CheckPoint 156-215 Exam Cost, The Most Recommended CheckPoint 156-215 Study Guide Is Your Best Choice

Welcome to download the newest Pass4itsure 70-496 dumps:

The reason of the CheckPoint 156-215 exam sample questions are to take along together in one download all the facts on the CheckPoint 156-215 Professional in CheckPoint 156-215 and practice with this testing material and test pattern can develop a new confident and developed skill in those applicants who want to move on. At FLYDUMPS, we provide SPHR exam sample questions that will show the way to CheckPoint 156-215  certification without any help from CheckPoint 156-215 book. Whether you decide in favor of CheckPoint 156-215 The Professional in CheckPoint 156-215 or you go for CheckPoint 156-215 exam you will a training better than anyone or anywhere else. Now it is your time to avail the actual CheckPoint 156-215 products and pass CheckPoint 156-215 Certifications CheckPoint 156-215 exam with 100% guarantee. FLYDUMPS provide the very best CheckPoint 156-215 exam questions and take the worry of attending CheckPoint 156-215 exam off their mind.

QUESTION 171
During which step in the installation process is it necessary to note the fingerprint for first-time verification?
“Pass Any Exam. Any Time.” – www.actualtests.com 69 Checkpoint 156-215-71: Practice Exam
A. When establishing SIC between the Security Management Server and the Gateway
B. When configuring the Security Management Server using cpconfig
C. When configuring the Security Gateway object in SmartDashboard
D. When configuring the Gateway in the WebUl

Correct Answer: B QUESTION 172
What’s the difference between the SmartView Tracker Tool section in R71 and NGX R65?
A. Tools section in R71 is exactly the same as the tools section in R65
B. Using R71. You can choose a program to view captured packets.
C. Enable Warning Dialogs option is not available in R71
D. R71 adds a new option to send ICMP packets to the source/destination address of the log event

Correct Answer: B QUESTION 173
Your organization has many Edge Gateways at various branch offices allowing users to access company resources. For security reasons, your organization’s Security Policy requires all Internet traffic initiated behind the Edge Gateways first be inspected by your headquarters’ R71 Security Gateway. How do you configure VPN routing in this star VPN Community?
ActualTests.com
A. To Internet and other targets only
B. To center or through the center to other satellites, to Internet and other VPN targets
C. To center and other satellites, through center
D. To center only

Correct Answer: B QUESTION 174
Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?
“Pass Any Exam. Any Time.” – www.actualtests.com 70 Checkpoint 156-215-71: Practice Exam
A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.
B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.
C. In the SmartDashboard main menu go to Policy > Policy Installation > Targets and select the correct firewall to be put into the list via Specific Targets
D. A Rule Base can always be installed on any Check Point firewall object It is necessary to select the appropriate target directly after selecting Policy > Install.

Correct Answer: C QUESTION 175
Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

ActualTests.com
A. Nothing at all
B. Modify the Source 01 Destination columns in Rule 4
C. Remove the service HTTPS from the Service column in Rule A
D. Modify the VPN column in Rule 2 to limit access to specific traffic

Correct Answer: D
QUESTION 176
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?
“Pass Any Exam. Any Time.” – www.actualtests.com 71 Checkpoint 156-215-71: Practice Exam
A. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External.Change topology to Others +.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External
C. The Global Properties setting Translate destination on client side is checked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Uncheck the Global Properties setting Translate destination on client side
D. The Global Properties setting Translate destination on client side is unchecked But the topology on the DMZ interface is set to Internal -Network defined by IP and Mask Check the Global Properties setting Translate destination on client side.
Correct Answer: D
QUESTION 177
What information is provided from the options in this screenshot?

ActualTests.com (i)Whether a SIC certificate was generated for the Gateway (ii)Whether the operating system is SecurePlatform or SecurePlatform Pro (iii)Whether this is a standalone or distributed installation
A. (i), (ii) and (iii)
B. (i) and (iii)
C. (i) and (ii)
D. (ii) and (iii)

Correct Answer: D QUESTION 178
Which type of R71 Security Server does not provide User Authentication?
A. FTP Security Server
B. SMTP Security Server
C. HTTP Security Server
D. HTTPS Security Server

Correct Answer: B QUESTION 179
Which of the following is true regarding configuration of clustering nodes?
A. Cluster nodes do not have to run exactly the same version of CheckPoint package
B. Each node must have exactly the same set of packages as all the other nodes
C. Each cluster node must run exactly the same version of R71
D. You must enable state synchronization
E. You must install R71 as an enforcement module (only) on each node

Correct Answer: BCDE QUESTION 180
Using the Backup and Restore operation on R71, it is possible to: A. Link the all cluster members for failover
B. Upgrade the SmartDashboard
C. Maintain a backup of the SmartCenter Management Server to be used in case of failover
D. Replace the original SmartCenter Management Server with another clone SmartCenter Management Server, while the original is being serviced
E. Upgrade the SmartCenter Management Server

Correct Answer: CDE
QUESTION 181
What directory in R71 contains all of the Rule Bases, objects, and the user database files?

A. $FWDIR/bin directory
B. Winnt/Config directory
C. $FWDIR/etc directory
D. $FWDIR/conf directory
E. $FWDIR/bin/etc directory

Correct Answer: D
QUESTION 182
Platforms IP290, IP390 and IP560 are flash-based, diskless platforms. And what do you have to do prior to upgrading their images to R71?
A. Backup old images ActualTests.com
B. Do nothing
C. Delete old images
D. Backup their images
E. Restore old images

Correct Answer: C
QUESTION 183
You have not performed software upgrade to NGX R71. You have upgraded your license and every time you try to run commands such as cplic print; cpstop, you receive all sort of errors. In
“Pass Any Exam. Any Time.” – www.actualtests.com 74 Checkpoint 156-215-71: Practice Exam order to resolve this you will have to:
A. Remove the software
B. Do nothing. The error will go away with time
C. Remove the upgraded license
D. Upgrade the software to version NGX
E. Re-upgrade the license to the version before the upgrade
Correct Answer: D
QUESTION 184
What two conditions must be met when you are manually adding CheckPoint appliances to an existing cluster?
A. You must configure interfaces with IP addresses in each of the networks the cluster will connect to
B. R71 is not running on the system you are adding
C. The IP address should be the real IP address of a cluster interface
D. R71 is running on the system you are adding
E. The existing nodes must be running R71 and firewall monitoring is enabled on them

Correct Answer: BE
QUESTION 185
ActualTests.com
When carrying out a backup operation on R71, you will have to backup which of the following files?

A. $FWDIR/conf/objects_5_0.C
B. $FWDIR/conf/rule.fws
C. $FWDIR/database/fwauth.NDB*
D. $FWDIR/conf/rulebases_5_0.fws
E. $FWDIR/database/control.map

Correct Answer: ACD
QUESTION 186
Which tool will you use prior to installation to reduce the risk of incompatibility with the deployment to R71?
A. Compatibility Tool
B. cpconfig
C. Post-Upgrade Verification Tool
D. Pre-Upgrade Verification Tool
E. cpinfo

Correct Answer: D
QUESTION 187
In the RuleBase, which element determines what Firewall should do with a packet?
A. Destination
B. Source
C. Action
D. No
E. Service

Correct Answer: C
QUESTION 188
To distribute or upgrade a package, you must first add it to the Package Repository. You can add packages to the Package Repository from which of the following three locations?
A. User Center
B. Certificate Key
C. Check Point CD
D. Download Center
E. SmartDashboard
Correct Answer: ACD
QUESTION 189
How will you install a rule base? Choose the best answer.
A. After defining your rules in SmartDashboard , choose install from File menu
B. After defining your rules in SmartDashboard, choose Install from Policy menu
C. Before defining your rules in SmartDashboard , choose Install from View menu
D. After defining your rules in SmartDashboard, choose Install from View menu
E. Before defining your rules in SmartDashboard , choose Install from Policy menu

Correct Answer: B
QUESTION 190
How would you disable a rule?

