Download Free VCE Files: CCNA, A+ Certification, MCSE – Cert4sure Checkpoint,CheckPoint Certification CheckPoint 156-510 Exam Dumps, Provides Best CheckPoint 156-510 Certification Material On Sale

CheckPoint 156-510 Exam Dumps, Provides Best CheckPoint 156-510 Certification Material On Sale

Flydumps CheckPoint 156-510 exam questions which contain almost 100% correct answers are tested and approved by senior Microsoft lecturers and experts.They have been devoting themselves to providing candidates with the best study materials to make sure what they get are valuable.Get a complete hold on CheckPoint 156-510 exam dumps on Flydumps, you will pass the exam absolutely.

QUESTION 63
Which three files can be generated by a Unix core dump?
A. vmunix.
B. vmcore.
C. unixdump
D. core

Correct Answer: ABD QUESTION 64
What is NOT true when using MEP encryption topologies?
A. Gateways must use the same FW-1 build level
B. Gateways must use the same management module
C. You must use a distributed installation of VPN-1/FW-1
D. Gateways must run identical policies

Correct Answer: D QUESTION 65
What is another name for an LDAP server?
A. Account server
B. DN Unit
C. User server
D. Account unit

Correct Answer: D QUESTION 66
Exhibit missing.
Please look at the exhibit, which is a sample output from a “fw ctl pstat” command. How many NAT
operations have there been in an outgoing direction?

A. 20760405
B. 340
C. 312
D. 523

Correct Answer: C QUESTION 67
Which file would you modify in order to enable and configure CPMAD?
A. $FWDIR/bin/cpmad_config.conf
B. $FWDIR/conf/cpmad.conf
C. $FWDIR/conf/cpmad_config.conf
D. $FWDIR//cpmad/config.conf

Correct Answer: C QUESTION 68
For most efficient rulebase operation, which of the following objects would it be preferable to use if you have many contiguous addresses to translate using static NAT? Assume you could validly use any of them.
A. Network
B. Workstation
C. Range

Correct Answer: A QUESTION 69
Where would it be best to locate a CVP server?
A. On an internal user lan network
B. On a firewalled gateway
C. On a separate isolated segment or DMZ
D. On a remote network

Correct Answer: C QUESTION 70
What is the result of not configuring CPMAD with enough memory?
A. Some attacks will not be detected
B. It will automatically grab more memory
C. It will automatically flush out old events to create more memory
D. It will exit

Correct Answer: D QUESTION 71
In a SEP HA environment not using load sharing, the external interfaces of each cluster member must have the same IP address. True or false?
A. False
B. True

Correct Answer: B QUESTION 72
Which command would you use to copy a user database file into VPN-1/FW-1?
A. dbimport <filename>
B. fwm dbimport -s “o=city,c=country”
C. fwm dbexport <filename>
D. fwm dbimport -f <filename>

Correct Answer: D QUESTION 73
When would you need to import the Checkpoint schema into an LDAP server?
A. If you use the severs management interface to update the LDAP database
B. Never, the LDAP standard caters for it
C. If you use Policy Editor to update the LDAP database
D. Always, when you use an LDAP server

Correct Answer: C QUESTION 74
Which is designated the primary management module?
A. It is selected by priority numbers (1 is the highest priority)
B. The last management module installed
C. The first management module installed
D. It is chosen at random

Correct Answer: C QUESTION 75
You do not need LDAP schema checking enabled if you want to use policy editor user manager to add a new LDAP user. True or false?
A. False
B. True

Correct Answer: A QUESTION 76
On a Windows NT FW-1 system, how would you increase the amount of memory allocated to the kernel to 5MBytes?
A. Set the value of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Service\FW1\Parameters\Memory to 5000000
B. Type “# zap -s _fwhmem $FWDIR/modules/fwmod.o 5000000”
C. Type “set fw:fwhmem=5000000”
D. Type”# echo “fwhmem?W500000″ | adb -w /stand/vmnt”

Correct Answer: A QUESTION 77
A collection of gateways that are synchronized in a VPN topology are called a ___________?
A. MEP
B. Gateway group
C. Gateway cluster
D. Gateway pool

Correct Answer: C QUESTION 78
When using LDAP what may be a reason for a users password to be rejected?
A. The password does not contain a numeric character
B. The user is defined differently in the VPN-1/FW-1 user database
C. than in the LDAP server
D. The user is defined in both VPN-1/FW-1 and the LDAP server
E. The password is also used by someone else

Correct Answer: B QUESTION 79
Which API is used by applications to write to the VPN-1/FW-1 log database?
A. ELA
B. EAL
C. LEA
D. LAA

