Tag: Checkpoint 156-215
Your worries about CheckPoint 156-215 exam complexity no more exist because Flydumps is here to serves as a guide to help you to pass the CheckPoint 156-215 exam. All the exam questions and answers is the latest and covering each and every aspect of CheckPoint 156-215 exam.It 100% ensure you pass the exam without any doubt.
QUESTION 50
Which utility allows you to configure the DHCP service on SecurePlatform from the command line?
A. cpconfig
B. ifconfig
C. dhcp_cfg
D. sysconfig
Correct Answer: D
QUESTION 51
The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?
A. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
B. Type fwm lock_admin -u <account name> from the Security Management Server command line.
C. Type fwm unlock_admin -u from the Security Gateway command line.
D. Type fwm unlock_admin from the Security Management Server command line.
Correct Answer: B
QUESTION 52
The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?
A. Reinstall the Security Management Server and restore using upgrade_import.
B. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
C. Type fwm lock_admin -ua from the Security Management Server command line.
D. Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.
Correct Answer: C
QUESTION 53
You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.
A. /etc/conf/route.C
B. /etc/sysconfig/network-scripts/ifcfg-ethx
C. /etc/sysconfig/netconf.C
D. /etc/sysconfig/network
Correct Answer: C
QUESTION 54
When using SecurePlatform, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?
A. Edit the file /etc/sysconfig/netconf.C and put the new MAC address in the field
B. As expert user, issue these commands: # IP link set eth0 down # IP link set eth0 addr 00:0C:29:12:34:56 # IP link set eth0 up
C. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings.
D. As expert user, issue the command: # IP link set eth0 addr 00:0C:29:12:34:56
Correct Answer: B
QUESTION 55
Several Security Policies can be used for different installation targets. The Firewall protecting Human Resources’ servers should have its own Policy Package. These rules must be installed on this machine and not on the Internet Firewall. How can this be accomplished?
A. A Rule Base is always installed on all possible targets. The rules to be installed on a Firewall are defined by the selection in the Rule Base row Install On.
B. A Rule Base can always be installed on any Check Point Firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install on Target.
C. When selecting the correct Firewall in each line of the Rule Base row Install On, only this Firewall is shown in the list of possible installation targets after selecting Policy > Install on Target.
D. In the menu of SmartDashboard, go to Policy > Policy Installation Targets and select the correct firewall via Specific Targets.
Correct Answer: D
QUESTION 56
Where is the IPSO Boot Manager physically located on an IP Appliance?
A. On the platform’s BIOS
B. In the directory /nvram
C. On an external jump drive
D. On built-in compact Flash memory
Correct Answer: D
QUESTION 57
How is wear on the flash storage device mitigated on diskless appliance platforms?
A. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
B. A RAM drive reduces the swap file thrashing which causes fast wear on the device.
C. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
D. PRAM flash devices are used, eliminating the longevity.
Correct Answer: B
QUESTION 58
Your R76 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?
A. Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.
B. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
C. On a SecurePlatform Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.
D. Create a time object, and add 48 hours as the interval. Open the Security Gateway object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
Correct Answer: B
QUESTION 59
Which of the following methods will provide the most complete backup of an R75 configuration?
A. Execute command upgrade_export
B. Database Revision Control
C. Policy Package Management
D. Copying the directories $FWDIR\conf and $CPDIR\conf to another server
Correct Answer: A
QUESTION 60
Which of the following commands can provide the most complete restoration of a R76 configuration?
A. cpinfo -recover
B. fwm dbimport -p <export file>
C. upgrade_import
D. cpconfig
Correct Answer: C
QUESTION 61
When restoring R76 using the command upgrade_import, which of the following items are NOT restored?
A. Licenses
B. SIC Certificates
C. Global properties
D. Route tables
Correct Answer: D
QUESTION 62
Your organization’s disaster recovery plan needs an update to the backup and restore section to reap the new distributed R76 installation benefits. Your plan must meet the following required and desired objectives:
Required ObjectivE.
The Security Policy repository must be backed up no less frequently than
every 24 hours.
Desired ObjectivE.
The R76 components that enforce the Security Policies should be backed up at
least once a week.
Desired ObjectivE.
Back up R76 logs at least once a week.
Your disaster recovery plan is as follows:
-Use the cron utility to run the command upgrade_export each night on the Security Management Servers.
–
Configure the organization’s routine back up software to back up the files created by the Checkpoint 156-215.13 Exam BrainDumps.com 25 command upgrade_export.
–
Configure the GAiA back up utility to back up the Security Gateways every Saturday night.
-Use the cron utility to run the command upgrade_export each Saturday night on the log servers.
–
Configure an automatic, nightly logswitch.
–
Configure the organization’s routine back up software to back up the switched logs every night.
Upon evaluation, your plan:
A. Meets the required objective and only one desired objective.
B. Meets the required objective but does not meet either desired objective.
C. Meets the required objective and both desired objectives.
D. Does not meet the required objective.
Correct Answer: C
QUESTION 63
Your company is running Security Management Server R76 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using cpconfig on the Security Management Server, choose Administrators
B. Using SmartDashboard, under Users, select Add New Administrator
C. Using the Web console on SecurePlatform under Product configuration, select Administrators
D. Using SmartDashboard or cpconfig
Correct Answer: B
QUESTION 64
Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked. What can be done to unlock Peter’s account? Give the BEST answer.
