Author: newcertskey
FLYDUMPS bring you the best Checkpoint 156-215 exam preparation materials which will make you pass in the first attempt.And we also provide you all the Checkpoint 156-215 exam updates as Microsoft announces a change in its Checkpoint 156-215 exam syllabus,we inform you about it without delay.
QUESTION 30
Which utility allows you to configure the DHCP service on SecurePlatform from the command line?
A. sysconfig
B. dhcp_cfg
C. cpconfig
D. ifconfig
Correct Answer: A QUESTION 31
Which utility is necessary for reestablishing SIC?
A. fwm sic_reset
B. cpconfig
C. cplic
D. sysconfig
Correct Answer: B QUESTION 32
The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?
A. Reinstall the Security Management Server and restore using upgrade_import.
B. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
C. Type fwm lock_admin -ua from the Security Management Server command line.
D. Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.
Correct Answer: C QUESTION 33
The third shift administrator was updating security management server access setting in global properties. He managed to lock the entire Administrator out of their accounts. How should you unlock these accounts?
A. Logging to smart dash board as special cpconfig_admin account. Right click on each administrator object and select Unlock.
B. Type fwm lock_admin ua from the command line of the security management server
C. Reinstall the security management Server and restore using upgrade _imort
D. Delete the file admin .lock in the sfwdir/ tmp/directory of the security managem,ent server.
Correct Answer: B QUESTION 34
You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.
A. /etc/conf/route.C
B. /etc/sysconfig/netconf.C
C. /etc/sysconfig/network-scripts/ifcfg-ethx
D. /etc/sysconfig/network
Correct Answer: B
QUESTION 35
When using SecurePlatform, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?
A. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings.
B. As expert user, issue these commands: # IP link set eth0 down # IP link set eth0 addr 00:0C:29:12:34:56 # IP link set eth0 up
C. As expert user, issue the command: # IP link set eth0 addr 00:0C:29:12:34:56
D. Edit the file /etc/sysconfig/netconf.c and put the new MAC address in the field (conf : (conns 🙁 conn :hwaddr (“00:0C:29:12:34:56”)
Correct Answer: B
QUESTION 36
Where is the IPSO Boot Manager physically located on an IP Appliance?
A. In the / nvram directory
B. On an external jump drive
C. On the platform’s BIOS
D. On built-in compact Flash memory
Correct Answer: D
QUESTION 37
ALL of the following options are provided by the SecurePlatform sysconfig utility, EXCEPT:
A. DHCP Server configuration
B. GUI Clients
C. Time & Date
D. Export setup
Correct Answer: B
QUESTION 38
Which of the following options is available with the SecurePlatform cpconfig utility?
A. GUI Clients
B. Time & Date
C. Export setup
D. DHCP Server configuration
Correct Answer: A QUESTION 39
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
A. diag
B. cpinfo -o date.cpinfo.txt
C. netstat > date.netstat.txt
D. cpstat > date.cpatat.txt
Correct Answer: B QUESTION 40
How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out via a rule or policy mis-configuration?
A. fw delete all.all@localhost
B. cpstop
C. fw unloadlocal
D. fw unload policy
Correct Answer: C QUESTION 41
How can you check whether IP forwarding is enabled on an IP Security Appliance?
A. clish c show routing active enable
B. echo 1 > /proc/sys/net/ipv4/ip_forwarding
C. ipsofwd list
D. cat/proc/sys/net/ipv4/ip_forward
Correct Answer: C QUESTION 42
For normal packet transmission of an accepted communication to a host protected by a Security Gateway, how many lines per packet are recorded on a packet analyzer like Wireshark using fw monitor?
A. 2
B. 4
C. 3
D. None
Correct Answer: B QUESTION 43
How can I verify the policy version locally installed on the Firewall?
A. fw ver
B. fw ctl iflist
C. fw ver -k
D. fw stat
Correct Answer: D QUESTION 44
If you run fw monitor without any parameters, what does the output display?
A. In /var/adm/monitor. Out
B. On the console
C. In /tmp/log/monitor out
D. In / var/log/monitor. out
Correct Answer: B QUESTION 45
Another administrator accidentally installed a Security Policy on the wrong firewall. Having done this, you are both locked out of the firewall that is called myfw1. What command would you execute on your system console on myfw1 in order for you to push out a new Security Policy?
A. fw dbloadlocal
B. fw unloadlocal
C. cpstop
D. fw ctl filter
Correct Answer: B QUESTION 46
Which of the following commands will completely remove the Security Policy from being enforced on a Security Gateway?
A. fw unload
B. fw unloadlocal
C. cpstop
D. fw unload local
Correct Answer: B QUESTION 47
Which of the following commands identifies whether or not a Security Policy is installed or the Security Gateway is operating with the initial policy?
A. fw monitor
B. fw ctl pstat
C. cp stat
D. fw stat
Correct Answer: D QUESTION 48
To monitor all traffic between a network and the Internet on a SecurePlatform Gateway, what is the BEST utility to use?
A. snoop
B. cpinfo
C. infoview
D. tcpdump
Correct Answer: D QUESTION 49
You are creating an output file with the following command:
fw monitor -e “accept (src=10.20.30.40 or dst=10.20.30.40);” -o ~/output Which tool do you use to analyze this file?
A. You can analyze it with Wireshark or Ethereal.
B. You can analyze the output file with any ASCI editor.
C. The output file format is CSV, so you can use MS Excel to analyze it.
D. You cannot analyze it with any tool as the syntax should be:fw monitor -e accept ([12,b]=10.20.30.40 or [16,b]=10.20.30.40); -o ~/output.
Correct Answer: A
QUESTION 50
You issue the fw monitor command with no arguments. Which of the following inspection points will be displayed?
A. Before the virtual machine, in the inbound direction
B. After the virtual machine, in the outbound direction
C. All inspection points
D. Before the virtual machine, in the outbound direction
Correct Answer: C
We help you do exactly that with our high quality Checkpoint 156-215 Certification using the above training materials.Regardless of whichever computer you have, you just need to download one of the many Checkpoint 156-215 PDF readers that are available for free.
