Author: newcertskey
Welcome to download the newest Dumpsoon MB2-703 VCE dumps: http://www.dumpsoon.com/MB2-703.html
You can prepare for 3Com 3M0-212 with little effort because Flydumps is now at your service to act as a guide in Flydumps you pass 3Com 3M0-212 exam. Now get that necessary competitive edge that comes with preparing with the help of Flydumps.
QUESTION 60
Which three are features of Open Shortest Path First (OSPF) routing? (Choose three)
A. 15 maximum router hops
B. Uses a path cost routing metric
C. Updates routing tables when network topology changes occur
D. By default, peridoc updates are sent every 30 seconds between routers
E. Maximum hops are limited only by the size of the routing tables within routers
Correct Answer: BCE
QUESTION 61
Which class of IP addresses is reserved for IP multicasting?
A. Class A
B. Class B
C. Class C
D. Class D
E. Any class of IP address may be used for IP multicasting
Correct Answer: D
QUESTION 62
Which LAN technology provides both incremental bandwidth and redundancy between devices?
A. Resilient Links
B. Aggregated Links
C. IEEE 802.3 1D Spanning Tree Protocol (STP)
D. Virtual Router Redundancy Protocol (VRRP)
E. IEEE 802.3 1W Rapid Spanning Tree Protocol (RSTP)
Correct Answer: B
QUESTION 63
Your Maluti University (MU) data center design uses a single Switch 8814 to support the campus backbone, the server farm and the wiring-closet connections in Building 9. Which four current Switch 8800 features address Maluti Univerisity (MU) network requirements? (Choose four)
A. With no single point of failure, the switch creates a reliable, high-availablity solution
B. Protocol-based VLAN support provides the necessary flexibility to control broadcast traffic.
C. Support integrated Services (IntServ) and RSVP to provide flow-based, fine-grain control over network traffic.
D. With the load-sharing, redundant Switch Fabric, the switch has a maximum aggregated throughput of more than 400 Mpps
E. Multiple priority features will ensure key applications receive the best network response, i.e; eight priority queues per port, Weighted Random Early Detection (WRED) queuing and DiffServ support.
F. IEEE 802.1X network Login and Authentication, Authorization, Accounting (AAA) capabilities provide the necessary network security by establishing what services employees can use and preventing unauthorized users from gaining access to the network
Correct Answer: CDEF
QUESTION 64
Which 3Com solution would you recommend for the Maluti University (MU) data center in Building 9 to create the highly-redundant campus backbone connecting the four distribution buildings?
A. Option A -One Switch 7700 8-Slot Chassis Starter Kit with -One 8-port 1000BASE-X module (3C16858) Eight 1000BASE-SX GBICs (3CGBIC91)
B. Option B -One Switch 8810 Starter Kit with -One 12-port 1000BASE-X module (3C17516) Eight 1000BASE-LX GBICs (3CGBIC92)
C. Option C -One Switch 8814 Starter Kit with -One 12-port 1000BASE-X module (3C17516) Eight 1000BASE-LX SFP Transceivers (3CSFP92) -One Switch 8800 360 Gbps Fabric Module (3C17508)
D. Option D -One Switch 8814 Starter Kit with -One 12-port 1000BASE-X module (3C17516) -Eight 1000BASE-LX SFP Transceivers (3CSFP92) -Two Switch 8800 360 Gbps Fabric Modules (3C17508)
Correct Answer: C
QUESTION 65
If you recommended the 3Com Switch 8800 for Maluti University (MU) data center solution in Building 9, which Switch 8800 interface-module solution would you use to connect the Satellite Buildings to the data center switch?
A. One 24-port 10/100/1000BASE-T Module (3C17516)
B. Multiple 2-port 10 GBASE-X modules (3C17512) with 10GBASE-ER XENPAK transceivers
C. One 12-port 1000BASE-X module (3C17513) with multiple 1000BASE-LH SFP Transceivers (3CSFP97)
D. One 12-port 1000BASE-X module (3C17513) with multiple 1000BASE-LX SFP Transceivers (3CSFP92)
Correct Answer: D
QUESTION 66
You recommended a 1000BASE-X campus-backbone solution to Maluti University (MU) to connect the four distribution buildings to the data center MU is concerned that the 1000BASE-X campus backbone will not provide enough network bandwidth to support its combined data/voice network traffic. Which solution would you recommend to MU to alleviate this concern?
A. Use VLAN segmentation to reduce the traffic that traverses the campus backbone.
B. Distribute the 28 servers, currently located in Building 9 data center, throughout the network to reduce campus-backbone traffic.
C. Use the Switch 8800 in the data center and the Switch 4070 in the distribution centers with 10-Gig Ethernet connections between the switches
D. Use the Switch 8800 in the data center and the Switch 7700 in the distribution centers with 10-Gig Ethernet connections between the switches
Correct Answer: D
QUESTION 67
If you recommended the 3Com Switch 8800 for Maluti University (MU) data center solution in Building 9, which Switch 8800 interface-module solution would you use to connect the wiring-closet switches in Building 9 to the data center switch?
A. The 12-or 24-Port 1000BASE-X module
B. The 24-port 10/100/1000BASE-T Module (3C17516)
C. The 12- or 24-Port 1000BASE-X module with multiple 1000BASE-SX SFP Transceivers ( 3CSFP91)
D. The 12- or 24-port 1000BASE-X module with multiple 1000BASE-LHSFP Transceivers (3CSFP97)
Correct Answer: C
QUESTION 68
Which solution would you recommend to the Da Silva Research Foundation (DRF) to support its wiring closet, end-user switch requirements?
A. SuperStake 3 Switch 4400 FX
B. SuperStake 3 Switch 4400 SE with a 1000BASE-SX Module
C. SuperStake 3 Switch 4400 24/48-Port with 1000BASE-T Module
D. SuperStake 3 Switch 4400 24/48-Port with 1000BASE-SX Module
Correct Answer: D
QUESTION 69
Which two 3Com solution would you recommend for the Da Silva Research Foundation (DRF) Building 9 data center to support both the campus/building backbone and the server farm with a single switch? (Choose two)
A. One Switch 4070
B. One Switch 7700 7-Slot Chassis
C. One Switch 7700R 8-Slot Chassis
D. One Switch 8807
E. One Switch 8810
Correct Answer: CE
QUESTION 70
Which three Switch 8800 features address the Da Silva Research Foundation (DRF) data center’s backbone-core requirements? (Choose three)
A. Protocol-based VLAN support provides the necessary flexibility to control broadcast traffic.
B. Load-sharing, redundant Switch Fabric provides higher data throughput and increased network reliability
C. With four prioritization queues per port, the switch has the QoS support required for network telephony
D. Reliability features reduce network outages, i.e, hot-swappable I/O modules, power supplies fans, Switch Fabric and VRRP support.
E. Resilient Links used in combination with Link Aggregation creates hih-speed, redundant links from the data center to the four distribution buildings.
F. IEEE 802.1X network Login and Authentication, Authorization, Accounting (AAA) capabilities provide the necessary network security by establishing what services employees can use and preventing unauthorized users from gaining access to the network
Correct Answer: BDF
QUESTION 71
If you chose either the 3Com Switch 8810 or Switch 8814 for Da Silva Research Foundation (DRF) data center solution, which interface Modules would you use to connect the four distribution centers and the nine satellite buildings?