A. It is not possible to unlock Peter’s account. You have to install the firewall once again or abstain
B. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Gateway.
C. You can unlock Peter’s account by using the command fwm lock_admin -u Peter on the Security Management Server
D. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Management Server
Correct Answer: C QUESTION 65
Where can you find the Check Point’s SNMP MIB file?
A. $CPDIR/lib/snmp/chkpt.mib
B. There is no specific MIB file for Check Point products.
C. $FWDIR/conf/snmp.mib
D. It is obtained only by request from the TAC.
Correct Answer: A
QUESTION 66
You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
B. Log in as the default user expert and start cpinfo.
C. No action is needed because cpshell has a timeout of one hour by default.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo.
Correct Answer: A
QUESTION 67
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced > Permission to Install.
C. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
D. In the object General Properties representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
Correct Answer: B
QUESTION 68
What is the officially accepted diagnostic tool for IP Appliance Support?
A. ipsoinfo
B. cpinfo
C. uag-diag
D. CST
Correct Answer: D
QUESTION 69
ALL of the following options are provided by the SecurePlatform sysconfig utility, EXCEPT:
A. Export setup
B. Time & Date
C. DHCP Server configuration
D. GUI Clients
Correct Answer: D QUESTION 70
Which of the following options is available with the SecurePlatform cpconfig utility?
A. Time & Date
B. GUI Clients
C. DHCP Server configuration
D. Export Setup
Correct Answer: B QUESTION 71
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
A. cpstat – date.cpstat.txt
B. fw cpinfo
C. cpinfo -o date.cpinfo.txt
D. diag
Correct Answer: C QUESTION 72
Which of the following statements accurately describes the command snapshot?
A. snapshot creates a Security Management Server full system-level backup on any OS.
B. snapshot stores only the system-configuration settings on the Gateway.
C. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server.
D. snapshot creates a full OS-level backup, including network-interface data, Check Point product information, and configuration settings during an upgrade of a SecurePlatform Security Gateway.
Correct Answer: D QUESTION 73
How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out through a rule or policy mis-configuration?
A. fw delete all.all@localhost
B. fw unload policy
C. fwm unloadlocal
D. fw unloadlocal
Correct Answer: D QUESTION 74
How can you check whether IP forwarding is enabled on an IP Security Appliance?
A. clish -c show routing active enable
B. ipsofwd list
C. cat /proc/sys/net/ipv4/ip_forward
D. echo 1 > /proc/sys/net/ipv4/ip_forward
Correct Answer: B QUESTION 75
Which command allows you to view the contents of an R76 table?
A. fw tab -s <tablename>
B. fw tab -t <tablename>
C. fw tab -x <tablename>
D. fw tab -a <tablename>
Correct Answer: B
QUESTION 76
Which of the following tools is used to generate a Security Gateway R76 configuration report?
A. infoCP
B. cpinfo
C. infoview
D. fw cpinfo
Correct Answer: B
QUESTION 77
Which of the following is a CLI command for Security Gateway R76?
A. fw merge
B. fw tab -u
C. fw shutdown
D. fwm policy_print <policyname>
Correct Answer: B
QUESTION 78
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a platform using GAiA. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used in Expert Mode to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. eth_set
B. mii_tool
C. ifconfig -a
D. ethtool
Correct Answer: A
QUESTION 79
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. ipsofwd on admin
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. clish -c set routing active enable
Correct Answer: B
QUESTION 80
When you change an implicit rule’s order from Last to First in Global Properties, how do you make the change take effect?
A. Run fw fetch from the Security Gateway.
B. Select Install Database from the Policy menu.
C. Reinstall the Security Policy.
D. Select Save from the File menu.
Correct Answer: C QUESTION 81
The actual CheckPoint 156-215 exam questions and answers will sharpen your skills and expand your knowledge to obtain a definite success.save your money and time on your preparation for your CheckPoint 156-215 certification exam. You will find we are a trustful partner if you choose us as your assistance on your CheckPoint 156-215 certification exam. Now we add the latest CheckPoint 156-215 content and to print and share content.
FLYDUMPS bring you the best Checkpoint 156-215 exam preparation materials which will make you pass in the first attempt.And we also provide you all the Checkpoint 156-215 exam updates as Microsoft announces a change in its Checkpoint 156-215 exam syllabus,we inform you about it without delay.
QUESTION 30
Which utility allows you to configure the DHCP service on SecurePlatform from the command line?
A. sysconfig
B. dhcp_cfg
C. cpconfig
D. ifconfig
Correct Answer: A QUESTION 31
Which utility is necessary for reestablishing SIC?
A. fwm sic_reset
B. cpconfig
C. cplic
D. sysconfig
Correct Answer: B QUESTION 32
The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?
A. Reinstall the Security Management Server and restore using upgrade_import.
B. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.
C. Type fwm lock_admin -ua from the Security Management Server command line.
D. Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.
Correct Answer: C QUESTION 33
The third shift administrator was updating security management server access setting in global properties. He managed to lock the entire Administrator out of their accounts. How should you unlock these accounts?
A. Logging to smart dash board as special cpconfig_admin account. Right click on each administrator object and select Unlock.
B. Type fwm lock_admin ua from the command line of the security management server
C. Reinstall the security management Server and restore using upgrade _imort
D. Delete the file admin .lock in the sfwdir/ tmp/directory of the security managem,ent server.
Correct Answer: B QUESTION 34
You are the Security Administrator in a large company called ABC. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.
