Category: CheckPoint
Most Reliable CheckPoint 156-815 PDF And Latest CheckPoint 156-815 Questions
Exam A
QUESTION 1
Two CMAs can be created for a single Customer, for High availability (HA). Which of these statements is NOT correct for this type of CMA configuration?
A. The HA scheme requires one Primary CMA and one Secondary CMS, housed on different MDS computers
B. Should a CMA fail for any reason, the Standby CMA can continue operation without service interruption
C. Administrators make Security Policy changes thr0ough the Active CMA only
D. The CMAs must be synchronized to maintain the same information
E. If the Active CMA’s data has not recently been synchronized with the standby CMA, it can no longer be used to replace the Active CMA if fail over occurs
Correct Answer: E
QUESTION 2
The Eventia Reporter Add-on for Provider-1 does not have its own package. It is installed, removed, enabled and disabled using which of the following scripts?
A. EVRSetup
B. Cpconfig
C. Sysconfig
D. Setuptutil
E. SVRSetup
Correct Answer: E
QUESTION 3
Which of the following statement is TRUE about Global Objects?
A. A Global Object must have a different IP address than of the remote module on which it is installed
B. Global Objects can share names if both the Provider-1 configuration and the remote Security Gateway are at version VPN-1 NGX
C. A Global Object can’t share the IP address of the remote module on which the Global Policy is installed
D. Global Objects shared object names included in the Security Policy to which they are assigned
E. Global Objects can only be edited in the Global SmartDashboard
Correct Answer: E
QUESTION 4
In Provider-1 NGX, which servers are predefined as global services for use in the Global SmartDashboard?
A. Only Firewall-1 control connections are predefined
B. All services are predefined in VPN-1 NGX, except VOIP related services
C. All services are predefined in VPN-1 NGX, except the required user-defined CPMI service
D. All services are predefined in VPN-1 NGX
E. None of the services are predefined
Correct Answer: D
QUESTION 5
For which of the following components in a Provider-1 NGX deployment can a SmartCenter Server be configured asa backup?
» Read more about: Most Reliable CheckPoint 156-815 PDF And Latest CheckPoint 156-815 Questions »
Latest Release CheckPoint 156-706 Practice Answers Free Download
Exam A
QUESTION 1
How many authorized logins are needed to create a recovery disk?
A. Two
B. Four
C. Three
D. One
Correct Answer: A
QUESTION 2 What are the names of the Pointsec processes and services that run on a workstation after Pointsec has been installed?
A. Pointsec.exe, psadmin.exe and decrypt.exe
B. Prot_srv.exe, p95tray.exe and pstartsr.exe
C. Pssogina.exe, pointsec.exe and p95tray.exe
D. Decrypt.exe, protect.exe and pssogina.exe, pagents.exe
Correct Answer: B
QUESTION 3 How would you uninstall Pointsec from a machine that has not written a recovery file (.rec) and has yet to be encrypted?
A. Use “reco_img.exe” and perform forced removal
B. Create recovery disk using another .rec file
C. Add/remove programs
D. None of the above Correct Answer: A
QUESTION 4
Typically, how long does it take Pointsec to encrypt 10 GB (No SATA)?
A. One hour
B. More than 30 hours
C. Depends how much data is on the drive
D. 20 Minutes
Correct Answer: A
QUESTION 5 What is the maximum number of UNC paths to recovery file storage that you can specify in a profile?
A. Unlimited
B. Two
C. Four
D. Five (includning the temp searchpath in the installation profile) Correct Answer: A
QUESTION 6
Which Microsoft file does Pointsec chain when Pointsec Single Sign On is enabled?
A. Msso.dll
B. Ssogina.dll
C. MicroSSO.dll
D. MSGina.dll
Correct Answer: D
QUESTION 7
Up to how many partitions can Pointsec encrypt on one standard hard disk?