A. Option A -One 24-port 1000BASE-X module (3C17514) with -Four 1000BASE-LX SFP Transceivers (3CSFP92) to connect the distribution centers -Nine 1000BASE-SX SFP Transceivers (3CSFP91) to connect the satellite buildings
B. Option B -Two 24-port 1000BASE-X modules (3C17514) with -26 1000BASE-SX SFP Transceivers (3CSFP91) to connect the distribution centers and the satellite buildings
C. Option C -One 12-port 1000BASE-X modules (3C17513) and One 24-port 1000BASE-X modules (3C17514) with -26 1000BASE-SX SFP Transceivers (3CSFP91) to connect the distribution centers and the satellite buildings
D. Option D -One 12-port 1000BASE-X modules (3C17513) One 24-port 1000BASE-X modules (3C17514)with Eight 1000BASE-SX SFP Transceivers (3CSFP92) to connect the distribution centers -18 1000BASE-SX SFP Transceivers (3CSFP91) to connect the satellite buildings
Correct Answer: D
QUESTION 72
Which two 3 Com solutions would you recommend to Da Silva Research Foundation (DRF) for each of the four distribution centers in Buildings 16,20,35 and 38, to connect them to the campus backbone? (Choose two)
A. Option A -Two Switch 4050 each with -One 1000BASE-SX GBIC
B. Option B -Two Switch 4060 each with -One 1000BASE-LX GBIC
C. Option C -One switch 7700 7-slot chassis starter kit with -One 8-port 1000BASE-X module (3C16858) -Two 1000BASE-SX GBICs (3CBIC91)
D. Option D -One switch 7700R 8-slot chassis starter kit with -One 8-port 1000BASE-X module (3C16858) -Two 1000BASE-LX GBICs (3CBIC92)
E. Option E -One switch 7700 R 8-slot chassis starter kit with -One 8-port 1000BASE-X module (3C16858) -Four 1000BASE-LX GBICs (3CBIC92)
Correct Answer: BD
QUESTION 73
Which three Switch 8800 features address the Da Silva Research Foundation (DRF) data center’s backbone-core requirements? (Choose three)
A. Protocol-based VLAN support provides the necessary flexibility to control broadcast traffic.
B. Load-sharing, redundant Switch Fabric provides higher data throughput and increased network reliability
C. With four prioritization queues per port, the switch has the QoS support required for network telephony
D. Reliability features reduces network outages, i,e hot -swappable I/O modules, power supplies fans, Switch Fabric and VRRP support
E. Resilient Links used in combination with Link Aggreation creates high-speed, redundant links from the data center to the four distribution buildings
F. IEEE802.1Xnetwork Login and Authentication Authorization, Accounting (AAA) capabilities provide the necessary network security by eastablishing what services employees can use and preventing unauthorized users from gaining access to the network
Correct Answer: BDF
QUESTION 74
Which two 3Com solutions would you recommend for the Da Silva Research Fundation (DRF) Building 9 data center to support both the campus/building backbone and the server farm with a single switch? (Choose two)
A. One Switch 4070
B. One Switch 7700 7-Slot Chassis
C. One Switch 7700R 8-Slot Chassis
D. One Switch 8807
E. One Switch 8810
Correct Answer: CE
QUESTION 75
Which solution would you recommend as the distribution-layer switch for each of the Bantry Bay four main buildings that connect to the data center and to the smaller buildings on campus?
A. Two Switch 4050
B. Two Switch 4060
C. Two SuperStack 3 Switch 4924
D. Two SuperStake 3 Switch 4950
Correct Answer: B
QUESTION 76
If you choose two Switch 4060s for each of the Bantry Bay distribution layer buildings, which three would you recommend to the customer to provide maximum resiliency and throughput? (Choose three)
A. Redundant internal power supplies
B. Resilient Links to maximize backbone redundancy
C. SuperStack 3 Advanced Redundant Power System
D. XRN Interconnect Kit to connect the two distribution-layer switches
E. IEEE802.3 ad Link Aggregation to maximize backbone bandwidth and reliability
F. SuperStack 3 Switch 4900 1000BASE-T module to connect the two distribution-layer switches
Correct Answer: ADE
QUESTION 77
If you choose the SuperStack 3 Switch 4924 to support the Bantry Bay server farm, which three customer benefits are attained from using an XRN interconnection Kit with the two SuperStack 3 Switch 4924 server-farm switches? (Choose three)
A. The Fabric Interconnect has an 8-Gbps (16-Gbps full duplex)switching limit
B. The two switches would share one IP address and be managed as a single entity
C. Any number of ports can join a Link Aggregation trunk with all ports active and transporting data
D. XRN Distributed Resilient Routing (DDR) uses a “Master Router” to perform all the routing across the Fabric.
E. XRN Distributed Resilient Routing (DDR) allows switches in the Fabric to act as a single logical router, which provides router resiliency in the event of a unit failure in the Fabric
F. XRN Distributed Link Aggregation (DLA) guarantees high levels of resiliency, because a failure in one of the member links results in automatic redistribution of traffic across the remaining links
Correct Answer: BEF
QUESTION 78
If you reocommend a single Switch 7700R 8-Slot Chassis to create the hihly-resilient backbone, which three switch components would Bantry Bay require for the data center’s backbone-core switch? (Choose three)
A. One Switch 7700R Starter Kit (3C16852)
B. One Switch 7700 AC Power Supply (3C 16854)
C. Three Switch 7700 AC Power Supplies (3C 16854)
D. One Switch 7700R 8-Slot Fan Assembly (3C 16855)
E. One Switch 7700R Gigabit Ethernet Redundant Switching Fabric (3C 16857R)
Correct Answer: ABE
QUESTION 79
Which two 3Com solutions would you recommend for the Bantry Bay data center, backbone core? (Choose two)
A. Two Router 6040
B. One Router 6080
C. Two Switch 7700 4-Slot Chassis
D. Two switch 7700 7-s;ot chassis
E. One switch 7700R 8-slot Chassis
Correct Answer: DE
QUESTION 80
If you recommend a Switch 7700 for the data center backbone-core solution, which three modules/ interfaces would the customer require for each of the two data center backbone-core switches? (Choose three)
A. Eight 1000BASE-SX GBICs (3CGBIC91)
B. Eight 1000BASE-LH70 GBICs (3CGBIC97)
C. One Switch 7700 8-port 1000BASE-T module (3C16859)
D. One Switch 7700 8-port 1000BASE-X module (3C16858)
E. Two Switch 7700 8-port 1000BASE-T module (3C16859)
F. Two Switch 7700 8-port 1000BASE-X module (3C16858)
Correct Answer: ACD
QUESTION 81
Which two rules must be followed when configuring Link Aggregation groups on the Switch 7700 1000BASE-T and 1000BASE-X modules? (Chosse two)
A. The Linux Aggregation group can start on any port.
B. All the ports in a Link Aggregation group must be consecutive
C. A single Link Aggregation group can span multiple Interface Modules
D. A maximum of eight ports can belong to a single Link Aggregation group
E. A maximum of twelve ports can belong to a single Link Aggregation roup
Correct Answer: AB
QUESTION 82
Which three components are required to create a local XRN solution (excluding the appropriate 3Com switches? (Choose three)
A. 3Com Network Supervisor
B. XRN Fabric interconnect Modules
C. High-Bandwidth interconnect Cable
D. Gigabit Multilayer Switching Software V3.x
E. Gigabit Ethernet Layer switching modules
Correct Answer: BCD
QUESTION 83
What is the maximum number of Link Aggregation load-balancing group supported on the Switch 7700?
