CheckPoint 156-310 Exam Guide, Discount CheckPoint 156-310 PDF Covers All Key Points
Welcome to download the newest Pass4itsure NS0-101 dumps:
Flydumps just published the newest CheckPoint 156-310 Dumps with all the new updated exam questions and answers. We provide the latest version of CheckPoint 156-310 PDF and VCE files with up-to-date questions and answers to ensure your exam 100% pass,on our website you will get the CheckPoint 156-310 free new version VCE Player along with your VCE dumps.
QUESTION 131
How do determine what version of firewall kernel a customer is using?
A. Fw ver.
B. Cp kernel.
C. Fw ver -k.
D. Fw kernel -v.
E. Cp cu -v.
Correct Answer: C
QUESTION 132
When you select the Pre-Shared Secret check box in the IKE Properties window:
A. The firewall can authenticate itself by a public-key signature.
B. The firewall can authenticate itself using SecuRemote only.
C. The firewall can authenticate itself by a pre-shared secret.
D. The firewall can authenticate itself using all standard and non-standard IKE authentication methods.
E. The firewall can authenticate itself using a modified pre-shared secret key.
Correct Answer: C
QUESTION 133
What is the Check Point recommended sequence for performing the following operations?
1.
Install operating system.
2.
Finish hardening the operating system.
3.
Patch operating system.
4.
Install firewall.
5.
Patch firewall.
A. 1, 2, 3, 4, 5.
B. 1, 3, 4, 5, 2.
C. 1, 4, 2, 3, 5.
D. 1, 4, 3, 5, 2.
E. 1, 4, 5, 3, 2.
Correct Answer: B
QUESTION 134
To reduce the effectiveness of traffic sniffing inside the LAN, internal users should have the _______ installed in their desktop.
A. Management
B. Real Secure.
C. Enforcement
D. Policy Server.
E. Secure Client
Correct Answer: E
QUESTION 135
Which of the following selections lists the three security components essential to guaranteeing the security of network connections?
A. Encryption, inspection, routing.
B. NAT, traffic control, topology.
C. Static addressing, cryptosystems, spoofing.
D. Encryption, authentication, integrity.
E. DHCP, quality of service, IP pools.
Correct Answer: D
QUESTION 136
If you wish to move any Secure Client files to another directory.
A. Uninstall and reinstall Secure Client first.
B. Restore the original files before uninstalling Secure Client.
C. Upgrade Secure Client, then uninstall and reinstall.
D. One of the above.
Correct Answer: A
QUESTION 137
You are installing Check Point VPN-1/Firewall-1 on a Windows NT platform. The machine will only be used
to install policies on Enforcement Modules. No other machine in the network will perform the function.
While installing the following installation screen of “VPN-1/Firewall-1 Enterprise Product” appears.
The screen shows “Please select the VPN-1/Firewall-1 Product Type you are about to install”. Which
option should you choose?
A. Enterprise Primary Management.
B. Enterprise Security Management.
C. Enforcement Module & Primary Management.
D. Enforcement Module.
Correct Answer: A
QUESTION 138
The ________ load balancing algorithm uses ICMP to determine the shortest time to and from the firewall and each individual physical server. It then chooses the server with the shortest time.
A. Server Load.
B. Router Load.
C. Round Trip
D. Round Robin
E. Domain
Correct Answer: C
QUESTION 139
Patrick has been hired to devise a security solution for a company that provides in-home care. Visiting Nurses use Internet connections to transmit confidential patient data to a database server located at the corporate office. The visiting Nurses at the remote locations must have a secure connection to the database server to protect patient confidentiality. The database server itself must also be protected from external threats. The human resources department would like to have access to information about their Nurses access the database server. Accounting would like to offer Nurses the option of submitting their time sheets from remote locations, provided this can be accomplished in a secure manner. Patrick proposes installing Check Point VPN/Firewall-1 at the perimeter of the corporate LAN. He recommends installing Check Point Secure Client in the laptops used by the visiting Nurses. Patrick suggests rules allowing only client-authenticated traffic to the accounting server. To reduce resource consumption, Patrick advises his customer not to log any traffic passing through the Enforcement Module. Choose the one phrase below that best describes Patrick’s proposal.
A. The proposed solution meets the required objectives and none of the desired objectives.
B. The proposed solution meets the required objectives and only one of the desired objectives.
C. The proposed solution meets the required objectives and all desired objectives.
D. The proposed solution does not meet the required objective.
Correct Answer: B
QUESTION 140
When using the Load Measuring Agent, you can add a new server without stopping and starting anything. Review the steps listed below and select the response demonstrating the correct order for adding a new server for Load Measuring.
1.
Install the agent on the server.
2.
Add the object for the new server to the existing rule in the Rule Base.
3.
Re-install the Security Policy.
