Welcome to download the newest Pass4itsure hp0-m52 VCE dumps: http://www.pass4itsure.com/hp0-m52.html
Flydumps.com guarantee your CheckPoint 156-215 exam success with our Exam Resources.Our CheckPoint 156-215 exam Flydumps.com are the latest and developed by experience’s IT certification Professionals working in today’s prospering companies and data centers.All our CheckPoint 156-215 exam Flydumps.com including CheckPoint 156-215 exam questions which guarantee you can 100% success CheckPoint 156-215 exam in your first try exam.
QUESTION 95
Amy is configuring a User Authentication rule for the technical-support department to access an intranet server. What is the correct statement?
A. The Security Server first checks if there is any rule tat does not require authentication for this type of connection.
B. The User Authentication rule must be placed above the Stealth Rule.
C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
D. Amy can only use the rule for Telnet, FTP, and rlogin services.
E. Amy can limit the authentication attempts in the Authentication tab of the User Properties screen.
Correct Answer: A
QUESTION 96
How can you unlock an administrator’s account, which was been locked due to SmartCenter Access settings in Global Properties?
A. Type fwm lock_admin -ua from the command line of the SmartCenter Server.
B. Clear the “locked” box from the user’s General Properties in SmartDashboard.
C. Type fwm unlock_admin -ua from the command line of the SmartCenter Server.
D. Type fwm unlock_admin -ua from the command line of the Security Gateway.
E. Delete the file admin.lock in the $FWDIR/tmp/ directory of the SmartCenter Server.
Correct Answer: A
QUESTION 97
How many administrators can be created during installation of the SmartCenter Server?
A. Only one
B. Only one with full access and one with read-only access
C. As many as you want
D. Depends on the license installed on the SmartCenter Server
E. Specified in the Global Properties
Correct Answer: A
QUESTION 98
Which SmartConsole tool verifies the installed Security Policy name?
A. SmartView Status
B. Eventia Reporter
C. SmartView Server
D. SmartUpdate
E. SmartView Tracker
Correct Answer: E
QUESTION 99
Ilse manages a distributed NGX installation for Certkiller .com. Ilse needs to know which Security
Gateways have licenses that will expire within the next 30 days.
Which SmartConsole application should Ilse use to gather this information?
A. SmartView Monitor
B. SmartUpdate
C. SmartDashboard
D. SmartView Tracker
E. SmartView Status
Correct Answer: B
QUESTION 100
Herman is attempting to configure a site-to-site VPN with one of his firm’s business partner. Herman thinks Phase 2 negotiations are failing. Which SmartConsole application should Herman use to confirm his suspicions?
A. SmartUpdate
B. SmartView Tracker
C. SmartView Monitor
D. SmartDashboard
E. SmartView Status
Correct Answer: C
QUESTION 101
How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?
A. Launch cpconfig and select “Administrators”.
B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password.
C. Type cpm -a, and provide the existing administration account name. Reset the Security Administrator’s password.
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the “Password” portion of the file. The log in to the account without password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator’s account. Recreate the account with the same name.
Correct Answer: E
QUESTION 102
What happens when you select File > Export from the SmartView Tracker menu?
A. It is not possible to export an old log file, only save and switch in SmartView Tracker.
B. Current logs are exported to a new *.log file.
C. Exported log entries are still viewable in SmartView Tracker.
D. Exported log entries are deleted from fw.log.
E. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
Correct Answer: C QUESTION 103
Which type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets?
A. SMURF
B. Small PMTU
C. Host System Hogging
D. LAN
E. SYN-Flood
Correct Answer: B QUESTION 104
What is the proper command for exporting users in LDAP format?
A. fw dbexport -f c:\temp\users.txt
B. fw dbimport -f c:\temp\users.ldif -l -s “o=YourCity.com,c=YourCountry”
C. fw dbimport -f c:\temp\users.ldap
D. fw dbexport -f c:\temp\users.ldap -l -s
E. fw dbexport -f c:\temp\users.ldif -l -s “o=YourCity.com,c=YourCountry”
Correct Answer: E QUESTION 105
Shauna is troubleshooting a Security Gateway that is dropping all traffic whenever the most recent Security Policy is installed. Working at the Security Gateway, Shauna needs to uninstall the Policy, but keep the processes running so she can see if there is an issue with the Gateway’s firewall tables. Which of the following commands will do this?
A. fw dbload 10.1.1.5
B. fw unload 10.1.1.5
C. cprestart
D. fw tab -x -u
E. cpstop
Correct Answer: D QUESTION 106
You have blocked an IP address via the Block Intruder feature of SmartView Tracker. How can you see the addresses you have blocked?
