Month: July 2016
Welcome to download the newest Dumpsoon MB2-700 VCE dumps: http://www.dumpsoon.com/MB2-700.html
New VCE and PDF– You can prepare CheckPoint 156-215 exam in an easy way with Flydumps CheckPoint 156-215 questions and answers.By training our vce dumps with all CheckPoint 156-215 the latest questions,you can pass the exam in the first attempt.
QUESTION 106
What is the officially accepted diagnostic tool for IP appliance support?
A. Ipsinfo
B. Uag-diag
C. CST
D. cpinfo
Correct Answer: C
QUESTION 107
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. cthtool
B. ifconfig ?a
C. eth_set
D. mii_tool
Correct Answer: C
QUESTION 108
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. clish -c set routing active enable
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd on admin “Pass Any Exam. Any Time.” – www.actualtests.com 44 Checkpoint 156-215.75 Exam
Correct Answer: D
QUESTION 109
How many inspection capture points are shown in fw monitor?
A. 2
B. 1
C. Depends on the number of interfaces on the Gateway
D. 4
Correct Answer: D
QUESTION 110
Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.
A. I
B. O
C. o
D. i
Correct Answer: B
QUESTION 111
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?
A. fw monitor -e “accept;” > /tmp/monitor.txt
B. fw monitor -e “accept;” -f > /tmp/monitor.txt
C. fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D. fw monitor -e “accept;” -w /tmp/monitor.txt “Pass Any Exam. Any Time.” – www.actualtests.com 45 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 112
When you run the fw monitor -e “accept;” command, what type of traffic is captured?
A. Only inbound traffic, before and after the inbound inspection.
B. All traffic coming in all directions, before and after inbound and outbound inspection.
C. All traffic accepted by the Rule Base.
D. Only outbound traffic, before and after the outbound inspection.
Correct Answer: B QUESTION 113
The button Get Address, found on the Host Node Object > General Properties page, will retrieve what?
A. The domain name
B. The fully qualified domain name
C. The Mac address
D. The IP address
Correct Answer: D QUESTION 114
You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your
manager gives you the following requirements for controlling DNS traffic:
Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic)
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic)
Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic)
“Pass Any Exam. Any Time.” – www.actualtests.com 46
Checkpoint 156-215.75 Exam
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic)
Desired Result #3: Do not clutter the Rule Base try creating explicit rules for traffic that can be controlled
using Global Properties
To begin, you make the following configuration changes, and install the Security Policy
–
Select the box Accept Domain Name over TCP (Zone Transfer) in Global Properties
–
Select the box Accept Domain Name over UDP (Queries) in Global Properties
–
Select the box Log Implied Rules in Global Properties Do your initial actions meet the required and desired results?
A.
The actions achieve the required results, and two of the desired results.
B.
The actions achieve all required results, but none of the desired results.
C.
The actions do not achieve the required results.
D.
The actions meet all required and desired results.
Correct Answer: A QUESTION 115
When you change an implicit rule’s order from last to first in global properties, how do you make the change take effect?
A. Select save from the file menu
B. Reinstall the security policy
C. Select install database from the policy menu
D. Run fw fetch from the security gateway
Correct Answer: B QUESTION 116
You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is enabled as Before last in Global Properties.
“Pass Any Exam. Any Time.” – www.actualtests.com 47 Checkpoint 156-215.75 Exam Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet by IP address? ICMP will be:
A. dropped by rule 0.
B. dropped by rule 2, the Cleanup Rule.
C. accepted by rule 1.
D. dropped by the last Implicit rule.
Correct Answer: C QUESTION 117
How does the Get Address button, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. SNMP Get
C. Address resolution (ARP. RARP)
D. Name resolution (hosts file, DNS, cache)
Correct Answer: D QUESTION 118
Anti-Spoofing is typically set up on which object type?
A. Host
B. Domain
C. Network
D. Security Gateway
Correct Answer: D QUESTION 119
“Pass Any Exam. Any Time.” – www.actualtests.com 48 Checkpoint 156-215.75 Exam Spoofing is a method of:
A. Hiding your firewall from unauthorized users.
B. Disguising an illegal IP address behind an authorized IP address through port address Translation.
C. Making packets appear as if they come from an authorized IP address
D. Detecting people using false or wrong authentication logins.
Correct Answer: C QUESTION 120
Certificates for Security Gateways are created during a simple initialization from______.
A. SmartUpdate
B. sysconfig
C. The ICA management tool.
D. SmartDashboard Correct Answer: D
QUESTION 121
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
Correct Answer: B
QUESTION 122
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215.75 Exam You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.
5) Install the security policy.
A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5
Correct Answer: B
QUESTION 123
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the cpconfig command and put in the same activation key in the Gateway’s object on the Security Management Server Unfortunately SIC cannot be established. What is a possible reason for the problem?
A. The installed policy blocks the communication.
B. Joe forgot to reboot the Gateway.
C. Joe forgot to exit from cpconfig.
D. The old Gateway object should have been deleted and recreated.
Correct Answer: C
QUESTION 124
“Pass Any Exam. Any Time.” – www.actualtests.com 50 Checkpoint 156-215.75 Exam You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message: What is the reason for this behavior?
A. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup / Initialize).
B. The Gateway was not rebooted, which is necessary to change the SIC key.
C. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.
Correct Answer: C QUESTION 125
Which rule should be the Cleanup Rule in the Rule Base?
A. Last. It serves a logging function before the implicit drop.
B. Last, it explicitly drops otherwise accepted traffic
C. Before last followed by the Stealth Rule.
D. First, it explicitly accepts otherwise dropped traffic.
Correct Answer: A QUESTION 126
What are the two basic rules which should be used by all Security Administrators?