A. 4 groups
B. 13 groups
C. 24 groups
D. 64 groups
E. 128 groups
Correct Answer: D
QUESTION 84
Which two Switch Fabric Engine LED conditions indicate there is a problem with the Switch 7700? (Choose two)
A. ALMLED is off
B. ALMLED is blinking
C. RUN LED is solid green
D. RUN LED is blinking green
Correct Answer: BC
QUESTION 85
If you choose two Switch 4060s for each of the Bantry Bay distribution layer buildings, which three would you recommend to the customer to provide maximum resiliency and throughput? (Choose three)
A. Redundant internal power supplies
B. Resilient Links to maximize backbone redundancy
C. SuperStack 3 Advanced Redundant Power System
D. XRN Interconnect Kit to connect the two distribution-layer switches
E. IEEE802.3 ad Link Aggregation to maximize backbone bandwidth and reliability
F. SuperStack 3 Switch 4900 1000BASE-T module to connect the two distribution-layer switches
Correct Answer: ADE
QUESTION 86
The Switch 7700 or Switch 8800 can be used as the primary authentication service or as a backup if the RADIUS server group is unavailable.
A. True
B. False
Correct Answer: A
QUESTION 87
Exhibit:
Which three Ethernet modes are supported on the Switch 7700 8-port 1000BASE-T(3c16859)Interface
Module? (Choose three)
A. 10 Mbps in full duplex only
B. 10 Mbps in half/full duplex mode
C. 100 Mbps in full duplex mode only
D. 100 Mbps in half/full duplex mode
E. 1000 Mbps in full duplex mode only
F. 1000 Mbps in half/full duplex mode
Correct Answer: BDE
QUESTION 88
Which three are recommended guidelines for an XRN network? (Choose three) A. Only enable Rapid Spanning Tree Protocol (RSTP) or Spanning Tree Protocol (STP) on edge switches
B. Do not insert Fabric interconnect Modules into the Super Stack 3 Switch 4900 or Switch 40×0 switches
C. Run the same version of the Gigabit Multilayer Switching (MS) Software (4Xor higher) across the fabric
D. Use fault-tolerant 3Comhardware, i.e the Switch 40×0 family that provides additional levels of hardware fault tolerance
E. The XRN Fabric Modules should be installed while the fabric switch powered on. Hot swapping XRN Fabric Modules is also recommended in the event of a failure
Correct Answer: BCD
You will pass your 3Com 3M0-212 exam GUARANTEED using our accurate 3Com 3M0-212 practice questions and answers PDF&VCE dumps. Flydumps exam dumps will help you not only pass in the first try, but also save your valuable time. Give your career a boost and start earning your Microsoft certification today!
Dumpsoon MB2-703 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/MB2-703.html
Welcome to download the newest Dumpsoon 70-411 VCE dumps: http://www.dumpsoon.com/70-411.html
100% Valid! Flydumps CheckPoint 156-215 exam questions and answers are tested and approved by Microsoft experts. Furthermore, we are constantly updating our CheckPoint 156-215 exam dumps, 100% guarantee in quality and reliability.
QUESTION 81
How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. Address resolution (ARP, RARP)
C. Name resolution (hosts file, DNS, cache)
D. SNMP Get
Correct Answer: C QUESTION 82
Anti-Spoofing is typically set up on which object type?
A. Network
B. Security Management object
C. Host
D. Security Gateway
Correct Answer: D QUESTION 83
Spoofing is a method of:
A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
B. Making packets appear as if they come from an authorized IP address.
C. Detecting people using false or wrong authentication logins.
D. Hiding your firewall from unauthorized users.
Correct Answer: B QUESTION 84
How can you activate the SNMP daemon on a Check Point Security Management Server?
A. Using the command line, enter snmp_install.
B. Any of these options will work.
C. in SmartDashboard, right-click a Check Point object and select Activate SNMP.
D. From cpconfig, select SNMP extension.
Correct Answer: D QUESTION 85
Which of the following describes the default behavior of an R76 Security Gateway?
A. Traffic is filtered using controlled port scanning.
B. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.
C. All traffic is expressly permitted via explicit rules.
D. Traffic not explicitly permitted is dropped. Correct Answer: D
QUESTION 86
When you use the Global Properties’ default settings on R76, which type of traffic will be dropped if NO explicit rule allows the traffic?
A. Firewall logging and ICA key-exchange information
B. RIP traffic
C. Outgoing traffic originating from the Security Gateway
D. SmartUpdate connections
Correct Answer: B
QUESTION 87
You have installed a R76 Security Gateway on GAiA. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy. When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?
A. The new Gateway’s temporary license has expired.
B. The object was created with Node > Gateway.
C. The Gateway object is not specified in the first policy rule column Install On.
D. No Masters file is created for the new Gateway.
Correct Answer: B
QUESTION 88
Certificates for Security Gateways are created during a simple initialization from _____________.
A. The ICA management tool
B. SmartUpdate
C. sysconfig
D. SmartDashboard
Correct Answer: D
QUESTION 89
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
Correct Answer: B
QUESTION 90
You installed security management server in a computer using SecurePlatform in the Mega corp home
office. You use IP address 10.1.1.1. You also installed the security Gateway on a second secure platform
computer, which you plan to ship to an other administrator at a mega corp Hub office. What is in the
correct order for pushing SIC certificates to the Gateway before shipping it?
1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and
click initialize and ok.
5) Install the security policy.
A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5
Correct Answer: D
QUESTION 91
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the command cpconfig and put in the same activation key in the Gateway’s object on the Security Management Server. Unfortunately, SIC cannot be established. What is a possible reason for the problem?
A. Joe forgot to exit from cpconfig.
B. The installed policy blocks the communication.
C. The old Gateway object should have been deleted and recreated.
D. Joe forgot to reboot the Gateway.
Correct Answer: A
QUESTION 92
You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message: What is the reason for this behavior?
A. The Gateway was not rebooted, which is necessary to change the SIC key.
B. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
C. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.
Correct Answer: B
QUESTION 93
John is the Security Administrator in his company. He installs a new R76 Security Management Server and a new R76 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard –
“Trust established”
SIC still does not seem to work because the policy won’t install and interface fetching does not work. What might be a reason for this?
A. It always works when the trust is established
B. This must be a human error.
C. SIC does not function over the network.
D. The Gateway’s time is several days or weeks in the future and the SIC certificate is not yet valid.
Correct Answer: D
QUESTION 94
The SIC certificate is stored in the directory _______________.
A. $CPDIR/conf
B. $FWDIR/database
C. $CPDIR/registry
D. $FWDIR/conf
Correct Answer: A
QUESTION 95
You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the:
A. Default filter.
B. Last policy that was installed.
C. Standard policy.
D. Initial policy.
Correct Answer: D QUESTION 96
Chris has lost SIC communication with his Security Gateway and he needs to re-establish SIC.
What would be the correct order of steps needed to perform this task?
A. 3, 1, 4, 2
B. 2, 3, 1, 4
C. 5, 1, 2, 4
D. 5, 1, 4, 2
Correct Answer: C QUESTION 97
Which rule position in the Rule Base should hold the Cleanup Rule? Why?
A. Last. It explicitly drops otherwise accepted traffic.
B. First. It explicitly accepts otherwise dropped traffic.
C. Last. It serves a logging function before the implicit drop.
D. Before last followed by the Stealth Rule.
Correct Answer: C QUESTION 98
The ____________ and ____________ Rules are the two basic rules which should be used by all Security Administrators?