ActualTests.com
A. By selecting the rule, then select “Disable Rule” option from Topology menu in CheckPoint SmartDashboard
B. By selecting the rule, then select “Disable Rule” option from Rules menu in SmartView Tracker
C. By selecting the rule, then select “Disable Rule” option from Rules menu in CheckPoint SmartDashboard
D. By selecting the rule, then select “Disable Rule” option from File menu in CheckPoint SmartDashboard
E. By selecting the rule, then select “Disable Rule” option from Rules menu in SmartView Status

Correct Answer: C
QUESTION 191
Which of the options below best describes the difference between the Drop action and Reject action? ( assume TCP is specified in the service column of your rulebase)
A. Drop action is the same as Reject action
B. With Drop action, the sender is not notified but with Reject action, the user is notified
C. Reject action is the same as Drop action
D. With Drop action, the sender is authenticated but with Reject action, the user is not authenticated
E. With Drop action, the sender is notified but with Reject action, the user is not Notified

Correct Answer: B
QUESTION 192
Your company has headquarters in two countries: Toronto (Canada) and Washington (USA). Each headquarter has a number of branch offices. The branch offices only need to communicate with the headquarter in their country, not with each other i.e. no branch office should communicate with another branch office.
ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 78 Checkpoint 156-215-71: Practice Exam
A. You need to define two stars and a mesh
B. You need to define a star and two meshes
C. You need to define two stars and two mesh
D. You need to define three stars and two meshes
E. You need to define a star and a mesh

Correct Answer: A
QUESTION 193
The negotiation prior to the establishment of a VPN tunnel might result in the production of large packets. Some NAT devices may not fragment large packets correctly making the connection impossible. Which of the following is true as to the resolving this issue?
A. IKE over TCP can be used to solve the problem, though this problem is resolved during IKE phase 2
B. If using NAT-T, you can use Aggressive Mode
C. UDP Encapsulation method uses port number 2746 to resolve this problem
D. If using NAT-T, port 4500 must be enabled
E. IKE over TCP can be used to solve the problem, though this problem is resolved during IKE phase I

Correct Answer: CDE
QUESTION 194
ActualTests.com
How can you delete an automatic NAT rule? See the diagram if you choose wrong answer.

“Pass Any Exam. Any Time.” – www.actualtests.com 79
Checkpoint 156-215-71: Practice Exam
A. By highlighting the rule, click on Rules menu and select delete
B. By highlighting the rule and hit Delete button on your keyboard
C. By highlighting the rule, right-click and select Delete option from the emerging menu
D. By highlighting the rule, click on Edit menu and select delete
E. By modifying the object’s configuration

Correct Answer: E
QUESTION 195
The SmartUpdate command line “cprinstall get” will:
ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 80 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 81 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 82 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 83 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 84 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 85 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 86 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 87 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 88 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 89 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 90 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 91 Checkpoint 156-215-71: Practice Exam
ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 92 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 93 Checkpoint 156-215-71: Practice Exam

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 94 Checkpoint 156-215-71: Practice Exam

ActualTests.com

“Pass Any Exam. Any Time.” – www.actualtests.com 95 Checkpoint 156-215-71: Practice Exam

A. Install Check Point products on remote Check Point gateways
B. Verify if a specific product can be installed on the remote Check Point gateway
C. Obtain details of the products and the Operating System installed on the specified Check Point gateway, and to update the database
D. Verify that the Operating System and currently installed products are appropriate for the package
E. Delete Check Point products on remote Check Point gateways

Correct Answer: C
QUESTION 196
ActualTests.com
You ran a certain SmartUpdate command line in order to find out the location of the product repository, and the result was “Current repository root is set to : /var/suroot/”. What is the command likely to be?
A. cppkg delete
B. cppkg getroot
C. cppkg setroot
D. cppkg add
E. cppkg print

Correct Answer: B
QUESTION 197
You use the cplic db_rm command to remove a license from the license repository on the Security Management server and receive an error message stating that only detached licenses can be removed. How will you go about this in order to get license removed?
A. Go to License Tree in the SmartView Monitor, highlight the license to be removed and then detach it, then re- run cplic db_rm command
B. Run cplic db_rm twice to solve the problem
C. Manually detach the license by using the control panel and the re-run the cplic db_rm command
D. Go to License Tree in the SmartDashboard, highlight the license to be removed and then detach it, then re- run cplic db_rm command
E. Firstly, use cplic del command to detach the license then re-run the cplic db_rm Command

Correct Answer: E
QUESTION 198
What is the difference between the commands cplic db_print and cplic print?
A. cplic print will print licenses on local machine and cplic db_print will display details of licenses in repository on the Security Management server
B. Both commands do the same job
C. cplic db_print will print licenses on local machine and cplic print will display details of licenses in ActualTests.com repository on the Security Gateway
D. cplic print will print licenses on local machine and cplic db_print will print details of licenses in repository on any components
E. cplic db_print will display licenses on local machine and cplic print will display details of licenses in repository on the SmartConsole
Correct Answer: A
QUESTION 199
The SmartUpdate command line ” cprinstall transfer” will:
“Pass Any Exam. Any Time.” – www.actualtests.com 97 Checkpoint 156-215-71: Practice Exam
A. Transfers a package from the repository to a Check Point Security Gateway without installing the package
B. Verify that the Operating System and currently installed products are appropriate for the package
C. Transfers a package from the repository to a Check Point Security Gateway and install the package
D. Obtain details of the products and the Operating System installed on the specified Check Point gateway, and to update the database
E. Verify if a specific product can be installed on the remote Check Point gateway
Correct Answer: A QUESTION 200
What command prints the details of the Check Point licenses?
A. Pkgadd -d
B. Setup
C. Print
D. fw print
E. cplic print

Correct Answer: E
QUESTION 201
ActualTests.com What will the command “d:\winnt\fw1\ng\bin] cppkg add C:\CPsuite-R71” achieve? Where d:\winnt\fw1\ng\bin is package-full-path?
A. It will purge a product package to the product repository
B. It will kill a product package to the product repository
C. It will add a product package to the product repository
D. It will print a product package to the product repository
E. It will delete a product package to the product repository

Correct Answer: C
QUESTION 202
Anti-Spam status is monitored using which of the following tool?
A. Cpconfig
B. SmartView Tracker
C. Eventia Reporter
D. SmartView Monitor
E. SmartDashboard

Correct Answer: D
QUESTION 203
User Monitor details window is shown in the diagram 1 of the SmartView Monitor. Which of the following information you would not get in the window?

ActualTests.com
A. Internal IP
B. User DN
C. VPN Tunnel
D. Security Gateway
E. Connect Time

Correct Answer: C
QUESTION 204
The rule below shows the Encrypt rule in a Traditional Mode Rule Base. What is likely to be Simplified Mode equivalent if the if the connections originates at X and its destination is Y, within any Site-to-Site Community (i.e. All_GW _to_GW).

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 100 Checkpoint 156-215-71: Practice Exam

A. Rule C
B. Rule E
C. Rule A
D. Rule B
E. Rule D

Correct Answer: B
QUESTION 205
SmartDirectory (LDAP) new features include which of the following? Select the all correct answers.
A. The use of authentication algorithm
B. Support of Multiple SmartDirectory (LDAP) Vendors using Profiles
C. Support of multiple SmartDirectory (LDAP) servers
D. High Availability
E. The use of encrypted or non-encrypted SmartDirectory (LDAP) Connections
Correct Answer: BCDE
QUESTION 206
You are configuring IPS, Denial of Service – Teardrop section. Which of the following is true of Teardrop?

A. A denial of service vulnerability has been reported in the Linux Kernel. The vulnerability is due to an error in the Linux Kernel IPv6 over IPv4 tunneling driverthat fails to properly handle crafted network packets. Teardrop is a widely available attack tool that exploits this vulnerability ActualTests.com
B. Some implementations of TCP/IP contain fragmentation re-assembly code that does not properly handle overlapping IP fragments. Sending two IP fragments, the latter entirely contained inside the former, causes the server to allocate too much memory and crash. Teardrop is a widely available attack tool that exploits this vulnerability
C. JPEG is a very popular image file format. Teardrop is a widely available attack tool that exploits this vulnerability Specially crafted JPEG files may be used to create a DoS condition and in some cases, arbitrary code execution
D. Some implementations of TCP/IP are vulnerable to packets that are crafted in a particular way (a SYN packet in which the source address and port are the same as the destination, i.e., spoofed). Teardrop is a widely available attack tool that exploits this vulnerability
E. The attacker sends a fragmented PING request that exceeds the maximum IP packet size (64KB). Some operating systems are unable to handle such requests and crash. Teardrop is a widely available attack tool that exploits this vulnerability

Correct Answer: B
QUESTION 207
Which of the following command will you use to export users from the NGX user database?
A. fwm dbexports
B. fw export
C. fwm export
D. fw dbexport
E. fwm dbexport

Correct Answer: E
QUESTION 208
The diagrams show your network and the encrypt rule. If the source and destination are inside the VPN
Domain of the same gateway i.e. Source X is in Net_A and Destination Y is in Net_B. The connection
originates at X and reaches the gateway, which forwards the response back to Y.
Which of the following is true?