A. Administrator Access and Stealth rules
B. Cleanup and Administrator Access rules
C. Network Traffic and Stealth rules “Pass Any Exam. Any Time.” – www.actualtests.com 51 Checkpoint 156-215.75 Exam
D. Cleanup and Stealth rules
Correct Answer: D QUESTION 127
Which item below in a Security Policy would be enforced first?
A. Administrator-defined Rule Base
B. Network Address Translation
C. IP spoofing/IP options
D. Security Policy “First” rule
Correct Answer: C QUESTION 128
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Use the search utility in SmartDashboard to view all hidden rules Select the relevant rule and click Disable Rule(s).
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
D. Hidden rules are already effectively disabled from Security Gateway enforcement.
Correct Answer: C QUESTION 129
A Stealth rule is used to: A. Use the Security Gateway to hide the border router from internal attacks.
B. Cloak the type of Web server in use behind the Security Gateway.
C. Prevent communication to the Security Gateway itself. “Pass Any Exam. Any Time.” – www.actualtests.com 52 Checkpoint 156-215.75 Exam
D. Prevent tracking of hosts behind the Security Gateway.
Correct Answer: C QUESTION 130
A Clean-up rule is used to:
A. Drop without logging connections that would otherwise be dropped and logged fry default
B. Log connections that would otherwise be accepted without logging by default.
C. Log connections that would otherwise be dropped without logging by default.
D. Drop without logging connections that would otherwise be accepted and logged by default
Correct Answer: C QUESTION 131
A ____________ rule is designed to log and drop all other communication that does not match another rule.
A. Stealth
B. Cleanup
C. Reject
D. Anti-Spoofing
Correct Answer: B QUESTION 132
Which statement is TRUE about implicit rules?
A. They are derived from Global Properties and explicit object properties.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. You create them in SmartDashboard.
D. Changes to the Security Gateway’s default settings do not affect implicit rules. “Pass Any Exam. Any Time.” – www.actualtests.com 53 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 133
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. First
B. Before Last
C. Last
D. After Stealth Rule
Correct Answer: C QUESTION 134
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Acceptance of IKE and RDP traffic for communication and encryption purposes.
B. Exclusion of specific services for reporting purposes.
C. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
D. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
Correct Answer: B
Flydumps Free CheckPoint 156-215 exam dumps are audited by our certified subject matter experts and published authors for development. Passtcert CheckPoint 156-215 exam dumps are one of the highest quality CheckPoint 156-215 Q&As in the world.It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass CheckPoint 156-215 exam at first attempt.
Dumpsoon MB2-703 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/MB2-703.html
Flydumps practice test training resources are versatile and highly compatible with Microsoft exam formats. We provide up to date resources and comprehensive coverage on CheckPoint 156-210 exam dumps help you to advance your skills.
QUESTION 55
Which Block Intruder options block suspicious connections? (Choose three)
A. Block Connections by Packet Size.
B. Block Access from that Source.
C. Block Connections using Specific Services.
D. Block Access to the Destination.
E. Block Selected Connection.
Correct Answer: BDE
QUESTION 56
Which of the following denial-of-service attacks does SmartDefense defeat? (Choose three)
A. Ping of Death
B. Rouge Applets
C. Teardrop
D. Host System Hogging
E. LAND
Correct Answer: ACE
QUESTION 57
What are the benefit of Stateful Inspection? (Choose two) Stateful Inspection:
A. Shuts down the upper-range ports, to secure an internal network.
B. Uses state information derived from past communications and other applications, to make control decisions for new communication attempts.
C. Leaves the upper range of ports (greater than 1023) open, to allow for file-transfer sessions.
D. Duplicates the number of sessions, acting as a proxy broker between a client and server.
E. Examines every packet, and applies a defined Security Policy to each.
Correct Answer: BE
QUESTION 58
Which of the following are core functions of Application Intelligence? (Choose two)
A. Validating compliance to standards.
B. Validating simple protocols, without controlling application logic.
C. Validating Data and Physical Layer attacks.
D. Limiting the ability of applications to carry malicious data.
E. Allowing Application Layer operations.
Correct Answer: AD
QUESTION 59
One of the functions of the SmartDefense console is to:
A. Add rules to block and log attacks.
B. Configure user options for tracking attacks.
C. Display real-time information about attacks.
D. Configure logging options for attack forensics.
E. Configure auditing and reporting options.
Correct Answer: C
QUESTION 60
The SANS Dshield.org Storm center integrates with SmartDefense, by: (Choose two)
A. Reviewing VPN-1/FireWall-1 logs.
B. Providing Storm Center audit trails.
C. Setting up the SmartDefense Subscription service.
D. Adding the Storm Center Block List report to the Security Policy.
E. Updating SmartDefense attack signatures in real time.
Correct Answer: AD
QUESTION 61
Systems needing to be accessed from the Internet should use which type of address translation?
A. IP Pool NAT
B. Hide NAT
C. NAT cannot be used
D. Static NAT
E. Dynamic NAT
Correct Answer: D
QUESTION 62
VPN-1/FireWall-1 logs are exportable to other applications, such as spreadsheets or databases, using which of the following?
A. FW Log Unification Engine
B. Secure Internal Communications (SIC)
C. Check Point logs are not exportable
D. Log Export Application (LEA)
E. Log Identification Unique ID (LUUID)
Correct Answer: D
QUESTION 63
Which of the following is NOT configured under Application Intelligence in SmartDefense?
A. FTP
B. DNS
C. Dynamic Ports
D. Rlogin
E. VoIP
Correct Answer: C
QUESTION 64
Which type of rule should be placed above the Stealth Rule?
A. User Authentication
B. Client Authentication
C. Network Address Translation
D. Cleanup
E. Session Authentication
Correct Answer: B
QUESTION 65
Bad weather and a UPS failure caused your remote Enforcement Module to reboot. Earlier that day, a tornado destroyed the building where the SmartCenter Server was located. You have not yet recovered or replaced the SmartCenter Server. Which of the following statements is false? (Choose two) Because the Enforcement Module cannot connect to the SmartCenter Server.