A. /etc/conf/route.C
B. /etc/sysconfig/netconf.C
C. /etc/sysconfig/network-scripts/ifcfg-ethx
D. /etc/sysconfig/network
Correct Answer: B
QUESTION 35
When using SecurePlatform, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?
A. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings.
B. As expert user, issue these commands: # IP link set eth0 down # IP link set eth0 addr 00:0C:29:12:34:56 # IP link set eth0 up
C. As expert user, issue the command: # IP link set eth0 addr 00:0C:29:12:34:56
D. Edit the file /etc/sysconfig/netconf.c and put the new MAC address in the field (conf : (conns 🙁 conn :hwaddr (“00:0C:29:12:34:56”)
Correct Answer: B
QUESTION 36
Where is the IPSO Boot Manager physically located on an IP Appliance?
A. In the / nvram directory
B. On an external jump drive
C. On the platform’s BIOS
D. On built-in compact Flash memory
Correct Answer: D
QUESTION 37
ALL of the following options are provided by the SecurePlatform sysconfig utility, EXCEPT:
A. DHCP Server configuration
B. GUI Clients
C. Time & Date
D. Export setup
Correct Answer: B
QUESTION 38
Which of the following options is available with the SecurePlatform cpconfig utility?
A. GUI Clients
B. Time & Date
C. Export setup
D. DHCP Server configuration
Correct Answer: A QUESTION 39
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
A. diag
B. cpinfo -o date.cpinfo.txt
C. netstat > date.netstat.txt
D. cpstat > date.cpatat.txt
Correct Answer: B QUESTION 40
How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out via a rule or policy mis-configuration?
A. fw delete all.all@localhost
B. cpstop
C. fw unloadlocal
D. fw unload policy
Correct Answer: C QUESTION 41
How can you check whether IP forwarding is enabled on an IP Security Appliance?
A. clish c show routing active enable
B. echo 1 > /proc/sys/net/ipv4/ip_forwarding
C. ipsofwd list
D. cat/proc/sys/net/ipv4/ip_forward
Correct Answer: C QUESTION 42
For normal packet transmission of an accepted communication to a host protected by a Security Gateway, how many lines per packet are recorded on a packet analyzer like Wireshark using fw monitor?
A. 2
B. 4
C. 3
D. None
Correct Answer: B QUESTION 43
How can I verify the policy version locally installed on the Firewall?
A. fw ver
B. fw ctl iflist
C. fw ver -k
D. fw stat
Correct Answer: D QUESTION 44
If you run fw monitor without any parameters, what does the output display?
A. In /var/adm/monitor. Out
B. On the console
C. In /tmp/log/monitor out
D. In / var/log/monitor. out
Correct Answer: B QUESTION 45
Another administrator accidentally installed a Security Policy on the wrong firewall. Having done this, you are both locked out of the firewall that is called myfw1. What command would you execute on your system console on myfw1 in order for you to push out a new Security Policy?
A. fw dbloadlocal
B. fw unloadlocal
C. cpstop
D. fw ctl filter
Correct Answer: B QUESTION 46
Which of the following commands will completely remove the Security Policy from being enforced on a Security Gateway?
A. fw unload
B. fw unloadlocal
C. cpstop
D. fw unload local
Correct Answer: B QUESTION 47
Which of the following commands identifies whether or not a Security Policy is installed or the Security Gateway is operating with the initial policy?
A. fw monitor
B. fw ctl pstat
C. cp stat
D. fw stat
Correct Answer: D QUESTION 48
To monitor all traffic between a network and the Internet on a SecurePlatform Gateway, what is the BEST utility to use?
A. snoop
B. cpinfo
C. infoview
D. tcpdump
Correct Answer: D QUESTION 49
You are creating an output file with the following command:
fw monitor -e “accept (src=10.20.30.40 or dst=10.20.30.40);” -o ~/output Which tool do you use to analyze this file?
A. You can analyze it with Wireshark or Ethereal.
B. You can analyze the output file with any ASCI editor.
C. The output file format is CSV, so you can use MS Excel to analyze it.
D. You cannot analyze it with any tool as the syntax should be:fw monitor -e accept ([12,b]=10.20.30.40 or [16,b]=10.20.30.40); -o ~/output.
Correct Answer: A
QUESTION 50
You issue the fw monitor command with no arguments. Which of the following inspection points will be displayed?
A. Before the virtual machine, in the inbound direction
B. After the virtual machine, in the outbound direction
C. All inspection points
D. Before the virtual machine, in the outbound direction
Correct Answer: C
We help you do exactly that with our high quality Checkpoint 156-215 Certification using the above training materials.Regardless of whichever computer you have, you just need to download one of the many Checkpoint 156-215 PDF readers that are available for free.
Flydumps bring you the best CheckPoint 156-215 exam preparation materials which will make you pass in the first attempt.And we also provide you all the CheckPoint 156-215 exam updates as Microsoft announces a change in its CheckPoint 156-215 exam syllabus,we inform you about it without delay.
QUESTION 75
“Pass Any Exam. Any Time.” – www.actualtests.com 30 Checkpoint 156-215.75 Exam Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates are created:
A. And used for securing internal network communications between SmartView Tracker and an OPSEC device.
B. For the Security Management Server during the Security Management Server installation.
C. For Security Gateways during the Security Gateway installation.
D. To decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.
Correct Answer: B
QUESTION 76
Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:
A. Increase network security by securing administrative communication with a two-factor challenge response authentication.
