Day: June 20, 2016

CheckPoint 156-210 Self Study, Free CheckPoint 156-210 Exam Questions Vce Guaranteed SuccessCheckPoint 156-210 Self Study, Free CheckPoint 156-210 Exam Questions Vce Guaranteed Success

Flydumps is one of the leading exam preparation material providers.We have a complete range of exams offered by the top vendors of their respective industries. You can download CheckPoint 156-210 free demos in PDF files that are the latest.QUESTION 11 

What function does the Audit mode of SmartView Tracker perform?
A. It tracks detailed information about packets traversing the Enforcement Modules.
B. It maintains a detailed log of problems with VPN-1/FireWall-1 services on the SmartCenter Server.
C. It is used to maintain a record of the status of each Enforcement Module and SmartCenter server.
D. It maintains a detailed record of status of each Enforcement Module and SmartCenter Server.
E. It tracks changes and Security Policy installations, per Security Administrator, performed in SmartDashboard.
Correct Answer: E
QUESTION 12
In the SmartView Tracker, what is the difference between the FireWall-1 and VPN-1 queries? Choose three.
A. A VPN-1 query only displays encrypted and decrypted traffic.
B. A FireWall-1 query displays all traffic matched by rules, which have logging activated.
C. A FireWall-1 query displays all traffic matched by all rules.
D. A FireWall-1 query also displays encryption and decryption information.
E. Implied rules, when logged, are viewed using the VPN-1 query.
Correct Answer: ABD
QUESTION 13
Network topology exhibit

You want hide all localnet and DMZ hosts behind the Enforcemenet Module, except for the HTTP Server
(192.9.200.9). The HTTP Server will be providing public services, and must be accessible from the
Internet.
Select the two BEST Network Address Translation (NAT) solutions for this scenario,

A. To hide Local Network addresses, set the address translation for 192.9.0.0
B. To hide Local Network addresses, set the address translation for 192.9.200.0
C. Use automatic NAT rule creation to hide both DMZ and Local Network.
D. To hide Local Network addresses, set the address translation for privatenet.
E. Use automatic NAT rule creation, to statically translate the HTTP Server address.
Correct Answer: CE
QUESTION 14
The SmartDefense Storm Center Module agent receives the Dshield.org Block List, and:
A. Populates CPDShield with blocked address ranges, every three hours.
B. Generates logs from rules tracking internal traffic.
C. Submits the number of authentication failures, and drops, rejects, and accepts.
D. Generates regular and compact log digest.
E. Populates the firewall daemon with log trails.
Correct Answer: A QUESTION 15

What are the advantages of central licensing? Choose three.
A. Only the IP address of a SmartCenter Server is needed for all licences.
B. A central licence can be removed from one Enforcement Module, and installe don another Enforcement Module.
C. Only the IP address of an Enforcement Module is needed for all licences.
D. A central license remains valid, when you change the IP address of an Enforcemente Module.
E. A central license can be converted into a local license.
Correct Answer: ABD
QUESTION 16
A security Administrator wants to review the number of packets accepted by each of the Enforcement modules. Which of the following viewers is the BEST source for viewing this information?
A. SmartDashboard
B. SmartUpdate
C. SmartMap
D. SmartView Status
E. SmartView Tracker
Correct Answer: D
QUESTION 17
Hidden (or masked) rules are used to:
A. Hide rules from administrators with lower privileges.
B. View only a few rules, without distraction of others.
C. Temporarily disable rules, without having to reinstall the Security Policy.
D. Temporarily convert specifically defined rules to implied rules.
E. Delete rules, without having to reinstall the Security Policy.
Correct Answer: B
QUESTION 18
Which of the following characteristics BEST describes the behaviour of Check Point NG with Application Intelligence?
A. Traffic not expressly permitted is prohibited.
B. All traffic is expressly permitted by explicit rules.
C. Secure connections are authorized by default. Unsecured connectdions are not.
D. Traffic is filtered using controlled ports.
E. TELNET, HTTP; and SMTP are allowed by default.
Correct Answer: A