A. 1, 2, 3.
B. 2, 1, 3.
C. 2, 3, 1.
D. 1, 3, 2.
E. 3, 2, 1.
Correct Answer: A
QUESTION 141
What is the purpose of cplic check?
A. Allow you to perform the license installation.
B. Verification of the license expiration data.
C. It is a alternate to the printlic command.
D. Validates a license feature.
E. Verification of the external IP address.
Correct Answer: D
QUESTION 142
If you have modified your network configuration by removing the firewall adapters, you can reinstall these adapters by reinstalling Secure Client.
A. True
B. False
Correct Answer: B
QUESTION 143
Hector is a security administrator for a large, global enterprise that is preparing to implement VPN-1/ Firewall-1. In the first phase of the rollout all Enforcement Modules will be installed at a central warehouse before being shipped to the final sites and final set-up. Site-specific information is not available to the warehouse installer. What are the MINIMUM elements Hector must configure to complete Enforcement Module installation?
A. Management Server IP address.
B. Certificate Authority.
C. Shared Secret Key.
D. One Time Password.
E. Security Servers.
Correct Answer: A
QUESTION 144
Which of the following statements is FALSE?
A. A policy Server extends security to the desktop by allowing administrators to enforce a Security Policy on desktops -both inside a LAN and connecting from the Internet -this preventing authorized connections from being compromised.
B. A Policy Server must be on a firewalled machine with CP shared installed.
C. A Policy Server supports all platforms.
D. To use Policy Server in a network, you must have Policy Server from which Secure Client obtains its Desktop Policy.
E. To use Policy Server in a network, you must have Secure Client software.
Correct Answer: C
QUESTION 145
Content Vectoring Protocol (CVP), by default uses which TCP? port 10101, and:
A. 80
B. 141
C. 10101
D. 18181
Correct Answer: D
QUESTION 146
Paul will be installing all of the components of VPN-1/Firewall-1 on a single machine. Company growth will require moving to a distributed environment as additional Enforcement Modules are added over the next six months. While installing, which option should Paul select to facilitate the transition six months from now?
A. Enterprise Primary Management.
B. Enterprise Security Management.
C. Enforcement Module & Primary Management.
D. Enforcement Module.
Correct Answer: C
QUESTION 147
In the IKE properties window, you can use the Data Integrity drop-down menu to select:
A. The cryptographic checksum method to be used for ensuring data integrity.
B. The Certificate Authority to be used for ensuring data integrity.
C. The shared secret to be used for ensuring data integrity.
D. The CA checksum method to be used for ensuring data integrity.
E. The shared-secret checksum method to be used for ensuring data integrity.
Correct Answer: A
QUESTION 148
You must configure your firewall for Hybrid IKE Secure Client connections. Which of the following fields MUST be selected to allow backward compatibility with earlier version of the Secure Client?
A. Respond to Unauthenticated topology requests (IKE and PF1).
B. Cache static passwords on desktop.
C. Required policy for all desktops and Desktop if enforcing the required policy.
D. A and B.
E. A and C.
Correct Answer: E
QUESTION 149
Your Manager has requested that you implement a policy that prevents users on the network from transferring confidential files out of the intranet using FTP. You also want to check for virus signatures on those files entering the intranet. You setup an FTP resource and add it to the Service field of a rule. You have only redefined the FTP resource and selected the Get option under the Match tab. Does this meet all of the requirements of your manager?
A. Yes
B. No
Correct Answer: B
QUESTION 150
Secure Client syntax checking can be used to monitor usersc.C file parameters. The checking is used to prevent errors causing the site, to which it belongs from being deleted.
A. True
B. False
Correct Answer: A
QUESTION 151
The Service drop-down menu in the OPSEC Definition Properties window allows you to select a service for
communication with a server from the drop-down list.
The service contains the port number to watch the filer server listens. For UFP Server, the service is:
A. FW1_UFP
B. FW1_sam
C. UFP_FW1
D. FWNG_UFP
E. FW1_NG_UFP
Correct Answer: QUESTION 152
You are concerned that an electronically transmitted message may be intercepted and manipulated as if it came from you. This would compromise the accuracy of the communications. To secure the validity of the original message sent, you attach a _______.
A. Tag
B. Sender flag.
C. Diffie-Hellman verification.
D. Private key.
E. Digital signature.
Correct Answer: E
QUESTION 153
When designing your company’s content security solution, where should you place the CVP anti-virus server for the best performance?
A. On the company’s internal Web Server.
B. On the firewall itself.
C. In any server with the internal network.
D. On a server on an internal dedicated network connected to a separate NIC in the firewall.
E. None of the above.
Correct Answer: D
QUESTION 154
You are using Hybrid IKE. The certificate is not created in the Certificates tab of the VPN-1/Firewall-1 network object; even after “Internal CA created successfully” is displayed “fw internalca create” is displayed as having been issued. Which if the following lists the most likely cause of the problem, and the appropriate remedy?