A. The Enforcement Module will log locally.
B. The Enforcement Module will continue to enforce the last Security Policy installed.
C. No Security Policy is installed, and all traffic will be dropped.
D. No Security Policy is installed, and all traffic will be allowed.
E. The Enforcement Module attempts to fetch a Security Policy from the SmartCenter Server, and install it.
Correct Answer: AB
QUESTION 66
Which of the following is NOT included in Application Intelligence Web Security?
A. HTTP Worm Catcher
B. Peer-to-Peer traffic over HTTP
C. Cross-Site Scripting
D. HTTP Format Size
E. HTTP Java Blocker
Correct Answer: E
QUESTION 67
Which of the following statements are TRUE of VPN-1/FireWall-1 groups? (Choose two)
A. Groups can be nested in groups.
B. The contents of one group can be imported into another group.
C. Services and network objects can be placed in the same group.
D. User groups can be nested, but network-object groups cannot.
E. Users and services can be placed in the same group.
Correct Answer: AB
QUESTION 68
You have locked yourself out, with a rule or an incorrectly configured Security Policy. What would you do to recover communication between your SmartCenter Server and Enforcement Module?
A. fw push localhost
B. pw unloadlocal
C. fw unlocklocal
D. cpstop localhost
E. cpdelete localhost
Correct Answer: B
QUESTION 69
How does SmartDefense Integrate with network Storm Centers? (Choose two)
A. Security Administrators can decide to send logs to a Storm Center to help other organizations.
B. The SmartDefense Storm Center Module downloads the Block List Report directly, adding it to the Security Policy.
C. Security Administrators must manually compile log files before sending them to Storm Centers.
D. Security Administrators must create network objects for each of the systems on the Storm Center Block List, then install a new Security Policy.
E. By default, logs are automatically delivered to a Storm Center.
Correct Answer: AB
QUESTION 70
Which of the following statements is TRUE of transparent authentication in NG with Application Intelligence? (Choose three)
A. Unknown users are prompted three times for a password, and are then disconnected.
B. Unknown users receive error messages, indicating that the Enforcement Module does not recognize user names.
C. NG with Application Intelligence does not allow connections from users who do not know the name or IP address of the Enforcement Module.
D. NG with Application Intelligence prompts for user names, event though authentication data may not be recognized by the Enforcement Module.
E. NG with Application Intelligence allows connections from authenticated users, and does not require that users know the IP address or name of the firewall.
Correct Answer: ADE
QUESTION 71
At Certkiller , auditors are Check Point Security Administrators with a customized permissions profile.
Auditors must have the ability to review information from SmartView Tracker, SmartView Status, and
SmartView Monitoring, but they may not make changes to the information. Auditors are not permitted to
view security Policies or the objects database.
Which of the following settings grants auditors the MOST appropriate set of permissions, based on the
corporate environment, described above for Certkiller ?
A. Read-Only SmartView Reporter
B. Read-Only Monitoring
C. Read-Only Security Policy
D. Read-Only SmartUpdate
E. Read-Only Log Consolidator
Correct Answer: A
QUESTION 72
When are Anti-Spoofing Rules enforced during packet inspection?
A. Before the Cleanup Rule is applied.
B. After the Stealth Rule is applied.
C. Before any rule in the Rule Base is applied.
D. When the packet is authorized by an Accept or Encrypt rule.
Correct Answer: C
QUESTION 73
Which of the following objects are allowed in the Source components of the Rule Base? (Choose two)
A. Host-Node Objects
B. Time Objects
C. LDAP Account Units
D. Services
E. User Groups
Correct Answer: AE
QUESTION 74
Which of the following is TRUE, if you change the inspection order of implied rules?
A. You must stop and start the Enforcement Module, before the changes can take place.
B. After the Security Policy is installed, the order in which rules are enforced changes.
C. You cannot change the inspection order of implied rules.
D. You must stop and start the SmartCenter Server, before the changes can take place.
E. Security Policy installation will fail.
Correct Answer: B
QUESTION 75
Security Administrators use Session Authentication when they want users to: (Choose two)
A. Authenticate for all services.
B. Use only TELNET, FTP, Rlogin, and HTTP services.
C. Use only HTTP and HTTPS services.
D. Authenticate once, and then be able to use any service, until logging off.
E. Log authentication actions locally.
Correct Answer: AD
QUESTION 76
Which of the following statements is TRUE concerning how NG with Application Intelligence handles the authentication of users?
A. Users may have different VPN-1 & FireWall-1 passwords, on Enforcement Modules managed by the same SmartCenter Server.
B. All users on the same gateway must use the same authentication method.
C. All imported users must use the same authentication method and hash.
D. All users in the same group must use the same authentication method and hash.
E. Users may be required to use different authentication methods for different services.
Correct Answer: A
QUESTION 77
Spoofing is a method of: A. Making packets appear as if they came from an authorized source IP address.
B. Hiding your Enforcement Module from unauthorized users.
C. Disguising an invalid IP address behind an authorized IP address.
D. Detecting when someone is attacking your network.
E. Detecting users logging in using false or wrong authentication logins.
Correct Answer: A
QUESTION 78
Which of the following statements is TRUE when modifying user templates?
A. If the user template is modified, all active user connections will be dropped when the modifier user database is installed.
B. All users subsequently created with that template will have the new properties.
C. You must always create new templates. Existing user templates cannot be modified.
D. All users previously created using the template are automatically modified with the new properties.
E. If the user template is modified, you must manually re-establish user-group membership.
Correct Answer: B
QUESTION 79
As a Security Administrator, you want to force users to authenticate. You have selected Client Authentication for the type of authentication. Users will be using a Web browser to authenticate. Which of the following TCP ports will authenticate users?
