Tag: 156-215 study guide
Checkpoint 156-215 Study Guide, Up To Date Checkpoint 156-215 PDF&VCE With Accurate Answers
Welcome to download the newest Pass4itsure 70-470 dumps
We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials.
This Blog provides you everything you will need to take a certification examination and Exam Preparation Material. Like actual certification exams, our Practice Tests are in Flydumps Our Checkpoint 156-215 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the Checkpoint 156-215 Exam:100% Guarantee to Pass Your Checkpoint 156-215 exam and get your EMC certification.
QUESTION 197
What information is found in the SmartView Tracker Management log?
A. Destination IP address
B. SIC revoke certificate event
C. Number of concurrent IKE negotiations
D. Most accessed Rule Base rule
Correct Answer: B
QUESTION 198
How do you use SmartView Monitor to compile traffic statistics for your company’s Internet Web activity during production hours?
A. View total packets passed through the Security Gateway.
B. Configure a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway.
C. Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.
D. Select Tunnels view, and generate a report on the statistics.
Correct Answer: C
QUESTION 199
What happens when you run the commanD. fw sam -J src [Source IP Address]?
A. Connections to and from the specified target are blocked without the need to change the Security Policy.
B. Connections to and from the specified target are blocked with the need to change the Security Policy.
C. Connections from the specified source are blocked without the need to change the Security Policy.
D. Connections to the specified target are blocked without the need to change the Security Policy.
Correct Answer: C
QUESTION 200
An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R76 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).
Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packetson the 1-minute interval.
100% Pass CheckPoint 156-215 By Training CheckPoint 156-215 Exam Dumps
Exam A QUESTION 1
What will the command “d:\winnt\fw1\ng\bin] cppkg add C:\CPsuite-R71” achieve? Where d:\winnt\fw1\ng \bin is package-full-path?
A. It will purge a product package to the product repository
B. It will kill a product package to the product repository
C. It will add a product package to the product repository
D. It will print a product package to the product repository
E. It will delete a product package to the product repository
Correct Answer: C QUESTION 2
User Monitor details window is shown in the diagram 1 of the SmartView Monitor. Which of the following information you would not get in the window?
A. Internal IP
B. User DN
C. VPN Tunnel
D. Security Gateway
E. Connect Time
Correct Answer: C
QUESTION 3
The rule below shows the Encrypt rule in a Traditional Mode Rule Base. What is likely to be Simplified Mode equivalent if the if the connections originates at X and its destination is Y, within any Site-to-Site Community (i.e. All_GW _to_GW).
A. Rule C
B. Rule E
C. Rule A
D. Rule B
E. Rule D
Correct Answer: B
QUESTION 4
SmartDirectory (LDAP) new features include which of the following? Select the all correct answers.
A. The use of authentication algorithm
B. Support of Multiple SmartDirectory (LDAP) Vendors using Profiles
C. Support of multiple SmartDirectory (LDAP) servers
D. High Availability
E. The use of encrypted or non-encrypted SmartDirectory (LDAP) Connections
Correct Answer: BCDE
QUESTION 5
You are configuring IPS, Denial of Service – Teardrop section. Which of the following is true of Teardrop?
A. A denial of service vulnerability has been reported in the Linux Kernel. The vulnerability is due to an error in the Linux Kernel IPv6 over IPv4 tunneling driverthat fails to properly handle crafted network packets. Teardrop is a widely available attack tool that exploits this vulnerability
B. Some implementations of TCP/IP contain fragmentation re-assembly code that does not properly handle overlapping IP fragments. Sending two IP fragments, the latter entirely contained inside the former, causes the server to allocate too much memory and crash. Teardrop is a widely available attack tool that exploits this vulnerability
C. JPEG is a very popular image file format. Teardrop is a widely available attack tool that exploits this vulnerability Specially crafted JPEG files may be used to create a DoS condition and in some cases, arbitrary code execution
D. Some implementations of TCP/IP are vulnerable to packets that are crafted in a particular way (a SYN packet in which the source address and port are the same as the destination, i.e., spoofed). Teardrop is a widely available attack tool that exploits this vulnerability
E. The attacker sends a fragmented PING request that exceeds the maximum IP packet size (64KB). Some operating systems are unable to handle such requests and crash. Teardrop is a widely available attack tool that exploits this vulnerability
Correct Answer: B
QUESTION 6
Which of the following command will you use to export users from the NGX user database?