B. Uniquely identify machines installed with Check Point software only. They have the same function as RSA Authentication Certificates.
C. Are for Security Gateways created during the Security Management Server installation.
D. Can be used for securing internal network communications between the Security Gateway and an OPSEC device.
Correct Answer: D
QUESTION 77
Which of the following statements regarding SecureXL and CoreXL is TRUE?
A. SecureXL is an application for accelerating connections.
B. CoreXL enables multi-core processing for program interfaces.
C. SecureXL is only available in R75.
D. CoreXL is included in SecureXL.
Correct Answer: A
QUESTION 78
Beginning with R75, Software Blades were introduced. One of the Software Blades is the IPS Software Blade as a replacement for SmartDefense. When buying or upgrading to a bundle, some blades are included, e.g. FW, VPN, IPS in SG103. Which statement is NOT true?
A. The license price includes IPS Updates for the first year.
B. The IPS Software Blade can be used for an unlimited time.
C. There is no need to renew the service contract after one year.
D. After one year, it is mandatory to renew the service contract for the IPS Software Blade because it has been bundled with the license when purchased.
Correct Answer: D
QUESTION 79
You need to plan the company’s new security system. The company needs a very high level of security and also high performance and high throughput for their applications. You need to turn on most of the integrated IPS checks while maintaining high throughput. What would be the BEST solution for this scenario?
A. You need to buy a strong multi-core machine and run R70 or later on SecurePlatform with CoreXL technology enabled.
B. Bad luck, both together can not be achieved.
C. The IPS does not run when CoreXL is enabled.
D. The IPS system does not affect the firewall performance and CoreXL is not needed in this scenario.
Correct Answer: A
QUESTION 80
John is the Security Administrator in his company. He needs to maintain the highest level of security on the firewalls he manages. He is using Check Point R75. Does he need the IPS Software Blade for achieving this goal?
“Pass Any Exam. Any Time.” – www.actualtests.com 32 Checkpoint 156-215.75 Exam
A. No, all IPS protections are active, but can’t be uploaded without the license like SmartDefense.
B. Yes, otherwise no protections can be enabled.
C. Yes, otherwise the firewall will pass all traffic unfiltered and unchecked.
D. No, the Gateway will always be protected and the IPS checks can’t be managed without a license.
Correct Answer: B
QUESTION 81
Which command allows you to view the contents of an R75 table?
A. fw tab -x <tablename>
B. fw tab -a <tablename>
C. fw tab -s <tablename>
D. fw tab -t <tablename>
Correct Answer: D
QUESTION 82
Your R75 enterprise Security Management Server is running abnormally on Windows 2003 Server. You decide to try reinstalling the Security Management Server, but you want to try keeping the critical Security Management Server configuration settings intact (i.e., all Security Policies, databases, SIC, licensing etc.) What is the BEST method to reinstall the Server and keep its critical configuration?
A. 1) Run the latest upgrade_export utility to export the configuration 2) Leave the exported – tgz file in %FWDIR\bin. 3) Install the primary security Management Server on top of the current installation 4) Run upgrade_import to Import the configuration.
B. 1) Insert the R75 CD-ROM. and select the option to export the configuration into a . tgz file 2) Skip any upgrade verification warnings since you are not upgrading. 3) Transfer the. tgz file to another networked machine. 4) Download and run the cpclean utility and reboot. 5) Use the R75 CD_ROM to select the upgrade__import option to import the c
C. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Perform any requested upgrade verification suggested steps. “Pass Any Exam. Any Time.” – www.actualtests.com 33 Checkpoint 156-215.75 Exam 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Use smartUpdate to reinstall the Security Management server and reboot 5) Transfer the .tgz file back to the local \ temp. 6) Run upgrade_import to import the configuration.
D. 1) Download the latest upgrade_export utility and run it from a \ temp directory to export the Configuration. 2) Transferee .tgz file to another network machine 3) Uninstall all R75 packages via Add/Remove Programs and reboot 4) Install again using the R75 CD ROM as a primary security management server 5) Reboot and than transfer the .tgz file back to the local\ tem p 6) Run upgcade_import to import the configuration.
Correct Answer: C
QUESTION 83
Your primary Security Management Server runs on SecurePlatform. What is the easiest way to back up your Security Gateway R75 configuration, including routing and network configuration files?
A. Using the upgrade_export command.
B. Copying the $FWDIR/conf and $FWDIR/lib directory to another location.
C. Run the pre_upgrade_verifier and save the .tgz file to the /temp directory.
D. Using the native SecurePlatform backup utility from command line or in the Web based user interface.
Correct Answer: D QUESTION 84
You need to back up the routing, interface, and DNS configuration information from your R75 SecurePlatform Security Gateway. Which backup-and-restore solution do you use?
A. SecurePlatform backup utilities
B. upgrade_export and upgrade_import commands
C. Database Revision Control
D. Manual copies of the $FWDIR/conf directory
Correct Answer: A QUESTION 85
Your R75 primary Security Management Server is installed on SecurePlatform. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours.
How do you create this schedule?
A. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
B. Create a time object, and add 48 hours as the interval. Open the Security Gateway object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
C. Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.