A. 23
B. 261
C. 80
D. 900
E. 259
Correct Answer: D
QUESTION 80
Which of the following is NOT a step in the Session Authentication process?
A. If authentication is successful, the VPN-1/FireWall-1 Enforcement Module allows connections to pass.
B. The Session Agent prompts users for an authentication password, after Phase 1 of IKE negotiations is complete.
C. Users initiate connections directly to a server.
D. The Session Agent prompts users for authenticated data, and returns the information to the Enforcement Module.
E. The VPN-1/FireWall-1 Enforcement Module intercepts connections, and connects to t he Session Agent.
Correct Answer: C
QUESTION 81
With VPN-1/FireWall-1 central licensing, a license is linked to which of the following?
A. Domain name of the SmartCenter Server.
B. IP address of the Enforcement Module.
C. IP address of the SmartCenter Server.
D. IP address of the SmartConsole
E. Domain name of the Enforcement Module.
Correct Answer: C QUESTION 82
Your organization’s internal programming team developed a proprietary application for accessing the time-
management system. The application uses a custom-designed protocol. As the Security Administrator, you
must control user access to the time-management system.
Which is the BEST authentication method for this scenario?
A. NG with Application Intelligence authentication methods can only be applied to protocols included in the standard, pre-defined suite.
B. Implicit User Authentication
C. User Authentication
D. Session Authentication
Correct Answer: D
QUESTION 83
Which of the following is the BEST authentication for roaming users, such as doctors updating patient records via HTTP at various workstations in a hospital?
A. Client
B. Session
C. User
Correct Answer: C
QUESTION 84
Which of the following statements is specifically TRUE of user groups?
A. Non-authentication rules require a user group in the Source field.
B. Authentication rules require a user group in the Source field.
C. User groups must be created, in order to implement authentication.
D. Authentication rules require a user group in both the Source and Destination field.
E. User groups cannot be used in authentication rules.
Correct Answer: C
QUESTION 85
You have created a SmartConsole Administrator with Read Only privileges in the Check Point
Configuration Tool.
Which of the following actions can this administrator perform? (Choose three)
A. Filter log files in the SmartView Tracker.
B. Review saved policies.
C. Change network object properties.
D. Install policies
E. Log in to the SmartDashboard.
Correct Answer: ABE
QUESTION 86
VPN-1/FireWall-1 supports User Authentication for which of the following services? Select the response below that contains the MOST complete list of supported services.
A. FTP, FTPS, HTTP, HTTPS
B. Rlogin, TELNET, HTTP, FTP
C. POP3, SMTP, HTTPS, FTPS
D. TELNET, HTTP, FTP, SMTP
E. Rlogin, TELNET, HTTP, SMTP
Correct Answer: B QUESTION 87
User Authentication supports all of the following services, EXCEPT:
A. SSH
B. FTP
C. HTTP
D. RLOGIN
E. TELNET
Correct Answer: A QUESTION 88
In the diagram, a group of users in the QA Department requires frequent access to the Palace Server.
Access to Palace is allowed from localnet hosts. Each user can log in at the beginning of the day, and can
use the service for a specified time period and number of sessions. If a user forgets to log out, the
connection to Palace is closed at the end of the authorization period.
Which of the following rules allows access to the Palace Server, from QA users on the local network? QA
users’ source (un the Rule Base) is QA@Localnet.
A. Rule 3
B. Rule 4
C. None of these rules allows access
D. Rule 1
E. Rule 2
Correct Answer: D
QUESTION 89
Which authentication method could be used for H.323 services? (Choose two)
A. Client Authentication
B. VoIP Authentication
C. User Authentication
D. No Authentication can be used for H.323
E. Session Authentication
Correct Answer: AE
QUESTION 90
Which authentication method could be used for SIP services? (Choose two)
A. Client Authentication
B. No authentication can be used for SIP
C. VoIP Authentication
D. Session Authentication
E. User Authentication
Correct Answer: AD
QUESTION 91
When the Client Authentication method requires Manual Sign On, users must connect to which of the following ports?
A. TELNET to port 70, or HTTP to port 443
B. TELNET to port 161, or HTTP to port 136
C. TELNET to port 21, or HTTP to port 80
D. TELNET to port 165, or HTTP to port 514
E. TELNET to port 259, or HTTP to port 900
Correct Answer: E
QUESTION 92
In the Client Authentication Action Properties dialog box, the Manual Sign On method is selected. This means:
A. If a connection matches the Rule Base and the service is an authenticated service, the client is signed on after a successful authentication.
B. The user must TELNET to the target server on port 250.
C. If a connection using any service matches the Rule Base, the client is authenticated.
D. If authentication is successful, access is granted from the network that initiated the connection.
E. the user must initiate a Client Authentication session to the gateway.
Correct Answer: E
QUESTION 93
Which of the following responses is TRUE about creating user templates? (Choose two)
A. By default, users can authenticate 24 hours a day, 7 days a week.
B. If not specific source or destination is selected users can authenticate to any source or destination.
C. If no password options are selected, users will still be able to authenticate, by creating their passwords during login.
D. When you create new users, you must create a new template for each user.
E. If no encryption method is selected, users will only be able to authenticate when they receive their Certificate Authority.
Correct Answer: AB
QUESTION 94
What is the advantage of using VPN-1/FireWall-1 Password for the authentication scheme, rather than using OS Password?
A. The OS Password authentication scheme can only be used with services available to user’s local machine.
B. There is not advantage, because VPN-1/FireWall-1 Password can only be used, if a user has an operating-system account on the network.
C. The OS Password authentication scheme can only be used with users who are present on the local network protected by the Enforcement Module. No external users can be configured for OS Password authentication.
D. VPN-1/FireWall-1 Passwords can be cached on the Enforcement Module. If a user in the user database attempts a connection, that user will not be prompted to re-enter the password.