Flydumps bring you the best CheckPoint 156-215 exam preparation materials which will make you pass in the first attempt.And we also provide you all the CheckPoint 156-215 exam updates as Microsoft announces a change in its CheckPoint 156-215 exam syllabus,we inform you about it without delay.
QUESTION 75
“Pass Any Exam. Any Time.” – www.actualtests.com 30 Checkpoint 156-215.75 Exam Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates are created:
A. And used for securing internal network communications between SmartView Tracker and an OPSEC device.
B. For the Security Management Server during the Security Management Server installation.
C. For Security Gateways during the Security Gateway installation.
D. To decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.
Correct Answer: B
QUESTION 76
Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:
A. Increase network security by securing administrative communication with a two-factor challenge response authentication.
B. Uniquely identify machines installed with Check Point software only. They have the same function as RSA Authentication Certificates.
C. Are for Security Gateways created during the Security Management Server installation.
D. Can be used for securing internal network communications between the Security Gateway and an OPSEC device.
Correct Answer: D
QUESTION 77
Which of the following statements regarding SecureXL and CoreXL is TRUE?
A. SecureXL is an application for accelerating connections.
B. CoreXL enables multi-core processing for program interfaces.
C. SecureXL is only available in R75.
D. CoreXL is included in SecureXL.
Correct Answer: A
QUESTION 78
Beginning with R75, Software Blades were introduced. One of the Software Blades is the IPS Software Blade as a replacement for SmartDefense. When buying or upgrading to a bundle, some blades are included, e.g. FW, VPN, IPS in SG103. Which statement is NOT true?
A. The license price includes IPS Updates for the first year.
B. The IPS Software Blade can be used for an unlimited time.
C. There is no need to renew the service contract after one year.
D. After one year, it is mandatory to renew the service contract for the IPS Software Blade because it has been bundled with the license when purchased.
Correct Answer: D
QUESTION 79
You need to plan the company’s new security system. The company needs a very high level of security and also high performance and high throughput for their applications. You need to turn on most of the integrated IPS checks while maintaining high throughput. What would be the BEST solution for this scenario?
A. You need to buy a strong multi-core machine and run R70 or later on SecurePlatform with CoreXL technology enabled.
B. Bad luck, both together can not be achieved.
C. The IPS does not run when CoreXL is enabled.
D. The IPS system does not affect the firewall performance and CoreXL is not needed in this scenario.
Correct Answer: A
QUESTION 80
John is the Security Administrator in his company. He needs to maintain the highest level of security on the firewalls he manages. He is using Check Point R75. Does he need the IPS Software Blade for achieving this goal?
“Pass Any Exam. Any Time.” – www.actualtests.com 32 Checkpoint 156-215.75 Exam
A. No, all IPS protections are active, but can’t be uploaded without the license like SmartDefense.
B. Yes, otherwise no protections can be enabled.
C. Yes, otherwise the firewall will pass all traffic unfiltered and unchecked.
D. No, the Gateway will always be protected and the IPS checks can’t be managed without a license.
Correct Answer: B
QUESTION 81
Which command allows you to view the contents of an R75 table?
A. fw tab -x <tablename>
B. fw tab -a <tablename>
C. fw tab -s <tablename>
D. fw tab -t <tablename>
Correct Answer: D
QUESTION 82
Your R75 enterprise Security Management Server is running abnormally on Windows 2003 Server. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?
A. 1) Run the latest upgrade_export utility to export the configuration 2) Leave the exported – tgz file in %FWDIR\bin. 3) Install the primary security Management Server on top of the current installation 4) Run upgrade_import to Import the configuration.
B. 1) Insert the R75 CD-ROM. and select the option to export the configuration into a . tgz file 2) Skip any upgrade verification warnings since you are not upgrading. 3) Transfer the. tgz file to another networked machine. 4) Download and run the cpclean utility and reboot. 5) Use the R75 CD_ROM to select the upgrade__import option to import the c
C. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. “Pass Any Exam. Any Time.” – www.actualtests.com 33 Checkpoint 156-215.75 Exam 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.
D. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Transferee .tgz file to another network machine 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Install again using the R75 CD ROM as a primary security management server 5) Reboot and than transfer the .tgz file back to the local\ tem p 6) Run upgcade_import to import the configuration.
Correct Answer: C
QUESTION 83
Your primary Security Management Server runs on SecurePlatform. What is the easiest way to back up your Security Gateway R75 configuration, including routing and network configuration files?
A. Using the upgrade_export command.
B. Copying the $FWDIR/conf and $FWDIR/lib directory to another location.
C. Run the pre_upgrade_verifier and save the .tgz file to the /temp directory.
D. Using the native SecurePlatform backup utility from command line or in the Web based user interface.
Correct Answer: D QUESTION 84
You need to back up the routing, interface, and DNS configuration information from your R75 SecurePlatform Security Gateway. Which backup-and-restore solution do you use?
A. SecurePlatform backup utilities
B. upgrade_export and upgrade_import commands
C. Database Revision Control
D. Manual copies of the $FWDIR/conf directory
Correct Answer: A QUESTION 85
Your R75 primary Security Management Server is installed on SecurePlatform. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours.
How do you create this schedule?
A. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
B. Create a time object, and add 48 hours as the interval. Open the Security Gateway object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
C. Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.
D. On a SecurePlatform Security Management Server, this can only be accomplished by configuring the fw logswitch command via the cron utility.
Correct Answer: A QUESTION 86
Which of the following methods will provide the most complete backup of an R75 configuration?
A. Policy Package Management
B. Copying the $PWDIR\conf and $CPDIR\conf directories to another server
C. upgrade_export command
D. Database Revision Control
Correct Answer: C QUESTION 87
Which of the following commands can provide the most complete restoration of an R75 configuration?