D. On a SecurePlatform Security Management Server, this can only be accomplished by configuring the fw logswitch command via the cron utility.
Correct Answer: A QUESTION 86
Which of the following methods will provide the most complete backup of an R75 configuration?
A. Policy Package Management
B. Copying the $PWDIR\conf and $CPDIR\conf directories to another server
C. upgrade_export command
D. Database Revision Control
Correct Answer: C QUESTION 87
Which of the following commands can provide the most complete restoration of an R75 configuration?
“Pass Any Exam. Any Time.” – www.actualtests.com 35 Checkpoint 156-215.75 Exam
A. Cpconfig
B. Upgrade_import
C. fwm dbimport -p
D. cpinfo -recover
Correct Answer: B QUESTION 88
When restoring R75 using the command upgrade > Port. Which of the following items is NOT restored?
A. Licenses
B. Global properties
C. SIC Certificates
D. Route tables
Correct Answer: D QUESTION 89
Your organization’s disaster recovery plan needs an update to the backup and restore section to reap the benefits of the new distributed R75 installation. Your plan must meet the following required and desired objectives:
Required Objective: The Security Policy repository must be backed up no less frequently than every 24
hours.
Desired Objective: The R75 components that enforce the Security Polices should be blocked up at least
once a week.
Desired Objective: Back up R75 logs at least once a week
Your disaster recovery plan is as follows:
Use the cron utility to run the upgrade_ export command each night on the Security Management Servers.
Configure the organization’s routine backup software to back up the files created by the upgrade_
“Pass Any Exam. Any Time.” – www.actualtests.com 36
Checkpoint 156-215.75 Exam
export command.
Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night
Use the cron utility to run the upgrade export: command each Saturday niqht on the log servers
Configure an automatic, nightly loqswitch
Configure the organization’s routine backup software to back up the switched logs every night
Upon evaluation, your plan:
A. Meets the required objective but does not meet either desired objective.
B. Does not meet the required objective.
C. Meets the required objective and only one desired objective.
D. Meets the required objective and both desired objectives.
Correct Answer: D QUESTION 90
Your company is running Security Management Server R75 on SecurePlatform, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using SmartDashboard, under Users, select Add New Administrator
B. Using the Web console on SecurePlatform under Product configuration, select Administrators
C. Using SmartDashboard or cpconf ig
D. Using cpconftg on the Security Management Server, choose Administrators
Correct Answer: A QUESTION 91
Which of the following tools is used to generate a Security Gateway R75 configuration report?
A. ethereal
B. cpinfo “Pass Any Exam. Any Time.” – www.actualtests.com 37 Checkpoint 156-215.75 Exam
C. licview
D. infoview
Correct Answer: B QUESTION 92
Which of the following is a CLI command for Security Gateway R75?
A. fwm policy_print <policyname>
B. fw shutdown
C. fw merge
D. fw tab -u
Correct Answer: D QUESTION 93
What information is provided from the options in this screenshot?
(i)Whether a SIC certificate was generated for the Gateway
(ii)Whether the operating system is SecurePlatform or SecurePlatform Pro
“Pass Any Exam. Any Time.” – www.actualtests.com 38 Checkpoint 156-215.75 Exam (iii)Whether this is a standalone or distributed installation
A. (i), (ii) and (iii)
B. (i) and (iii)
C. (i) and (ii)
D. (ii) and (iii)
Correct Answer: D QUESTION 94
Peter is your new Security Administrator. On his first working day, he is very nervous and sets the wrong password three times. His account is locked. What can be done to unlock Peter’s account? Give the BEST answer.
A. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Gateway.
B. It is not possible to unlock Peter’s account. You have to install the firewall once again or abstain from Peter’s help.
C. You can unlock Peter’s account by using the command fwm lock_admin -u Peter on the Security Management Server.
D. You can unlock Peter’s account by using the command fwm unlock_admin -u Peter on the Security Management Server.
Correct Answer: C
QUESTION 95
Which CLI command verifies the number of cores on your firewall machine?
A. fw ctl pstat
B. fw ctl core stat
C. fw ctl multik stat
D. cpstat fw -f core
Correct Answer: C
QUESTION 96
John currently administers a network using NGX R65.4 on the Security Management Server and NGX R65.2.100 (the VOIP release with the VOIP plug-ins enabled). He wants to upgrade to R75 to get the benefits of Check Point’s Software Blades. What would be the best way of doing this?
A. This can not be done yet as R75 can not manage NGX R65 Gateways due to SmartDefense and IPS mismatch problems.
B. Run upgrade_export on R65 management, then install R75 on this machine and run upgrade_import and re-license the systems to use software blades.
C. Just insert the R75 CD-ROM and run the in-place upgrade.
D. This is not supported today as currently the VOIP Software Blade and VOIP plug-in is not available in R75.
Correct Answer: D
QUESTION 97
John currently administers a network using single CPU single core servers for the Security Gateways and is running R75. His company is now going to implement VOIP and needs more performance on the Gateways. He is now adding more memory to the systems and also upgrades the CPU to a modern quad core CPU in the server. He wants to use CoreXL technology to benefit from the new performance benchmarks of this technology. How can he achieve this?
A. Nothing needs to be done. SecurePlatform recognized the change during reboot and adjusted all the settings automatically.