E. VPN1-/FireWall-1 Passwords can be used, even if a user does not have an operating-system account on the network.
Correct Answer: E
QUESTION 95
Which of the following statements accurately describes VPN-1/FireWall-1 Session Authentication? (Choose three)
A. Session Authentication allows unlimited connections from a single host or IP address.
B. Session Authentication does not result in any additional connections to the Enforcement Module.
C. Session Authentication is restricted to a limited number of service.
D. Session Authentication requires that an authentication agent be installed on client computers.
E. Session Authentication requires an authentication procedure for each connection.
Correct Answer: ABD
QUESTION 96
You have created a rule so that every time a user wants to connect to the Internet using HTTP, that user must be authenticated. You want an authentication scheme that provides transparency for the user, and administrative control for you. The user must be able to log in from any location.
Which authentication scheme meets your needs?
A. Client
B. Session
C. Users
Correct Answer: C
QUESTION 97
The VPN-1/Firewall-1 NG User Interface consists of which of the following elements?
A. Security Policy Editor, Visual Policy Editor and Object tree view.
B. Management Server and VPN-1/FireWall-1 Module.
C. Visual Policy Editor, Object Tree view and inspection Module.
D. Security Policy Server, System GUI and Module Log Viewer.
E. VPN-1/FireWall-1 Module, Inspection Module and Security Server.
Correct Answer: A
QUESTION 98
You are attempting to implement Client Authentication for FTP. You have the accept firewall control connection option unchecked in the Policies and Properties dialog box. In the following Rule base, which rule would prevent a user from performing Client Authentication? No SOURCE DESTINATION SERVICE ACTION 1 Any fw.chicago.com Any drop 2 [email protected] Any ftp Client Encrypt 3 Any localNet http Accept telnet 4 Any Any Any drop
A. Rule 1
B. Rule 2
C. Rule 3
D. Rule 4
Correct Answer: A
QUESTION 99
As a VPN-1/Firewall-1 administrator, you have an undistributed range of IP addresses for which you want to perform address translation. You can simplify your efforts through the use of ADDRESS RANGE.
A. True
B. False
Correct Answer: A
QUESTION 100
In the figure below, Localnet is an internal network with private addresses A corresponding set of public addresses is available as follows: Public IP addresses Private IP addresses 199.203.73.15-199.203.73.115 200.0.0.100-200.0.0.200 The private addresses are translated to public addresses by specifying addresses Translation in the NAT tab of Localnet’s network properties window. Source addresses for the outbound packets from hosts in Localnet will be translated to 199.203.73.12 as shown in the figure below.
A. True
B. False
Correct Answer: B
Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises, CheckPoint 156-210 helps you master the concepts and techniques that will enable you to succeed on the CheckPoint 156-210 exam the first time.
At Flydumps, we ensure that our CheckPoint 156-110 material is accurate, up to date, and will ensure you pass your certification exam on the first try. If you want to pass your CheckPoint 156-110 exam, Flydumps would be your best choice.
QUESTION 52
Distinguish between the role of the data owner and the role of the data custodian. Complete the following sentence. The data owner is the:
A. department in the organization responsible for the data’s physical storage location. The data custodian is anyone who has access the data for any reason.
B. person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.
C. person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.
D. person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.
E. person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.
Correct Answer: C
QUESTION 53
You are considering purchasing a VPN solution to protect your organization’s information assets. The solution you are reviewing uses RFC-compliant and open-standards encryption schemes. The vendor has submitted the system to a variety of recognized testing authorities. The vendor does not make the source code available to testing authorities. Does this solution adhere to the secure design principle of open design?
A. No, because the software vendor could have changed the code after testing, which is not verifiable.
B. No, because the software vendor submitted the software to testing authorities only, and did not make the software available to the public for testing.
C. Yes, because the methods were tested by recognized testing authorities, and the source code is protected from vandalism.
D. Yes, because the methods are open, and the system does not rely on the secrecy of its internal mechanisms to provide protection.
E. No, because if a software vendor refuses to reveal the source code for a product, it cannot comply with the open-design principle.
Correct Answer: D
QUESTION 54
Which of the following is the BEST method for managing users in an enterprise?
A. Enter user data in a spreadsheet.
B. Implement centralized access control.
C. Deploy Kerberos.
D. Place them in a centralized Lightweight Directory Access Protocol.
E. Use a Domain Name System.
Correct Answer: D
QUESTION 55
____________________ educate(s) security administrators and end users about organizations’ security policies.
A. Security-awareness training
B. Information Security (INFOSEC) briefings
C. Acceptable-use policies
D. Continuing education
E. Nondisclosure agreements
Correct Answer: A
QUESTION 56
Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.
A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field
Correct Answer: C
QUESTION 57
Organizations _______ risk, when they convince another entity to assume the risk for them.
A. Elevate
B. Assume
C. Deny
D. Transfer
E. Mitigate
Correct Answer: D
QUESTION 58
A(n) _______________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact
E. Aggregated data set
Correct Answer: A
QUESTION 59
To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.
At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?
A. ABC Company will never recoup the cost of this safeguard.
B. Less than 7 years
C. Less than 3 years
D. Less than 1 year
E. Less than 5 years
Correct Answer: B
QUESTION 60
ABC Corporation’s network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?
A. Single sign-on
B. Decentralized access control
C. Hybrid access control
D. Layered access control
E. Mandatory access control
Correct Answer: D
QUESTION 61
The items listed below are examples of ___________________ controls.