ActualTests.com
“Pass Any Exam. Any Time.” – www.actualtests.com 103 Checkpoint 156-215-71: Practice Exam

A. The connection from Net_A to Net_B will be authenticated
B. The gateway 1 will need authentication
C. The connection from Net_A to Net_B will not be encrypted ActualTests.com
D. The gateway 1 will drops the connection from Net_A to Net_B
E. The connection from Net_A to Net_B will be encrypted

Correct Answer: C
QUESTION 209
The main drawback to tunneling-mode encryption is:
A. The security of the packet size
B. The decrease in the packet size
C. The increase in the packet size D. The de-cryption of the packet size
E. The quickness of the packet size

Correct Answer: C
QUESTION 210
259 or connect via HTTP at If SecureClient cannot download a new policy from any Policy Server, it will try again after a fixed interval. If the fixed interval is set to default, then the default time is:
A. 8 minutes
B. 4 minutes
C. 5 minutes
D. 3 minutes
E. 10 minutes ActualTests.com

Correct Answer: C
QUESTION 211
Which of the following Security servers can perform authentication tasks but will not be able perform content security tasks?
A. RLOGIN
B. FTP
C. SMTP
D. HTTP
E. HTTPS

Correct Answer: A
QUESTION 212
Which of the following commands would you use to clear an IP- to- physical address translation table when using SecurePlatform?
A. hosts
B. arp
C. ipconfig
D. traceroute
E. vconfig ActualTests.com

Correct Answer: B
QUESTION 213
You are in SecurePlatform and want to configure a new virtual LAN. If the name of NIC card that host is 3C579 and the Vlan identifier is 10, what command would you use to achieve this? Note: If wrong answer
(s)
is/are chosen, see the diagram for correct answer(s) and explanation.

A.
vconfig [interface-name] [vlan_id]

B.
vconfig add 3C579 10

C.
vconfigure add [3C579] [10]

D.
config add 3C579 10

E.
config add [3C579] [10]

Correct Answer: B
QUESTION 214
What command will you use to configure network interfaces settings?
A. configure
B. config
C. ipconfig
D. arp
E. ifconfig

Correct Answer: E QUESTION 215
A user was initiating client authentication session by beginning a TELNET session on port 900. What do you think might be wrong?
ActualTests.com
A. Nothing is wrong.
B. The authentication type should be changed to session authentication.
C. The user was TELNET- ing at wrong port. The user should use port 295.
D. The user was TELNET- ing at the wrong port. The user should use port 259.
E. The authentication type should be changed to user authentication.

Correct Answer: E QUESTION 216
Study the diagram and answer the question below. What type of client GUI is shown in the
“Pass Any Exam. Any Time.” – www.actualtests.com 114 Checkpoint 156-215-71: Practice Exam diagram?

A. Rule Base GUI
B. SmartView Tracker
C. Security Status GUI
D. Security SmartDashboard
E. SmartView Status

Correct Answer: B QUESTION 217
SmartUpdate is the primary tool used for upgrading Check Point gateways. When upgrading your gateway, what feature will you choose if want to upgrade all packages installed on your gateway?
ActualTests.com
A. Minimal Effort Upgrade
B. Add Package to Repository
C. Upgrading the Gateway
D. Upgrade All Packages
E. Zero Effort

Correct Answer: D QUESTION 218
The allowed Sources in the Location tab of the User Properties window specify that the user to
“Pass Any Exam. Any Time.” – www.actualtests.com 115 Checkpoint 156-215-71: Practice Exam whom a User Authentication rule is being applied is not allowed access from the source address, while the rule itself allows access. To resolve this conflict, you will have to:

A. Create an administrator account in place of the user account
B. Install your rule base
C. Re-create the user object
D. Select Allowed Destinations field in the Network Object Properties
E. Configure User Authentication Action Properties screen

Correct Answer: E
QUESTION 219
What services are supported by client authentication?
A. All services
B. FTP
C. RLOGIN D. HTTP and FTP
E. TELNET, HTTP and FTP
F. HTTPS, HTTP and FTP

Correct Answer: A
QUESTION 220
In what situation will you consider and deploy policy management conventions?
A. No available answer
B. In some situations
C. In some rear situations
D. In all situations
E. Not in any situation

Correct Answer: D
QUESTION 221
On the Anti-Spam & Mail tab of the SmartDashboard, you can configure which of the following:

ActualTests.com
A. Select gateways that enforce Anti-Virus checking
B. Enable automatic updates
C. View settings and logs
D. Select gateways that enforce Anti-Spam protection
E. View alerts

Correct Answer: ABCD QUESTION 222
Which of the following is true of Symmetric Encryption?
A. Both communicating parties using Symmetric Encryption use different keys for encryption and decryption
B. The material used to build these keys must be exchanged in a secure manner
C. Both communicating parties using Symmetric Encryption use the same key for encryption and decryption
D. The material used to build these keys does not have to be exchanged in a secure manner
E. Information can be securely exchanged only if the key belongs exclusively to the communicating parties

Correct Answer: BCE

FLYDUMPS offer you detailed CheckPoint 156-215 exam sample questions. Our experts come from different parts of the Industry and are most experienced and qualified to have the opportunity to write the CheckPoint 156-215 exam for us. CheckPoint 156-215 exam sample questions are even more difficult than the actual test. Our CheckPoint 156-215 exam PDF is a mock up of the actual certification exam questions. This technique has been used for a longest time and it is 100% guaranteed. CheckPoint 156-215 exam sample questions provides you everything you will need to take your CheckPoint 156-215 Exam. The CheckPoint 156-215 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical.

Welcome to download the newest Examwind 70-496 dumps: https://www.pass4itsure.com/70-496.html

Continue Reading

CheckPoint 156-215 Exam Cost, The Most Recommended CheckPoint 156-215 Study Guide Online Store

Welcome to download the newest Pass4itsure 70-210 dumps:

If you want to pass CheckPoint 156-215 successfully,do not missing to read Flydumps latest ChecPoint 156-215 practice tests.100% Guarantee! All the dumps are updated timely.

QUESTION 141
R71’s INSPECT Engine inserts itself into the kernel between which tow layers of the OSl model?
A. Physical and Data
B. Session and Transport
C. Presentation and Application
D. Data and Network

Correct Answer: C
QUESTION 142
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the “I”, “I”, and ‘o’ inspection points, but not in the ‘O’ inspection. Which is the likely source of the issue?
A. The packet has been sent out through a VPN tunnel unencrypted.
B. An IPSO ACL has blocked the outbound passage of the packet.
C. A SmartDefense module has blocked the packet
D. It is an issue with NAT

Correct Answer: D
QUESTION 143
Your company has two headquarters, one in London, and one in New York Each office includes ActualTests.com several branch offices. The branch offices need to rate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of:
A. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the center of the Community and its branches as satellites The mesh Community includes only New York and London Gateways.
B. One star Community with the option to “mesh” the center of the star: New York and London Gateways added to the center of the star with the mesh canter Gateways option checked, all London branch offices defined m one satellite window, but all New York branch offices defined m another satellite window.
C. Two mesh and one star Community One mesh Community is set up for each of the headquarters and its branch offices The star Community is configured with London as the center of the Community and New York is the satellite.
D. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one for London and New York headquarters.