» Read more about: Latest Release CheckPoint 156-706 Practice Answers Free Download »
100% Pass CheckPoint 156-215 By Training CheckPoint 156-215 Exam Dumps
Exam A QUESTION 1
What will the command “d:\winnt\fw1\ng\bin] cppkg add C:\CPsuite-R71” achieve? Where d:\winnt\fw1\ng \bin is package-full-path?
A. It will purge a product package to the product repository
B. It will kill a product package to the product repository
C. It will add a product package to the product repository
D. It will print a product package to the product repository
E. It will delete a product package to the product repository
Correct Answer: C QUESTION 2
User Monitor details window is shown in the diagram 1 of the SmartView Monitor. Which of the following information you would not get in the window?
A. Internal IP
B. User DN
C. VPN Tunnel
D. Security Gateway
E. Connect Time
Correct Answer: C
QUESTION 3
The rule below shows the Encrypt rule in a Traditional Mode Rule Base. What is likely to be Simplified Mode equivalent if the if the connections originates at X and its destination is Y, within any Site-to-Site Community (i.e. All_GW _to_GW).
A. Rule C
B. Rule E
C. Rule A
D. Rule B
E. Rule D
Correct Answer: B
QUESTION 4
SmartDirectory (LDAP) new features include which of the following? Select the all correct answers.
A. The use of authentication algorithm
B. Support of Multiple SmartDirectory (LDAP) Vendors using Profiles
C. Support of multiple SmartDirectory (LDAP) servers
D. High Availability
E. The use of encrypted or non-encrypted SmartDirectory (LDAP) Connections
Correct Answer: BCDE
QUESTION 5
You are configuring IPS, Denial of Service – Teardrop section. Which of the following is true of Teardrop?
A. A denial of service vulnerability has been reported in the Linux Kernel. The vulnerability is due to an error in the Linux Kernel IPv6 over IPv4 tunneling driverthat fails to properly handle crafted network packets. Teardrop is a widely available attack tool that exploits this vulnerability
B. Some implementations of TCP/IP contain fragmentation re-assembly code that does not properly handle overlapping IP fragments. Sending two IP fragments, the latter entirely contained inside the former, causes the server to allocate too much memory and crash. Teardrop is a widely available attack tool that exploits this vulnerability
C. JPEG is a very popular image file format. Teardrop is a widely available attack tool that exploits this vulnerability Specially crafted JPEG files may be used to create a DoS condition and in some cases, arbitrary code execution
D. Some implementations of TCP/IP are vulnerable to packets that are crafted in a particular way (a SYN packet in which the source address and port are the same as the destination, i.e., spoofed). Teardrop is a widely available attack tool that exploits this vulnerability
E. The attacker sends a fragmented PING request that exceeds the maximum IP packet size (64KB). Some operating systems are unable to handle such requests and crash. Teardrop is a widely available attack tool that exploits this vulnerability
Correct Answer: B
QUESTION 6
Which of the following command will you use to export users from the NGX user database?
» Read more about: 100% Pass CheckPoint 156-215 By Training CheckPoint 156-215 Exam Dumps »
Most Accurate CheckPoint 156-215 Guide PDF Download, Best CheckPoint 156-215 Practice To Ensure You 100% Pass Download
Exam A
QUESTION 1
A Web server behind the Security Gateway is Automatic NAT Cli ent side NAT is enabled in the Global Properties. A client on the Internet initiates a session to the Web Server. On the initiating packet, NAT occurs on which inspection point?
A. O
B. o
C. I
Correct Answer: B
QUESTION 2
Which of the following is NOT supported with office mode?
A. Transparent mode
B. L2TP
C. Secure Client
D. SSL Network Extender
Correct Answer: A
QUESTION 3
You have blocked an IP address via the Block Intruder feature of SmartView Tracker How can you view the blocked addresses’?
