CheckPoint 156-215 Preparation Materials, Latest Upload CheckPoint 156-215 Practice Exam With Low Price
Attention Please: Professional new version CheckPoint 156-215 PDF and VCE dumps can now free download on Flydumps.com all are updated timely by our experts covering all new questions and questions.100 percent pass your CheckPoint 156-215 exam.
QUESTION 56
Mary is recently hired as the Security Administrator for a public relations company. Mary’s manager has asked her to investigate ways to improve the performance of the firm’s perimeter Security Gateway. Mary must propose a plan based on the following required and desired results:
Required Result #1:Do not purchase new hardware.
Required Result #2:Use configuration changes that do not reduce security.
Desired Result #1:Reduce the number of explicit rules in the Rule Base.
Desired Result #2:Reduce the volume of logs.
Desired Result #3:lmprove the Gateway’s performance.
Proposed Solution:
Mary recommends the following changes to the Gateway’s configuration:
Replace all domain objects with network and group objects.
Stop logging Domain Name over UDP (queries).
Use Global Properties, instead of explicit rules, to control ICMP, VRRP, and RIP.
Does Mary’s proposed solution meet the required and desired results?
A. The solution meets the required results, and two of the desired results.
B. The solution does not meet the required results.
C. The solution meets all required results, and none of the desired results.
D. The solution meets all required and desired results.
E. The solution meets the required resufts, and one of the desired resufts.
Correct Answer: D QUESTION 57
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:Required:
Allow only network 192.168.10.0 and 192.168.20.0 to go out to Internet, using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assume you enable all the settings in the NAT page of Global Properties.
How do you achieve this requirement?
A. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
B. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the Address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group object. Create a manual NAT rule like the following: Original source – group object; Destination ? any; Service ?any; Translated source – 200.200.200.5; Destination ?onginal; Service ?onginal.
Correct Answer: C
QUESTION 58
Your standby SmartCenter Servers status is collision. What does that mean, and how do you synchronize the Server and its peer?
A. The standby and active Servers have two Internal Certificate Authority (ICA) Certificates. Uninstall and reinstall the standby Server.
B. The active Server detected a keep-alive packet from the standby Server.
C. The peer Server has not been property synchronized. Manually synchronize both Servers again.
D. The peer Server is more up-to-date. Manually synchronize both Servers again.
E. The active SmartCenter Server and its peer have different Security Policies and databases. Manually synchronize the Servers, and decide which Server’s configuration to overwrite.
Correct Answer: E
QUESTION 59
You have installed a new NGX Security Gateway. You want to test the communication between the Security Gateway and the SmartCenter Server by installing the Security Policy on the Security Gateway. Why can the Policy NOT be installed on the Security Gateway?
A. You have not established Secure Internal Communications (SIC) between the Security Gateway and SmartCenter Server. You must initialize SIC on the SmartCenter Server.
B. You have not established Secure Internal Communications (SIC) between the Security Gateway and SmartCenter Server. You must initialize SIC on both the Security Gateway and the SmartCenter Server.
C. There is no Secure Internal Communications (SIC) established between the Security Gateway and SmartCenter Server. You must initialize SIC on the Security Gateway.
D. You first need to run the tw unloadlocal command on the Security Gateway.
E. You first need to run the tw unloadlocal command on the SmartCenter Server.
Correct Answer: B
QUESTION 60
Ben is the Security Administrator for a university. Ben configured and installed a new Security Policy this morning. An hour after installing the new Security Policy, Ben began receiving complaints that Internet access was very slow. Ben called his Internet Service Provider, who asked Ben how much virtual memory his Security Gateway had. Which SmartConsole application should Ben use to answer this question?
A. SmartView Tracker
B. SmartLSM
C. SmartUpdate
D. SmartView Monitor
E. SmartView Status
Correct Answer: D
QUESTION 61
Which of the following types of Attacksoes Anti-spoofing prevent?
A. Viruses
B. LAND
C. SMURF
D. Spyware
E. Ping of death
Correct Answer: B QUESTION 62
What is the reason for the Critical Problem notification in this SmartView Monitor example?
A. Active real memory shortage on the Gateway
B. No Security Policy installed on the Security Gateway
C. Version mismatch between the SmartCenter Server and Security Gateway
D. Time not synchronized between the SmartCenter Server and Security Gateway
E. No Secure Internal Communications established between the SmartCenter Server and Security Gateway
Correct Answer: B
QUESTION 63
Which NGX component displays the number of packets accepted, rejected, and dropped on a specific Security Gateway, in real time?
A. Reporting Module
B. Eventia Reporter
C. SmartUpdate
D. SmartView Status
E. SmartView Monitor
Correct Answer: A
QUESTION 64
One of your remote Security Gateways suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the SmartCenter Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic gateway object, you receive error message “unknown”. What is the problem?
A. The remote Gateway’s IP address has changed, which invalidates the SIC Certificate.
B. The Security Gateway is NG with Application Intelligence, and the SmartCenter Server is NGX.
C. The Internal Certificate Authority for the SmartCenter obiect has been removed from obiects_5_0.C.
D. The time on the SmartCenter Server’s clock has changed, which invalidates the remote Gateway’s Certificate.
E. There is no connection between the SmartCenter Server and the remote Gateway. Rules or routing may block the connection.