*Smart cards *Access control lists *Authentication servers *Auditing
A. Role-based
B. Administrative
C. Technical
D. Physical
E. Mandatory
Correct Answer: C
QUESTION 62
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
A. are required standards in health care and banking.
B. provide redundant systems and data backups.
C. control who is allowed to view and modify information.
D. are academic models not suitable for implementation.
E. set standards for acceptable media-storage devices.
Correct Answer: C
QUESTION 63
_______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
C. Network
D. Pattern matching
E. Host
Correct Answer: B
QUESTION 64
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
A. Leased-line security
B. Salami attacks
C. Unauthorized network connectivity
D. Distributed denial-of-service attacks
E. Secure access to remote organizational resources
Correct Answer: E
QUESTION 65
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A QUESTION 66
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages
Correct Answer: ABE
QUESTION 67
Which type of access management uses information about job duties and positions, to indicate subjects’ clearance levels?
A. Discretionary
B. Role-based
C. Nondiscretionary
D. Hybrid
E. Mandatory
Correct Answer: B
QUESTION 68
When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)
A. Discover the information daily activities yield.
B. Meet with adversaries.
C. Perform business impact analysis surveys.
D. Scrutinize their organizations’ daily activities.
E. Analyze indicators, to determine the information an adversary can glean ?both from routine and nonroutine activities.
Correct Answer: ADE
QUESTION 69
Which of the following can be stored on a workstation? (Choose TWO.)
A. Payroll information
B. Data objects used by many employees
C. Databases
D. Interoffice memo
E. Customer correspondence
Correct Answer: DE
QUESTION 70
How is bogus information disseminated?
A. Adversaries sort through trash to find information.
B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
C. Adversaries use movement patterns as indicators of activity.
D. Adversaries take advantage of a person’s trust and goodwill.
E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.
Correct Answer: E
QUESTION 71
Which type of access management allows subjects to control some access of objects for other subjects?
A. Discretionary
B. Hybrid
C. Mandatory
D. Role-based
E. Nondiscretionary
Correct Answer: A
QUESTION 72
Which of the following are enterprise administrative controls? (Choose TWO.)
A. Network access control
B. Facility access control
C. Password authentication
D. Background checks
E. Employee handbooks
Correct Answer: DE
QUESTION 73
You are preparing a machine that will be used as a dedicated Web server.
Which of the following services should NOT be removed?
A. E. IRC
B. SMTP
C. FTP
D. HTTP
E. PVP
Correct Answer: D
QUESTION 74
A new U.S. Federal Information Processing Standard specifies a
cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive,
but unclassified, information. What is the name of this Standard?
A. Triple DES
B. Blowfish
C. AES
D. CAST
E. RSA
Correct Answer: C
QUESTION 75
If a firewall receives traffic not explicitly permitted by its security policy, what should the firewall do?
A. Nothing
B. Do not log and drop the traffic.
C. Log and drop the traffic.
D. Log and pass the traffic.
E. Do not log and pass the traffic.
Correct Answer: C
QUESTION 76
Which of the following statements about encryption’s benefits is false? Encryption can: (Choose TWO.)
A. significantly reduce the chance information will be modified by unauthorized entities.
B. only be used to protect data in transit. Encryption provides no protection to stored data.
C. allow private information to be sent over public networks, in relative safety.
D. significantly reduce the chance information will be viewed by unauthorized entities.
E. prevent information from being destroyed by malicious entities, while in transit.
Correct Answer: BE
QUESTION 77
Which principle of secure design states that a security mechanism’s methods must be testable?
A. Separation of privilege
B. Least common mechanism
C. Complete mediation
D. Open design
E. Economy of mechanism
Correct Answer: D
QUESTION 78
What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan
Correct Answer: E
QUESTION 79
A(n) ______________________________ is a quantitative review of risks, to determine how an organization will continue to function, in the event a risk is realized.
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
Correct Answer: C
QUESTION 80
Internal intrusions are loosely divided into which categories? (Choose TWO.)
A. Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
B. Attempts by insiders to access resources, without proper access rights.
C. Attempts by insiders to access external resources, without proper access rights.
D. Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
E. Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.
Correct Answer: BE
CheckPoint 156-110 Questions & Answers covers all the knowledge points of the real exam. We update our product frequently so our customer can always have the latest version of CheckPoint 156-110 . We provide our customers with the excellent 7×24 hours customer service.We have the most professional EC-COUNCIL 312-50 expert team to back up our grate quality products.If you still cannot make your decision on purchasing our product, please try our CheckPoint 156-110 free pdf.
Flydumps provides you with the most reliable practice exams to master CheckPoint 156-110 Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These CheckPoint 156-110 test questions provide you with the experience of taking the actual test.
QUESTION 82
Which of the following is likely in a small-business environment?
A. Most small businesses employ a full-time information-technology staff.
B. Resources are available as needed.
C. Small businesses have security personnel on staff.
D. Most employees have experience with information security.
E. Security budgets are very small.
Correct Answer: E
QUESTION 83
ABC Corporation’s network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?
A. Role-based access control
B. Three-factor authentication
C. Single sign-on
D. Hybrid access control
E. Mandatory sign-on
Correct Answer: E
QUESTION 84
Which type of Business Continuity Plan (BCP) test involves shutting down a primary site, bringing an alternate site on-line, and moving all operations to the alternate site?
A. Parallel
B. Full interruption
C. Checklist
D. Structured walkthrough
E. Simulation
Correct Answer: B
QUESTION 85
A(n) _______ is the first step for determining which technical information assets should be protected.
A. Network diagram
B. Business Impact Analysis
C. Office floor plan
D. Firewall
E. Intrusion detection system
Correct Answer: A
QUESTION 86
Which of the following is an example of a simple, physical-access control?
A. Lock
B. Access control list
C. Background check
D. Token
E. Firewall
Correct Answer: A
QUESTION 87
Which of the following best describes an external intrusion attempt on a local-area network (LAN)?