B. He just needs to go to cpconfig on the CLI and enable CoreXL. Only a restart of the firewall is required to benefit from CoreXL technology.
C. He needs to reinstall the Gateways because during the initial installation, it was a single-core CPU but the wrong Linux kernel was installed. There is no other upgrade path available.
D. He just needs to go to cpconfig on the CLI and enable CoreXL. After the required reboot he will benefit from the new technology.
Correct Answer: D
QUESTION 98
“Pass Any Exam. Any Time.” – www.actualtests.com 40 Checkpoint 156-215.75 Exam You are running a R75 Security Gateway on SecurePlatform. In case of a hardware failure, you have a server with the exact same hardware and firewall version installed. What backup method could be used to quickly put the secondary firewall into production?
A. upgrade_export
B. manual backup
C. snapshot
D. backup
Correct Answer: C
QUESTION 99
Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore can be done easily by the command restore and selecting the appropriate backup file.
B. A backup cannot be restored, because the binary files are missing.
C. The restore is not possible because the backup file does not have the same build number (version).
D. The restore is done by selecting Snapshot Management from the boot menu of SecurePlatform.
Correct Answer: A
QUESTION 100
Which operating systems are supported by a Check Point Security Gateway on an open server?
A. Check Point SecurePlatform and Microsoft Windows
B. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
C. Check Point SecurePlatform, IPSO, Sun Solaris, Microsoft Windows
D. Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO “Pass Any Exam. Any Time.” -www.actualtests.com 41 Checkpoint 156-215.75 Exam
Correct Answer: A
QUESTION 101
You intend to upgrade a Check Point Gateway from R65 to R75. Prior to upgrading, you want to backup the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?
A. Backup
B. Snapshot
C. Upgrade_export
D. Database_revision
Correct Answer: A
QUESTION 102
Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass through the Gateway running on an IP Appliance running IPSO. What command do you need to run after stopping the firewall service?
A. fw fwd routing
B. ipsofwd on admin
C. fw load routed
D. ipsofwd slowpath
Correct Answer: B QUESTION 103
Where can you find the Check Point’s SNMP MIB file?
“Pass Any Exam. Any Time.” – www.actualtests.com 42 Checkpoint 156-215.75 Exam
A. $FWDIR/conf/snmp.mib
B. It is obtained only by request from the TAC.
C. $CPDIR/lib/snmp/chkpt.mib
D. There is no specific MIB file for Check Point products.
Correct Answer: C
QUESTION 104
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.
Correct Answer: C
QUESTION 105
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.
D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
Correct Answer: C
We provide thoroughly reviewed CheckPoint 156-215 using the training resources which are the best for CheckPoint 156-215,and to get certified by Microsoft Windows Store apps.It is a best choice to accelerate your career as a professional in the Information Technology industry. Now we add the latest CheckPoint 156-215 content and to print and share content.
Do not you know how to choose the Checkpoint 156-215 exam dumps? Being worried about your Checkpoint 156-215 exam? Just try Flydumps new version Checkpoint 156-215 exam dumps.High pass rate and money back guarantee!
QUESTION 45
What does schema checking do?
A. Issues Certificates, and register the Certificates with the VPN-1 NGX Internal Certificate Authority
B. Maps LDAP objects to objects in the VPN-1 NGX objects.c file
C. Provides topology downloads for SecuRemote and SecureClient users authenticated by an LDAP server
D. Authenticates users attempting to access resources protected by a VPN-1 NGX Security Gateway
E. Verifies that every object class, and its associated attributes, is defined in the directory schema
Correct Answer: E
QUESTION 46
As a Security Administrator, you must configure anti-spoofing on Secure Gateway interfaces, to protect your internal networks. What is the correct anti-spoofing setting on interface ETH1 in this network diagram? NOTE: In the DMZ, mail server 192.168.16.10 is statically translated to the object “mail_valid”, with IP address 210.210.210.3. FTP server 192.168.16.15 is statically translated to the object “ftp_valid”, with IP address 210.210.210.5.
A. A group object that includes the 10.10.20.0/24 and 10.10.10.0/24 networks
B. A group object that includes the 10.10.0.0/16 network object, mail_valid host, and FTP_valid host object
C. A group object that includes the 10.10.10.0/24 and 192.168.16.0/24 networks
D. A group object that includes the 192.168.16.0/24 and 10.10.0.0/16 networks
E. A group object that includes the 10.10.0.0/16 and 192.168.16.0/24 networks, and mail_valid and ftp_valid host objects
Correct Answer: A
QUESTION 47
When you use the Global Properties’ default settings, which type of traffic will be dropped, if no explicit rule allows the traffic?
A. IKE and rDP traffic
B. Outgoing traffic originating from the Security gateway.
C. SmartUpdate connections
D. Firewall logging and ICA key-exchange information.
E. RIP traffic
Correct Answer: E
QUESTION 48
By default, when you click File > Switch Active File from SmartView Tracker, the smartCenter Server:
A. Purges the current log, and prompts you for the new log’s mode.
B. Prompts you to enter a file name, then saves the log file.
C. Saves the current log file, names the log file by date and time, and starts a new log file.
D. Opens a new window with a previously saved log file.
E. Purges the current log file, and starts a new log file.
Correct Answer: C
QUESTION 49
If you check the box “Use Aggressive Mode”, in the IKE Properties dialog box:
A. The standard six-packet IKE Phase 1 exchange is replaced by a three-packet exchange
B. The standard three-packet IKE Phase 2 exchange is replaced by a six-packet exchange
C. The standard six-packet IKE Phase 2 exchange is replaced by a three-packet exchange
D. The standard three-packet IKE Phase 1 exchange is replaced by a six-packet exchange
Correct Answer: A
QUESTION 50
Jordan’s company is streaming training videos provided by a third party on the Internet. Jordan configures VPN-1 NGX, so that each department ONLY views webcasts specific to its department. Jordan created and configured the multicast groups for all interfaces, and configures them to “Drop all multicast packets except those whose destination is in the list”. But no multicast transmissions are coming from the Internet. What is possible causes fro the connection problem?