“Pass Any Exam. Any Time.” – www.actualtests.com 35 Checkpoint 156-215.75 Exam
A. Cpconfig
B. Upgrade_import
C. fwm dbimport -p
D. cpinfo -recover
Correct Answer: B QUESTION 88
When restoring R75 using the command upgrade > Port. Which of the following items is NOT restored?
A. Licenses
B. Global properties
C. SIC Certificates
D. Route tables
Correct Answer: D QUESTION 89
Your organization’s disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R75 installation. Your plan must meet the following required and desired objectives:
Required Objective: The Security Policy repository must be backed up no less frequently than every 24
hours.
Desired Objective: The R75 components that enforce the Security Polices should be blocked up at least
once a week.
Desired Objective: Back up R75 logs at least once a week
Your disaster recovery plan is as follows:
Use the cron utility to run the upgrade_ export command each night on the Security Management Servers.
Configure the organization’s routine backup software to back up the files created by the upgrade_
“Pass Any Exam. Any Time.” – www.actualtests.com 36
Checkpoint 156-215.75 Exam
export command.
Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night
Use the cron utility to run the upgrade export: command each Saturday niqht on the log servers
Configure an automatic, nightly loqswitch
Configure the organization’s routine backup software to back up the switched logs every night
Upon evaluation, your plan:
A. Meets the required objective but does not meet either desired objective.
B. Does not meet the required objective.
C. Meets the required objective and only one desired objective.
D. Meets the required objective and both desired objectives.
Correct Answer: D QUESTION 90
Your company is running Security Management Server R75 on SecurePlatform, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using SmartDashboard, under Users, select Add New Administrator
B. Using the Web console on SecurePlatform under Product configuration, select Administrators
C. Using SmartDashboard or cpconf ig
D. Using cpconftg on the Security Management Server, choose Administrators
Correct Answer: A QUESTION 91
Which of the following tools is used to generate a Security Gateway R75 configuration report?
A. ethereal
B. cpinfo “Pass Any Exam. Any Time.” – www.actualtests.com 37 Checkpoint 156-215.75 Exam
C. licview
D. infoview
Correct Answer: B QUESTION 92
Which of the following is a CLI command for Security Gateway R75?
A. fwm policy_print <policyname>
B. fw shutdown
C. fw merge
D. fw tab -u
Correct Answer: D QUESTION 93
What information is provided from the options in this screenshot?
(i)Whether a SIC certificate was generated for the Gateway
(ii)Whether the operating system is SecurePlatform or SecurePlatform Pro
“Pass Any Exam. Any Time.” – www.actualtests.com 38 Checkpoint 156-215.75 Exam (iii)Whether this is a standalone or distributed installation
A. (i), (ii) and (iii)
B. (i) and (iii)
C. (i) and (ii)
D. (ii) and (iii)
Correct Answer: D QUESTION 94
Peter is your new Security Administrator. On his first working day, he is very nervous and sets the wrong password three times. His account is locked. What can be done to unlock Peter’s account? Give the BEST answer.
A. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Gateway.
B. It is not possible to unlock Peter’s account. You have to install the firewall once again or abstain from Peter’s help.
C. You can unlock Peter’s account by using the command fwm lock_admin -u Peter on the Security Management Server.
D. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Management Server.
Correct Answer: C
QUESTION 95
Which CLI command verifies the number of cores on your firewall machine?
A. fw ctl pstat
B. fw ctl core stat
C. fw ctl multik stat
D. cpstat fw -f core
Correct Answer: C
QUESTION 96
John currently administers a network using NGX R65.4 on the Security Management Server and NGX R65.2.100 (the VOIP release with the VOIP plug-ins enabled). He wants to upgrade to R75 to get the benefits of Check Point’s Software Blades. What would be the best way of doing this?
A. This can not be done yet as R75 can not manage NGX R65 Gateways due to SmartDefense and IPS mismatch problems.
B. Run upgrade_export on R65 management, then install R75 on this machine and run upgrade_import and re-license the systems to use software blades.
C. Just insert the R75 CD-ROM and run the in-place upgrade.
D. This is not supported today as currently the VOIP Software Blade and VOIP plug-in is not available in R75.
Correct Answer: D
QUESTION 97
John currently administers a network using single CPU single core servers for the Security Gateways and is running R75. His company is now going to implement VOIP and needs more performance on the Gateways. He is now adding more memory to the systems and also upgrades the CPU to a modern quad core CPU in the server. He wants to use CoreXL technology to benefit from the new performance benchmarks of this technology. How can he achieve this?
A. Nothing needs to be done. SecurePlatform recognized the change during reboot and adjusted all the settings automatically.
B. He just needs to go to cpconfig on the CLI and enable CoreXL. Only a restart of the firewall is required to benefit from CoreXL technology.
C. He needs to reinstall the Gateways because during the initial installation, it was a single-core CPU but the wrong Linux kernel was installed. There is no other upgrade path available.
D. He just needs to go to cpconfig on the CLI and enable CoreXL. After the required reboot he will benefit from the new technology.
Correct Answer: D
QUESTION 98
“Pass Any Exam. Any Time.” – www.actualtests.com 40 Checkpoint 156-215.75 Exam You are running a R75 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?
A. upgrade_export
B. manual backup
C. snapshot
D. backup
Correct Answer: C
QUESTION 99
Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore can be done easily by the command restore and selecting the appropriate backup file.
B. A backup cannot be restored, because the binary files are missing.
C. The restore is not possible because the backup file does not have the same build number (version).
D. The restore is done by selecting Snapshot Management from the boot menu of SecurePlatform.
Correct Answer: A
QUESTION 100
Which operating systems are supported by a Check Point Security Gateway on an open server?
A. Check Point SecurePlatform and Microsoft Windows
B. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
C. Check Point SecurePlatform, IPSO, Sun Solaris, Microsoft Windows
D. Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO “Pass Any Exam. Any Time.” -www.actualtests.com 41 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 101
You intend to upgrade a Check Point Gateway from R65 to R75. Prior to upgrading, you want to backup the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?