Correct Answer: A
QUESTION 144
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped Security Policy?
A. Pop-up alert script
B. User-defined alert script
C. Custom scripts cannot be executed through alert scripts
D. SNMP trap alert script

Correct Answer: B
QUESTION 145
The command fw fetch causes the:
A. Security Management Server to retrieve the IP addresses of the target Security Gateway. ActualTests.com
B. Security Gateway to retrieve the compiled policy and inspect code from the Security Management Server and install it to the kernel
C. Security Gateway to retrieve the user database information from the tables on the Security Management Server
D. Security Management Server to retrieve the debug logs of the target Security Gateway

Correct Answer: B
QUESTION 146
You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credential. What must happen after authentication that
“Pass Any Exam. Any Time.” – www.actualtests.com 58 Checkpoint 156-215-71: Practice Exam allows the client to connect to the Security Gateway’s VPN domain?
A. Active-X must be allowed on the client.
B. An office mode address must be obtained by the client.
C. SNX modifies the routing table to forward VPN traffic to the Security Gateway.
D. The SNX client application must be installed on the client.

Correct Answer: A
QUESTION 147
Which authentication type requires specifying a contact agent in the Rule Base?
A. Client Authentication with Partially Automatic Sign On
B. User Authentication
C. Session Authentication
D. Client Authentication with Manual Sign On

Correct Answer: C
QUESTION 148
You find a suspicious FTP connection trying to connect to one of your internal hosts. How do you block it m real time and verify it is successfully blocked?
A. Highlight the suspicious connection in SmartView Tracker > Active mode. Block it using Tools > ActualTests.com Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”.
B. Highlight the suspicious connection in SmartView Tracker > Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
C. Highlight the suspicious connection in SmartView Tracker > Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view.
D. Highlight the suspicious connection in SmartView Tracker > Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”.

Correct Answer: B
QUESTION 149
Your network includes a SecurePlatform machine running NG with Application Intelligence (Al) R55. This configuration acts as both the primary Security Management Server and VPN-1 Pro Gateway. You add one machine, so you can implement Security Gateway R71 in a distributed environment. The new machine is an Intel CoreDuo processor, with 2 GB RAM and a 500-GB hard drive. How do you use these two machines to successfully migrate the NG with Al R55 configuration?
A. 1. On the existing machine, export the NG with AJ R55 configuration to a network share.
2.
Insert the R71 CD-ROM in the old machine Install the R7D Security Gateway only while reinstalling the SecurePlatform OS over the top of the existing installation. Complete sysconfig.

3.
On the new machine, install SecurePlatform as the primary Security Management Server only.

4.
Transfer the exported. tgz file into the new machine, import the configuration, and then reboot

5.
Open SmartDashboard, change the Gateway object to the new version, and reset SIC for the
Gateway object.

B. 1. Export the configuration on the existing machine to a tape drive
2.
Uninstall the Security Management Server from the existing machine, using sysconfig.

3.
Insert the R71 CD-ROM. run the patch add CD-ROM command to upgrade the existing machine to the R71 Security Gateway, and reboot

4.
Install a new primary Security Management Server on the new machine

5.
Change the Gateway object to the new version, and reset SIC
C. 1. Export the configuration on the existing machine to a network share
2.
Uninstall the Security Gateway from the existing machine, using sysconfig

3.
Insert the R71 CD ROM. and run the patch add CD-HGM command to upgrade the Security
Management Server to Security Gateway R 70
4.
Select upgrade with imported file, and reboot

5.
Install a new R71 Security Gateway as the only module on the new machine, and reset SIC to the new Gateway ActualTests.com
D. 1. Export the configuration on the existing machine as a backup only
2.
Edit $FWDIR\product. conf on the existing machine, to disable the VPN-1 Pro Gateway package

3.
Reboot the existing machine

4.
Perform an in place upgrade on the Security Management Server using the command “patch odd cd”

5.
On the new machine, install SecurePlatform as the R71 Security Gateway only

6.
Run sysconfig to complete the configuration

7.
From SmartDashboard, reconfigure the Gateway object to the new version, and reset SIC

Correct Answer: A
QUESTION 150
How can you access the Certificate Revocation List (CRL) on the firewall, if you have configured a Stealth Rule as the first explicit rule?
A. You can access the Revocation list by means of a browser using the URL: <https: //IP-FW: 18264/ICA_CRLI.crl> provided the implied rules are activated per default
B. The CRL is encrypted, so it is useless to attempt to access it.
C. You cannot access the CRL, since the Stealth Rule will drop the packets
D. You can only access the CRI via the Security Management Server as the internal CA is located on that server
Correct Answer: A
QUESTION 151
What port is used for communication to the User Center with SmartUpdate?
A. CPMI200
B. HTTPS443
C. HTTP 80
D. TCP 8080

Correct Answer: B
QUESTION 152
ActualTests.com You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interface and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.
A. /etc/conf/route.C
B. /etc/sysconfig/netconf.C
C. /etc/sysconfig/network-scripts/ifcfg-ethx
D. /etc/sysconfig/network

Correct Answer: B
QUESTION 153
You are Security Administrator preparing to deploy a new HFA (HOTfix Accumulator) to ten Security Gateways at five geographically separate locations.
What is the BEST method to implement this HFA?
A. Send a Certified Security Engineer to each site to perform the update.
B. Use SmartUpdate to install the packages to each of the Security Gateways remotely
C. Use a SSH connection to SCP the HFA to each Security Gateway. Once copied locally, imitate a remote installation command and monitor the installation progress with SmartView Monitor
D. Send a CD-ROM with the HFA to each location and have local personnel install it.

Correct Answer: B
QUESTION 154
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.

Correct Answer: C
QUESTION 155
Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. Policy Package management
B. dbexport/dbimport
C. Database Revision Control
D. upgrade_export/upgrade_import
Correct Answer: C QUESTION 156
Your Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker’s IP at a peak time of day?
A. SAM – Block Intruder feature of SmartView Tracker
B. Intrusion Detection System (IDS) Policy install
C. SAM – Suspicious Activity Rules feature of SmartView Monitor
D. Change the Rule Base and install the Policy to all Security Gateways

Correct Answer: C QUESTION 157
Which of the following statements about the Port Scanning feature of IPS is TRUE?
A. The default scan detection is when more than 500 open inactive ports are open for a period of 120 seconds
B. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
C. Port Scanning does not block scanning; it detects port scans with one of three levels of detection sensitivity.
D. When a port scan is detected, only a log is issued, never an alert ActualTests.com

Correct Answer: C QUESTION 158
Certificates for Security Gateways are created during a simple initialization from______.
A. SmartUpdate
B. sysconfig
C. The ICA management tool.
D. SmartDashboard

Correct Answer: D QUESTION 159
Reviews the following rules and note the Client Authentication Action properties screen, as shown below: After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:

ActualTests.com
A. User is prompted from that FPT site only, and does not need to enter his user name and password for Client Authentication.
B. User is prompted for Authentication by the Security Gateway again.
C. FTP data connection is dropped after the user is authenticated successfully.
D. FTP connection is dropped by rules 2.

Correct Answer: A QUESTION 160
A Web server behind the Security Gateway is set to Automatic Static NAT Client side NAT is
“Pass Any Exam. Any Time.” – www.actualtests.com 64 Checkpoint 156-215-71: Practice Exam enabled in the Global Properties. A client on the Internet initiates a session to the Web Server. On the initiating packet, NAT occurs on which inspection point?
A. I B. O
B. o
C. i

Correct Answer: B QUESTION 161
Which of the following statements about file-type recognition in Content Inspection is TRUE?
A. Antivirus status is monitored using SrnartView Tracker.
B. A scan failure will only occur if the antivirus engine fails to initialize.
C. All file types are considered “at risk”, and are not configurable by the Administrator or the Security Policy.
D. The antivirus engine acts as a proxy, caching the scanned file before delivering it to the client.

Correct Answer: D QUESTION 162
Which Security Gateway R71 configuration setting forces the Client Authentication authorization time-out to refresh, each time a new user is authenticated? The:
ActualTests.com
A. Global Properties > Authentication parameters, adjusted to allow for Regular Client Refreshment
B. Time properties, adjusted on the user objects for each user, in the source of the Client Authentication rule
C. IPS > Application Intelligence > Client Authentication > Refresh User Timeout option enabled
D. Refreshable Timeout setting, in the Limits tab of the Client Authentication Action Properties screen

Correct Answer: D QUESTION 163
“Pass Any Exam. Any Time.” – www.actualtests.com 65 Checkpoint 156-215-71: Practice Exam What information is found in the SmartView Tracker Management log?
A. Most accessed Rule Base rule
B. Number of concurrent IKE negotiations
C. SIC revoke certificate event
D. Destination IP address

Correct Answer: C QUESTION 164
When configuring objects in SmartMap, it helps if you________ the objects so that they may be used in a policy rule.
A. Expand
B. Actualize
C. Physically connect to
D. Save

Correct Answer: B QUESTION 165
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
ActualTests.com
A. First
B. Before Last
C. Last
D. After Stealth Rule

Correct Answer: C QUESTION 166
Your organization’s disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R71 installation. Your plan must meet the following required and desired objectives: “Pass Any Exam. Any Time.” – www.actualtests.com 66 Checkpoint 156-215-71: Practice Exam Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours.
Desired Objective: The R71 components that enforce the Security Polices should be blocked up at least
once a week.
Desired Objective: Back up R71 logs at least once a week
Your disaster recovery plan is as follows:

Use the cron utility to run the upgrade_ export command each night on the Security Management Servers.
Configure the organization’s routine backup software to back up the files created by the upgrade_ export
command.

Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night
Use the cron utility to run the upgrade export: command each Saturday niqht on the log servers
Configure an automatic, nightly loqswitch
Configure the organization’s routine backup software to back up the switched logs every night
Upon evaluation, your plan:

A. Meets the required objective but does not meet either desired objective.
B. Does not meet the required objective.
C. Meets the required objective and only one desired objective.
D. Meets the required objective and both desired objectives.

Correct Answer: D QUESTION 167
Your Rule Base includes a Client Authentication rule, using partial authentication and standard sign-on for HTTP, Telnet, and FTP services. The rule was working, until this morning. Now users are not prompted for authentication, and they see error “page cannot be displayed” in the browser. In SmartView Tracker, you discover the HTTP connection is dropped when the Gateway is the destination. What caused Client Authentication to fail?
A. You added a rule below the Client Authentication rule, blocking HTTP from the internal network.
B. You added the Stealth Rule before the Client Authentication rule.
C. You disabled R71 Control Connections in Global Properties.
D. You enabled Static NAT on the problematic machines.

Correct Answer: B QUESTION 168
Which SmartConsole component can Administrators use to track remote administrative activities?
A. WebUI
B. Eventia Reporter
C. SmartView Monitor
D. SmartView Tracker

Correct Answer: D QUESTION 169
Which of the following statements regarding SecureXL and CoreXL is TRUE?
A. SecureXL is an application for accelerating connections.
B. CoreXL enables multi-core processing for program interfaces.
C. SecureXL is only available in R71.
D. CoreXL is included in SecureXL.

Correct Answer: A QUESTION 170

Flydumps is an excellent source of information on IT Certifications. In the Flydumps, you can find study skills and learning materials for your exam. Flydumps CheckPoint 156-215 dumps are studied by the experienced IT experts. It has a strong accuracy and logic. To encounter Flydumps,  you will encounter the best CheckPoint 156-215 dumps. You can rest assured that using our CheckPoint 156-215 dumps. With it, you have done fully prepared to meet this CheckPoint 156-215 exam.

Welcome to download the newest Pass4itsure 70-210 dumps: http://www.pass4itsure.com/70-210.html

Continue Reading

CheckPoint 156-215 Free Dowload, The Most Effective CheckPoint 156-215 Study Guide Are The Best Materials

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html
Amazing,100% candidates have pass the CheckPoint 156-215 exam by practising the preparation material of Flydumps,beacuse the brain dumps are the latest and cover every aspect of CheckPoint 156-215 eaxm.Download the dumps for an undeniable success in CheckPoint 156-215 exams.

QUESTION 126
Which rule is responsible for the installation failure?
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215-71: Practice Exam

A. Rule 4
B. Rule 3
C. Rule 5
D. Rule 6

Correct Answer: A QUESTION 127
If you experience unwanted traffic from a specific IP address, how can you stop it most quickly? ActualTests.com
A. Check anti-spoofing settings
B. Configure a rule to block the address
C. Create a SAM rule
D. Activate an IPS protection

Correct Answer: C QUESTION 128
You are evaluating the configuration of a mesh VPN Community used to create a site-to-site VPN. This graphic displays the VPN properties in this mesh Community
“Pass Any Exam. Any Time.” – www.actualtests.com 50 Checkpoint 156-215-71: Practice Exam

Which of the following would be a valid conclusion?
A. The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R71 supports.
B. Changing the setting Perform IPsec data encryption with from AES-128 to 3DES will increase the encryption overhead.
C. Changing the setting Perform key exchange encryption with 3DES to DES will enhance the VPN Community’s security, and reduce encryption overhead.
D. Change the data-integrity settings for this VPN CommunitybecauseMD5 is incompatible with AES.

Correct Answer: A
QUESTION 129
You just installed a new Web server in the DMZ that must be reachable from the Internet You create a manual Static NAT rule as follows:
“Pass Any Exam. Any Time.” – www.actualtests.com 51 Checkpoint 156-215-71: Practice Exam

“web_publicIP” is the node Object that represents the public IP address of the new Web server. “web_privateIP” is the node object that represents the new Web site’s private P address You enable all settings from Global Properties > NAT.
When you try to browse the Web server from the Internet, you see the error ‘page cannot be displayed” Which of the following is NOT a possible reason?
A. There is no route defined on the Security Gateway for the public IP address to the private IP address of the Web server.
B. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
C. There is an ARP entry on the Gateway but the settings Merge Manual proxy ARP and Automatic ARP configuration are enabled in Global Properties. The Security Gateway ignores manual ARP entries.
D. There is no ARP table entry for the public IP address of the protected Web server

Correct Answer: A QUESTION 130
Which of the following SSL Network Extender server-side prerequisites is NOT correct?
A. The Gateway must be configured to work with Visitor Mode.
B. There are distinctly separate access rules required for SecureClient users vs. SSL Network Extender users.
C. To use Integrity Clientless Security (ICS), you must install the IC3 server or configuration tool.
D. The specific Security Gateway must be configured as a member of the Remote Access Community

Correct Answer: B QUESTION 131
You need to determine if your company’s Web servers are accessed an excessive number of times from the same host. How would you configure this in the IPS tab?
A. Successive multiple connections
B. Successive alerts
C. Successive DoS attacks
D. HTTP protocol inspection

Correct Answer: A QUESTION 132
What does it indicate when a Check Point product name includes the word “SMART”?
A. Stateful Management of all Routed Traffic.
B. This Check Point product is a GUI Client.
C. Security Management Architecture.
D. The Check Point product includes Artificial Intelligence.

Correct Answer: C QUESTION 133
How many times is the firewall kernel invoked for a packet to be passed through a VPN connection?
A. Three times
B. Twice
C. Once
D. None The IPSO kernel handles it Correct Answer: C
QUESTION 134
When attempting to connect with SecureClient Mobile the following error message is received. The certificate provided is invalid. Please provide the username and password.
What is the probable cause of the error?
A. The certificate provided is invalid.
B. The user’s credentials are invalid.
C. The user attempting to connect is not configured to have an office mode IP address so the connection failed.
D. There is no connection to the server, and the client disconnected.

Correct Answer: A
QUESTION 135
The fw stat -l command includes all of the following except:
A. The number of packets that have been inspected
B. The date and time of the policy that is installed.
C. The number of times the policy has been installed ActualTests.com
D. The number of packets that have been dropped

Correct Answer: A
QUESTION 136
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the cpconfig command and put in the same activation key in the Gateway’s object on the Security Management Server Unfortunately SIC cannot be established. What is a possible reason for the problem?
“Pass Any Exam. Any Time.” – www.actualtests.com 54 Checkpoint 156-215-71: Practice Exam
A. The installed policy blocks the communication.
B. Joe forgot to reboot the Gateway.
C. Joe forgot to exit from cpconfig.
D. The old Gateway object should have been deleted and recreated.

Correct Answer: C
QUESTION 137
The TotallyCoolSecurity Company has a large security staff. Bob configured a new IPS Chicago_Profile for fw-chicago using Detect mode. After reviewing logs, Matt noticed that fw- chicago is not detecting any of the IPS protections that Bob had previously setup. Analyze the output below and determine how can correct the problem.

A. Matt should re-create the Chicago_Profile and select Activate protections manually Instead of ActualTests.com per the IPS Policy
B. Matt should activate the Chicago_Profile as it is currently not activated
C. Matt should assign the fw-chicago Security Gateway to the Chicago_Profile
D. Matt should change the Chicago_Profile to use Protect mode because Detect mode will not work.