Correct Answer: A QUESTION 80
When are the statistics provided by the fw ctl pstat command reset?
A. After restarting FW-1
B. Whenever you purge the log file
C. On a reboot
D. On entering the command “fw ctl clear”

Correct Answer: AC QUESTION 81
You need to set the environment variable $FWDIR before running cpifno. True or false?
A. True
B. False

Correct Answer: A QUESTION 82
FW-1 does not support multi level proper subset encryption domains. True or false?
A. False
B. True

Correct Answer: A QUESTION 83
What is true about conflicting configuration parameters between a gateway cluster and a gateway defined as a member of that cluster?
A. Some gateway parameters override cluster parameters
B. Some cluster parameters override gateway parameters
C. The cluster configuration is overridden by the primary gateway parameters
D. All the gateway parameters remain intact

Correct Answer: B QUESTION 84
If you are troubleshooting a SMTP security server problem, which file could be useful?
A. smtp.dmp
B. smtpd.log
C. asmtpd.log
D. cvp.conf

Correct Answer: C QUESTION 85
Please look at the exhibit, which is a sample output from a “fw ctl pstat” command. There is a memory utilization problem here. True or false?
A. False
B. True

Correct Answer: A QUESTION 86
Which is NOT a group of files that can be synchronized in a HA management environment?
A. Configuration database files
B. Install files
C. Fetch files
D. log files

Correct Answer: D QUESTION 87
When SEP gateways are said to be synchronized, what exactly is synchronized between them?
A. Rulebase
B. User database
C. Objects database
D. State tables

Correct Answer: D QUESTION 88
On which module(s) does CPMAD run?
A. An external server
B. The management module
C. The Checkpoint GUI
D. The enforcement module

Correct Answer: B QUESTION 89
How many LDAP servers are supported by VPN-1/FW-1?
A. 1
B. 2, one primary and one backup
C. Unlimited
D. Up to 4

Correct Answer: C QUESTION 90
When debugging a Unix based management server you could use the fwd -d command. True or false?
A. False
B. True

Correct Answer: A
QUESTION 91
Asymmetric routing can be a problem in which type of encryption domain topology?
A. Partial overlapping
B. Fully overlapping domains in gateways using hide mode NAT for all connections
C. none overlapped backup domains with internal links between the two
D. Proper subset

Correct Answer: C
QUESTION 92
What is the function of the “fw hastat <target>” command?
A. It forces failover of high availability gateways
B. It starts HA on high availability capable gateways
C. It provides operational status of high availability gateways
D. It is an invalid command, you should use cphaprob instead

Correct Answer: C
QUESTION 93
When you are logged into the active management server and viewing the high availability management screen, what icon is displayed if there is a recommendation or error that FW-1 wishes to bring to your attention?
A. A lightbulb
B. A red question mark
C. A red hash
D. A green tick

Correct Answer: A
QUESTION 94
Which of the following platforms cannot support CPMAD?
A. Win2000
B. None of these
C. Nokia IP530
D. Solaris
E. Win NT
F. Linux
Correct Answer: B
QUESTION 95
How would you perform a manual synchronization in a HA management module environment?
A. On the primary login and click on the “synchronize me” button of the HA management manager window
B. Perform the “fw hamansync” command
C. On the secondary login and click on the “synchronize me” button of the HA management manager window
D. On the primary use Policy editor > Policy > Management high availability > click on the “synchronize”
button Correct Answer: CD QUESTION 96 When starting FW-1 debugging, you may want to send all the output to a buffer, what command(s) would you use to do this?
A. fw ctl buffer -debug
B. fw ctl buf fw ctl debug
C. fw ctl -b debug
D. fw ctl debug -buf

Correct Answer: D QUESTION 97
On a Windows NT platform, the specified state of the OS memory strategy can impact the performance of FW-1. What is the default state for this?
A. Maximize throughput for network applications
B. Maximize throughput for file sharing
C. Maximize throughput for video applications
D. Maximize throughput for disk access

Correct Answer: B QUESTION 98
In an LDAP database two entries cannot have the same common name (CN). True or false?
A. False
B. True

Correct Answer: A QUESTION 99
If you want to receive debug information for HTTP or FTP security servers when debugging the firewall daemon, you must use the “fw debug fwd on” command. True or false?
A. True
B. False

Correct Answer: B QUESTION 100
What are the three types of overlapping encryption domains?
A. Partial overlap
B. Proper subset
C. Partial subset
D. Full overlap

Correct Answer: ABD
This volume is part of the Exam Certification Guide Series from CheckPoint 156-510 exam. CheckPoint 156-510 exam in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help CheckPoint 156-510 Certification candidates identify weaknesses,concentrate their study efforts,and enhance their confidence as CheckPoint 156-510 exam day nears.