A. Cleanup; Stealth
B. Administrator Access; Stealth
C. Cleanup; Administrator Access
D. Network Traffic; Stealth
Correct Answer: A QUESTION 99
Which item below in a Security Policy would be enforced first?
A. Network Address Translation
B. Security Policy First rule
C. Administrator-defined Rule Base
D. IP spoofing / IP options
Correct Answer: D QUESTION 100
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Use the search utility in SmartDashboard to view all hidden rules. Select the relevant rule and click Disable Rule(s).
D. Hidden rules are already effectively disabled from Security Gateway enforcement.
Correct Answer: A
QUESTION 101
A Cleanup rule.
A. drops packets without logging connections that would otherwise be dropped and logged by default.
B. logs connections that would otherwise be accepted without logging by default.
C. drops packets without logging connections that would otherwise be accepted and logged by default.
D. logs connections that would otherwise be dropped without logging by default.
Correct Answer: D
QUESTION 102
Which statement is TRUE about implicit rules?
A. You create them in SmartDashboard.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. Changes to the Security Gateway’s default settings do not affect implicit rules.
D. They are derived from Global Properties and explicit object properties.
Correct Answer: D
QUESTION 103
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. After Stealth Rule
B. First
C. Before Last
D. Last
Correct Answer: D
QUESTION 104
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Exclusion of specific services for reporting purposes.
B. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
C. Acceptance of IKE and RDP traffic for communication and encryption purposes.
D. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
Correct Answer: A
QUESTION 105
In a distributed management environment, the administrator has removed all default check boxes from the Policy > Global Properties > Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 257
B. 256
C. 259
D. 900
Correct Answer: A
All most all IT professionals are familiar with the CheckPoint 156-215 exam and dream to have that top most demanding certification. This is the top level certification from CISCO that is accepted universally. You can get your desired career which you dreamed with passing CheckPoint 156-215 test and getting the certificate.
Dumpsoon 70-411 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/70-411.html
Welcome to download the newest Dumpsoon C_TADM51_731 VCE dumps: http://www.dumpsoon.com/MB2-703.html
Do not you know how to choose the Checkpoint 156-215 exam dumps? Being worried about the changed questions? Just try Flydumps new version Checkpoint 156-215 exam dumps. All the new questions and answers were added to the new dumps,visit Flydumps.com to free download Checkpoint 156-215!
QUESTION 51
How can you view cpinfo on a SecurePlatform machine?
A. tcpdump
B. snoop i
C. infotab
D. Text editor, such as vi
Correct Answer: D
QUESTION 52
How is wear on the flash storage device mitigated on appliance diskless platforms?
A. A RAM drive reduces the swap file thrashing which causes fast wear on the device.
B. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
C. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
D. PRAM flash devices are used, eliminating the longevity.
Correct Answer: A
QUESTION 53
In previous versions, the full TCP three-way handshake was sent to the firewall kernel for inspection. How is this improved in the current version of IPSO Flows/SecureXL?
A. Only the initial SYN packet is inspected. The rest are handled by IPSO.
B. Packets are offloaded to a third-party hardware card for near-line inspection.
C. Packets are virtualized to a RAM drive-based FW VM.
D. Resources are proactively assigned using predictive algorithmic techniques.
Correct Answer: A
QUESTION 54
Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:
A. Increase network security by securing administrative communication with a two-factor challenge response authentication.
B. Uniquely identify machines installed with Check Point software only. They have the same function as RSA Authentication Certificates.
C. Are for Security Gateways created during the Security Management Server installation.
D. Can be used for securing internal network communications between the Security Gateway and an OPSEC device.
Correct Answer: D QUESTION 55
Which of the following statements regarding SecureXL and CoreXL is TRUE?
A. SecureXL is an application for accelerating connections.
B. CoreXL enables multi-core processing for program interfaces.
C. SecureXL is only available in R75.
D. CoreXL is included in SecureXL.
Correct Answer: A QUESTION 56
Beginning with R75, Software Blades were introduced. One of the Software Blades is the IPS Software Blade as a replacement for SmartDefense. When buying or upgrading to a bundle, some blades are included, e.g. FW, VPN, IPS in SG103. Which statement is NOT true?
A. The license price includes IPS Updates for the first year.
B. The IPS Software Blade can be used for an unlimited time.
C. There is no need to renew the service contract after one year.
D. After one year, it is mandatory to renew the service contract for the IPS Software Blade because it has been bundled with the license when purchased.
Correct Answer: D QUESTION 57
John is the Security Administrator in his company. He needs to maintain the highest level of security on the firewalls he manages. He is using Check Point R75. Does he need the IPS Software Blade for achieving this goal?
A. No, all IPS protections are active, but can’t be uploaded without the license like SmartDefense.
B. Yes, otherwise no protections can be enabled.
C. Yes, otherwise the firewall will pass all traffic unfiltered and unchecked.
D. No, the Gateway will always be protected and the IPS checks can’t be managed without a license.
Correct Answer: B QUESTION 58
Which command allows you to view the contents of an R75 table?
A. fw tab -x <tablename>
B. fw tab -a <tablename>
C. fw tab -s <tablename>
D. fw tab -t <tablename>
Correct Answer: D QUESTION 59
Your R75 enterprise Security Management Server is running abnormally on Windows 2003 Server. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?
A. 1) Run the latest upgrade_export utility to export the configuration 2) Leave the exported – tgz file in %FWDIR\bin. 3) Install the primary security Management Server on top of the current installation 4) Run upgrade_import to Import the configuration.
B. 1) Insert the R75 CD-ROM. and select the option to export the configuration into a . tgz file 2) Skip any upgrade verification warnings since you are not upgrading. 3) Transfer the. tgz file to another networked machine. 4) Download and run the cpclean utility and reboot. 5) Use the R75 CD_ROM to select the upgrade__import option to import the c
C. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. “Pass Any Exam. Any Time.” – www.actualtests.com 33 Checkpoint 156-215.75 Exam 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.
D. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Transferee .tgz file to another network machine 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Install again using the R75 CD ROM as a primary security management server 5) Reboot and than transfer the .tgz file back to the local\ tem p 6) Run upgcade_import to import the configuration.
Correct Answer: C
QUESTION 60
You need to back up the routing, interface, and DNS configuration information from your R75 SecurePlatform Security Gateway. Which backup-and-restore solution do you use?
A. SecurePlatform backup utilities
B. upgrade_export and upgrade_import commands
C. Database Revision Control
D. Manual copies of the $FWDIR/conf directory
Correct Answer: A
QUESTION 61
Your R75 primary Security Management Server is installed on SecurePlatform. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours.
How do you create this schedule?
A. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
B. Create a time object, and add 48 hours as the interval. Open the Security Gateway object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
C. Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.
D. On a SecurePlatform Security Management Server, this can only be accomplished by configuring the fw logswitch command via the cron utility.
Correct Answer: A
QUESTION 62
Which of the following commands can provide the most complete restoration of an R75 configuration?
A. Cpconfig
B. Upgrade_import
C. fwm dbimport -p
D. cpinfo -recover
Correct Answer: B QUESTION 63
When restoring R75 using the command upgrade > Port. Which of the following items is NOT restored?
A. Licenses
B. Global properties
C. SIC Certificates
D. Route tables
Correct Answer: D QUESTION 64
Your company is running Security Management Server R75 on SecurePlatform, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using SmartDashboard, under Users, select Add New Administrator
B. Using the Web console on SecurePlatform under Product configuration, select Administrators
C. Using SmartDashboard or cpconf ig
D. Using cpconftg on the Security Management Server, choose Administrators
Correct Answer: A QUESTION 65
Which of the following tools is used to generate a Security Gateway R75 configuration report?
