Vendor
: Check Point
Exam Code : 156-215.71
Version: Demo
Cheat-Test, help you pass any IT exam!
Cheat-Test.com - The Worldwide Renowned IT Certification Material Provider! The safer, easier way to help you pass any IT Certification exams.
We provide high quality IT Certification exams practice questions and answers (Q&A). Especially Cisco, Microsoft, HP, IBM, Oracle, CompTIA, Adobe, Apple, Citrix, EMC, Isaca, Avaya, SAP and so on. And help you pass an IT Certification exams at the first try.
Cheat-Test product Features: •
Verified Answers Researched by Industry Experts
•
Questions updated on regular basis
•
Like actual certification exams our product is in multiple-choice questions (MCQs).
•
Our questions and answers are backed by our GUARANTEE.
7x24 online customer service: contact@cheat-test.com
Click Here to get more Free Cheat-Test Certification exams!
http://www.Cheat-Test.com
Q: 1 A Web server behind the Security Gateway is Automatic NAT Cli ent side NAT is enabled in the Global Properties. A client on the Internet initiates a session to the Web Server. On the initiating packet, NAT occurs on which inspection point? A. O B. o C. I Answer: B Q: 2 Which of the following is NOT supported with office mode? A. Transparent mode B. L2TP C. Secure Client D. SSL Network Extender Answer: A Q: 3 You have blocked an IP address via the Block Intruder feature of SmartView Tracker How can you view the blocked addresses’? A. Run f wm blockedview B. In SmartView Monitor, Select the Blocked Intruder option from the query tree view C. In SmartView Monitor, select Suspicious Activity Rules from the Tools menu and select the relevant Security Gateway from the List D. In SmartView Tracker, click the Active tab. and the actively blocked connections displays Answer: C Q: 4 You are creating an output file with the following command: Fw monitor –e”accept(arc=10. 20. 30. 40 or dst=10, 20, 30,-40) :” –o~/output Which tools do you use to analyze this file? A. You can analyze it with Wireshark or Ethereal B. You can analyze the output file with any ASCI editor. C.The output file format is CSV. so you can use MS Excel to analyze it D. You cannot analyze it with any tool as the syntax should be: fw monitor –e accept ([12,b] = 10.20.30.40 or [16,b] = 10.20.30.40);-0~/output Answer: A Q: 5 You find a suspicious FTP connection trying to connect to one of your internal hosts. How do you block it m real time and verify it is successfully blocked? A. Highlight the suspicious connection in SmartView Tracker>Active mode. Block it using Tools>Block Intruder menu. observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as “dropped” B. Highlight the suspicious connection in SmartView Tracker>Active mode. Block it using Tools>Block Intruder menu. observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view. C. Highlight the suspicious connection in SmartView Tracker>Log mode. Block it using Tools>Block Intruder menu. observe in the Log mode that the suspicious connection does not appear again in this
SmartView Tracker view. D. Highlight the suspicious connection in SmartView Tracker>Log mode. Block it using Tools>Block Intruder menu. observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”. Answer: B Q: 6 What is a Consolidation Policy? A. The collective name of the Security Policy,Address Translation, and IPS Policies. B. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database. C. The collective name of the logs generated by SmartReporter, D. A global Policy used to share a common enforcement policy for multiple Security Gateways. Answer: B Q: 7 A Security Policy installed by another Security Administrator has blocked all SmartDashboard connections to the stand-alone installation of R71. Afer running the fw unloadlocal command, you are able to reconnect with SmartDashboard and view all changes. Which of the following change is the most likely cause of the block? A. A Stealth Rule has been configured for the R71 Gateway. B. The Allow control connections setting in Policy > Global Properties has been unchecked. C. The Security Policy Installed to the Gateway had no rules in it D. The Gateway Object representing your Gateway was configured as an Externally Managed VPN Gateway. Answer: B Q: 8 Your Rule Base includes a Client Authentication rule, using partial authentication and standard sign-on for HTTP, Telnet, and FTP services. The rule was working, until this moring. Now users are not ptompted for authentication, and they see error “page cannot be displayed” in the browser. In SmartView Tracker, you discover the HTTP connection is dropped when the Gateway is the destination. What cased Client Authentication to fail? A. You added a rule below the Client Authentication rule, blocking HTTP from the Internal network. B. You added the Stealth Rule before the Client Authentication rule. C. You disabled R71 Control Connections in Global Properties. D. You enabled Static NAT on the problematic machines. Answer: B Q: 9 You are installing a Security Management Server Yoursecurity plan calls for three administrators for this particular server. How many van you create during installation? A. Depends on the License installed on the Security Management Server B. Only one with full access and one with read-only access C. One D. As many as you want Answer: C Q: 10
You are installing your R71Security Gateway. Which is NOT a valid option for the hardware platform? A. Crossbeam B. Solaris C. Windows D. IPSO Answer: A Q: 11 SmarUpdate is the primary tool used for upgrading Check Point gateways. When upgrading your gateway, what feature will you choose if want to upgrade all packages installed on your gateway? A. Minimal Effort Upgrade B. Add Package to Repository C. Upgrading the Gateway D. Upgrade All Packages E. Zero Effort Answer: D Q: 12 YOu are responsible for configuration of Meg a Corn’s Check Point Firewall. You need to allow two Nat rules to match a connection. Is it possible? Give the best answer A. Yes. it is possible to have two NAT rules which match a connection, but only when using Automatic NAT(bidirectional NAT) B. No, it is not possible to have more one NAT rule matching a connection. When the firewall receives a packet blonging to a concentration, it compares it against the Rule Base, then the second rule, and so on When it finds a rule that matches, it stops checking and applies that rule. C. Yes, it is possible to have two NAT rules which match a connection, but only in using Manaual NAT(bidirectional NAT0 D. Yes, there are always as many active NAT rules as there are connections. Answer: D Q: 13 Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration? A. Policy Package management B. dbexport/dbimport C. Database Revision Control D. upgrade_export/upgrade_import Answer: C Q: 14 For normal packet transation of an acceped communication to a host protocol by a Security Gate Way how many lines per packet are recorded on a packet analyzer like wire Shark using fw monitor? A. 2 B. 4 C. 3 D. None Answer: A Q: 15
A digital signature: A. Provides a secure key exchange mechanism over the Internet B. Automatically exchanges shared keys. C. Guarantees the authenticity and integrity of a message. D. Decrypts data to its original form. Answer: A Q: 16 After implementing static address translation to allow internet traffic to an internal web server on your DMZ. You notice that any Nated connections to that machine are being dropped by anti-spoofing protection which of the following is most likely cause? A. The global properties settings translation on client side is checked. But the topology on the external change topology to others+ B. The global properties settings translation on client side is Unchecked. But the topology on the external interface is set to others+ change topology is external C. The global properties settings translation on client side is checked. But the topology on the DMZ interface is set to be internal-network defined by IP and mask. Uncheck the Global properties setting Translation on Client side. D. The global properties settings translation on client side is unchecked. But the topology on the DMZ interface is set to be internal-network defined by IP and mask. Click the Global properties setting Translation on Client side. Answer: D Q: 17 What physical machine must have access to the User Center public IP address when checking for new packages with smartUpdate? A. SmartUpdate GUI PC B. SmartUpdate Repository SQL database Server C. A Security Gateway retrieving the new upgrade package D. SmartUpdate installed Security Management Server PC Answer: A