A. Backup
B. Snapshot
C. Upgrade_export
D. Database_revision
Correct Answer: A
QUESTION 102
Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass through the Gateway running on an IP Appliance running IPSO. What command do you need to run after stopping the firewall service?
A. fw fwd routing
B. ipsofwd on admin
C. fw load routed
D. ipsofwd slowpath
Correct Answer: B QUESTION 103
Where can you find the Check Point’s SNMP MIB file?
“Pass Any Exam. Any Time.” – www.actualtests.com 42 Checkpoint 156-215.75 Exam
A. $FWDIR/conf/snmp.mib
B. It is obtained only by request from the TAC.
C. $CPDIR/lib/snmp/chkpt.mib
D. There is no specific MIB file for Check Point products.
Correct Answer: C
QUESTION 104
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.
Correct Answer: C
QUESTION 105
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.
D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
Correct Answer: C
We provide thoroughly reviewed CheckPoint 156-215 using the training resources which are the best for CheckPoint 156-215,and to get certified by Microsoft Windows Store apps.It is a best choice to accelerate your career as a professional in the Information Technology industry. Now we add the latest CheckPoint 156-215 content and to print and share content.
Flydumps is one of the leading exam preparation material providers.We have a complete range of exams offered by the top vendors of their respective industries. You can download CheckPoint 156-210 free demos in PDF files that are the latest.QUESTION 11
What function does the Audit mode of SmartView Tracker perform?
A. It tracks detailed information about packets traversing the Enforcement Modules.
B. It maintains a detailed log of problems with VPN-1/FireWall-1 services on the SmartCenter Server.
C. It is used to maintain a record of the status of each Enforcement Module and SmartCenter server.
D. It maintains a detailed record of status of each Enforcement Module and SmartCenter Server.
E. It tracks changes and Security Policy installations, per Security Administrator, performed in SmartDashboard.
Correct Answer: E
QUESTION 12
In the SmartView Tracker, what is the difference between the FireWall-1 and VPN-1 queries? Choose three.
A. A VPN-1 query only displays encrypted and decrypted traffic.
B. A FireWall-1 query displays all traffic matched by rules, which have logging activated.
C. A FireWall-1 query displays all traffic matched by all rules.
D. A FireWall-1 query also displays encryption and decryption information.
E. Implied rules, when logged, are viewed using the VPN-1 query.
Correct Answer: ABD
QUESTION 13
Network topology exhibit
You want hide all localnet and DMZ hosts behind the Enforcemenet Module, except for the HTTP Server
(192.9.200.9). The HTTP Server will be providing public services, and must be accessible from the
Internet.
Select the two BEST Network Address Translation (NAT) solutions for this scenario,
A. To hide Local Network addresses, set the address translation for 192.9.0.0
B. To hide Local Network addresses, set the address translation for 192.9.200.0
C. Use automatic NAT rule creation to hide both DMZ and Local Network.
D. To hide Local Network addresses, set the address translation for privatenet.
E. Use automatic NAT rule creation, to statically translate the HTTP Server address.
Correct Answer: CE
QUESTION 14
The SmartDefense Storm Center Module agent receives the Dshield.org Block List, and:
A. Populates CPDShield with blocked address ranges, every three hours.
B. Generates logs from rules tracking internal traffic.
C. Submits the number of authentication failures, and drops, rejects, and accepts.
D. Generates regular and compact log digest.
E. Populates the firewall daemon with log trails.
Correct Answer: A QUESTION 15
What are the advantages of central licensing? Choose three.
A. Only the IP address of a SmartCenter Server is needed for all licences.
B. A central licence can be removed from one Enforcement Module, and installe don another Enforcement Module.
C. Only the IP address of an Enforcement Module is needed for all licences.
D. A central license remains valid, when you change the IP address of an Enforcemente Module.
E. A central license can be converted into a local license.
Correct Answer: ABD
QUESTION 16
A security Administrator wants to review the number of packets accepted by each of the Enforcement modules. Which of the following viewers is the BEST source for viewing this information?
A. SmartDashboard
B. SmartUpdate
C. SmartMap
D. SmartView Status
E. SmartView Tracker
Correct Answer: D
QUESTION 17
Hidden (or masked) rules are used to:
A. Hide rules from administrators with lower privileges.
B. View only a few rules, without distraction of others.
C. Temporarily disable rules, without having to reinstall the Security Policy.
D. Temporarily convert specifically defined rules to implied rules.
E. Delete rules, without having to reinstall the Security Policy.
Correct Answer: B
QUESTION 18
Which of the following characteristics BEST describes the behaviour of Check Point NG with Application Intelligence?
A. Traffic not expressly permitted is prohibited.
B. All traffic is expressly permitted by explicit rules.
C. Secure connections are authorized by default. Unsecured connectdions are not.
D. Traffic is filtered using controlled ports.
E. TELNET, HTTP; and SMTP are allowed by default.
Correct Answer: A
QUESTION 19
SmartUpdate CANNOT be used to:
A. Track installed versions of Check Point and OPSEC products.
B. Manage licenses centrally.
C. Update installed Check Point and OPSEC software remotely, from a centralized location.
D. Uninstall Check Point and OPSEC software remotely, from a centralized location.
E. Remotely install NG with Application Intelligence for the first time, on a new machine.
Correct Answer: E
QUESTION 20
Which of the following statements about Client Authentication is FALSE?
A. In contrast to User Authentication that allows access per user. Client Authentication allows access per IP address.
B. Client Authentication is more secure than User Authentication, because it allows multiple users and connections from an authorized IP address or host.
C. Client Authentication enables Security Administrators to grant access privileges to a specific IP address, after successful authentication.
