Download Free VCE Files: CCNA, A+ Certification, MCSE – Cert4sure Checkpoint PDF CheckPoint 156-915 100% Pass Certification Dumps For Groundbreaking Results

PDF CheckPoint 156-915 100% Pass Certification Dumps For Groundbreaking Results

Exam A
QUESTION 1
You have two Nokia Appliances one IP530 and one IP380. Both Appliances have IPSO 39 and VPN-1 Pro NGX installed in a distributed deployment Can they be members of a gateway cluster?
A. No, because the Gateway versions must not be the same on both security gateways
B. Yes, as long as they have the same IPSO version and the same VPN-1 Pro version
C. No, because members of a security gateway cluster must be installed as stand-alone deployments
D. Yes, because both gateways are from Nokia, whether they have the same VPN-1 PRO version or not
E. No, because the appliances must be of the same model (Both should be IP530orIP380.)
Correct Answer: B
QUESTION 2
You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway, bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule?
A. Internal_clear>- All_GwToGw
B. Communities >- Communities
C. Internal_clear>- External_Clear
D. Internal_clear>- Communitis
E. Internal_clear>-All_communitis
Correct Answer: E
QUESTION 3
Review the following rules and note the Client Authentication Action properties screen, as shown in the exhibit.

After being authenticated by the Security Gateway when a user starts an HTTP connection to a Web site
the user tries to FTP to another site using the command line. What happens to the user?
The….

A. FTP session is dropprd by the implicit Cleanup Rule.
B. User is prompted from the FTP site only, and does not need to enter username nad password for the Client Authentication.
C. FTP connection is dropped by rule 2.
D. FTP data connection is dropped, after the user is authenticated successfully.
E. User is prompted for authentication by the Security Gateway again.
Correct Answer: B
QUESTION 4
After being authenticated by the Security Gateway, When a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:
A. FTP session is dropped by the implicit Cleanup Rule
B. user is prompted from that FTP site on~, and does not need to enter username and password for Client Authentication
C. FTP connection is dropped by rule2
D. FTP data connection is dropped, after the user is authenticated successfully
E. User is prompted for authentication by the Security Gateway aqain
Correct Answer: B
QUESTION 5
You want to upgrade a SecurePlatform NG with Application Intelligence (AI) R55 Gateway to SecurePlalform NGX R60 via SmartUpdate. Which package is needed in the repository before upgrading?
A. SVN Foundation and VPN-1 Express/Pro
B. VPN-1 and FireWall-1
C. SecurePlalform NGX R60
D. SVN Foundation
E. VPN-1 ProfExpress NGX R60
Correct Answer: C
QUESTION 6
What is the command to see the licenses of the Security Gateway Certkiller from your SmartCenter Server?
A. print Certkiller
B. fw licprint Certkiller
C. fw tab -t fwlic Certkiller
D. cplic print Certkiller
E. fw lic print Certkiller
Correct Answer: D
QUESTION 7
You set up a mesh VPN Community, so your internal network can access your partners network, and vice versa . Your Security Policy encrypts only FTP and HTTP traffic through a VPN tunnel. All traffic among your internal and partner networks is sent in clear text. How do you configure VPN Community?
A. Disable ‘accept all encrypted traffic’, and put FTP and http in the Excluded services in the Community object Add a rule in the Security Policy for services FTP and http, with the Community object in the VPN field
B. Disable “accept all encrypted traffic” in the Community, and add FTP and http services to the Security Policy, with that Community object in the VPN field
C. Enable “accept all encrypted traffic”, but put FTP and http in the Excluded services in the Community. Add a rule in the Security Policy with services FTP and http, and the Community object in theVPN field
D. Put FTP and http in the Excluded services in the Community object Then add a rule in the Security Policy to allow any as the service, with the Community object in the VPN field
Correct Answer: B
QUESTION 8
Ophelia is the security Administrator for a shipping company. Her company uses a custom application to update the distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateways Rule Base includes a rule to accept this traffic. Ophelia needs to be notified, via atext message to her cellular phone, whenever traffic is accepted on this rule. Which of the following options is MOST appropriate for Ophelia’s requirement?
A. User-defined alert script
B. Logging implied rules
C. SmartViewMonitor
D. Pop-up API
E. SNMP trap
Correct Answer: A QUESTION 9

You are reviewing SmartView Tracker entries, and see a Connection Rejection on a Check Point QoS rule. What causes the Connection Rejection?
A. No QoS rule exists to match the rejected traffic
B. The number of guaranteed connections is exceeded. The rule’s action properties are not set to accept additional connections
C. The Constant Bit Rate for a Low Latency Class has been exceeded by greater than 10%, and the Maximal Delay is set below requirements
D. Burst traffic matching the Default Rule is exhausting the Check Point QoS global packet buffers
E. The guarantee of one of the rule’s sub-rules exceeds the guarantee in the rule itself
Correct Answer: B
QUESTION 10
Choose the BEST sequence for configuring user management on Smart Dash board, for use with an LDAP server
A. Enable LDAP in Global Properties, configure a host-node object for the LDAP Server, and configure a server object for the LDAP Account Unit
B. Configure a workstation object for the LDAP server, configure a server object for the LDAP Account Unit, and enable LDAP in Global Properties
C. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP server using an OPSEC application
D. Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP resource object
E. Configure a server object for the LDAP Account Unit, and create an LDAP resource object
Correct Answer: A