Correct Answer: E
QUESTION 65
Jordan’s company is streaming training videos provided by a third party on the Internet. Jordan configures NGX, so that each department ONLY views Webcasts specific to its department. Jordan created and configured the multicast groups for all interfaces, and configures them to “Drop all multicast packets except those whose destination is in the list”. However, no multicast transmissions are coming from the Internet. What is a possible cause for the connection problem?
A. The Multicast Rule is below the Stealth Rule. NGX can only pass multicast traffic, if the Multicast Rule is above the Stealth Rule.
B. Jordan did not create the necessary “to and through” rules, defining how NGX will handle the multicast traffic.
C. Multicast groups are configured improperly on the external interface properties of the Security Gateway object.
D. Anti-spoofing is enabled. NGX cannot pass multicast traffic, if anti-spoofing is enabled.
E. NGX does not support multicast routing protocols and streaming media through the Security Gateway.
Correct Answer: B
QUESTION 66
What is a disadvantage of a stand-alone installation versus a distributed installation?
A. You are forced to use Windows as operating system.
B. Clientless VPN would not work in a stand-alone installation.
C. The SmartCenter Server must be a secondary server. You are forced to install a separate primary server.
D. You must use a central license.
E. You cannot fnstaff software packages on a Security Gateway via SmartUpdate.
Correct Answer: E
QUESTION 67
Carol is the Security Administrator for a chain of grocery stores. Each grocery store is protected by a Security Gateway. Carol is generating a report for the information-technology audit department. The report must include the name of the Security Policy installed on each remote Security Gateway, the date and time the Security Policy was installed, and general performance statistics (CPU Use, average CPU time, active real memory, etc.). Which SmartConsole application should Carol use to gather this information?
A. SmartUpdate
B. SmartView Status
C. SmartView Tracker
D. SmartLSM
E. SmartView Monitor
Correct Answer: E
QUESTION 68
John is the Security Administrator for a public hospital. New health-care legislation requires logging for all traffic accepted through the perimeter Security Gateway. What must John do, to ensure implied rules meet the new requirement?
A. Use the “Implicit Rules” predefined query in SmartView Tracker.
B. Install the “View Implicit Rules” package using SmartUpdate.
C. Check the “Log Implied Rules Globally” box on the NGX Gateway object.
D. Set the position of all implicit rules to “Before Last”.
E. Check the “Log Implied Rules” box in Global Properties.
Correct Answer: E
QUESTION 69
What do you use to view an NGX Security Gateway’s status, including CPU use. amount of virtual memory, percent of free hard-disk space, and version?
A. SmartLSM
B. SmartView Tracker
C. SmartUpdate
D. SmartView Monitor
E. SmartView Status
Correct Answer: D
QUESTION 70
Which NGX feature or command allows Security Administrators to revert to earlier versions of the Security Policy without changing object configurations?
A. upgrade_export/upgrade_import
B. Policy Package management
C. fwm dbexport/fwm dbimport
D. cpconfig
E. Database Revision Control
Correct Answer: B
QUESTION 71
What is a Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and SmartDefense Policies
B. The specific Policy used by Eventia Reporter to configure log-management practices
C. The state of the Policy once installed on a Security Gateway
D. A Policy created by Eventia Reporter to generate logs
E. The collective name of the logs generated by Eventia Reporter
Correct Answer: B QUESTION 72
You have locked yourself out of SmartDashboard with the rules you just installed on your stand alone Security Gateway. Now you cannot access the SmartCenter Server or any SmartConsole tools via SmartDashboard. How can you reconnect to SmartDashboard?
A. Run cpstop on the SmartCenter Server.
B. Run fw unlocklocal on the SmartCenter Server.
C. Run fw unloadlocal on the Security Gateway.
D. Delete the $fwdir/database/manage.lock file and run cprestart.
E. Run fw uninstall localhost on the Security Gateway.
Correct Answer: C
QUESTION 73
As a Security Administrator, you must configure anti-spoofing on Security Gateway interfaces, to protect your internal networks. What is the correct anti-spoofing setting on interface ETH1 in this network diagram?
NOTE: In the DMZ, mail server 192.168.16.10 is statically translated to the object “mafl_valfd”, with IP address 210.210.210.3. The FTP server 192.168.16.15 is statically translated to the object “ftp_valid”, with IP address 210.210.210.5.
A. A group object that includes the 10.10.0.0/16 and 192.168.16.0/24 networks, and mail_valid and ftp_valid host objects
B. A group object that includes the 10.10.20.0/24 and 10.10.10.0/24 networks
C. A group object that includes the 10.10.0.0/16 network object, mail_valid host, and ftp_valid host object
D. A group object that includes the 192.168.16.0/24 and 10.10.0.0/16 networks
E. A group object that includes the 10.10.10.0/24 and 192.168.16.0/24 networks
Correct Answer: B
QUESTION 74
In SmartView Tracker, you see an entry for an outbound connection showing address translation. But when setting SmartView Tracker to show all entries for that connection, only outbound entries show. What is the possible cause for this?