A. ethereal
B. cpinfo
C. licview
D. infoview
Correct Answer: B QUESTION 66
What information is provided from the options in this screenshot?
(i)Whether a SIC certificate was generated for the Gateway
(ii)Whether the operating system is SecurePlatform or SecurePlatform Pro
“Pass Any Exam. Any Time.” – www.actualtests.com 38 Checkpoint 156-215.75 Exam (iii)Whether this is a standalone or distributed installation
A. (i), (ii) and (iii)
B. (i) and (iii)
C. (i) and (ii)
D. (ii) and (iii)
Correct Answer: D
QUESTION 67
Peter is your new Security Administrator. On his first working day, he is very nervous and sets the wrong password three times. His account is locked. What can be done to unlock Peter’s account? Give the BEST answer.
A. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Gateway.
B. It is not possible to unlock Peter’s account. You have to install the firewall once again or abstain from Peter’s help.
C. You can unlock Peter’s account by using the command fwm lock_admin -u Peter on the Security Management Server.
D. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Management Server.
Correct Answer: C
QUESTION 68
Which CLI command verifies the number of cores on your firewall machine?
A. fw ctl pstat
B. fw ctl core stat
C. fw ctl multik stat
D. cpstat fw -f core
Correct Answer: C
QUESTION 69
John currently administers a network using single CPU single core servers for the Security Gateways and is running R75. His company is now going to implement VOIP and needs more performance on the Gateways. He is now adding more memory to the systems and also upgrades the CPU to a modern quad core CPU in the server. He wants to use CoreXL technology to benefit from the new performance benchmarks of this technology. How can he achieve this?
A. Nothing needs to be done. SecurePlatform recognized the change during reboot and adjusted all the settings automatically.
B. He just needs to go to cpconfig on the CLI and enable CoreXL. Only a restart of the firewall is required to benefit from CoreXL technology.
C. He needs to reinstall the Gateways because during the initial installation, it was a single-core CPU but the wrong Linux kernel was installed. There is no other upgrade path available.
D. He just needs to go to cpconfig on the CLI and enable CoreXL. After the required reboot he will benefit from the new technology.
Correct Answer: D
QUESTION 70
“Pass Any Exam. Any Time.” – www.actualtests.com 40 Checkpoint 156-215.75 Exam You are running a R75 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?
A. upgrade_export
B. manual backup
C. snapshot
D. backup
Correct Answer: C
QUESTION 71
Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore can be done easily by the command restore and selecting the appropriate backup file.
B. A backup cannot be restored, because the binary files are missing.
C. The restore is not possible because the backup file does not have the same build number (version).
D. The restore is done by selecting Snapshot Management from the boot menu of SecurePlatform.
Correct Answer: A
QUESTION 72
You intend to upgrade a Check Point Gateway from R65 to R75. Prior to upgrading, you want to backup the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?
A. Backup
B. Snapshot
C. Upgrade_export
D. Database_revision
Correct Answer: A
QUESTION 73
Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass through the Gateway running on an IP Appliance running IPSO. What command do you need to run after stopping the firewall service?
A. fw fwd routing
B. ipsofwd on admin
C. fw load routed
D. ipsofwd slowpath
Correct Answer: B
CheckPoint 156-215 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism. The main purpose of CheckPoint 156-215 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification
Dumpsoon C_TADM51_731 dumps with PDF + Premium VCE + VCE Simulator: https://www.pass4itsure.com/156-215.html
Welcome to download the newest Dumpsoon MB2-700 VCE dumps: http://www.dumpsoon.com/MB2-700.html
New VCE and PDF– You can prepare CheckPoint 156-215 exam in an easy way with Flydumps CheckPoint 156-215 questions and answers.By training our vce dumps with all CheckPoint 156-215 the latest questions,you can pass the exam in the first attempt.
QUESTION 106
What is the officially accepted diagnostic tool for IP appliance support?
A. Ipsinfo
B. Uag-diag
C. CST
D. cpinfo
Correct Answer: C
QUESTION 107
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. cthtool
B. ifconfig ?a
C. eth_set
D. mii_tool
Correct Answer: C
QUESTION 108
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. clish -c set routing active enable
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd on admin “Pass Any Exam. Any Time.” – www.actualtests.com 44 Checkpoint 156-215.75 Exam
Correct Answer: D
QUESTION 109
How many inspection capture points are shown in fw monitor?
A. 2
B. 1
C. Depends on the number of interfaces on the Gateway
D. 4
Correct Answer: D
QUESTION 110
Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.
A. I
B. O
C. o
D. i
Correct Answer: B
QUESTION 111
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?
A. fw monitor -e “accept;” > /tmp/monitor.txt
B. fw monitor -e “accept;” -f > /tmp/monitor.txt
C. fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D. fw monitor -e “accept;” -w /tmp/monitor.txt “Pass Any Exam. Any Time.” – www.actualtests.com 45 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 112
When you run the fw monitor -e “accept;” command, what type of traffic is captured?
A. Only inbound traffic, before and after the inbound inspection.
B. All traffic coming in all directions, before and after inbound and outbound inspection.
C. All traffic accepted by the Rule Base.
D. Only outbound traffic, before and after the outbound inspection.
Correct Answer: B QUESTION 113
The button Get Address, found on the Host Node Object > General Properties page, will retrieve what?
A. The domain name
B. The fully qualified domain name
C. The Mac address
D. The IP address
Correct Answer: D QUESTION 114
You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your
manager gives you the following requirements for controlling DNS traffic:
Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic)
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic)
Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic)
“Pass Any Exam. Any Time.” – www.actualtests.com 46
Checkpoint 156-215.75 Exam
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic)
Desired Result #3: Do not clutter the Rule Base try creating explicit rules for traffic that can be controlled
using Global Properties
To begin, you make the following configuration changes, and install the Security Policy
–
Select the box Accept Domain Name over TCP (Zone Transfer) in Global Properties
–
Select the box Accept Domain Name over UDP (Queries) in Global Properties
–
Select the box Log Implied Rules in Global Properties Do your initial actions meet the required and desired results?
A.
The actions achieve the required results, and two of the desired results.
B.
The actions achieve all required results, but none of the desired results.
C.
The actions do not achieve the required results.
D.
The actions meet all required and desired results.
Correct Answer: A QUESTION 115
When you change an implicit rule’s order from last to first in global properties, how do you make the change take effect?
A. Select save from the file menu
B. Reinstall the security policy
C. Select install database from the policy menu
D. Run fw fetch from the security gateway
Correct Answer: B QUESTION 116
You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is enabled as Before last in Global Properties.
“Pass Any Exam. Any Time.” – www.actualtests.com 47 Checkpoint 156-215.75 Exam Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet by IP address? ICMP will be:
A. dropped by rule 0.
B. dropped by rule 2, the Cleanup Rule.
C. accepted by rule 1.
D. dropped by the last Implicit rule.
Correct Answer: C QUESTION 117
How does the Get Address button, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. SNMP Get
C. Address resolution (ARP. RARP)
D. Name resolution (hosts file, DNS, cache)
Correct Answer: D QUESTION 118
Anti-Spoofing is typically set up on which object type?