D. Authentication is by user name and password, but it is the host machine (client) that is granted access.
E. Client Authentication is not restricted to a limited set of protocols.
Correct Answer: B
QUESTION 21
Why is Application Layer particularly vulnerable to attacks? Choose three
A. Malicious Java, ActiveX, and VB Scripts can exploit host system simply by browsing.
B. The application Layer performs access-control and legitimate-use checks.
C. Defending against attacks at the Application Layer is more difficult, than at lower layers of the OSI model.
D. The Application Layer does not perform unauthorized operations.
E. The application Layer supports many protocols.
Correct Answer: ACE
QUESTION 22
You have created a rule that requires users to be authenticated, when connecting to the Internet using HTTP. Which is the BEST authentication method for users who must use specific computers for Internet access?
A. Client
B. Session
C. User
Correct Answer: A
QUESTION 23
What function does the Active mode of SmartView Tracker perform?
A. It displays the active Security Policy.
B. It displays active Security Administrators currently logged into a SmartCenter Server.
C. It displays current active connections traversing Enforcement Modules.
D. It displays the current log file, as it is stored on a SmartCenter Server.
E. It displays only current connections between VPN-1/FireWall-1 modules.
Correct Answer: C
QUESTION 24
You are importing product data from modules, during a VPN-1/Firwall-1 Enforcement Module upgrade. Which of the following statements are true? Choose two.
A. Upgrading a single Enforcement Module is recommended by Check Point, since there is no chance of mismatch between installed product versions.
B. SmartUpdate queries license information, from the SmartConsole runging locally on the Enforcement Module.
C. SmartUpdate queries the SmartCenter Server and Enforcement Module for product information.
D. If SmartDashboard and all SmartConsoles must be open during input, otherwise the product-data retrieval process will fail
Correct Answer: AC
QUESTION 25
Which if the following components functions as the Internal Certificate Authority for all modules in the VPN-1/FireWall-1 configuration?
A. Enforcement Module
B. INSPECT Engine
C. SmartCenter Server
D. SmartConsole
E. Policy Server
Correct Answer: C
QUESTION 26
Which of the following is NOT a security benefit of Check Point’s Secure Internal Communications (SIC)?
A. Generates VPN certificates for IKE clients.
B. Allows the Security Administrator to confirm that the Security Policy on an Enforcement Module came from an authorized Management Server.
C. Confirms that a SmartConsole is authorized to connect a SmartCenter Server
D. Uses SSL for data encryption.
E. Maintains data privacy and integrity.
Correct Answer: A
QUESTION 27
You are administering one SmartCenter Server that manages three Enforcement Modules. One of the Enforcement Modules does not appear as a target in the Install Policy screen, when you attempt to install the Security Policy. What is causing this to happen?
A. The license for the Enforcement Module has expired.
B. The Enforcement Module requires a reboot.
C. The object representing the Enforcement Module was created as a Node->Gateway.
D. The Enforcement Module was not listed in the Install On column of its rule.
E. No Enforcement Module Master filer was created, designating the SmartCenter Server
Correct Answer: C
QUESTION 28
You are the Security Administrator with one SmartCenter Server managing one Enforcement Moduel. SmartView Status displayes a computer icon with an “I” in the Status column. What does this mean?
A. You have entered the wrong password at SmartView Status login.
B. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module.
C. The SmartCenter Server cannot contact a gateway.
D. The VPN-1/Firewall-1 Enforcement Module has been compromised and is no longer controlled by this SmartCenter Sever.
E. The Enforcement Module is installed and responding to status checks, but the status is problematic.
Correct Answer: E
QUESTION 29
Check Point’s NG with Application Intelligence protects against Network and Transport layer attacks by: (Choose two)
A. Preventing protocol-anomaly detection-
B. Allowing IP fragmentation-
C. Preventing validation of compliance to standards.
D. Preventing non-TCP denial-of-service attacks, and port scanning.
E. Preventing malicious manipulation of Network Layer protocols.
Correct Answer: DE
QUESTION 30
Which of the following locations is Static NAT processed by the Enforcement Module on packets from an external source to an internal statically translated host? Static NAT occurs.
A. After the inbound kernel, and before routing.
B. After the outbound kernel, and before routing.
C. After the inbound kernel, and aftter routing.
D. Before the inbound kernel, and after routing.
E. Before the outbound kernel, and before routing.
Correct Answer: C
QUESTION 31
Which of the following does a Check Point security gateway access, analyze, and use? Choose three.
A. Communications information
B. Communication-derivec state
C. Packet sniffing
D. Information mapping
E. Application-derived state
Correct Answer: ABE
QUESTION 32
Which NG with Application Intelligence feature allows a Security Administrator to granularly control acceptable FTP commands?
A. FTP Security Server object settings
B. Check Point Gateway object, Security Server settings
C. SmartDefense, FTP Security Server settings
D. Rule Base Service field
E. Global Properties, Security Server settings.
Correct Answer: C
QUESTION 33
You are Security Administrator preparing to deploy a new hot-fix to ten Enforcement Modules at five geographically separated locations. What is the BEST method to implement this hot-fix?
A. Use SmartView installer to deploy the hot-fix to each Enforcement Module.
B. Send a CDROM with the hot-fix to each location, and have local personnel install it.
C. Send a Certified Security Engineer to each site to perform the update.
D. Use SmartInstaller to install the packages to each of the Enforcement Models remotely.
E. Use SmartUpdate to install the packages to each of the Enforcement Models remotely.
Correct Answer: E QUESTION 34
Implicit rules do NOT allow what types of VPN-1/FireWall-1 Control Connections by default?
A. Outgoing traffic, originating from the gateway
B. RIP for routing configuration
C. IKE and RDP-traffic, for communication and encryption
D. VPN-1/Firewall-1 specific traffic, such as logging, management, and key exchange
E. RADIOUS; CVP, UFP, and LDAP
Correct Answer: B
QUESTION 35
In Secure Internal Communicators (SIC), the SmartCenter Server and its components are identified by a (n):
A. SIC entry in the host file
B. Random seed
C. Port number
D. Distinguished Name
E. IP address
Correct Answer: D
QUESTION 36
Which of the following statements BEST describes Dynamic Network Address Translation (Hide NAT)?