A. Internal users try to gain unauthorized access to information assets outside the organizational perimeter.
B. External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization’s information assets.
C. External users attempt to access public resources.
D. External intruders attempt exploitation of vulnerabilities, to remove their own access.
E. Internal users perform inappropriate acts on assets to which they have been given rights or permissions.
Correct Answer: B
QUESTION 88
Maintenance of the Business Continuity Plan (BCP) must be integrated with an organization’s _______________ process.
A. Change-control
B. Disaster-recovery
C. Inventory-maintenance
D. Discretionary-budget
E. Compensation-review
Correct Answer: A
QUESTION 89
Which types of security solutions should a home user deploy? (Choose TWO.)
A. Managed Security Gateway
B. Access control lists on a router
C. Personal firewall
D. Network intrusion-detection system
E. Anti-virus software
Correct Answer: CE QUESTION 90
You are a system administrator for a pool of Web servers. The vendor who sells your Web server posts a patch and sample exploit for a newly discovered vulnerability. You will take all of the actions listed below. Which of the following actions should you take first?
A. Run the sample exploit against a test server.
B. Run the sample exploit against a production server.
C. Apply the patch to all production servers.
D. Test the patch on a production server.
E. Test the patch on a non-production server.
Correct Answer: A
QUESTION 91
_______ is a method of tricking users into revealing passwords, or other sensitive information.
A. Dumpster diving
B. Means testing
C. Social engineering
D. Risk
E. Exposure
Correct Answer: C
QUESTION 92
Which of the following equations results in the Single Loss Expectancy for an asset?
A. Asset Value x % Of Loss From Realized Exposure
B. Asset Value x % Of Loss From Realized Threat
C. Annualized Rate of Occurrence / Annualized Loss Expectancy
D. Asset Value x % Of Loss From Realized Vulnerability
E. Annualized Rate of Occurrence x Annualized Loss Expectancy
Correct Answer: B
QUESTION 93
Which encryption algorithm has the highest bit strength?
A. AES
B. Blowfish
C. DES
D. CAST
E. Triple DES
Correct Answer: A
QUESTION 94
_________________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.
A. Symmetric-key exchange
B. Steganography
C. Transposition cipher
D. Asymmetric-key encryption
E. Simple substitution cipher
Correct Answer: C QUESTION 95
Which of the following are appropriate uses of asymmetric encryption? (Choose THREE.)
A. Authentication
B. Secure key-exchange mechanisms
C. Public Web site access
D. Data-integrity checking
E. Sneaker net
Correct Answer: ABD
Free practice questions for CheckPoint 156-110 exam.These questions are aimed at giving you an idea of the type of questions you can expect on the actual exam.You will get an idea of the level of knowledge each topic goes into but because these are simple web pages you will not see the interactive and performance based questions – those are available in the CheckPoint 156-110.
Flydumps CheckPoint 156-510 exam questions which contain almost 100% correct answers are tested and approved by senior Microsoft lecturers and experts.They have been devoting themselves to providing candidates with the best study materials to make sure what they get are valuable.Get a complete hold on CheckPoint 156-510 exam dumps on Flydumps, you will pass the exam absolutely.
QUESTION 63
Which three files can be generated by a Unix core dump?
A. vmunix.
B. vmcore.
C. unixdump
D. core
Correct Answer: ABD QUESTION 64
What is NOT true when using MEP encryption topologies?
A. Gateways must use the same FW-1 build level
B. Gateways must use the same management module
C. You must use a distributed installation of VPN-1/FW-1
D. Gateways must run identical policies
Correct Answer: D QUESTION 65
What is another name for an LDAP server?
A. Account server
B. DN Unit
C. User server
D. Account unit
Correct Answer: D QUESTION 66
Exhibit missing.
Please look at the exhibit, which is a sample output from a “fw ctl pstat” command. How many NAT
operations have there been in an outgoing direction?
A. 20760405
B. 340
C. 312
D. 523
Correct Answer: C QUESTION 67
Which file would you modify in order to enable and configure CPMAD?
A. $FWDIR/bin/cpmad_config.conf
B. $FWDIR/conf/cpmad.conf
C. $FWDIR/conf/cpmad_config.conf
D. $FWDIR//cpmad/config.conf
Correct Answer: C QUESTION 68
For most efficient rulebase operation, which of the following objects would it be preferable to use if you have many contiguous addresses to translate using static NAT? Assume you could validly use any of them.
A. Network
B. Workstation
C. Range
Correct Answer: A QUESTION 69
Where would it be best to locate a CVP server?
A. On an internal user lan network
B. On a firewalled gateway
C. On a separate isolated segment or DMZ
D. On a remote network
Correct Answer: C QUESTION 70
What is the result of not configuring CPMAD with enough memory?
A. Some attacks will not be detected
B. It will automatically grab more memory
C. It will automatically flush out old events to create more memory
D. It will exit
Correct Answer: D QUESTION 71
In a SEP HA environment not using load sharing, the external interfaces of each cluster member must have the same IP address. True or false?
A. False
B. True
Correct Answer: B QUESTION 72
Which command would you use to copy a user database file into VPN-1/FW-1?
A. dbimport <filename>
B. fwm dbimport -s “o=city,c=country”
C. fwm dbexport <filename>
D. fwm dbimport -f <filename>
Correct Answer: D QUESTION 73
When would you need to import the Checkpoint schema into an LDAP server?
A. If you use the severs management interface to update the LDAP database
B. Never, the LDAP standard caters for it
C. If you use Policy Editor to update the LDAP database
D. Always, when you use an LDAP server
Correct Answer: C QUESTION 74
Which is designated the primary management module?
A. It is selected by priority numbers (1 is the highest priority)
B. The last management module installed
C. The first management module installed
D. It is chosen at random
Correct Answer: C QUESTION 75
You do not need LDAP schema checking enabled if you want to use policy editor user manager to add a new LDAP user. True or false?