Correct Answer: C
QUESTION 138
Which statement below describes the most correct strategy for implementing a Rule Base?
“Pass Any Exam. Any Time.” – www.actualtests.com 55 Checkpoint 156-215-71: Practice Exam
A. Add the Stealth Rule before the last rule.
B. Umit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Place a network-traffic rule above the administrator access rule.

Correct Answer: C
QUESTION 139
An Administrator without access to SmartDashboard installed a new IPSO-based R71 Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy?
A. You first need to create a new UTM-1 Gateway object, establish SIC via the Communication button, and define the Gateway’s topology.
B. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server You must initialize SIC on the Security Management Server.
C. An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance Resolve by running the tw unloadlocal command on the local Security Gateway.
D. You first need to run the fw unloadlocal command on the R71 Security Gateway appliance in order to remove the restrictive default policy.
Correct Answer: B
QUESTION 140
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
A. diag
B. cpinfo -o date.cpinfo.txt
C. netstat > date.netstat.txt
D. cpstat > date.cpatat.txt

Correct Answer: B

CheckPoint 156-215 exam dumps provide you with test questions that are covered in details and utmost care is taken in selecting the right answers. Top IT industry experts and professionals make sure that the students get thoroughly researched 100% authentic answers.The CheckPoint 156-215 exam dumps are available in pdf and software format. This makes it very convenient for you to follow the course study and exam whenever and wherever you want.

Welcome to download the newest Pass4itsure ns0-155 Practice Test dumps: http://www.pass4itsure.com/ns0-155.html

CheckPoint 156-215 Free Dowload, The Most Effective CheckPoint 156-215 Study Guide Are The Best Materials

Continue Reading

CheckPoint 156-215 New Questions, 50% Discount CheckPoint 156-215 Demo Download Covers All Key Points

Hi,I just took CCNA CheckPoint 156-215 test and passed with a great score.All examcollection and securitytut dump are no longer valid anymore.I recommend studying Exampass Premium VCE.I can confirm that all CheckPoint 156-215 new questions appear on my test. Keep up the good work and good luck!

QUESTION 56
There is a Web server behind your perimeter Security Gateway. You need to protect the server from network attackers, who creates scripts that force your Web server to send user credentials or identities to other Web servers. Which box do you check in the Web Intelligence tab in SmartDashboard?
A. Command Injection protection
B. SQL Injection protection
C. HTTP header format checking
D. HTTP protocol inspection protection
E. Cross Site Scripting protection

Correct Answer: E
QUESTION 57
How do you control the maximum mail messages in a spool directory?
A. In the SMTP resource object
B. In the smtp.conf file on the SmartCenter Server
C. In the gateway object’s SMTP settings in the Advanced window
D. In SmartDefense SMTP settings
E. In the Security Server window in Global Properties

Correct Answer: C
QUESTION 58
Quinton is the Security Administrator for a chain of retail stores. In a recent security newsletter, Quinton read about an attack where a client fools a server into sending large amount of data, using small packets. Quinton is concerned that this company’s servers might be vulnerable to this type of attack. Which smartDefense option should Quinton use to protect the servers?
A. Application Intelligence > DNS > Cache poisoning
B. Network Security > Successive events > DoS
C. Network Security > TCP > Small PMTU
D. Application Intelligence > Microsoft Networks > File and Print Sharing
E. Network Security > Denial of Service > LAND
Correct Answer: C QUESTION 59
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 999
B. Rule 0
C. Rule 1
D. Cleanup Rule
E. Stealth Rule

Correct Answer: B
QUESTION 60
Sonny is the Security Administrator for a company with a large call center. The management team in the center is concerned that employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch breaks. The call center’s network is protected by an internal Security Gateway, configured to drop peer-to-peer file-sharing traffic. The call-center management team wants to know if the Security Gateway protecting the call center drops more packets than other internal Security Gateways in the corporate network. Which application should Sonny use, determine the number of packets dropped by each Gateway?
A. SmartView Status
B. SmartView Monitor
C. SmartDashboad
D. SmartView Tracker
E. SmartUpdate

Correct Answer: B
QUESTION 61
Katie is the Security Administrator for an insurance company. Her manager gives Katie the following requirements for controlling DNS traffic:
*
Required Result #1: Accept domain name-over-TCP traffic (zone-transfer traffic).

*
Required Result #2: Log domain name-over-TCP traffic (zone-transfer traffic).

*
Desired Result #1: Accept domain name-over-UDP traffic (queries traffic)

*
Desired Result #2: Do not log domain name-over-UDP traffic (queries traffic)

*
Desired Result #3: Do not clutter the Rule Base, by creating explicit rules for traffic that can be controlled using Global Properties. Katie makes the following configuration changes, and installs the Security Policy:
1.
She selects the box “Accept Domain Name over TCP (Zone transfer)” in Global Properties.

2.
She selects the box “Accept Domain Name over UDP (Queries)” in Global Properties.

3.
She selects the box “Log Implied Rules” in Global Properties Does Katie’s solution meet the required and desired results?
A. The solution meets all required results, and none of the desired results.
B. The solution does not meet the required results.
C. The solution meets all required and desired results.
D. The solution meets the required results, and one of the desired results.
E. The solution meets the required results, and two of the desired results.

Correct Answer: E
QUESTION 62
David is a consultant for a software-deployment company. David is working at a customer’s site this week. David’s ask is to create a map of the customer’s VPN tunnels, including down and destroyed tunnels. Which SmartConsole application will provide David with the information needed to create this map?
A. SmartView Tracker
B. SmartLSM
C. SmartView Monitor
D. SmartView Status
E. SmartUpdate

Correct Answer: C
QUESTION 63
Gail is the Security Administrator for a marketing firm. Gail is working with the networking team, to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks Gail to check he configuration settings for the perimeter Security Gateway. Which SmartConsole application should Gail use to check the configuration settings?
A. SmartView Tracker
B. SmartView Monitor
C. SmartUpdate
D. SmartDashboard
E. SmartView Status

Correct Answer: D
QUESTION 64
One of your remote Security Gateways suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the SmartCenter Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic gateway object, you receive an error message “unknown”. What is the problem?
A. The time on the SmartCenter Server’s clock has changed, which invalidates the remote Gateway’s Certificate.
B. The remote Gateway’s IP address has changed, which invalidates the SIC Certificate.
C. The Security Gateway is NG with Application Intelligence, and the SmartCenter Server is NGX.
D. The Internal Certificate Authority for the SmartCenter object has been removed from objects_5_0.c.
E. There is no connection between the SmartCenter Server and the remote Gateway. Rules or routing may block the connection.

Correct Answer: E
QUESTION 65
Frank wants to know why users on the corporate network cannot receive multicast transmissions from the Internet. A VPN-1 NGX Security Gateway protects the corporate network from the Internet. Which of the following is a possible cause for the connection problem?
A. VPN-1 NGX does not support multicast routing protocols and streaming media through the Security Gateway.
B. The Multicast Rule is below the Stealth Rule. VPN-1 NGX can only pass multicast traffic, it the Multicast Rule is above the Stealth Rule.
C. Multicast restrictions are configured improperly on the external interface properties of the Security Gateway object.
D. Anti-spoofing is enabled. VPN-1 NGX cannot pass multicast traffic, if anti-spoofing is enabled.
E. Frank did not install the necessary multicast license with SmartUpdate, when upgrading the VPN-1 NGX.

Correct Answer: C
QUESTION 66
You are concerned that a message may have been intercepted and retransmitted, thus compromising the security of the communications. You attach a code to the electronically transmitted message that uniquely identifies the sender. This code is known as a:
A. Digital signature
B. Tag
C. Private key
D. AES flag
E. Diffie-Helman verification

Correct Answer: A
QUESTION 67
A user attempts authentication using SecureClient. The user’s password is rejected, even though it is
correctly defined in the LDAP directory.
Which of the following is a valid cause?