A. Allow you to hide an entire network behind one IP address.
B. Translates private external IP addresses to public IP addresses.
C. Allows you to hide an entire network behind public IP addresses.
D. Translates public internal IP addresses to private IP addresses.
E. Allow you to hide an entire network behind random IP addresses.
Correct Answer: A
QUESTION 37
What type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets?
A. SMURF
B. SYN-Flood
C. Host System Hogging
D. Small PMTU
E. LAND
Correct Answer: D
QUESTION 38
How is the Block Intruder request used?
A. It is used in place of the HTTP Security Server.
B. SmartDefense automatically uses this capability.
C. It is used in the Log mode of SmartView Tracker to kill active connections.
D. It is activated in SmartDashboard through the Security Policy.
E. It blocks access from a Source, or to a Destination, for a specified amount of time, or indefinitely.
Correct Answer: E QUESTION 39
A conflict between anti-spoofing and Network Address Translation (NAT) occurs when:
A. The Translate destination on the client-side option is not enabled when using Static NAT:
B. NAT is performed on the client side.
C. Manual NAT rules are used.
D. The Translate destination on the client-side option is enabled.
E. The Translate destination on the server-side option is enabled.
Correct Answer: A
QUESTION 40
One of the most important tasks Security Adminstrators perform is log maintenance. By default, when an administrator clicks File > Switch Active file from SmartView Tracker, the SmartCenter server:
A. Purges the current log file, and prompts the Security Administrator for the mode of the new log.
B. Opens a new window with a previously saved log for viewing.
C. Saves the current log file, names the save file by date and time and starts a new log.
D. Prompts the Security Administrator for the name of the current log, saves it, and then prompts the Security Administrator for the mode of the new log.
E. Purges the current log file, and starts a new log.
Correct Answer: C
QUESTION 41
A VPN-1/FireWall-1 SmartDashboard is used to perform which of the following tasks? Choose two.
A. Allows the Security Administrator to configure Network Address Translation.
B. Stores VPN-1/Firewall-1 logs
C. Compiles the Rule Base into an enforceable Security Policy.
D. Stores the User Database.
E. It is used to crate and define a Security Policy.
Correct Answer: AE
QUESTION 42
Assuming the default settings in the Global Properties have not changed, which of the following types of traffic will be allowed through a firewall with the Rule Base displayed in the exhibit?
A. VPN-1/Firewall-1 Control Connections.
B. HTTP from anywhere to Web Server.
C. HTTP from network out.
D. FTP from anywhere to Web Server.
E. RIP traffic to the gateway.
Correct Answer: AB
QUESTION 43
In SmartView Status, what does a status of Untrusted tell you?
A. The Enforcement Module is offline.
B. The Security Administrator has entered the wrong password at SmartView Status login.
C. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module
D. The SmartCenter Server cannot contact a gateway
E. An Enforcement Module is installed and responding to status checks, but the status is problematic.
Correct Answer: C
QUESTION 44
For which of the following objectd types can Network Address Translation be configured?
A. Domains, host nodes, network.
B. Domains, networks, users
C. Host nodes, networks, OSE devices
D. Host nodes, networks, address ranges
E. Networks, OSE Devices logical servers.
Correct Answer: D
QUESTION 45
Howa CK Storm Center Block Lists activated? Choose the correction order.
1.
Security Adminstrators define a CPDShield object and place it in the Rule Base appropriately.
2.
The Storm Center Module agent on the Enforcement Module retrieves the Block list, and replaces the CPDSHield object with a list of blocked IP addresses.
3.
The Storm Center Module agent periodically checks for updates to the Block list.
A. 3, 2, 1
B. 1, 2, 3
C. 2, 3, 1
D. 3, 1, 2
E. 2, 1, 3
Correct Answer: B
QUESTION 46
Network topology exhibit In the network displayed in the exhibit, the public servers accept and initiate connections from the Internet. The public servers must:
A. Be moved to the other side of the Enforcement Module, and give public addresses.
B. Use Reverse Network Address Translation.
C. Use Static Network Address Translation.
D. Use Dynamic Network Address Translation
E. Network Address Translation is not required.
Correct Answer: C
QUESTION 47
What Blocking Scope options are available when using Block Intruder? Choose three.
A. Block access from this Source.
B. Block source and destination
C. Block access to this Destination.
D. Block only this connection
E. Block all traffic
Correct Answer: ACD
QUESTION 48
TO be MOST effective, where should Anti-Spoofing be configured?
A. Only on interfaces facing internal networks.
B. Only on external and DMZ interfaces.
C. Only on DMZ interfaces
D. Only on external interfaces.
E. On all interfaces.
Correct Answer: E QUESTION 49
Choose the two responses that BEST describe a VPN-1/Firewall-1 Rule Base. A Rule Base is:
A. A collection of corporate guidelines used to structure the network Security Policies for users operating behind the firewall.
B. A collection of system settings that make up implicit rules defining network security.
C. The process by which secure communications are established between different VPN-1/Firewall-1 Modules, operating within an enterprise security environment.
D. A repository of DLL files, each provides a specific security function.
E. A set of explicitly and implicitly defined rules used to define network security.
Correct Answer: AE
QUESTION 50
When defining objects, why should you NOT change the name or IP address of the system-created SmartCenter Server objects? Choose two.
A. Changes the certificate of the system-created object
B. Causes a fault-tolerance error on the VPN-1/Firewall-1 Enforcement Module
C. Interferes with Security Policy Installation
D. Does not change the object name in the Rule Base.
E. Negatively affects the Internal Certificate Authority.
Correct Answer: AE
QUESTION 51
You are the Security Administrator with one SmartCenter Server managing one Enforcement Module.