A. The distinguished name used in the “fw internalca create” and “fw interalca certify” commands is too long. In this case, use a shorter name.
B. Perform fwstop and move the objects.sav objects.bak and other files with objects.* from $FWDIR/conf directory except the objects.c file. Perform the “fw interalca create” and “fw interalca certify” again with the -force option.
C. Under the Firewall object> VPN> IKE> Support Authentication Methods, Hybrid is unchecked. Select Hybrid and stop and start the firewall.
D. Certificate created by internal CA is somehow corrupt. Recreate the certificate with the -force option.
E. Options A and B.
Correct Answer: E
QUESTION 155
You are developing network between separate corporate partners, each having their own secure intranet. If you want to share among them, the type of VPN you should develop is a (n):
A. Intranet VPN.
B. Extranet VPN.
C. Site-to-Site VPN.
D. Server to Server VPN.
E. None of the above.
Correct Answer: B QUESTION 156
TCP services must have a rule in the Policy Editor Rule Base to be used by TCP resources.
A. True
B. False
Correct Answer: A QUESTION 157
User groups need NOT be defined to configure SecuRemote, but are required for the configuration of a Policy Server.
A. True
B. False
Correct Answer: A QUESTION 158
SYNDefender Gateway sends a FIN/ACK packet in immediate response to a server’s SYN/ACK packet.
A. True
B. False
Correct Answer: B
QUESTION 159
What are the two types of HTTP Security Server authentication methods that may be used?
A. Transparent and UFP.
B. Transparent and Proxy.
C. Non-Transparent and Proxy.
D. Non-Transparent and CVP.
E. Transparent and CRL.
Correct Answer: B
QUESTION 160
You are implementing load-balancing to your Web Server using the Connect Control module. What type of logical server would you specify, if you need to load balance between servers that may not be behind the same firewall?
A. HTTP
B. Other with Persistent Server Mode -checked.
C. Both A and B.
D. None of the above, it is not possible.
Correct Answer: B
QUESTION 161
Below is the Log and Alert Page of the Global Properties window. Exhibit missing The Excessive log grace period field sets the minimum amount of time (in seconds) (The above not available picture showed 62 seconds) between consecutive logs of similar packets. Two packets are considered similar:
A. If they have the same source address, source port, destination port and the same service was used.
B. If they have the same source port, destination address, destination port and the same service was used.
C. If they have the same source address, source port, destination port and any service was used.
D. If they have the same destination address, source address, destination port, and the same service was used.
E. None of the above answers are correct.
Correct Answer: E
QUESTION 162
Which position of a URL is sent to a UFP server when using a TCP resource?
A. The full URL is forwarded.
B. Only the IP address of the remote server is forwarded to the UFP server.
C. The URL is not forwarded to the UFP Server, it is handled by the Security Servers.
D. Only the path portion of the URL is forwarded.
E. Only the host name is forwarded.
Correct Answer: B
QUESTION 163
For standard RFC (Request for Comments) complaint IKE VPN’s, a user’s authentication method should be defined where?
A. In the authentication tab of the user.
B. In the Encryption tab of the firewall and the Authentication tab of the user.
C. In the Encryption tab of the firewall and the Encryption tab of the user.
D. In the Authentication tab on the firewall.
E. In the Authentication tab of the firewall and the user.
Correct Answer: C QUESTION 164
When you install the Management Module and GUI Client on a Windows NT Server:
A. The Windows NT Server in which you install becomes the Management Module and Authentication GUI for the Enforcement Module.
B. The Administration GUI resides on the Enforcement Module and the Management Module resides on its own machine.
C. The Windows NT Server on which you install becomes the Enforcement Module.
D. The Administration GUI only resided on the Management Module.
E. The Administration GUI communicated with the Management Module on port 257.
Correct Answer: D QUESTION 165
The following steps correctly list the actions taken by a Certificate Authority (CA)
1.
Users send their public keys to a CA in a secure manner.
2.
The CA signs the public keys with its own private keys, creating CA public keys.
3.
The CA creates a certificate with its public and private keys. Receivers then authenticate senders’ public keys, by matching the CA public keys to the CA private keys on the certificates.
A. True
B. False
Correct Answer: A QUESTION 166
This picture shows a normal three-way TCP/IP handshake.
Which of the following will cause VPN-1/Firewall-1 to reset TCP connections with a server protected by SYNDefender?