A. The LDAP server has insufficient memory
B. The LDAP and Security Gateway databases are not synchronized.
C. The SmartCenter Server cannot communicate with the LDAP server.
D. The user has defined the wrong encryption scheme.
E. The user is defined in both the NGX user database and the LDAP directory

Correct Answer: B
QUESTION 68
Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates:
A. for NGX Security Gateways are created during the SmartCenter Server installation.
B. For the SmartCenter Server are created during the SmartCenter Server installation.
C. Are used for securing internal network communications between the SmartView Tracker and an OPSEC device
D. Decrease network security by securing administrative communication among the SmartCenter Servers and the Security Gateway
E. Uniquely identify Check Point enabled machines; they have the same function as Authentication Certificates

Correct Answer: B
QUESTION 69
Exhibit: *** MISSING ***
Review the following rules and note the Client Authentication Action properties screen as displayed in the
exhibit,
After being authenticated by the Security Gateway, when a user starts an HPPT connection to a Web site,
the user tries to FTP another site using the command line.
What happens to the user?
The…

A. FTP session is dropped by the implicit Cleanup Rule.
B. User is prompted from that FTP site only, and does not need to enter username and password for Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication bye the Security Gateway again.
Correct Answer:
QUESTION 70
Diffie-Hellman uses which type of key exchange?
A. Adaptive
B. Asymmetric C. Symmetric
D. Static
E. Dynamic

Correct Answer: B
QUESTION 71
Certkiller’s main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. Certkiller
also has a small network 10.10-.20.0/24 behind the internal router. Jack wants to configure the kernel to
translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP,
and FTP services.
Which of the following configurations will allow this network to access Internet?

A. Automatic Static NAT on network 10.10.20.0/24
B. Manual Hide NAT rules for HTTP, FTP, and SMTP services for network 10.10.20.0/24.
C. Manual Static NAT rules for network 10.10.20.0/24,
D. Automatic Hide NAT for network 10.10.20.0/24.
E. No change is necessary.

Correct Answer: B
QUESTION 72
With SmartDashboard Smart Directory, you can create NGX user definitions on a(n) _____________ Server.
A. NT Domain
B. LDAP
C. Provider-1
D. SecureID
E. Radius

Correct Answer: B
QUESTION 73
Jens notices a large amount of traffic from a specific internal IP address. He needs to verify if it is a network attack, or a user’s system infected with a worm. He has enabled Sweep Scan Protection and Host port scan in SmartDefense. Will Jens get all the information he needs from these actions?
A. No. SmartDefense will only block the traffic, but it will not provide a detailed analysis of the traffic.
B. No. SmartDefense will not block the traffic. The logs and alert can provide a further level information, but determining whether the attack is intentional or a worm requires further research by Jens.
C. No. Jens also should set SmartDefense to quarantine the traffic from the suspicious IP address.
D. Yes. SmartDefense will limit the traffic impact from the scans, and identify if the pattern of the traffic matches any known worms.
E. No. To verify if this is a worm or an active attack, Jens should also enable TCP attack defenses.

Correct Answer: B
QUESTION 74
Which NGX feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. cpconfig
B. upgrade_export/upgrade_import
C. Database Revision Control
D. Dbexport/dbimport
E. Policy Package management

Correct Answer: C
QUESTION 75
How do you configure an NGX Security Gateway’s kernel memory settings, without manually modifying the configuration files in $FWDIR\lib? By configuring:
A. the settings on the Gateway object’s Capacity Optimization screen
B. the settings on the Global Properties Capacity Optimization screen
C. the Settings on the Gateway object’s Advanced screen
D. the settings on the SmartCenter Server object’s Advanced screen
E. SmartDefense Kernel Defender options

Correct Answer: A
QUESTION 76
Which of the following is NOT a feature or quality of a hash function?
A. Encrypted with the sender’s RSA private key, the hash function forms the digital signature.
B. It is mathematically infeasible to derive the original message from the message digest.
C. The hash function forms a two-way, secure communication.
D. The hash function is irreversible.
E. It is mathematically infeasible for two different messages to produce the same message digest.

Correct Answer: C
QUESTION 77
You are a Security Administrator configuring Static NAT on an internal host-node object. You clear the box “Translate destination on client side”, accessed from Global Properties > NAT settings > Automatic NAT. Assuming all other Global Properties NAT settings are selected, what else must be configured for automatic Static NAT to work?
A. The NAT IP address must be added to the anti-spoofing group of the external Gateway interface
B. Two address-translation rules in the Rule Base
C. No extra configuring needed
D. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway’s external interface
E. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway’s internal interface
Correct Answer: E
QUESTION 78
Which encryption scheme provides “In-place” encryption?
A. IKE
B. Manual IPSec
C. DES
D. SKIP
E. AES
Correct Answer: C
QUESTION 79
After importing the NGX schema into an LDAP server, what should you enable?
A. Schema checking
B. Encryption
C. UserAuthority
D. ConnectControl
E. Secure Internal Communications

Correct Answer: A
QUESTION 80
Which ldif file must you modify to extend the schema of a Windows 2000 domain?
A. In NGX you do not need to modify any .ldif file
B. The appropriate .ldif file is located in the Security Gateway: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif
C. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/lib/ldap/schema_microsoft_ad.ldif
D. The appropriate .ldif file is located in the Security Gateway: $FWDIR/lib/ldif/Microsoft_ad_schema.ldif
E. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif
Correct Answer: C
QUESTION 81
What is the reason for the Critical Problem notification in this SmartView Monitor example?

A. Active real memory shortage on the Gateway
B. No Security Policy installed on the Security Gateway
C. Version mismatch between the SmartCenter Server and Security Gateway
D. Time not synchronized between the SmartCenter Server and Security Gateway
E. No Secure Internal Communications established between the SmartCenter Server and Security
Gateway

Correct Answer: B
QUESTION 82
Your standby SmartCenter Server’s status is collision. What does that mean, and how do you synchronize the Server and its peer?
A. The standby and active Servers have two Internal Certificate Authority (ICA) Certificates. Uninstall and reinstall the standby Server.
B. The active Server detected a keep-alive packet from the standby Server.
C. The peer Server has not been properly synchronized. Manually synchronize both Servers again.
D. The peer Server is more up-to-date. Manually synchronize both Servers again.
E. The active SmartCenter Server and its peer have different Security Policies and databases. Manually synchronize the Servers, and decide which Server’s configuration to overwrite.

Correct Answer: E
QUESTION 83
Sarah is the Security Administrator for Certkiller . Sarah has configured SmartDefense to block the CWD and FIND commands. Sarah installs the Security Policy, but the Security Gateway continues to pass the commands. Which of the following could be the cause of the problem?
A. The Rule Base includes a rule accepting FTP to any source, from any destination.
B. The SmartDefense > Application Intelligence > FTP Security Server screen does not have the radio button set to “Configurations apply to all connections”.
C. The FTP Service Object > Advanced > Blocked FTP Commands list does not include CWD and FIND.
D. The Web Intelligence > Application Layer > FTP Settings list is configured to allow, rather than exlude, CW and FIND commands.
E. The Global Properties > Security Server > “Control FTP Commands” box is not checked.

Correct Answer: B
QUESTION 84
Your NGX enterprise SmartCenter Server is working normally. However, you must reinstall the SmartCenter Server, but keep the SmartCenter Server configuration (for example, all Security Policies, databases, etc.) How would you reinstall the Server and keep its configuration?
A. 1. Run the latest upgrade_export utility to export the configuration.
2.
Keep the exported file in the same location.

3.
Use SmartUpdate to reinstall the SmartCenter Server.

4.
Run upgrade_import to import the configuration.
B. 1. Run the latest upgrade_export utility to export the configuration.
2.
Leave the exported .tgz file in $FWDIR.

3.
Install the priCertkiller SmartCenter Server on top of the current installation.

4.
Run upgrade_import to import the configuration.
C. 1. Insert the NGX CD-ROM, and select the option to export the configuration into a .tgz file.
2.
Transfer the .tgz file to another networked machine.

3.
Uninstall all NGX packages, and reboot.

4.
Use the NGX CD-ROM to select the upgrade_import option to import the configuration.
D. 1. Download the latest upgrade_export utility, and run it from $FWDIR\bin to export the configuration into a .tgz file.
2.
Transfer the .tgz file to another networked machine.