SmartView Status displays a computer icon with an “?” in the Status column.
What does this mean?
A. The VPN-1/FireWall-1 Enforcement Module has been compromised and is no longer controlled by this SmartCenter Server.
B. Secure Internal Communications (SIC) has not been established between the SmartCenter Server and the Enforcement Module.
C. The Enforcement Module is installed and responding to status checks, but the status is problematic.
D. You have entered the wrong password at SmartView Status login.
E. The SmartCenter Server cannot contact the gateway.
Correct Answer: E
QUESTION 52
Which statement below BEST describes how VPN-1/FireWall-1 handles hidden rules? Hidden rules are:
A. Not included when the Security Policy is installed.
B. Removed from the existing Security Policy.
C. Enforced when the Security Policy is installed.
D. Automatically installed, when the Unhide All option is selected from the Hide Rules menu.
E. Enforced as implied rules, before the explicitly defined Rule Base.
Correct Answer: C
QUESTION 53
Which of the following is NOT included in SVN Foundation?
A. Watch Dog for Critical Services
B. License Utilities
C. CPShared Daemon
D. SmartDefense
E. SNMP Daemon
Correct Answer: D
QUESTION 54
Which of the following BEST describes the function of Dynamic Network Address Translation (Dynamic
NAT)?
Dynamic NAT:
A. Allows you to configure more public IP addresses than you have hosts.
B. Reduces the load on the Enforcement Module.
C. Limits the number of internal hosts that may access the Internet.
D. Reduces the number of connections to your Web server.
E. Allows you to configure for more hosts than you have public IP addresses.
Correct Answer: E
The CheckPoint 156-210 certification can make you a competent person.It may enable a technician to know about the CheckPoint 156-210 configurations,get information about the CheckPoint 156-210 data center products and hardware and knowledge about CheckPoint 156-210 united computing systems.
We are committed on providing you with the latest and most accurate CheckPoint 156-110 exam preparation products.If you want to pass CheckPoint 156-110 exam successfully, do not miss to read latest CheckPoint 156-110 brain dumps on Flydumps.
QUESTION 41
If e-mail is subject to review by individuals other than the sender and recipient, what should be clearly stated in the organization’s e-mail policy?
A. Technologies and methods used to monitor and enforce the organization’s policies
B. Senior management and business-unit owner responsibilities and delegation options
C. Clear, legally defensible definition of what constitutes a business record
D. Consequences for violation of the organization’s acceptable-use policy
E. No expectation of privacy for e-mail communications, using the organization’s resources
Correct Answer: E
QUESTION 42
Which of the following are common failures that should be addressed in an organization’s Business Continuity Plan (BCP) ? (Choose THREE.)
A. Connectivity failures
B. Accounting failures
C. Hardware failures
D. Utility failures
E. Personal failures
Correct Answer: ACD
QUESTION 43
Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?
A. Hire an investigation agency to run background checks.
B. Verify all dates of previous employment.
C. Question candidates, using polygraphs.
D. Contact personal and professional references.
E. Run criminal-background checks.
Correct Answer: BD QUESTION 44
A _______ _______ posture provides many levels of security possibilities, for access control.
A. Layered defensive
B. Multiple offensive
C. Flat defensive
D. Reactive defensive
E. Proactive offensive
Correct Answer: A
QUESTION 45
At ABC Corporation, access to critical information resources, such as database and e-mail servers, is controlled by the information-technology (IT) department. The supervisor in the department grants access to printers where the printer is located. Managers grant and revoke rights to files within their departments’ directories on the file server, but the IT department controls who has access to the directories. Which type of access-management system is in use at ABC Corporation?
A. Centralized access management
B. Role-based access management
C. Hybrid access management
D. Decentralized access management
E. Privileged access management
Correct Answer: C
QUESTION 46
Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.
A. Espionage
B. Transposition cipher
C. Key exchange
D. Arithmancy
E. Steganography
Correct Answer: E
QUESTION 47
Why should each system user and administrator have individual accounts? (Choose TWO.)
A. Using generic user names and passwords increases system security and reliability.
B. Using separate accounts for each user reduces resource consumption, particularly disk space.
C. By using individual login names and passwords, user actions can be traced.
D. If users do not have individual login names, processes can automatically run with root/administrator access.
E. A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing.
Correct Answer: CE
QUESTION 48
A(n) _______ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.
A. False positive
B. False negative
C. CIFS pop-up
D. Threshold
E. Alarm
Correct Answer: B
QUESTION 49
What is single sign-on? An authentication method:
A. that allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
B. that stores user credentials locally, so that users need only authenticate the first time, a local machine is used
C. requiring the use of one-time passwords, so users authenticate only once, with a given set of credentials.
D. that uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication
E. that requires users to re-authenticate for every resource accessed
Correct Answer: A
QUESTION 50
Which of the following is NOT a Business Continuity Plan (BCP) recovery strategy?
A. Delegating risk to another entity, such as an insurer
B. Manual procedures; alternative solution to technology available
C. Deferring action; action waiting until a later date
D. Reciprocal agreements with another organization
E. Doing nothing; no action taken to recover the technology
Correct Answer: A
Get certified CheckPoint 156-110 is a guaranteed way to succeed with IT careers.We help you do exactly that with our high quality CheckPoint 156-110 Certification Certified Information Systems Security Professional training materials.
At Flydumps,we are positive that our CheckPoint 156-110 preparation material with questions and answers pdf provide most in-depth solutions for individuals that are preparing for the CheckPoint 156-110 exam.Our uodated CheckPoint 156-110 brain dumps will allow you the opportunity to know exactly what to expect on the exam day and ensure that you can pass the exam beyond any doubt.
QUESTION 55
____________________ educate(s) security administrators and end users about organizations’ security policies.
A. Security-awareness training
B. Information Security (INFOSEC) briefings
C. Acceptable-use policies
D. Continuing education
E. Nondisclosure agreements
Correct Answer: A
QUESTION 56
Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.