A. In SmartView Status click the Blocked Intruder tab.
B. Run fwm blocked_view.
C. Run fw sam -va.
D. Run fw tab -t sam_blocked_ips.
E. In SmartView Tracker, click the Active tab, and the actively blocked connections display.
Correct Answer: D QUESTION 107
Your internal Web server in the DMZ has IP address 172.16.10.1/24. A particular network from the Internet tries to access this Web server. You need to set up some type of Network Address Translation (NAT), so that NAT occurs only from the HTTP service, and only from the remote network as the source. The public IP address for the Web server is 200.200.200.1. All properties in the NAT screen of Global Properties are enabled. Select the correct NAT rules, so NAT happens ONLY between “web_dallas” and the remote network.
A. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules above the automatic Hide NAT rules for the 172.16.10.0 network.
3.
Select “HTTP” in the Service column of both manual NAT rules.
4.
Enter an ARP entry and route on the Security Gateway’s OS.
B. 1. Enable NAT on the web_dallas object, select “static”, and enter “200.200.200.1” in the General Properties screen.
2.
Specify “HTTP” in the automatic Static Address Translation rules.
3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
C. 1. Enable NAT on the web_dallas object, select “hide”, and enter “200.200.200.1” for the Hide NAT IP address.
2.
Specify “HTTP” in the Address Translation rules that are generated automatically.
3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
D. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules below the Automatic Hide NAT rules for network 172.16.10.0, in the Address Translation Rule Base.
3.
Select “HTTP” in the Service column of both manual NAT rules.
4.
Enter an ARP entry and route on the Security Gateway’s OS.
Correct Answer: A
QUESTION 108
Using SmartDefense how do you notify the Security Administrator that malware is
scanning specific ports? By enabling:
A. Network Port scan
B. Host Port scan
C. Malware Scan protection
D. Sweep Scan protection
E. Malicious Code Protector
Correct Answer: D
QUESTION 109
Jack’s project is to define the backup and restore section of his organization’s disaster recovery plan for his
organization’s distributed NGX installation. Jack must meet the following required and desired objectives:
Required objective: The security policy repository must be backed up no less frequently than every 24
hours.
Desired objective: The NGX components that enforce the Security Policies should be backed up no less
frequently than once a week.
Desired objective: Back up NGX logs no less frequently than once a week.
Administrators should be able to view backed up logs in SmartView Tracker.
Jack’s disaster recovery plan is as follows:
Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure
the organization’s routine backup software to back up the files created by the upgrade_export command.
Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night.
Use the cron utility to run the upgrade_export command each Saturday night on the Log Servers.
Configure an automatic, nightly logexport. Configure the organization’s routine backup software to back up
the export log every night.
Jack’s plan:
A. Meets the required objective but does not meet either desired objective.
B. Meets the required objective and both desired objectives.
C. Meets the required objective and only one desired objective.
D. Does not meet the required objective.
Correct Answer: B QUESTION 110
Anna is working at Certkiller .com, together with three other Security Administrators. Which SmartConsole tool should she use to check changes to rules
or object properties other administrators made?
A. SmartDashboard
B. SmartView Tracker
C. Eventia Tracker
D. Eventia Monitor
E. SmartView Monitor
Correct Answer: B QUESTION 111
When you find a suspicious connection from a problematic host, you want to block everything from that whole network, not just the host. You want to block this for an hour, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Create a Suspicious Activity rule in SmartView Tracker.
B. Create a Suspicious Activity Rule in SmartView Monitor.
C. Create an “FW SAM” rule in SmartView Monitor.
D. Select “block intruder” from the Tools menu in the SmartView Tracker.
Correct Answer: B QUESTION 112
Your internal network is using 10.1.1.0/24. This network is behind your perimeter NGX VPN-1 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet?
A. Use automatic Static NAT for network 10.1.1.0/24.
B. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.
C. Use manual Static NAT on the client side for network 10.1.1.0/24
D. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.
E. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.
Correct Answer: D QUESTION 113
Which of these changes to a Security Policy optimizes Security Gateway performance?
A. Using domain objects in rules when possible
B. Using groups within groups in the manual NAT Rule Base
C. Putting the least-used rule at the top of the Rule Base
D. Logging rules as much as possible E. Removing old or unused Security Policies from Policy Packages
Correct Answer: E QUESTION 114
Nelson is a consultant. He is at a customer’s site reviewing configuration and logs as a part of a security audit. Nelson sees logs accepting POP3 traffic, but he does not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause? The POP3:
A. service is a VPN-1 Control Connection.
B. rule is hidden.
C. service is accepted in Global Properties.
D. service cannot be controlled by NGX.
E. rule is disabled.
Correct Answer: B QUESTION 115
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Open the Rule Menu, and select Hide and View hidden rules. Select the rule, right-click, and select Disable.
