D. The database is overwritten with the subset database
Correct Answer: D QUESTION 132
How do you remake a connection between a management server and a firewall module, if not using backward compatibility?
A. Reboot
B. Bounce the management server
C. Remake the SIC connection
D. Remake the putkey association
Correct Answer: C QUESTION 133
What is true about the following command? snoop -i filename | more
A. The file named “filename” contains raw captured traffic
B. It analyses captured traffic
C. It will continue the display until it ends
D. It captures traffic
Correct Answer: AB QUESTION 134
When configuring automatic synchronization for HA management modules, which is NOT a valid trigger for the synchronization to take place?
A. When the policy is installed
B. When the policy is saved
C. Regularly after a specified period
D. When you log off the GUI client
Correct Answer: D
QUESTION 135
To create synchronization between gateways in NG, which file do you need to edit?
A. conf.sync
B. sync.conf
C. None
D. rulebases.fws
Correct Answer: C
QUESTION 136
When a primary gateway cluster member fails another will take over. When the primary recovers what is true?
A. The action depends on the configuration of the ClusterXL screen of the cluster properties
B. The primary always resumes primary function
C. The action depends on the configuration of the Cluster member gateway general properties
D. The primary will become a lower priority and not resume its primary function
Correct Answer: A
QUESTION 137
When exporting a checkpoint user database for importation to an LDAP server, what format should the output file take?
A. LDAP
B. Binary
C. LDIF
D. HTTP
Correct Answer: C
QUESTION 138
Which of the following are termed CPMAD global parameters?
A. MAD_Memory
B. MAD_syn_attack_action
C. MAD_number_of_connection_attempts
D. MAD_anti_spoofing_mode AC
Correct Answer: AC
QUESTION 139
What is true about the effects of configuring a high MAD_clean_interval in CPMAD?
A. It reduces CPU utilization
B. It increases CPU utilization
C. It decreases memory usage
D. It increases memory usage
Correct Answer: AD QUESTION 140
What is the meaning of the “collision” status when seen against a secondary management module?
A. Synchronization was attempted from both primary and secondary at the same time
B. The primary management module database lags behind the secondary
C. Both the primary and secondary management module have independently updated databases since the last synchronization
D. Synchronization has failed due to network problems
Correct Answer: C QUESTION 141
If you want to use information from a cpinfo file produced by a Windows platform, you first need to perform a series of operations to extract the file concerned. True or false?
A. False
B. True
Correct Answer: A QUESTION 142
What command would you use on a Solaris machine to increase the amount of memory allocated to the kernel to approximately 16Mbytes?
A. set fw:fwhmem=0x16
B. set fw:fwhmem=0x10
C. set fw:fwhmem=0x1000000
D. set fw:fwhmem=0x16000000
Correct Answer: C QUESTION 143
How would you specify the primary member of a gateway cluster?
A. On the gateway cluster properties screen select “cluster members”, then arrange priority sequence using the increase and decrease priority buttons
B. On the gateway cluster properties screen select “cluster members”, then select priority number (1 is the highest)
C. On the member gateway properties general screen arrange priority sequence using the increase and decrease priority buttons
D. On the member gateway properties general screen select priority number (1 is the highest)
Correct Answer: A QUESTION 144
Which debug option will gather information regarding the accept or drop action performed on traffic?
A. ioctl
B. packet
C. driver
D. kbuf
Correct Answer: B QUESTION 145
Which of the following files is held on a management module and cotains the whole rulebase?
A. rulebases_5_0.C
B. objects.C
C. objects_5_0.C
D. rulebases_5_0.fws
Correct Answer: D
QUESTION 146
In the peer status area of the high availability management module screen of the active server, there are defined status levels that can apply to a peer module. Which status implies that a secondary module has a later version of the database than the primary?
A. Advanced
B. Lagging
C. Collision
D. Never Synchronized
Correct Answer: A
QUESTION 147
On a Windows platform, you can enable VPN and IKE logging by setting an environment variable. What is the command to do that?
A. Setenv VPN_DEBUG 1
B. Setenv VPN_DEBUG 0
C. Set VPN_DEBUG=0
D. Set VPN_DEBUG=1
Correct Answer: D
QUESTION 148
To configure a fully overlapping encryption domain, what type of group(s) do you need to configure?
A. A group containing both gateways and all the networks they protect
B. A group containing both gateways only
C. A group containing all the networks that both gateways protect
D. Two groups, one containing both gateways and the networks that one protects. The other containing both gateways and the networks the other protects.
Correct Answer: A
QUESTION 149
What is the approximate memory requirement of a simple (I.e. not authenticated or encrypted) connection in VPN-1/FW-1?