» Read more about: 100% Pass CheckPoint 156-215 By Training CheckPoint 156-215 Exam Dumps »
Most Accurate CheckPoint 156-215 Guide PDF Download, Best CheckPoint 156-215 Practice To Ensure You 100% Pass Download
Exam A
QUESTION 1
A Web server behind the Security Gateway is Automatic NAT Cli ent side NAT is enabled in the Global Properties. A client on the Internet initiates a session to the Web Server. On the initiating packet, NAT occurs on which inspection point?
A. O
B. o
C. I
Correct Answer: B
QUESTION 2
Which of the following is NOT supported with office mode?
A. Transparent mode
B. L2TP
C. Secure Client
D. SSL Network Extender
Correct Answer: A
QUESTION 3
You have blocked an IP address via the Block Intruder feature of SmartView Tracker How can you view the blocked addresses’?
A. Run f wm blockedview
B. In SmartView Monitor, Select the Blocked Intruder option from the query tree view
C. In SmartView Monitor, select Suspicious Activity Rules from the Tools menu and select the relevant Security Gateway from the List
D. In SmartView Tracker, click the Active tab. and the actively blocked connections displays
Correct Answer: C
QUESTION 4
You are creating an output file with the following command:
Fw monitor ç’”accept(arc=10. 20. 30. 40 or dst=10, 20, 30,-40) :” ç’·~/output Which tools do you use to
analyze this file?
A. You can analyze it with Wireshark or Ethereal
B. You can analyze the output file with any ASCI editor.
C. The output file format is CSV. so you can use MS Excel to analyze it
D. You cannot analyze it with any tool as the syntax should be: fw monitor ç’ accept ([12,b] = 10.20.30.40 or [16,b] = 10.20.30.40);-0~/output
Correct Answer: A
QUESTION 5
You find a suspicious FTP connection trying to connect to one of your internal hosts. How do you block it m real time and verify it is successfully blocked?
A. Highlight the suspicious connection in SmartView Tracker>Active mode. Block it using Tools>Block Intruder menu. observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”
B. Highlight the suspicious connection in SmartView Tracker>Active mode. Block it using Tools>Block Intruder menu. observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
C. Highlight the suspicious connection in SmartView Tracker>Log mode. Block it using Tools>Block Intruder menu. observe in the Log mode that the suspicious connection does not appear again in this
SmartView Tracker view.
First-hand CheckPoint 156-215 Flydumps PDF,CheckPoint 156-215 Question Ensure Pass Certification To Ensure You 100% Pass
Exam A QUESTION 1
If you check the box Use Aggressive Mode in the IKE Properties dialog box, the standard:
A. three-packet IKE Phase 2 exchange Is replaced by a six-packet exchange
B. three-packet IKE Phase 2 exchange is replaced by a two-packet exchange
C. six-packet IKE Phase 1 exchange is replaced by a three-packet exchange
D. three-packet IKE Phase 1 exchange is replaced by a six-packet exchange
Correct Answer: C QUESTION 2
Of the following, what parameters will not be preserved when using Database Revision Control? 1) Simplified mode Rule Bases 2) Traditional mode Rule Bases 3) Secure Platform WebUI Users 4) SIC certificates 5) SmartView Tracker audit logs 6) SmartView Tracker traffic logs 7) Implied Rules 8) IPS Profiles
ActualTests.com 9) Blocked connections 10) Manual NAT rules 11) VPN communities 12) Gateway route table 13) Gateway licenses
A. 3, 4, 5, 6, 9, 12, 13
B. 5, 6, 9, 12, 13
C. 1, 2, 8, 10, 11
D. 2, 4, 7, 10, 11
Correct Answer: B QUESTION 3
You believe Phase 2 negotiations are railing while you are attempting to configure a site-to-site VPN with one of your firm’s business partners. Which SmartConsole application should you use to confirm your suspicions?
A. SmartDashboard
B. SmartView Tracker
C. SmartUpdate
D. SmartView Status Correct Answer: B
QUESTION 4
You are running a R71 Security Gateway on SecurePlatform, in case of a hardware failure. You have a server with the exact same hardware and firewall version Installed. What backup method could be used to quickly put the secondary firewall into production?
A. Upgrade_export
B. Manual backup
C. Snapshot
D. Backup
Correct Answer: C QUESTION 5
What happens hi relation to the CRL cache after a cpstop and cpstart have been initiated?
A. The Gateway retrieves a new CRL on startup, and then discards the old CRL as invalid
B. The Gateway continues to use the old CRL, as long as it is valid.
C. The Gateway continues to use the old CRL even if it is not valid, until a new CRL is cached
D. The Gateway issues a crl_zap on startup, which empties the cache and forces Certificate retrieval
Correct Answer: B QUESTION 6
What physical machine must have access to the User Center public IP address when checking for new packages with smartUpdate?