3.
Uninstall all NGX packages, and reboot.

4.
Install a new priCertkiller SmartCenter Server.

5.
Run upgrade_import to import the configuration.
Correct Answer: D QUESTION 85
How can you reset Secure Internal Communications (SIC) between a SmartCenter and Security Gateway?
A. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security Gateway from SmartDashboard.
B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
C. From the SmartCenter Server’s command line type fw putkey -p <shared key> <IP Address of SmartCenter Server>.
D. From the SmartCenter Server’s command line type fw putkey -p <shared key> <IP Address of Security Gateway>.
E. Reinstall the Security Gateway.

Correct Answer: B
QUESTION 86
You have locked yourself out of SmartDashoard with the rules you just installed on your stand alone Security Gateway. Now you cannot access the SmartCenter Server or any SmartConsole tools via SmartDashboard. How can you reconnect to SmartDashboard?
A. Run cpstop on the SmartCenter Server.
B. Run fw unlocklocal on the SmartCenter Server.
C. Run fw unloadlocal on the Security Gatewawy.
D. Delete the $fwdir/database/manage.lock file and run cprestart.
E. Run fw uninstall localhost on the Security Gateway.

Correct Answer: C
QUESTION 87
Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to verify that the Web servers are secure against traffic hijacks. She has activated the Cross-Site Scripting property. What other settings would be appropriate? Ellen:
A. should also enable the Web intelligence > SQL injection setting.
B. must select the “Products > Web Server” box on each of the node objects.
C. should enable all settings in Web Intelligence.
D. needs to configure TCP defenses such as “Small PMTU” size.
E. needs to create resource objects for the web farm servers and configure rules for the web farm.

Correct Answer: B
QUESTION 88
William is a Security Administrator who has added address translation for his internal Web server to be accessible by external clients. Due to poor network design by his predecessor, William sets up manual NAT rules for this server, while his FTP server and SMTP server are both using automatic NAT rules. All traffic from his FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped because of anti-spoofing settings. What is causing this?
A. “Allow bi-directional NAT” is not checked in Global Properties.
B. “Translate destination on client side” is not checked in Global Properties under “Manual NAT Rules”.
C. “Translate destination on client side” is not checked in Global Properties > Automatic NAT Rules.
D. Routing is not configured correctly.
E. Manual NAT rules are not configured correctly.
Correct Answer: B
QUESTION 89
You are a security consultant for a hospital. You are asked to create some type of authentication rule on the NGX Security Gateway, to allow doctors to update patients’ records via HTTP from various workstations. Which authentication method should you use?
A. Client Authentication
B. LDAP Authentication
C. SecureID Authentication
D. TACAS Authentication
E. User Authentication

Correct Answer: E
QUESTION 90
Certkiller is the Security Administrator for an online bookstore. Customers connect to a variety of Web servers to place orders, change orders, and check status of their orders. Mrs. Bill checked every box in the Web Intelligence tab, and installed the Security Policy, She ran penetration test through the Security Gateway, to determine if the Web servers were protected from cross-site scripting attacks. The penetration test indicated the Web servers were still vulnerable. Which of the following might correct the problem?
A. The penetration software Certkiller is using is malfunctioning and is reporting a false-positive.
B. Certkiller must create resource objects, and use them in the rule allowing HTTP traffic to the Web servers.
C. Certkiller needs to check the “Products > Web Server” box on the host node objects representing his Web servers.
D. Certkiller needs to check the “Web Intelligence” box in the SmartDefense > HTTP Properties.
E. Certkiller needs to configure the Security Gateway protecting the Web servers as a Web server.

Correct Answer: C

Our material on our site CheckPoint 156-215 is exam-oriented,keeping in view the candidates requirements and level of understanding. CheckPoint 156-215 materials are in the most popular and easy-to-use PDF version. You can use it on any devices with you anywhere.

Continue Reading

100% Pass CheckPoint 156-215 Exam By Training CheckPoint 156-215 Exam Dumps

Welcome to download the newest Flydumps 156-215 VCE dumps: https://www.pass4itsure.com/156-215.html

Exam A
QUESTION 1
Which VPN-1 NGX feature or command allows Security Administrators to revert to earlier versions of the same Security Policy?
A. Policy Package management
B. cpinfo
C. cpconfig
D. Database Revision Control
E. upgrade_export/import

Correct Answer: D
QUESTION 2
In SmartView Tracker, you see an entry for an outbound connection showing address translation. But when setting SmartView Tracker to show all entries for that connection, only outbound entries show. What is the possible cause for this?
A. The entry is for a Manual Dynamic NAT connection, from a specific host infected by a worm.
B. The entry is for a Manual Static NAT connection, where inbound traffic is managed by a separate rule.
C. The entry is for a Static NAT connection, from a specific host that has been infected by a worm.
D. The entry is for a Dynamic NAT connection from a specific host.

Correct Answer: B
QUESTION 3
Which of the following commands is used to restore VPN-1 NGX configuration information?
A. gunzip
B. cpconfig
C. fw ctl pstat
D. cpinfo
E. upgrade_import

Correct Answer: E
QUESTION 4
Which OPSEC server is used to prevent users from accessing certain Web sites?
A. CVP
B. DEFENDER
C. URI
D. FTP
E. UFP

Correct Answer: E
QUESTION 5
Your organization Certkiller .com’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How would you request and apply the license?
A. Request a central license, using the remote Security Gateway’s IP address. Apply he license locally with the fwputlic command.
B. Request a central license, using the SmartCenter Server’s IP address. Apply the license locally on the remote Gateway with the fwputlic command.
C. Request a central license, using your SmartCenter Server’s IP address. Attach the license to the remote Gateway via SmartUpdate.
D. Request a central license, using the remote Gateway’s IP address. Attach the license to the remote Gateway via SmartUpdate.
E. Request local licenses for all Gateways separately. Apply the license locally on the remote Gateways with the fwputlic command.

Correct Answer: C
QUESTION 6
How do you create more granular control over commands, such as CWD and FIND, in FTP data connections?
A. Use Global Properties > Security Server settings.
B. Use the gateway object’s Security Server settings.
C. Use the Service field of the Rule Base.
D. Use an FTP resource object.
E. Use FTP Security Server settings in SmartDefense.

Correct Answer: E
QUESTION 7
Which of the following is the final step in a VPN-1 NGX backup?
A. Test restoration in a non-production environment, using the upgrade_import command.
B. Move the *.tgz file to another location.
C. Copy the conf directory to another location.
D. Run the upgrade_export command.
E. Run the cpstop command.

Correct Answer: B
QUESTION 8
Choose the BEST sequence for configuring user management on SmartDashboard, for use with an LDAP server:
A. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP server using an OPSEC application.
B. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP resource object.
C. Enable LDAP in Global Properties, configure a host-node object for the LDAP Server, and configure a server object for the LDAP Account Unit.
D. Configure a server object for the LDAP Account Unit, and create an LDAP resource object.
E. Configure a workstation object for the LDAP server, configure a server object for the LDAP Account Unit, and enable LDAP in Global Properties.

Correct Answer: C
QUESTION 9
You want to create an IKE VPN between two VPN-1 NGX Security Gateways, to protect two networks. The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind the peer’s Gateway. Which type of address translation should you use, to ensure the two networks access each other through the VPN tunnel?
A. Hide NAT
B. None
C. Dynamic NAT
D. Static NAT
E. Manual NAT

Correct Answer: B
QUESTION 10
Yoav is a Security Administrator preparing to implement a VPN solution for his multisite organization. To comply with industry regulations, Yoav’s VPN solution must meet the following requirement:
*
Portability: Standard

*
Key management: Automatic, external PKI

*
Session keys: Changed at configured times during a connection’s lifetime

*
Key length: No less that 128-bit

*
Data integrity: Secure against inversion and brute-force attacks What is the most appropriate setting Yoav should choose?

A.
IKE VPNs: AES encryption for IKE Phase 1, and DES encryption for Phase 2; SHA1 hash

B.
IKE VPNs: SHA1 encryption for IKE Phase 1, and MD5 encryption for Phase 2; AES hash

C.
IKE VPNs: CAST encryption for IKE Phase 1, and SHA1 encryption for Phase 2; DES hash

D.
IKE VPNs: DES encryption for IKE Phase 1, and 3DES encryption for Phase 2; MD5 hash

E.
IKE VPNs: AES encryption for IKE Phase 1, and AES encryption for Phase 2; SHA1 hash

Correct Answer: E

Flydumps 156-215 dumps with PDF + Premium VCE + VCE Simulator: https://www.pass4itsure.com/

Continue Reading