QUESTION 19
SmartUpdate CANNOT be used to:
A. Track installed versions of Check Point and OPSEC products.
B. Manage licenses centrally.
C. Update installed Check Point and OPSEC software remotely, from a centralized location.
D. Uninstall Check Point and OPSEC software remotely, from a centralized location.
E. Remotely install NG with Application Intelligence for the first time, on a new machine.
Correct Answer: E
QUESTION 20
Which of the following statements about Client Authentication is FALSE?
A. In contrast to User Authentication that allows access per user. Client Authentication allows access per IP address.
B. Client Authentication is more secure than User Authentication, because it allows multiple users and connections from an authorized IP address or host.
C. Client Authentication enables Security Administrators to grant access privileges to a specific IP address, after successful authentication.
D. Authentication is by user name and password, but it is the host machine (client) that is granted access.
E. Client Authentication is not restricted to a limited set of protocols.
Correct Answer: B
QUESTION 21
Why is Application Layer particularly vulnerable to attacks? Choose three
A. Malicious Java, ActiveX, and VB Scripts can exploit host system simply by browsing.
B. The application Layer performs access-control and legitimate-use checks.
C. Defending against attacks at the Application Layer is more difficult, than at lower layers of the OSI model.
D. The Application Layer does not perform unauthorized operations.
E. The application Layer supports many protocols.
Correct Answer: ACE
QUESTION 22
You have created a rule that requires users to be authenticated, when connecting to the Internet using HTTP. Which is the BEST authentication method for users who must use specific computers for Internet access?
A. Client
B. Session
C. User
Correct Answer: A

QUESTION 23
What function does the Active mode of SmartView Tracker perform?
A. It displays the active Security Policy.
B. It displays active Security Administrators currently logged into a SmartCenter Server.
C. It displays current active connections traversing Enforcement Modules.
D. It displays the current log file, as it is stored on a SmartCenter Server.
E. It displays only current connections between VPN-1/FireWall-1 modules.
Correct Answer: C
QUESTION 24
You are importing product data from modules, during a VPN-1/Firwall-1 Enforcement Module upgrade. Which of the following statements are true? Choose two.
A. Upgrading a single Enforcement Module is recommended by Check Point, since there is no chance of mismatch between installed product versions.
B. SmartUpdate queries license information, from the SmartConsole runging locally on the Enforcement Module.
C. SmartUpdate queries the SmartCenter Server and Enforcement Module for product information.
D. If SmartDashboard and all SmartConsoles must be open during input, otherwise the product-data retrieval process will fail
Correct Answer: AC
QUESTION 25
Which if the following components functions as the Internal Certificate Authority for all modules in the VPN-1/FireWall-1 configuration?
A. Enforcement Module
B. INSPECT Engine
C. SmartCenter Server
D. SmartConsole
E. Policy Server

Correct Answer: C
QUESTION 26
Which of the following is NOT a security benefit of Check Point’s Secure Internal Communications (SIC)?
A. Generates VPN certificates for IKE clients.
B. Allows the Security Administrator to confirm that the Security Policy on an Enforcement Module came from an authorized Management Server.
C. Confirms that a SmartConsole is authorized to connect a SmartCenter Server
D. Uses SSL for data encryption.
E. Maintains data privacy and integrity.

Correct Answer: A
QUESTION 27
You are administering one SmartCenter Server that manages three Enforcement Modules. One of the Enforcement Modules does not appear as a target in the Install Policy screen, when you attempt to install the Security Policy. What is causing this to happen?
A. The license for the Enforcement Module has expired.
B. The Enforcement Module requires a reboot.
C. The object representing the Enforcement Module was created as a Node->Gateway.
D. The Enforcement Module was not listed in the Install On column of its rule.
E. No Enforcement Module Master filer was created, designating the SmartCenter Server

Correct Answer: C
QUESTION 28
You are the Security Administrator with one SmartCenter Server managing one Enforcement Moduel. SmartView Status displayes a computer icon with an “I” in the Status column. What does this mean?
A. You have entered the wrong password at SmartView Status login.
B. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module.
C. The SmartCenter Server cannot contact a gateway.
D. The VPN-1/Firewall-1 Enforcement Module has been compromised and is no longer controlled by this SmartCenter Sever.
E. The Enforcement Module is installed and responding to status checks, but the status is problematic.
Correct Answer: E
QUESTION 29
Check Point’s NG with Application Intelligence protects against Network and Transport layer attacks by: (Choose two)
A. Preventing protocol-anomaly detection-
B. Allowing IP fragmentation-
C. Preventing validation of compliance to standards.
D. Preventing non-TCP denial-of-service attacks, and port scanning.
E. Preventing malicious manipulation of Network Layer protocols.