A. The entry is for a Static NAT connection, from a specific host that has been infected by a worm.
B. The entry is for a Hide NAT connection from a specific host.
C. The entry is for an automatic Static NAT connection, where inbound traffic is managed by a separate rule.
D. The entry is for a manual Hide NAT connection, from a specific host infected by a worm.
Correct Answer: B
QUESTION 75
Which encryption scheme provides “In-place” encryption?
A. IKE
B. Manual IPSec
C. DES
D. SKIP
E. AES
Correct Answer: E
QUESTION 76
Phil notices a large amount of traffic from a specific internal IP address. He needs to verify if it is a network attack, or a user’s system infected with a worm. He has enabled Sweep Scan Protection and Host port scan in SmartDefense. Will Phil get all the information he needs from these actions?
A. No. SmartDefense will only block the traffic, but it will not provide a detailed analysis of the traffic.
B. No. SmartDefense will not block the traffic. The logs and alert can provide a further level information, but determining whether the attack is intentional or a worm requires further research by Phil.
C. No. Phil also should set SmartDefense to quarantine the traffic from the suspicious IP address.
D. Yes. SmartDefense will limit the traffic impact from the scans, and identify if the pattern of the traffic matches any known worms.
E. No. To verify if this is a worm or an active attack, Phil should also enable TCP attack defenses.
Correct Answer: B
QUESTION 77
Which of the following is NOT a feature or quality of a hash function?
A. Encrypted with the sender’s RSA private key, the hash function forms the digital signature.
B. It is mathematically infeasible to derive the original message from the message digest.
C. The hash function forms a two-way, secure communication.
D. The hash function is irreversible.
E. It is mathematically infeasible for two different messages to produce the same message digest.
Correct Answer: C
QUESTION 78
With SmartDashboard’s Smart Directory, you can create NGX user definitions on a(n)_________Server.
A. NT Domain
B. LDAP
C. Provider-1
D. SecurelD
E. Radius
Correct Answer: B
QUESTION 79
Andrea has created a new gateway object that she will be managing at a remote location. She attempts to install the Security Policy to the new gateway object, but the object does not appear in the “install on” box. Which of the following is the most likely cause?
A. Andrea has created the object using “New Check Point > VPN-1 Edge Embedded Gateway1′.
B. Andrea created the gateway object using the “New Check Point > Externally Managed VPN Gateway” option from the Network Objects dialog box.
C. Andrea has not configured anti-spoofing on the interfaces on the gateway object.
D. Andrea has not configured Secure Internal Communications (SIC) for the object.
E. Andrea created the Object using “New Check Point > VPN-1 Pro/Express Security Gateway” option in the network objects, dialog box. but still needs to configure the interfaces for the Security Gateway object.
Correct Answer: B
QUESTION 80
Your SmartCenter Server fails and does not reboot. One of your remote Security Gateways managed by the SmartCenter Server reboots. What happens to that remote Gateway after reboot?
A. Since the SmartCenter Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
B. Since the SmartCenter Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
C. The remote Gateway fetches the last installed Security Policy locally, and passes traffic normally. The Gateway will tog locally, since the SmartCenter Server is not available.
D. Since the SmartCenter Server is not available to the remote Gateway, fetching the Security Policy and logging wilf both fail.
E. Since the SmartCenter Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
Correct Answer: C
QUESTION 81
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spooflng?
A. Rule 0
B. Cleanup Rule
C. Rule1
D. Rule 999
E. Stealth Rule
Correct Answer: A
QUESTION 82
Which type of TCP attack is a bandwidth attack, where a client fools a server into sending large amounts of data, using small packets?
A. SAMURF
B. Small PMTU
C. Host System Hogging
D. LAND
E. SYN-Flood
Correct Answer: B QUESTION 83
Which SmartConsole tool verifies the installed Security Policy name?
A. SmartView Status
B. Eventia a Reporter
C. SmartView Server
D. SmartUpdate
E. SmartView Tracker
Correct Answer: E
QUESTION 84
What happens when you select File>Export from the SmartView Tracker menu?
A. It is not possible to export an old log file, only save and switch in SmartView Tracker.
B. Current logs are exported to a new *.log file.
C. Exported log entries are still viewable in SmartView Tracker.
D. Exported fog entries are deleted from fw.log.
E. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
Correct Answer: E
QUESTION 85
Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to verify that the Web servers are secure against traffic hijacks. She has activated the Cross-Site Scripting property. What other settings would be appropriate? Ellen:
A. should also enable the Web intelligence > SOL injection setting.
B. must select the “Products > Web Server” box on each of the node objects.
C. should enable all settings in Web Intelligence.
D. needs to configure TCP defenses such as “Small PMTU” size.
E. needs to create resource objects for the web farm servers and configure rules for the web farm.
Correct Answer: B
The CheckPoint 156-215 training is a vital way of becoming the best.This CheckPoint 156-215 certification has helped the candidates to enhance their capabilities by providing a great learning platform to them so that they can polish their skills.