A. False
B. True
Correct Answer: A QUESTION 76
On a Windows NT FW-1 system, how would you increase the amount of memory allocated to the kernel to 5MBytes?
A. Set the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Service\FW1\Parameters\Memory to 5000000
B. Type “# zap -s _fwhmem $FWDIR/modules/fwmod.o 5000000”
C. Type “set fw:fwhmem=5000000”
D. Type”# echo “fwhmem?W500000″ | adb -w /stand/vmnt”
Correct Answer: A QUESTION 77
A collection of gateways that are synchronized in a VPN topology are called a ___________?
A. MEP
B. Gateway group
C. Gateway cluster
D. Gateway pool
Correct Answer: C QUESTION 78
When using LDAP what may be a reason for a users password to be rejected?
A. The password does not contain a numeric character
B. The user is defined differently in the VPN-1/FW-1 user database
C. than in the LDAP server
D. The user is defined in both VPN-1/FW-1 and the LDAP server
E. The password is also used by someone else
Correct Answer: B QUESTION 79
Which API is used by applications to write to the VPN-1/FW-1 log database?
A. ELA
B. EAL
C. LEA
D. LAA
Correct Answer: A QUESTION 80
When are the statistics provided by the fw ctl pstat command reset?
A. After restarting FW-1
B. Whenever you purge the log file
C. On a reboot
D. On entering the command “fw ctl clear”
Correct Answer: AC QUESTION 81
You need to set the environment variable $FWDIR before running cpifno. True or false?
A. True
B. False
Correct Answer: A QUESTION 82
FW-1 does not support multi level proper subset encryption domains. True or false?
A. False
B. True
Correct Answer: A QUESTION 83
What is true about conflicting configuration parameters between a gateway cluster and a gateway defined as a member of that cluster?
A. Some gateway parameters override cluster parameters
B. Some cluster parameters override gateway parameters
C. The cluster configuration is overridden by the primary gateway parameters
D. All the gateway parameters remain intact
Correct Answer: B QUESTION 84
If you are troubleshooting a SMTP security server problem, which file could be useful?
A. smtp.dmp
B. smtpd.log
C. asmtpd.log
D. cvp.conf
Correct Answer: C QUESTION 85
Please look at the exhibit, which is a sample output from a “fw ctl pstat” command. There is a memory utilization problem here. True or false?
A. False
B. True
Correct Answer: A QUESTION 86
Which is NOT a group of files that can be synchronized in a HA management environment?
A. Configuration database files
B. Install files
C. Fetch files
D. log files
Correct Answer: D QUESTION 87
When SEP gateways are said to be synchronized, what exactly is synchronized between them?
A. Rulebase
B. User database
C. Objects database
D. State tables
Correct Answer: D QUESTION 88
On which module(s) does CPMAD run?
A. An external server
B. The management module
C. The Checkpoint GUI
D. The enforcement module
Correct Answer: B QUESTION 89
How many LDAP servers are supported by VPN-1/FW-1?
A. 1
B. 2, one primary and one backup
C. Unlimited
D. Up to 4
Correct Answer: C QUESTION 90
When debugging a Unix based management server you could use the fwd -d command. True or false?
A. False
B. True
Correct Answer: A
QUESTION 91
Asymmetric routing can be a problem in which type of encryption domain topology?
A. Partial overlapping
B. Fully overlapping domains in gateways using hide mode NAT for all connections
C. none overlapped backup domains with internal links between the two
D. Proper subset
Correct Answer: C
QUESTION 92
What is the function of the “fw hastat <target>” command?
A. It forces failover of high availability gateways
B. It starts HA on high availability capable gateways
C. It provides operational status of high availability gateways
D. It is an invalid command, you should use cphaprob instead
Correct Answer: C
QUESTION 93
When you are logged into the active management server and viewing the high availability management screen, what icon is displayed if there is a recommendation or error that FW-1 wishes to bring to your attention?
A. A lightbulb
B. A red question mark
C. A red hash
D. A green tick
Correct Answer: A
QUESTION 94
Which of the following platforms cannot support CPMAD?
A. Win2000
B. None of these
C. Nokia IP530
D. Solaris
E. Win NT
F. Linux
Correct Answer: B
QUESTION 95
How would you perform a manual synchronization in a HA management module environment?
A. On the primary login and click on the “synchronize me” button of the HA management manager window
B. Perform the “fw hamansync” command
C. On the secondary login and click on the “synchronize me” button of the HA management manager window
D. On the primary use Policy editor > Policy > Management high availability > click on the “synchronize”
button Correct Answer: CD QUESTION 96 When starting FW-1 debugging, you may want to send all the output to a buffer, what command(s) would you use to do this?
A. fw ctl buffer -debug
B. fw ctl buf fw ctl debug
C. fw ctl -b debug
D. fw ctl debug -buf
Correct Answer: D QUESTION 97
On a Windows NT platform, the specified state of the OS memory strategy can impact the performance of FW-1. What is the default state for this?
A. Maximize throughput for network applications
B. Maximize throughput for file sharing
C. Maximize throughput for video applications
D. Maximize throughput for disk access
Correct Answer: B QUESTION 98
In an LDAP database two entries cannot have the same common name (CN). True or false?
A. False
B. True
Correct Answer: A QUESTION 99
If you want to receive debug information for HTTP or FTP security servers when debugging the firewall daemon, you must use the “fw debug fwd on” command. True or false?
A. True
B. False
Correct Answer: B QUESTION 100
What are the three types of overlapping encryption domains?
A. Partial overlap
B. Proper subset
C. Partial subset
D. Full overlap
Correct Answer: ABD
This volume is part of the Exam Certification Guide Series from CheckPoint 156-510 exam. CheckPoint 156-510 exam in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help CheckPoint 156-510 Certification candidates identify weaknesses,concentrate their study efforts,and enhance their confidence as CheckPoint 156-510 exam day nears.