Correct Answer: DE
QUESTION 30
Which of the following locations is Static NAT processed by the Enforcement Module on packets from an external source to an internal statically translated host? Static NAT occurs.
A. After the inbound kernel, and before routing.
B. After the outbound kernel, and before routing.
C. After the inbound kernel, and aftter routing.
D. Before the inbound kernel, and after routing.
E. Before the outbound kernel, and before routing.

Correct Answer: C
QUESTION 31
Which of the following does a Check Point security gateway access, analyze, and use? Choose three.
A. Communications information
B. Communication-derivec state
C. Packet sniffing
D. Information mapping
E. Application-derived state

Correct Answer: ABE
QUESTION 32
Which NG with Application Intelligence feature allows a Security Administrator to granularly control acceptable FTP commands?
A. FTP Security Server object settings
B. Check Point Gateway object, Security Server settings
C. SmartDefense, FTP Security Server settings
D. Rule Base Service field
E. Global Properties, Security Server settings.

Correct Answer: C
QUESTION 33
You are Security Administrator preparing to deploy a new hot-fix to ten Enforcement Modules at five geographically separated locations. What is the BEST method to implement this hot-fix?
A. Use SmartView installer to deploy the hot-fix to each Enforcement Module.
B. Send a CDROM with the hot-fix to each location, and have local personnel install it.
C. Send a Certified Security Engineer to each site to perform the update.
D. Use SmartInstaller to install the packages to each of the Enforcement Models remotely.
E. Use SmartUpdate to install the packages to each of the Enforcement Models remotely.

Correct Answer: E QUESTION 34
Implicit rules do NOT allow what types of VPN-1/FireWall-1 Control Connections by default?
A. Outgoing traffic, originating from the gateway
B. RIP for routing configuration
C. IKE and RDP-traffic, for communication and encryption
D. VPN-1/Firewall-1 specific traffic, such as logging, management, and key exchange
E. RADIOUS; CVP, UFP, and LDAP

Correct Answer: B
QUESTION 35
In Secure Internal Communicators (SIC), the SmartCenter Server and its components are identified by a (n):
A. SIC entry in the host file
B. Random seed
C. Port number
D. Distinguished Name
E. IP address

Correct Answer: D
QUESTION 36
Which of the following statements BEST describes Dynamic Network Address Translation (Hide NAT)?
A. Allow you to hide an entire network behind one IP address.
B. Translates private external IP addresses to public IP addresses.
C. Allows you to hide an entire network behind public IP addresses.
D. Translates public internal IP addresses to private IP addresses.
E. Allow you to hide an entire network behind random IP addresses.

Correct Answer: A
QUESTION 37
What type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets?
A. SMURF
B. SYN-Flood
C. Host System Hogging
D. Small PMTU
E. LAND
Correct Answer: D
QUESTION 38
How is the Block Intruder request used?
A. It is used in place of the HTTP Security Server.
B. SmartDefense automatically uses this capability.
C. It is used in the Log mode of SmartView Tracker to kill active connections.
D. It is activated in SmartDashboard through the Security Policy.
E. It blocks access from a Source, or to a Destination, for a specified amount of time, or indefinitely.
Correct Answer: E QUESTION 39
A conflict between anti-spoofing and Network Address Translation (NAT) occurs when:
A. The Translate destination on the client-side option is not enabled when using Static NAT:
B. NAT is performed on the client side.
C. Manual NAT rules are used.
D. The Translate destination on the client-side option is enabled.
E. The Translate destination on the server-side option is enabled.