A. Host
B. Domain
C. Network
D. Security Gateway
Correct Answer: D QUESTION 119
“Pass Any Exam. Any Time.” – www.actualtests.com 48 Checkpoint 156-215.75 Exam Spoofing is a method of:
A. Hiding your firewall from unauthorized users.
B. Disguising an illegal IP address behind an authorized IP address through port address Translation.
C. Making packets appear as if they come from an authorized IP address
D. Detecting people using false or wrong authentication logins.
Correct Answer: C QUESTION 120
Certificates for Security Gateways are created during a simple initialization from______.
A. SmartUpdate
B. sysconfig
C. The ICA management tool.
D. SmartDashboard Correct Answer: D
QUESTION 121
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Click Communication > Reset on the Gateway object, and type a new activation key.
D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
Correct Answer: B
QUESTION 122
“Pass Any Exam. Any Time.” – www.actualtests.com 49 Checkpoint 156-215.75 Exam You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.
2) Initialize internal certificate authority (ICA) on the security Management server.
3) Confirm the gateway object with the host name and IP address for the remote site.
4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.
5) Install the security policy.
A. 2, 3, 4, 5, 1
B. 1, 3, 2, 4, 5
C. 2, 3, 4, 1, 5
D. 2, 1, 3, 4, 5
Correct Answer: B
QUESTION 123
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway’s side with the cpconfig command and put in the same activation key in the Gateway’s object on the Security Management Server Unfortunately SIC cannot be established. What is a possible reason for the problem?
A. The installed policy blocks the communication.
B. Joe forgot to reboot the Gateway.
C. Joe forgot to exit from cpconfig.
D. The old Gateway object should have been deleted and recreated.
Correct Answer: C
QUESTION 124
“Pass Any Exam. Any Time.” – www.actualtests.com 50 Checkpoint 156-215.75 Exam You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message: What is the reason for this behavior?
A. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup / Initialize).
B. The Gateway was not rebooted, which is necessary to change the SIC key.
C. The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.
Correct Answer: C QUESTION 125
Which rule should be the Cleanup Rule in the Rule Base?
A. Last. It serves a logging function before the implicit drop.
B. Last, it explicitly drops otherwise accepted traffic
C. Before last followed by the Stealth Rule.
D. First, it explicitly accepts otherwise dropped traffic.
Correct Answer: A QUESTION 126
What are the two basic rules which should be used by all Security Administrators?
A. Administrator Access and Stealth rules
B. Cleanup and Administrator Access rules
C. Network Traffic and Stealth rules “Pass Any Exam. Any Time.” – www.actualtests.com 51 Checkpoint 156-215.75 Exam
D. Cleanup and Stealth rules
Correct Answer: D QUESTION 127
Which item below in a Security Policy would be enforced first?
A. Administrator-defined Rule Base
B. Network Address Translation
C. IP spoofing/IP options
D. Security Policy “First” rule
Correct Answer: C QUESTION 128
When you hide a rule in a Rule Base, how can you then disable the rule?
A. Use the search utility in SmartDashboard to view all hidden rules Select the relevant rule and click Disable Rule(s).
B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
C. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
D. Hidden rules are already effectively disabled from Security Gateway enforcement.
Correct Answer: C QUESTION 129
A Stealth rule is used to: A. Use the Security Gateway to hide the border router from internal attacks.
B. Cloak the type of Web server in use behind the Security Gateway.
C. Prevent communication to the Security Gateway itself. “Pass Any Exam. Any Time.” – www.actualtests.com 52 Checkpoint 156-215.75 Exam
D. Prevent tracking of hosts behind the Security Gateway.
Correct Answer: C QUESTION 130
A Clean-up rule is used to:
A. Drop without logging connections that would otherwise be dropped and logged fry default
B. Log connections that would otherwise be accepted without logging by default.
C. Log connections that would otherwise be dropped without logging by default.
D. Drop without logging connections that would otherwise be accepted and logged by default
Correct Answer: C QUESTION 131
A ____________ rule is designed to log and drop all other communication that does not match another rule.
A. Stealth
B. Cleanup
C. Reject
D. Anti-Spoofing
Correct Answer: B QUESTION 132
Which statement is TRUE about implicit rules?
A. They are derived from Global Properties and explicit object properties.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. You create them in SmartDashboard.
D. Changes to the Security Gateway’s default settings do not affect implicit rules. “Pass Any Exam. Any Time.” – www.actualtests.com 53 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 133
You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?
A. First
B. Before Last
C. Last
D. After Stealth Rule
Correct Answer: C QUESTION 134
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Acceptance of IKE and RDP traffic for communication and encryption purposes.
B. Exclusion of specific services for reporting purposes.
C. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
D. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
Correct Answer: B
Flydumps Free CheckPoint 156-215 exam dumps are audited by our certified subject matter experts and published authors for development. Passtcert CheckPoint 156-215 exam dumps are one of the highest quality CheckPoint 156-215 Q&As in the world.It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass CheckPoint 156-215 exam at first attempt.
Dumpsoon MB2-703 dumps with PDF + Premium VCE + VCE Simulator: http://www.dumpsoon.com/MB2-703.html
Flydumps practice test training resources are versatile and highly compatible with Microsoft exam formats. We provide up to date resources and comprehensive coverage on CheckPoint 156-210 exam dumps help you to advance your skills.
QUESTION 55
Which Block Intruder options block suspicious connections? (Choose three)
A. Block Connections by Packet Size.
B. Block Access from that Source.
C. Block Connections using Specific Services.
D. Block Access to the Destination.
E. Block Selected Connection.
Correct Answer: BDE
QUESTION 56
Which of the following denial-of-service attacks does SmartDefense defeat? (Choose three)
A. Ping of Death
B. Rouge Applets
C. Teardrop
D. Host System Hogging
E. LAND
Correct Answer: ACE
QUESTION 57
What are the benefit of Stateful Inspection? (Choose two) Stateful Inspection:
A. Shuts down the upper-range ports, to secure an internal network.
B. Uses state information derived from past communications and other applications, to make control decisions for new communication attempts.
C. Leaves the upper range of ports (greater than 1023) open, to allow for file-transfer sessions.
D. Duplicates the number of sessions, acting as a proxy broker between a client and server.
E. Examines every packet, and applies a defined Security Policy to each.
Correct Answer: BE
QUESTION 58
Which of the following are core functions of Application Intelligence? (Choose two)
A. Validating compliance to standards.
B. Validating simple protocols, without controlling application logic.
C. Validating Data and Physical Layer attacks.
D. Limiting the ability of applications to carry malicious data.
E. Allowing Application Layer operations.
Correct Answer: AD
QUESTION 59
One of the functions of the SmartDefense console is to:
A. Add rules to block and log attacks.
B. Configure user options for tracking attacks.
C. Display real-time information about attacks.
D. Configure logging options for attack forensics.
E. Configure auditing and reporting options.
Correct Answer: C
QUESTION 60
The SANS Dshield.org Storm center integrates with SmartDefense, by: (Choose two)
A. Reviewing VPN-1/FireWall-1 logs.
B. Providing Storm Center audit trails.
C. Setting up the SmartDefense Subscription service.
D. Adding the Storm Center Block List report to the Security Policy.
E. Updating SmartDefense attack signatures in real time.
Correct Answer: AD
QUESTION 61
Systems needing to be accessed from the Internet should use which type of address translation?
A. IP Pool NAT
B. Hide NAT
C. NAT cannot be used
D. Static NAT
E. Dynamic NAT
Correct Answer: D
QUESTION 62
VPN-1/FireWall-1 logs are exportable to other applications, such as spreadsheets or databases, using which of the following?