A. 3 Kbytes
B. 70 bytes
C. 10 bytes
D. 1 Kbytes
Correct Answer: B
QUESTION 150
If you want to run the cpinfo utility to gather diagnostic information for a problematic enforcement module in a distributed system, what is true?
A. You should run cpinfo on the enforcement module only
B. You should run cpinfo on all the modules in the distributed system
C. You should run cpinfo on both the management and enforcement modules
D. You should run cpinfo on the management module only
Correct Answer: C QUESTION 151
Which two types of overlapping encryption domains are supported by FW-1?
A. Partial overlap
B. Full overlap
C. Proper subset
D. Partial subset
Correct Answer: BC QUESTION 152
Which is NOT a valid log file maintained on the SecuRemote client?
A. sr_watchdog_tde.log
B. sr_service_<serial number>.log
C. sr_background_tde.log
D. sr_gui_tde.log
Correct Answer: C QUESTION 153
Which debug option will gather information about input/output control messages, such as loading of FW-1 or kernel to daemon communications?
A. kbuf
B. ioctl
C. misc
D. driver
Correct Answer: B QUESTION 154
It is not possible to use two gateways running a standalone installation in an MEP environment. True or false?
A. False
B. True
Correct Answer: B QUESTION 155
How would you use a policy editor gui in local mode when using FW-1 NG FP-2?
A. Enter *local in the “management server” box of the GUI login screen
B. Check the “demo mode” box of the GUI login screen
C. Enter demo_mode in the “management server” box of the GUI login screen
D. Enter *local in the “user name” box of the GUI login screen
Correct Answer: AB QUESTION 156
How would you restart CPMAD on a firewall?
A. $FWDIR/conf/fwstart
B. $FWDIR/bin/cpmad
C. $FWDIR/cpmad/fwstart
D. $FWDIR/bin/fwstart
Correct Answer: D QUESTION 157
What is used by FW-1 to create a SIC certificate?
A. External CA
B. Putkey
C. LDAP
D. Internal CA
Correct Answer: D QUESTION 158
How would you find more information about the “fw tab” options?
A. fw tab help
B. fw tab -h
C. fw tab -?
D. fw tab options -h
Correct Answer: B QUESTION 159
What is contained in the rulebases.fws file?
A. Auditing information
B. All rulebases
C. All rulebases plus auditing information
D. Only the rulebase from the last load
Correct Answer: B QUESTION 160
When using management high availability, you can synchronize from the primary or secondary management server. True or false?
A. False
B. True
Correct Answer: A QUESTION 161
On a SecuRemote client, in which directory are the log files located?
A. $CPDIR/log
B. $SCDIR/log
C. $SRDIR/log
D. $FWDIR/log
Correct Answer: C QUESTION 162
If you were having problems with a CVP server, you may want to capture traffic to and from the server. What could you do to get this information?
A. Run “fw monitor” for port 18182 on the interface connected to the management server
B. Run “fw monitor” for port 18182 on the interface connected to the CVP server
C. Run “fw monitor” for port 18181 on the interface connected to the management server
D. Run “fw monitor” for port 18181 on the interface connected to the CVP server
Correct Answer: D
QUESTION 163
When using backward compatibility, what is true?
A. It restricts inter-module communications to the putkey method
B. It allows the management of 4.1 gateways
C. It restricts inter-module communication to the SIC method
D. It allows the use of the old putkey function
Correct Answer: BD
QUESTION 164
Why would you disable NetBEUI on a FW-1 Windows Platform?
A. It can cause FW-1 to crash
B. It clashes with internal FW-1 protocols
C. It is an inefficient protocol
D. It is a security risk
Correct Answer: D
QUESTION 165
What does “resolver_ttl” do in relation to SecuRemote configuration?
A. Specifies the interval in seconds between RDP status queries
B. Specifies that RDP status queries are sent automatically
C. Specifies the number of seconds that a Securemote client waits for a reply to a RDP status query
D. Controls the time to live when accessing a DNS server
Correct Answer: C
By the use of CheckPoint 156-510 exam sample questions along with most relevant CheckPoint 156-510 questions and answers as they are an ideal study tool to pass CheckPoint 156-510 test in very first try. FLYDUMPS CheckPoint 156-510 exam sample questions are developed by our team of IT experts. Send us a scanned copy of your failed exam and we will promptly proceed to refund. The last package which is certainly not the least but a royal pack, which can give you full preparation on the subject and provide you 100 per cent guarantee of clearing the CheckPoint 156-510 exam sample questions. We are all well aware that a major problem in the IT industry is that there is a lack of quality questions answers.