Correct Answer: A
QUESTION 40
One of the most important tasks Security Adminstrators perform is log maintenance. By default, when an administrator clicks File > Switch Active file from SmartView Tracker, the SmartCenter server:
A. Purges the current log file, and prompts the Security Administrator for the mode of the new log.
B. Opens a new window with a previously saved log for viewing.
C. Saves the current log file, names the save file by date and time and starts a new log.
D. Prompts the Security Administrator for the name of the current log, saves it, and then prompts the Security Administrator for the mode of the new log.
E. Purges the current log file, and starts a new log.

Correct Answer: C
QUESTION 41
A VPN-1/FireWall-1 SmartDashboard is used to perform which of the following tasks? Choose two.
A. Allows the Security Administrator to configure Network Address Translation.
B. Stores VPN-1/Firewall-1 logs
C. Compiles the Rule Base into an enforceable Security Policy.
D. Stores the User Database.
E. It is used to crate and define a Security Policy.

Correct Answer: AE
QUESTION 42
Assuming the default settings in the Global Properties have not changed, which of the following types of traffic will be allowed through a firewall with the Rule Base displayed in the exhibit?

A. VPN-1/Firewall-1 Control Connections.
B. HTTP from anywhere to Web Server.
C. HTTP from network out.
D. FTP from anywhere to Web Server.
E. RIP traffic to the gateway.

Correct Answer: AB
QUESTION 43
In SmartView Status, what does a status of Untrusted tell you?
A. The Enforcement Module is offline.
B. The Security Administrator has entered the wrong password at SmartView Status login.
C. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module
D. The SmartCenter Server cannot contact a gateway
E. An Enforcement Module is installed and responding to status checks, but the status is problematic.

Correct Answer: C
QUESTION 44
For which of the following objectd types can Network Address Translation be configured?
A. Domains, host nodes, network.
B. Domains, networks, users
C. Host nodes, networks, OSE devices
D. Host nodes, networks, address ranges
E. Networks, OSE Devices logical servers.

Correct Answer: D
QUESTION 45
Howa CK Storm Center Block Lists activated? Choose the correction order.
1.
Security Adminstrators define a CPDShield object and place it in the Rule Base appropriately.

2.
The Storm Center Module agent on the Enforcement Module retrieves the Block list, and replaces the CPDSHield object with a list of blocked IP addresses.

3.
The Storm Center Module agent periodically checks for updates to the Block list.
A. 3, 2, 1
B. 1, 2, 3
C. 2, 3, 1
D. 3, 1, 2
E. 2, 1, 3
Correct Answer: B
QUESTION 46
Network topology exhibit In the network displayed in the exhibit, the public servers accept and initiate connections from the Internet. The public servers must:

A. Be moved to the other side of the Enforcement Module, and give public addresses.
B. Use Reverse Network Address Translation.
C. Use Static Network Address Translation.
D. Use Dynamic Network Address Translation
E. Network Address Translation is not required.

Correct Answer: C
QUESTION 47
What Blocking Scope options are available when using Block Intruder? Choose three.
A. Block access from this Source.
B. Block source and destination
C. Block access to this Destination.
D. Block only this connection
E. Block all traffic
Correct Answer: ACD
QUESTION 48
TO be MOST effective, where should Anti-Spoofing be configured?
A. Only on interfaces facing internal networks.
B. Only on external and DMZ interfaces.
C. Only on DMZ interfaces
D. Only on external interfaces.
E. On all interfaces.
Correct Answer: E QUESTION 49
Choose the two responses that BEST describe a VPN-1/Firewall-1 Rule Base. A Rule Base is:
A. A collection of corporate guidelines used to structure the network Security Policies for users operating behind the firewall.
B. A collection of system settings that make up implicit rules defining network security.
C. The process by which secure communications are established between different VPN-1/Firewall-1 Modules, operating within an enterprise security environment.
D. A repository of DLL files, each provides a specific security function.
E. A set of explicitly and implicitly defined rules used to define network security.