B. Uninstall the Security Policy, and the disable the rule.
C. When a rule is hidden, it is automatically disabled. You do not need to disable the rule again.
D. Run cpstop and cpstart on the SmartCenter Server, then disable the rule.
E. Clear Hide from Rules drop-down menu, then right-click and select “Disable Rule(s)”.
Correct Answer: E QUESTION 116
Certkiller is the IT auditor for a bank. One of her responsibilities is reviewing the Security Administrators activity and comparing it to the change log. Which application should Certkiller use to view Security Administrator activity?
A. NGX cannot display Security Administrator activity
B. SmartView Tracker in Real-Time Mode
C. SmartView Tracker in Audit Mode
D. SmartView Tracker in Log Mode
E. SmartView Tracker in Activity Mode
Correct Answer: C QUESTION 117
Andrea has created a new gateway object that she will be managing at a remote location. She attempts to install the Security Policy to the new gateway object, but the object does not appear in the “install on” box. Which of the following is the most likely cause?
A. Andrea has created the object using “New Check Point > VPN-1 Edge Embedded Gateway”
B. Andrea created the gateway object using the “New Check Point > Externally Managed VPN Gateway” option from the Network Objects dialog box.
C. Andrea has not configured anti-spoofing on the interfaces on the gateway object.
D. Andrea has not configure Secure Internal Communications (SIC) for the oject.
E. Andrea created the Object using “New Check Point > VPN-1 Pro/Express Security Gateway” option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.
Correct Answer: B
QUESTION 118
Certkiller is recently hired as the Security Administrator for Certkiller .com. Jack Bill’s manager has asked
her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Certkiller
must propose a plan based on the following required and desired results:
Required Result #1: Do not purchase new hardware.
Required Result #2: Use configuration changes the do not reduce security.
Desired Result #1: Reduce the number of explicit rules in the Rule Base.
Desired Result #2: Reduce the volume of logs.
Desired Result #3: Improve the Gateway’s performance.
Proposed solution:
*
Replace all domain objects with network and group objects.
*
Check “Log implied rules” and “Accept ICMP requests” in Global Properties.
*
Use Global Properties, instead of explicit rules, to control ICMP, VRRP, and RIP. Does Certkiller’s proposed solution meet the required and desired results?
A.
The solution meets all required and desired results.
B.
The solution meets all required, and one of the desired results.
C.
The solution meets all required, and two of the desired results.
D.
The solution meets all required, and none of the desired results.
E.
The solution does not meet the required results.
Correct Answer: E
QUESTION 119
You create implicit and explicit rules for the following network. The group object
“internal-networks” include networks 10.10.10.0 and 10.10.20.0. Assume “Accept ICMP requests” is enabled as before last in the Global Properties.
Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet, by IP address? ICMP will be:
A. dropped by rule 0
B. dropped by rule 2, the Cleanup Rule
C. accepted by rule 1
D. dropped by the last implicit rule
E. accepted by the implicit rule
Correct Answer: C QUESTION 120
What does schema checking do?
A. Authenticates users attempting to access resources protected by an NGX Security Gateway.
B. Verifies that every object class, and its associated attributes, is defined in the directory schema.
C. Maps LDAP objects to objects in the NGX objects_5_0.c files.
D. Verifies the Certificate Revocation List for Certificate Validity.
E. Provides topology downloads for SecuRemote and SecureClient users authenticated by an LDAP server.
Correct Answer: B QUESTION 121
Certkiller is about to test some rule and object changes suggested in an NGX newsgroup. Which backup and restore solution should Certkiller use, to ensure she can most easily restore her Security Policy to its previous configuration, after testing the changes?
A. SecurePlatform backup utilities
B. Manual copies of the $FWDIR/conf directory
C. Upgrade_export and upgrade_import commands
D. Policy Package management
E. Database Revision Control
Correct Answer: E QUESTION 122
You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule
A. internal_clear>All-GwToGw
B. Communities>Communities
C. Internal_clear>External_Clear
D. Internal_clear>Communities
E. Internal_clear>All_communities
Correct Answer: E QUESTION 123
Review the following rules and note the Client Authentication Action properties screen, as shown in the exhibit.
After being authenticated by the Security Gateway when a user starts an HTTP connection to a Web site the user tries to FTP to another site using the command line. What happens to the user? The….
A. FTP session is dropprd by the implicit Cleanup Rule.
B. User is prompted from the FTP site only, and does not need to enter username nad password for the Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication by the Security Gateway again.
Correct Answer: B
You will pass your CheckPoint 156-215 exam GUARANTEED using our accurate CheckPoint 156-215 practice questions and answers PDF&VCE dumps. Flydumps exam dumps will help you not only pass in the first try, but also save your valuable time. Give your career a boost and start earning your Microsoft certification today!
Pass4itsure hp0-m52 dumps with PDF + Premium VCE + VCE Simulator: http://www.pass4itsure.com/hp0-m52.html
CheckPoint 156-215 Dumps PDF, Most Popular CheckPoint 156-215 Exam practice