A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field
Correct Answer: C
QUESTION 57
Organizations _______ risk, when they convince another entity to assume the risk for them.
A. Elevate
B. Assume
C. Deny
D. Transfer
E. Mitigate
Correct Answer: D
QUESTION 58
A(n) _______________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact
E. Aggregated data set
Correct Answer: A
QUESTION 59
To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.
At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?
A. ABC Company will never recoup the cost of this safeguard.
B. Less than 7 years
C. Less than 3 years
D. Less than 1 year
E. Less than 5 years
Correct Answer: B
QUESTION 60
ABC Corporation’s network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?
A. Single sign-on
B. Decentralized access control
C. Hybrid access control
D. Layered access control
E. Mandatory access control
Correct Answer: D
QUESTION 61
The items listed below are examples of ___________________ controls.
*Smart cards *Access control lists *Authentication servers *Auditing
A. Role-based
B. Administrative
C. Technical
D. Physical
E. Mandatory
Correct Answer: C
QUESTION 62
Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Access-control systems and methodologies:
A. are required standards in health care and banking.
B. provide redundant systems and data backups.
C. control who is allowed to view and modify information.
D. are academic models not suitable for implementation.
E. set standards for acceptable media-storage devices.
Correct Answer: C
QUESTION 63
_______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
C. Network
D. Pattern matching
E. Host
Correct Answer: B
QUESTION 64
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
A. Leased-line security
B. Salami attacks
C. Unauthorized network connectivity
D. Distributed denial-of-service attacks
E. Secure access to remote organizational resources
Correct Answer: E
QUESTION 65
Which of the following is NOT a concern for enterprise physical security?
A. Network Intrusion Detection Systems
B. Social engineering
C. Dumpster diving
D. Property theft
E. Unauthorized access to a facility
Correct Answer: A QUESTION 66
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages
Correct Answer: ABE
QUESTION 67
Which type of access management uses information about job duties and positions, to indicate subjects’ clearance levels?
A. Discretionary
B. Role-based
C. Nondiscretionary
D. Hybrid
E. Mandatory
Correct Answer: B
QUESTION 68
When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)
A. Discover the information daily activities yield.
B. Meet with adversaries.
C. Perform business impact analysis surveys.
D. Scrutinize their organizations’ daily activities.
E. Analyze indicators, to determine the information an adversary can glean ?both from routine and nonroutine activities.
Correct Answer: ADE
QUESTION 69
Which of the following can be stored on a workstation? (Choose TWO.)
A. Payroll information
B. Data objects used by many employees
C. Databases
D. Interoffice memo
E. Customer correspondence
Correct Answer: DE
QUESTION 70
How is bogus information disseminated?
A. Adversaries sort through trash to find information.
B. Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
C. Adversaries use movement patterns as indicators of activity.
D. Adversaries take advantage of a person’s trust and goodwill.
E. Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.
Correct Answer: E
QUESTION 71
Which type of access management allows subjects to control some access of objects for other subjects?
A. Discretionary
B. Hybrid
C. Mandatory
D. Role-based
E. Nondiscretionary
Correct Answer: A
QUESTION 72
Which of the following are enterprise administrative controls? (Choose TWO.)
A. Network access control
B. Facility access control
C. Password authentication
D. Background checks
E. Employee handbooks
Correct Answer: DE
QUESTION 73
You are preparing a machine that will be used as a dedicated Web server.
Which of the following services should NOT be removed?
A. E. IRC
B. SMTP
C. FTP
D. HTTP
E. PVP
Correct Answer: D
QUESTION 74
A new U.S. Federal Information Processing Standard specifies a
cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive,
but unclassified, information. What is the name of this Standard?
A. Triple DES
B. Blowfish
C. AES
D. CAST
E. RSA
Correct Answer: C
QUESTION 75
If a firewall receives traffic not explicitly permitted by its security policy, what should the firewall do?
A. Nothing
B. Do not log and drop the traffic.
C. Log and drop the traffic.
D. Log and pass the traffic.
E. Do not log and pass the traffic.
Correct Answer: C
QUESTION 76
Which of the following statements about encryption’s benefits is false? Encryption can: (Choose TWO.)
A. significantly reduce the chance information will be modified by unauthorized entities.
B. only be used to protect data in transit. Encryption provides no protection to stored data.
C. allow private information to be sent over public networks, in relative safety.
D. significantly reduce the chance information will be viewed by unauthorized entities.
E. prevent information from being destroyed by malicious entities, while in transit.
Correct Answer: BE
QUESTION 77
Which principle of secure design states that a security mechanism’s methods must be testable?
A. Separation of privilege
B. Least common mechanism
C. Complete mediation
D. Open design
E. Economy of mechanism
Correct Answer: D
QUESTION 78
What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan
Correct Answer: E
QUESTION 79
A(n) ______________________________ is a quantitative review of risks, to determine how an organization will continue to function, in the event a risk is realized.
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
Correct Answer: C
QUESTION 80
Internal intrusions are loosely divided into which categories? (Choose TWO.)
A. Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
B. Attempts by insiders to access resources, without proper access rights.
C. Attempts by insiders to access external resources, without proper access rights.
D. Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
E. Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.
Correct Answer: BE
QUESTION 81
A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)
A. Does not enable the administrator to monitor the configuration of remote computers.
B. Can block connectivity for machines that do not comply with the organization’s security policy.
C. Enables the administrator to monitor the configuration of remote computers.
D. Prevents attackers from penetrating headquarters’ Security Gateway.
E. Confirms that a remote configuration complies with the organization’s security policy.
Correct Answer: BCE
Ensure that you are provided with only the best and most updated CheckPoint 156-110 Certification training materials, we also want you to be able to access CheckPoint 156-110 easily, whenever you want.We provide all our CheckPoint 156-110 Certification exam training material in PDF format, which is a very common format found in all computers and gadgets. Now we add the latest CheckPoint 156-110 content and to print and share content.