Correct Answer: AE
QUESTION 50
When defining objects, why should you NOT change the name or IP address of the system-created SmartCenter Server objects? Choose two.
A. Changes the certificate of the system-created object
B. Causes a fault-tolerance error on the VPN-1/Firewall-1 Enforcement Module
C. Interferes with Security Policy Installation
D. Does not change the object name in the Rule Base.
E. Negatively affects the Internal Certificate Authority.

Correct Answer: AE
QUESTION 51
You are the Security Administrator with one SmartCenter Server managing one Enforcement Module.
SmartView Status displays a computer icon with an “?” in the Status column.
What does this mean?

A. The VPN-1/FireWall-1 Enforcement Module has been compromised and is no longer controlled by this SmartCenter Server.
B. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module.
C. The Enforcement Module is installed and responding to status checks, but the status is problematic.
D. You have entered the wrong password at SmartView Status login.
E. The SmartCenter Server cannot contact the gateway.

Correct Answer: E
QUESTION 52
Which statement below BEST describes how VPN-1/FireWall-1 handles hidden rules? Hidden rules are:
A. Not included when the Security Policy is installed.
B. Removed from the existing Security Policy.
C. Enforced when the Security Policy is installed.
D. Automatically installed, when the Unhide All option is selected from the Hide Rules menu.
E. Enforced as implied rules, before the explicitly defined Rule Base.
Correct Answer: C
QUESTION 53
Which of the following is NOT included in SVN Foundation?
A. Watch Dog for Critical Services
B. License Utilities
C. CPShared Daemon
D. SmartDefense
E. SNMP Daemon

Correct Answer: D
QUESTION 54
Which of the following BEST describes the function of Dynamic Network Address Translation (Dynamic
NAT)?
Dynamic NAT:

A. Allows you to configure more public IP addresses than you have hosts.
B. Reduces the load on the Enforcement Module.
C. Limits the number of internal hosts that may access the Internet.
D. Reduces the number of connections to your Web server.
E. Allows you to configure for more hosts than you have public IP addresses.

Correct Answer: E

The CheckPoint 156-210 certification can make you a competent person.It may enable a technician to know about the CheckPoint 156-210 configurations,get information about the CheckPoint 156-210 data center products and hardware and knowledge about CheckPoint 156-210 united computing systems.

CheckPoint 156-110 Test Engine, Provide Latest CheckPoint 156-110 Real Testing With Accurate AnswersCheckPoint 156-110 Test Engine, Provide Latest CheckPoint 156-110 Real Testing With Accurate Answers

We are committed on providing you with the latest and most accurate CheckPoint 156-110 exam preparation products.If you want to pass CheckPoint 156-110 exam successfully, do not miss to read latest CheckPoint 156-110 brain dumps on Flydumps.

QUESTION 41
If e-mail is subject to review by individuals other than the sender and recipient, what should be clearly stated in the organization’s e-mail policy?
A. Technologies and methods used to monitor and enforce the organization’s policies
B. Senior management and business-unit owner responsibilities and delegation options
C. Clear, legally defensible definition of what constitutes a business record
D. Consequences for violation of the organization’s acceptable-use policy
E. No expectation of privacy for e-mail communications, using the organization’s resources

Correct Answer: E
QUESTION 42
Which of the following are common failures that should be addressed in an organization’s Business Continuity Plan (BCP) ? (Choose THREE.)
A. Connectivity failures
B. Accounting failures
C. Hardware failures
D. Utility failures
E. Personal failures

Correct Answer: ACD
QUESTION 43
Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?
A. Hire an investigation agency to run background checks.
B. Verify all dates of previous employment.
C. Question candidates, using polygraphs.
D. Contact personal and professional references.
E. Run criminal-background checks.
Correct Answer: BD QUESTION 44
A _______ _______ posture provides many levels of security possibilities, for access control.
A. Layered defensive
B. Multiple offensive
C. Flat defensive
D. Reactive defensive
E. Proactive offensive

Correct Answer: A
QUESTION 45
At ABC Corporation, access to critical information resources, such as database and e-mail servers, is controlled by the information-technology (IT) department. The supervisor in the department grants access to printers where the printer is located. Managers grant and revoke rights to files within their departments’ directories on the file server, but the IT department controls who has access to the directories. Which type of access-management system is in use at ABC Corporation?
A. Centralized access management
B. Role-based access management
C. Hybrid access management
D. Decentralized access management
E. Privileged access management