A. Multicast groups are configured improperly on the external interface properties of the Security Gateway object.
B. Anti-spoofing is enabled. VPN-1 NGX cannot pass multicast traffic, if anti-spoofing is enabled.
C. Jordan did not create the necessary “to and through” rules, defining how VPN-1 NGX will handle the multicast traffic.
D. VPN-1 NGX does not support multicast routing protocols and streaming media through the Security Gateway.
E. The Multicast Rule is below the Stealth Rule. VPN-1 NGX can only pass multicast traffic, if the Multicast Rule is above the Stealth Rule.
Correct Answer: A
QUESTION 51
Your SmartCenter Server fails and does not reboot. One of your remote Security Gateways, managed by the SmartCenter Server, reboots. What happens to that remote Gateway after reboot?
A. Since the SmartCenter Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
B. Since the SmartCenter Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
C. Since the SmartCenter Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
D. Since the SmartCenter Server is not available to the remote Gateway, fetching the Security Policy and logging will both fail.
E. The remote Gateway fetches the last installed Security Policy locally, and passes traffic normally. The Gateway will log locally, since the SmartCenter Server is not available.
Correct Answer: E
QUESTION 52
Which component functions as the Internal Certificate Authority for VPN-1 NGX?
A. SmartConsole
B. SmartCenter Server
C. Policy Server
D. SmartLSM
E. Security Gateway
Correct Answer: B
QUESTION 53
Robert has configured a CIFS resource to allow access to the public partition of his company’s file server,
on \\erisco\goldenapple\files\public. Robert receives reports that users are unable to access the share,
unless they use the file server’s IP address.
Which of the following is a possible cause?
A. the CIFS resource is not configured to use Windows name resolution
B. Mapped shares are not configured to log.
C. Null CIFS sessions are configured to be blocked
D. Remote registry access is configured to be blocked.
E. Access violations are not configured to log.
Correct Answer: A
QUESTION 54
Barak is a Security Administrator for an organization that has two sites using pre-shared secrets in its VPN. The two sites are Oslo and London. Barak has just been informed that a new office is opening in Madrid, and he must enable all three sites to connect via the VPN to each other. Three Security Gateways are managed by the same SmartCenter Server, behind the Oslo Security Gateway. Barak decides to switch from pre-shared secrets to Certificates issued by the Internal Certificate Authority (ICA). After creating the Madrid gateway object with the proper VPN Domain, what are Barak’s remaining steps?
A. 1, 2, 3, 4
B. 1, 2, 5
C. 1, 2, 3, 5
D. 1, 3, 4, 5
E. 1, 2, 3, 4, 5
Correct Answer: E
QUESTION 55
You want to establish a VPN, using Certificates. Your VPN will exchange Certificates with an external partner. Which of the following activities should you do first?
A. Exchange a shared secret, before importing Certificates.
B. Create a new logical-server object, to represent your partner’s CA.
C. Create a new server object, to represent your partner’s Certificate Authority (CA)
D. Manually import your partner’s Certificate Revocation List.
E. Manually import your partner’s Access Control list.
Correct Answer: C
QUESTION 56
There is a Web server behind your perimeter Security Gateway. You need to protect the server from network attackers, who creates scripts that force your Web server to send user credentials or identities to other Web servers. Which box do you check in the Web Intelligence tab in SmartDashboard?
A. Command Injection protection
B. SQL Injection protection
C. HTTP header format checking
D. HTTP protocol inspection protection
E. Cross Site Scripting protection
Correct Answer: E
QUESTION 57
How do you control the maximum mail messages in a spool directory?
A. In the SMTP resource object
B. In the smtp.conf file on the SmartCenter Server
C. In the gateway object’s SMTP settings in the Advanced window
D. In SmartDefense SMTP settings
E. In the Security Server window in Global Properties
Correct Answer: C
QUESTION 58
Quinton is the Security Administrator for a chain of retail stores. In a recent security newsletter, Quinton read about an attack where a client fools a server into sending large amount of data, using small packets. Quinton is concerned that this company’s servers might be vulnerable to this type of attack. Which smartDefense option should Quinton use to protect the servers?
A. Application Intelligence > DNS > Cache poisoning
B. Network Security > Successive events > DoS
C. Network Security > TCP > Small PMTU
D. Application Intelligence > Microsoft Networks > File and Print Sharing
E. Network Security > Denial of Service > LAND
Correct Answer: C QUESTION 59
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 999
B. Rule 0
C. Rule 1
D. Cleanup Rule
E. Stealth Rule
Correct Answer: B
QUESTION 60
Sonny is the Security Administrator for a company with a large call center. The management team in the center is concerned that employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch breaks. The call center’s network is protected by an internal Security Gateway, configured to drop peer-to-peer file-sharing traffic. The call-center management team wants to know if the Security Gateway protecting the call center drops more packets than other internal Security Gateways in the corporate network. Which application should Sonny use, determine the number of packets dropped by each Gateway?