A. Run f wm blockedview
B. In SmartView Monitor, Select the Blocked Intruder option from the query tree view
C. In SmartView Monitor, select Suspicious Activity Rules from the Tools menu and select the relevant Security Gateway from the List
D. In SmartView Tracker, click the Active tab. and the actively blocked connections displays
Correct Answer: C
QUESTION 4
You are creating an output file with the following command:
Fw monitor 璭”accept(arc=10. 20. 30. 40 or dst=10, 20, 30,-40) :” 璷~/output Which tools do you use to
analyze this file?
A. You can analyze it with Wireshark or Ethereal
B. You can analyze the output file with any ASCI editor.
C. The output file format is CSV. so you can use MS Excel to analyze it
D. You cannot analyze it with any tool as the syntax should be: fw monitor 璭 accept ([12,b] = 10.20.30.40 or [16,b] = 10.20.30.40);-0~/output
Correct Answer: A
QUESTION 5
You find a suspicious FTP connection trying to connect to one of your internal hosts. How do you block it m real time and verify it is successfully blocked?
A. Highlight the suspicious connection in SmartView Tracker>Active mode. Block it using Tools>Block Intruder menu. observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”
B. Highlight the suspicious connection in SmartView Tracker>Active mode. Block it using Tools>Block Intruder menu. observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
C. Highlight the suspicious connection in SmartView Tracker>Log mode. Block it using Tools>Block Intruder menu. observe in the Log mode that the suspicious connection does not appear again in this
SmartView Tracker view.
First-hand CheckPoint 156-215 Flydumps PDF,CheckPoint 156-215 Question Ensure Pass Certification To Ensure You 100% Pass
Exam A QUESTION 1
If you check the box Use Aggressive Mode in the IKE Properties dialog box, the standard:
A. three-packet IKE Phase 2 exchange Is replaced by a six-packet exchange
B. three-packet IKE Phase 2 exchange is replaced by a two-packet exchange
C. six-packet IKE Phase 1 exchange is replaced by a three-packet exchange
D. three-packet IKE Phase 1 exchange is replaced by a six-packet exchange
Correct Answer: C QUESTION 2
Of the following, what parameters will not be preserved when using Database Revision Control? 1) Simplified mode Rule Bases 2) Traditional mode Rule Bases 3) Secure Platform WebUI Users 4) SIC certificates 5) SmartView Tracker audit logs 6) SmartView Tracker traffic logs 7) Implied Rules 8) IPS Profiles
ActualTests.com 9) Blocked connections 10) Manual NAT rules 11) VPN communities 12) Gateway route table 13) Gateway licenses
A. 3, 4, 5, 6, 9, 12, 13
B. 5, 6, 9, 12, 13
C. 1, 2, 8, 10, 11
D. 2, 4, 7, 10, 11
Correct Answer: B QUESTION 3
You believe Phase 2 negotiations are railing while you are attempting to configure a site-to-site VPN with one of your firm’s business partners. Which SmartConsole application should you use to confirm your suspicions?
A. SmartDashboard
B. SmartView Tracker
C. SmartUpdate
D. SmartView Status Correct Answer: B
QUESTION 4
You are running a R71 Security Gateway on SecurePlatform, in case of a hardware failure. You have a server with the exact same hardware and firewall version Installed. What backup method could be used to quickly put the secondary firewall into production?
A. Upgrade_export
B. Manual backup
C. Snapshot
D. Backup
Correct Answer: C QUESTION 5
What happens hi relation to the CRL cache after a cpstop and cpstart have been initiated?
A. The Gateway retrieves a new CRL on startup, and then discards the old CRL as invalid
B. The Gateway continues to use the old CRL, as long as it is valid.
C. The Gateway continues to use the old CRL even if it is not valid, until a new CRL is cached
D. The Gateway issues a crl_zap on startup, which empties the cache and forces Certificate retrieval
Correct Answer: B QUESTION 6
What physical machine must have access to the User Center public IP address when checking for new packages with smartUpdate?