Correct Answer: C
QUESTION 46
Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.
A. Espionage
B. Transposition cipher
C. Key exchange
D. Arithmancy
E. Steganography
Correct Answer: E
QUESTION 47
Why should each system user and administrator have individual accounts? (Choose TWO.)
A. Using generic user names and passwords increases system security and reliability.
B. Using separate accounts for each user reduces resource consumption, particularly disk space.
C. By using individual login names and passwords, user actions can be traced.
D. If users do not have individual login names, processes can automatically run with root/administrator access.
E. A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing.
Correct Answer: CE
QUESTION 48
A(n) _______ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.
A. False positive
B. False negative
C. CIFS pop-up
D. Threshold
E. Alarm

Correct Answer: B
QUESTION 49
What is single sign-on? An authentication method:
A. that allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
B. that stores user credentials locally, so that users need only authenticate the first time, a local machine is used
C. requiring the use of one-time passwords, so users authenticate only once, with a given set of credentials.
D. that uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication
E. that requires users to re-authenticate for every resource accessed

Correct Answer: A
QUESTION 50
Which of the following is NOT a Business Continuity Plan (BCP) recovery strategy?
A. Delegating risk to another entity, such as an insurer
B. Manual procedures; alternative solution to technology available
C. Deferring action; action waiting until a later date
D. Reciprocal agreements with another organization
E. Doing nothing; no action taken to recover the technology

Correct Answer: A

Get certified CheckPoint 156-110 is a guaranteed way to succeed with IT careers.We help you do exactly that with our high quality CheckPoint 156-110 Certification Certified Information Systems Security Professional training materials.

CheckPoint 156-110 New Questions, Most Important CheckPoint 156-110 PDF With Accurate AnswersCheckPoint 156-110 New Questions, Most Important CheckPoint 156-110 PDF With Accurate Answers

At Flydumps,we are positive that our CheckPoint 156-110 preparation material with questions and answers pdf provide most in-depth solutions for individuals that are preparing for the CheckPoint 156-110 exam.Our uodated CheckPoint 156-110 brain dumps will allow you the opportunity to know exactly what to expect on the exam day and ensure that you can pass the exam beyond any doubt.

QUESTION 55
____________________ educate(s) security administrators and end users about organizations’ security policies.
A. Security-awareness training
B. Information Security (INFOSEC) briefings
C. Acceptable-use policies
D. Continuing education
E. Nondisclosure agreements

Correct Answer: A
QUESTION 56
Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.
A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field

Correct Answer: C
QUESTION 57
Organizations _______ risk, when they convince another entity to assume the risk for them.
A. Elevate
B. Assume
C. Deny
D. Transfer
E. Mitigate

Correct Answer: D
QUESTION 58
A(n) _______________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact
E. Aggregated data set

Correct Answer: A
QUESTION 59
To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.
At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?
A. ABC Company will never recoup the cost of this safeguard.
B. Less than 7 years
C. Less than 3 years
D. Less than 1 year
E. Less than 5 years

Correct Answer: B
QUESTION 60
ABC Corporation’s network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?
A. Single sign-on
B. Decentralized access control
C. Hybrid access control
D. Layered access control
E. Mandatory access control
Correct Answer: D
QUESTION 61
The items listed below are examples of ___________________ controls.
*Smart cards *Access control lists *Authentication servers *Auditing
A. Role-based
B. Administrative
C. Technical
D. Physical
E. Mandatory

Correct Answer: C
QUESTION 62
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
A. are required standards in health care and banking.
B. provide redundant systems and data backups.
C. control who is allowed to view and modify information.
D. are academic models not suitable for implementation.
E. set standards for acceptable media-storage devices.