A. FW Log Unification Engine
B. Secure Internal Communications (SIC)
C. Check Point logs are not exportable
D. Log Export Application (LEA)
E. Log Identification Unique ID (LUUID)
Correct Answer: D
QUESTION 63
Which of the following is NOT configured under Application Intelligence in SmartDefense?
A. FTP
B. DNS
C. Dynamic Ports
D. Rlogin
E. VoIP
Correct Answer: C
QUESTION 64
Which type of rule should be placed above the Stealth Rule?
A. User Authentication
B. Client Authentication
C. Network Address Translation
D. Cleanup
E. Session Authentication
Correct Answer: B
QUESTION 65
Bad weather and a UPS failure caused your remote Enforcement Module to reboot. Earlier that day, a tornado destroyed the building where the SmartCenter Server was located. You have not yet recovered or replaced the SmartCenter Server. Which of the following statements is false? (Choose two) Because the Enforcement Module cannot connect to the SmartCenter Server.
A. The Enforcement Module will log locally.
B. The Enforcement Module will continue to enforce the last Security Policy installed.
C. No Security Policy is installed, and all traffic will be dropped.
D. No Security Policy is installed, and all traffic will be allowed.
E. The Enforcement Module attempts to fetch a Security Policy from the SmartCenter Server, and install it.
Correct Answer: AB
QUESTION 66
Which of the following is NOT included in Application Intelligence Web Security?
A. HTTP Worm Catcher
B. Peer-to-Peer traffic over HTTP
C. Cross-Site Scripting
D. HTTP Format Size
E. HTTP Java Blocker
Correct Answer: E
QUESTION 67
Which of the following statements are TRUE of VPN-1/FireWall-1 groups? (Choose two)
A. Groups can be nested in groups.
B. The contents of one group can be imported into another group.
C. Services and network objects can be placed in the same group.
D. User groups can be nested, but network-object groups cannot.
E. Users and services can be placed in the same group.
Correct Answer: AB
QUESTION 68
You have locked yourself out, with a rule or an incorrectly configured Security Policy. What would you do to recover communication between your SmartCenter Server and Enforcement Module?
A. fw push localhost
B. pw unloadlocal
C. fw unlocklocal
D. cpstop localhost
E. cpdelete localhost
Correct Answer: B
QUESTION 69
How does SmartDefense Integrate with network Storm Centers? (Choose two)
A. Security Administrators can decide to send logs to a Storm Center to help other organizations.
B. The SmartDefense Storm Center Module downloads the Block List Report directly, adding it to the Security Policy.
C. Security Administrators must manually compile log files before sending them to Storm Centers.
D. Security Administrators must create network objects for each of the systems on the Storm Center Block List, then install a new Security Policy.
E. By default, logs are automatically delivered to a Storm Center.
Correct Answer: AB
QUESTION 70
Which of the following statements is TRUE of transparent authentication in NG with Application Intelligence? (Choose three)
A. Unknown users are prompted three times for a password, and are then disconnected.
B. Unknown users receive error messages, indicating that the Enforcement Module does not recognize user names.
C. NG with Application Intelligence does not allow connections from users who do not know the name or IP address of the Enforcement Module.
D. NG with Application Intelligence prompts for user names, event though authentication data may not be recognized by the Enforcement Module.
E. NG with Application Intelligence allows connections from authenticated users, and does not require that users know the IP address or name of the firewall.
Correct Answer: ADE
QUESTION 71
At Certkiller , auditors are Check Point Security Administrators with a customized permissions profile.
Auditors must have the ability to review information from SmartView Tracker, SmartView Status, and
SmartView Monitoring, but they may not make changes to the information. Auditors are not permitted to
view security Policies or the objects database.
Which of the following settings grants auditors the MOST appropriate set of permissions, based on the
corporate environment, described above for Certkiller ?
A. Read-Only SmartView Reporter
B. Read-Only Monitoring
C. Read-Only Security Policy
D. Read-Only SmartUpdate
E. Read-Only Log Consolidator
Correct Answer: A
QUESTION 72
When are Anti-Spoofing Rules enforced during packet inspection?
A. Before the Cleanup Rule is applied.
B. After the Stealth Rule is applied.
C. Before any rule in the Rule Base is applied.
D. When the packet is authorized by an Accept or Encrypt rule.
Correct Answer: C
QUESTION 73
Which of the following objects are allowed in the Source components of the Rule Base? (Choose two)
A. Host-Node Objects
B. Time Objects
C. LDAP Account Units
D. Services
E. User Groups
Correct Answer: AE
QUESTION 74
Which of the following is TRUE, if you change the inspection order of implied rules?
A. You must stop and start the Enforcement Module, before the changes can take place.
B. After the Security Policy is installed, the order in which rules are enforced changes.
C. You cannot change the inspection order of implied rules.
D. You must stop and start the SmartCenter Server, before the changes can take place.
E. Security Policy installation will fail.
Correct Answer: B
QUESTION 75
Security Administrators use Session Authentication when they want users to: (Choose two)
A. Authenticate for all services.
B. Use only TELNET, FTP, Rlogin, and HTTP services.
C. Use only HTTP and HTTPS services.
D. Authenticate once, and then be able to use any service, until logging off.
E. Log authentication actions locally.
Correct Answer: AD
QUESTION 76
Which of the following statements is TRUE concerning how NG with Application Intelligence handles the authentication of users?
A. Users may have different VPN-1 & FireWall-1 passwords, on Enforcement Modules managed by the same SmartCenter Server.
B. All users on the same gateway must use the same authentication method.
C. All imported users must use the same authentication method and hash.
D. All users in the same group must use the same authentication method and hash.
E. Users may be required to use different authentication methods for different services.
Correct Answer: A
QUESTION 77
Spoofing is a method of: A. Making packets appear as if they came from an authorized source IP address.
B. Hiding your Enforcement Module from unauthorized users.
C. Disguising an invalid IP address behind an authorized IP address.
D. Detecting when someone is attacking your network.
E. Detecting users logging in using false or wrong authentication logins.
Correct Answer: A
QUESTION 78
Which of the following statements is TRUE when modifying user templates?
A. If the user template is modified, all active user connections will be dropped when the modifier user database is installed.
B. All users subsequently created with that template will have the new properties.
C. You must always create new templates. Existing user templates cannot be modified.
D. All users previously created using the template are automatically modified with the new properties.
E. If the user template is modified, you must manually re-establish user-group membership.
Correct Answer: B
QUESTION 79
As a Security Administrator, you want to force users to authenticate. You have selected Client Authentication for the type of authentication. Users will be using a Web browser to authenticate. Which of the following TCP ports will authenticate users?
A. 23
B. 261
C. 80
D. 900
E. 259
Correct Answer: D
QUESTION 80
Which of the following is NOT a step in the Session Authentication process?
A. If authentication is successful, the VPN-1/FireWall-1 Enforcement Module allows connections to pass.
B. The Session Agent prompts users for an authentication password, after Phase 1 of IKE negotiations is complete.
C. Users initiate connections directly to a server.
D. The Session Agent prompts users for authenticated data, and returns the information to the Enforcement Module.
E. The VPN-1/FireWall-1 Enforcement Module intercepts connections, and connects to t he Session Agent.
Correct Answer: C
QUESTION 81
With VPN-1/FireWall-1 central licensing, a license is linked to which of the following?
A. Domain name of the SmartCenter Server.
B. IP address of the Enforcement Module.
C. IP address of the SmartCenter Server.
D. IP address of the SmartConsole
E. Domain name of the Enforcement Module.
Correct Answer: C QUESTION 82
Your organization’s internal programming team developed a proprietary application for accessing the time-
management system. The application uses a custom-designed protocol. As the Security Administrator, you
must control user access to the time-management system.