A. SmartView Status
B. SmartView Monitor
C. SmartDashboad
D. SmartView Tracker
E. SmartUpdate
Correct Answer: B
QUESTION 61
Katie is the Security Administrator for an insurance company. Her manager gives Katie the following requirements for controlling DNS traffic:
*
Required Result #1: Accept domain name-over-TCP traffic (zone-transfer traffic).
*
Required Result #2: Log domain name-over-TCP traffic (zone-transfer traffic).
*
Desired Result #1: Accept domain name-over-UDP traffic (queries traffic)
*
Desired Result #2: Do not log domain name-over-UDP traffic (queries traffic)
*
Desired Result #3: Do not clutter the Rule Base, by creating explicit rules for traffic that can be controlled using Global Properties. Katie makes the following configuration changes, and installs the Security Policy:
1.
She selects the box “Accept Domain Name over TCP (Zone transfer)” in Global Properties.
2.
She selects the box “Accept Domain Name over UDP (Queries)” in Global Properties.
3.
She selects the box “Log Implied Rules” in Global Properties Does Katie’s solution meet the required and desired results?
A. The solution meets all required results, and none of the desired results.
B. The solution does not meet the required results.
C. The solution meets all required and desired results.
D. The solution meets the required results, and one of the desired results.
E. The solution meets the required results, and two of the desired results.
Correct Answer: E
QUESTION 62
David is a consultant for a software-deployment company. David is working at a customer’s site this week. David’s ask is to create a map of the customer’s VPN tunnels, including down and destroyed tunnels. Which SmartConsole application will provide David with the information needed to create this map?
A. SmartView Tracker
B. SmartLSM
C. SmartView Monitor
D. SmartView Status
E. SmartUpdate
Correct Answer: C
QUESTION 63
Gail is the Security Administrator for a marketing firm. Gail is working with the networking team, to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks Gail to check he configuration settings for the perimeter Security Gateway. Which SmartConsole application should Gail use to check the configuration settings?
A. SmartView Tracker
B. SmartView Monitor
C. SmartUpdate
D. SmartDashboard
E. SmartView Status
Correct Answer: D
QUESTION 64
One of your remote Security Gateways suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the SmartCenter Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic gateway object, you receive an error message “unknown”. What is the problem?
A. The time on the SmartCenter Server’s clock has changed, which invalidates the remote Gateway’s Certificate.
B. The remote Gateway’s IP address has changed, which invalidates the SIC Certificate.
C. The Security Gateway is NG with Application Intelligence, and the SmartCenter Server is NGX.
D. The Internal Certificate Authority for the SmartCenter object has been removed from objects_5_0.c.
E. There is no connection between the SmartCenter Server and the remote Gateway. Rules or routing may block the connection.
Correct Answer: E
Well-regarded for its level of detail, assessment features, and challenging review questions and hands-on exercises,Checkpoint 156-215 helps you master the concepts and techniques that will enable you to succeed on the Checkpoint 156-215 exam the first time.
Exam A
QUESTION 1
Which of the following are available SmartConsole clients which can be installed from the R76 Windows CD? Read all answers and select the most complete and valid list.
A. SmartView Tracker, CPINFO, SmartUpdate
B. SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor
C. SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status
D. Security Policy Editor, Log Viewer, Real Time Monitor GUI
Correct Answer: A
QUESTION 2
You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost- effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?
A. SmartLSM and SmartUpdate
B. SmartView Tracker and SmartView Monitor
C. SmartView Monitor and SmartUpdate
D. SmartDashboard and SmartView Tracker
Correct Answer: D
QUESTION 3
Your bank’s distributed R76 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?
A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard
Correct Answer: A
QUESTION 4
When launching SmartDashboard, what information is required to log into R76?
A. User Name, Management Server IP, certificate fingerprint file
B. User Name, Password, Management Server IP
C. Password, Management Server IP
D. Password, Management Server IP, LDAP Server IP
Correct Answer: D
QUESTION 5
Message digests use which of the following?
A. SHA-1 and MD5
B. IDEA and RC4
C. SSL and MD4
D. DES and RC4
Correct Answer: C QUESTION 6
Which of the following is a hash algorithm?
A. DES
B. IDEA
C. MD5
D. 3DES
Correct Answer: A QUESTION 7
Which of the following uses the same key to decrypt as it does to encrypt?
A. Asymmetric encryption
B. Symmetric encryption
C. Certificate-based encryption
D. Dynamic encryption
Correct Answer: A QUESTION 8
You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm’s business partners. Which SmartConsole application should you use to confirm your suspicions?
A. SmartDashboard
B. SmartView Tracker
C. SmartUpdate
D. SmartView Status
Correct Answer: C QUESTION 9
A digital signature:
A. Provides a secure key exchange mechanism over the Internet.
B. Automatically exchanges shared keys.
C. Guarantees the authenticity and integrity of a message.
D. Decrypts data to its original form.
Correct Answer: B QUESTION 10
Which component functions as the Internal Certificate Authority for R76?
A. Security Gateway
B. Management Server
C. Policy Server
D. SmartLSM
Correct Answer: C