Correct Answer: C
QUESTION 63
_______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
C. Network
D. Pattern matching
E. Host

Correct Answer: B
QUESTION 64
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
A. Leased-line security
B. Salami attacks
C. Unauthorized network connectivity
D. Distributed denial-of-service attacks
E. Secure access to remote organizational resources
Correct Answer: E
QUESTION 65
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A QUESTION 66
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages

Correct Answer: ABE
QUESTION 67
Which type of access management uses information about job duties and positions, to indicate subjects’ clearance levels?
A. Discretionary
B. Role-based
C. Nondiscretionary
D. Hybrid
E. Mandatory

Correct Answer: B
QUESTION 68
When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)
A. Discover the information daily activities yield.
B. Meet with adversaries.
C. Perform business impact analysis surveys.
D. Scrutinize their organizations’ daily activities.
E. Analyze indicators, to determine the information an adversary can glean ?both from routine and nonroutine activities.

Correct Answer: ADE
QUESTION 69
Which of the following can be stored on a workstation? (Choose TWO.)
A. Payroll information
B. Data objects used by many employees
C. Databases
D. Interoffice memo
E. Customer correspondence
Correct Answer: DE
QUESTION 70
How is bogus information disseminated?
A. Adversaries sort through trash to find information.
B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
C. Adversaries use movement patterns as indicators of activity.
D. Adversaries take advantage of a person’s trust and goodwill.
E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.

Correct Answer: E
QUESTION 71
Which type of access management allows subjects to control some access of objects for other subjects?
A. Discretionary
B. Hybrid
C. Mandatory
D. Role-based
E. Nondiscretionary

Correct Answer: A
QUESTION 72
Which of the following are enterprise administrative controls? (Choose TWO.)
A. Network access control
B. Facility access control
C. Password authentication
D. Background checks
E. Employee handbooks

Correct Answer: DE
QUESTION 73
You are preparing a machine that will be used as a dedicated Web server.
Which of the following services should NOT be removed?
A. E. IRC
B. SMTP
C. FTP
D. HTTP
E. PVP

Correct Answer: D
QUESTION 74
A new U.S. Federal Information Processing Standard specifies a
cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive,
but unclassified, information. What is the name of this Standard?

A. Triple DES
B. Blowfish
C. AES
D. CAST
E. RSA
Correct Answer: C
QUESTION 75
If a firewall receives traffic not explicitly permitted by its security policy, what should the firewall do?
A. Nothing
B. Do not log and drop the traffic.
C. Log and drop the traffic.
D. Log and pass the traffic.
E. Do not log and pass the traffic.

Correct Answer: C
QUESTION 76
Which of the following statements about encryption’s benefits is false? Encryption can: (Choose TWO.)
A. significantly reduce the chance information will be modified by unauthorized entities.
B. only be used to protect data in transit. Encryption provides no protection to stored data.
C. allow private information to be sent over public networks, in relative safety.
D. significantly reduce the chance information will be viewed by unauthorized entities.
E. prevent information from being destroyed by malicious entities, while in transit.

Correct Answer: BE
QUESTION 77
Which principle of secure design states that a security mechanism’s methods must be testable?
A. Separation of privilege
B. Least common mechanism
C. Complete mediation
D. Open design
E. Economy of mechanism

Correct Answer: D
QUESTION 78
What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan

Correct Answer: E
QUESTION 79
A(n) ______________________________ is a quantitative review of risks, to determine how an organization will continue to function, in the event a risk is realized.
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
Correct Answer: C
QUESTION 80
Internal intrusions are loosely divided into which categories? (Choose TWO.)
A. Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
B. Attempts by insiders to access resources, without proper access rights.
C. Attempts by insiders to access external resources, without proper access rights.
D. Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
E. Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.

Correct Answer: BE
QUESTION 81
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization’s security policy.
C. Enables the administrator to monitor the configuration of remote computers.
D. Prevents attackers from penetrating headquarters’ Security Gateway.
E. Confirms that a remote configuration complies with the organization’s security policy.

Correct Answer: BCE

Ensure that you are provided with only the best and most updated CheckPoint 156-110 Certification training materials, we also want you to be able to access CheckPoint 156-110 easily, whenever you want.We provide all our CheckPoint 156-110 Certification exam training material in PDF format, which is a very common format found in all computers and gadgets. Now we add the latest CheckPoint 156-110 content and to print and share content.