Which is the BEST authentication method for this scenario?
A. NG with Application Intelligence authentication methods can only be applied to protocols included in the standard, pre-defined suite.
B. Implicit User Authentication
C. User Authentication
D. Session Authentication
Correct Answer: D
QUESTION 83
Which of the following is the BEST authentication for roaming users, such as doctors updating patient records via HTTP at various workstations in a hospital?
A. Client
B. Session
C. User
Correct Answer: C
QUESTION 84
Which of the following statements is specifically TRUE of user groups?
A. Non-authentication rules require a user group in the Source field.
B. Authentication rules require a user group in the Source field.
C. User groups must be created, in order to implement authentication.
D. Authentication rules require a user group in both the Source and Destination field.
E. User groups cannot be used in authentication rules.
Correct Answer: C
QUESTION 85
You have created a SmartConsole Administrator with Read Only privileges in the Check Point
Configuration Tool.
Which of the following actions can this administrator perform? (Choose three)
A. Filter log files in the SmartView Tracker.
B. Review saved policies.
C. Change network object properties.
D. Install policies
E. Log in to the SmartDashboard.
Correct Answer: ABE
QUESTION 86
VPN-1/FireWall-1 supports User Authentication for which of the following services? Select the response below that contains the MOST complete list of supported services.
A. FTP, FTPS, HTTP, HTTPS
B. Rlogin, TELNET, HTTP, FTP
C. POP3, SMTP, HTTPS, FTPS
D. TELNET, HTTP, FTP, SMTP
E. Rlogin, TELNET, HTTP, SMTP
Correct Answer: B QUESTION 87
User Authentication supports all of the following services, EXCEPT:
A. SSH
B. FTP
C. HTTP
D. RLOGIN
E. TELNET
Correct Answer: A QUESTION 88
In the diagram, a group of users in the QA Department requires frequent access to the Palace Server.
Access to Palace is allowed from localnet hosts. Each user can log in at the beginning of the day, and can
use the service for a specified time period and number of sessions. If a user forgets to log out, the
connection to Palace is closed at the end of the authorization period.
Which of the following rules allows access to the Palace Server, from QA users on the local network? QA
users’ source (un the Rule Base) is QA@Localnet.
A. Rule 3
B. Rule 4
C. None of these rules allows access
D. Rule 1
E. Rule 2
Correct Answer: D
QUESTION 89
Which authentication method could be used for H.323 services? (Choose two)
A. Client Authentication
B. VoIP Authentication
C. User Authentication
D. No Authentication can be used for H.323
E. Session Authentication
Correct Answer: AE
QUESTION 90
Which authentication method could be used for SIP services? (Choose two)
A. Client Authentication
B. No authentication can be used for SIP
C. VoIP Authentication
D. Session Authentication
E. User Authentication
Correct Answer: AD
QUESTION 91
When the Client Authentication method requires Manual Sign On, users must connect to which of the following ports?
A. TELNET to port 70, or HTTP to port 443
B. TELNET to port 161, or HTTP to port 136
C. TELNET to port 21, or HTTP to port 80
D. TELNET to port 165, or HTTP to port 514
E. TELNET to port 259, or HTTP to port 900
Correct Answer: E
QUESTION 92
In the Client Authentication Action Properties dialog box, the Manual Sign On method is selected. This means:
A. If a connection matches the Rule Base and the service is an authenticated service, the client is signed on after a successful authentication.
B. The user must TELNET to the target server on port 250.
C. If a connection using any service matches the Rule Base, the client is authenticated.
D. If authentication is successful, access is granted from the network that initiated the connection.
E. the user must initiate a Client Authentication session to the gateway.
Correct Answer: E
QUESTION 93
Which of the following responses is TRUE about creating user templates? (Choose two)
A. By default, users can authenticate 24 hours a day, 7 days a week.
B. If not specific source or destination is selected users can authenticate to any source or destination.
C. If no password options are selected, users will still be able to authenticate, by creating their passwords during login.
D. When you create new users, you must create a new template for each user.
E. If no encryption method is selected, users will only be able to authenticate when they receive their Certificate Authority.
Correct Answer: AB
QUESTION 94
What is the advantage of using VPN-1/FireWall-1 Password for the authentication scheme, rather than using OS Password?
A. The OS Password authentication scheme can only be used with services available to user’s local machine.
B. There is not advantage, because VPN-1/FireWall-1 Password can only be used, if a user has an operating-system account on the network.
C. The OS Password authentication scheme can only be used with users who are present on the local network protected by the Enforcement Module. No external users can be configured for OS Password authentication.
D. VPN-1/FireWall-1 Passwords can be cached on the Enforcement Module. If a user in the user database attempts a connection, that user will not be prompted to re-enter the password.
E. VPN1-/FireWall-1 Passwords can be used, even if a user does not have an operating-system account on the network.
Correct Answer: E
QUESTION 95
Which of the following statements accurately describes VPN-1/FireWall-1 Session Authentication? (Choose three)
A. Session Authentication allows unlimited connections from a single host or IP address.
B. Session Authentication does not result in any additional connections to the Enforcement Module.
C. Session Authentication is restricted to a limited number of service.
D. Session Authentication requires that an authentication agent be installed on client computers.
E. Session Authentication requires an authentication procedure for each connection.
Correct Answer: ABD
QUESTION 96
You have created a rule so that every time a user wants to connect to the Internet using HTTP, that user must be authenticated. You want an authentication scheme that provides transparency for the user, and administrative control for you. The user must be able to log in from any location.
Which authentication scheme meets your needs?
A. Client
B. Session
C. Users
Correct Answer: C
QUESTION 97
The VPN-1/Firewall-1 NG User Interface consists of which of the following elements?
A. Security Policy Editor, Visual Policy Editor and Object tree view.
B. Management Server and VPN-1/FireWall-1 Module.
C. Visual Policy Editor, Object Tree view and inspection Module.
D. Security Policy Server, System GUI and Module Log Viewer.
E. VPN-1/FireWall-1 Module, Inspection Module and Security Server.
Correct Answer: A
QUESTION 98
You are attempting to implement Client Authentication for FTP. You have the accept firewall control connection option unchecked in the Policies and Properties dialog box. In the following Rule base, which rule would prevent a user from performing Client Authentication? No SOURCE DESTINATION SERVICE ACTION 1 Any fw.chicago.com Any drop 2 [email protected] Any ftp Client Encrypt 3 Any localNet http Accept telnet 4 Any Any Any drop
A. Rule 1
B. Rule 2
C. Rule 3
D. Rule 4
Correct Answer: A
QUESTION 99
As a VPN-1/Firewall-1 administrator, you have an undistributed range of IP addresses for which you want to perform address translation. You can simplify your efforts through the use of ADDRESS RANGE.
A. True
B. False
Correct Answer: A
QUESTION 100
In the figure below, Localnet is an internal network with private addresses A corresponding set of public addresses is available as follows: Public IP addresses Private IP addresses 199.203.73.15-199.203.73.115 200.0.0.100-200.0.0.200 The private addresses are translated to public addresses by specifying addresses Translation in the NAT tab of Localnet’s network properties window. Source addresses for the outbound packets from hosts in Localnet will be translated to 199.203.73.12 as shown in the figure below.
A. True
B. False
Correct Answer: B
Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises, CheckPoint 156-210 helps you master the concepts and techniques that will enable you to succeed on the CheckPoint 156-210 exam the first time.