A. The client never completes the handshake with an SYN packet.
B. The client never completes the handshake with an SYN/ACK packet.
C. The server never completes the handshake with an SYN packet.
D. The client never completes the handshake with an ACK packet
E. The server never completes the handshake with an ACK packet.
Correct Answer: D
QUESTION 167
With Secure Client, if you have more than one network adapter: (Choose all that apply)
A. VPN-1/Firewall-1 adapters can be bound to all of them.
B. In Windows 3x, the binding is static and takes place when Secure Client is installed.
C. On Windows NT, the binding is dynamic and takes place upon reboot.
D. On Windows 2000, the binding is static and takes place when Secure Client is installed.
E. A, B and C.
Correct Answer: AC
QUESTION 168
Which load-balancing method chooses the physical server closest to the client, based on DNS?
A. Round Trip.
B. Server Load.
C. Round Robin.
D. Random
E. Domain
Correct Answer: E
QUESTION 169
On which the following operating systems does Check Point support installation of the VPN-1/Firewall-1 Management Server?
A. Windows NT Server 4.0 SP6A.
B. Windows NT Workstation 4.0 SP6A
C. Free BSD.
D. Solaris 2.5.
E. IOS
Correct Answer: A
QUESTION 170
SYN flood attacks are used in the Denial-of-Service (Dos) attacks, or in conjunction with other exploits to block access to a server network.
A. True
B. False
Correct Answer: A
QUESTION 171
Which of the following statements is FALSE?
A. Alter commands are executed by the alertd process, running on the single gateway (stand-alone) installation.
B. If logs are being sent to more than one machine, each alertd process will execute the alert commands.
C. The alert condition id detected on the firewall module, then the Management Server is notified and executes the alert.
D. Alert commands are executed on the Alert Module, running on the Management Server.
Correct Answer: D QUESTION 172
Which command is used to export a group of users from VPN-1/Firewall?
A. Fw dbexport.
B. Ldapmodify
C. Ldabsearch
D. Ldap export.
E. fwm dbimport
Correct Answer: E QUESTION 173
You are using Hybrid IKE. SecuRemote produces the error “Certificate is badly signed”. Which of the following lists the most likely cause of the problem, and the appropriate remedy?
A. The distinguished name used in the “fw interalca create” and “fw interalca certify” commands is too long. In this case, use a shorter name.
B. Under the Firewall object> VPN> IKE> Support Authentication Methods, Hybrid is unchecked. Select Hybrid and stop and start the firewall.
C. The Certificate created by internal CA is corrupt. Recreate the certificate with the -force option.
D. SecuRemote version is lower then 4.1 SP1. Upgrade SecuRemote.
E. None of the above.
Correct Answer: D QUESTION 174
The “Man in the Middle” threat consists of the possibility of a third party intercepting the private keys of you and another correspondent, even though you think you’re communicating directly with each other.
A. True
B. False
Correct Answer: A QUESTION 175
If you do not configure any groups during Solaris installation, ONLY the Super-User will be able to access and execute the VPN-1/Firewall-1 Module.
A. True
B. False
Correct Answer: QUESTION 176
When you conduct a distributed installation of VPN-1/Firewall-1:
A. The SVN Foundation component is installed on all modules.
B. The Enforcement Module is distributed among VPN-1/Firewall-1 Modules.
C. All VPN-1/Firewall-1 files are installed on multiple machines.
D. Any Windows NT server on which you install Check Point VPN-1/Firewall-1 becomes the Enforcement Module.
E. You do not need Windows NT administrative privileges. Correct Answer: A
QUESTION 177
If the Persistent Server mode check box is selected in the Logical Server Properties window, which of the following is TRUE?
A. Once a client is connected to a physical server, the client will continue to connect to that server for the duration of the session.
B. Once the server is connected to a client, the server will continue to connect to that client for the duration defined in the Logical Server Properties window.
C. Once the client is connected to a physical sever, the client will only connect to that server for a single session.
D. After a client has connected to a physical server, the client disconnects from the server.
Correct Answer: A
QUESTION 178
Which of the following statements is FALSE?
A. A SYN flood attack is an attack against a service designed to make a server unavailable.
B. A SYN flood attack exploits the limitations of the TCP/IP protocol.
C. During SYN flood attack, a client sends a SYN/NACK to a server and data exchange begins.
D. During a SYN flood attack, a server replies with a SYN/ACK identified by the source IP address in an IP header.
Correct Answer: C
QUESTION 179
When a user leaves an organization or when a key is compromised, a certificate must be revoked. The Certificate Authority does this by using and distributing a:
A. Certification Invocation List (CIL).
B. Revocation of Certification (ROC).
C. Authority Certification List (ACL).
D. Certification Revocation List (CRL).
E. Certification Key List (CKL).
Correct Answer: D
QUESTION 180
The internal program, know as alertf, allows an operator to define how many events with in a defined number of seconds before the script is executed.
A. True
B. False
Correct Answer: A
QUESTION 181
When you connect to a site referenced in your database SecuRemote:
1.
Holds the first packet without transmitting it.
2.
Examines the packet to determine responsible firewall.
3.
Encrypts the packet and then transmits it.
A. True
B. False
Correct Answer: B
QUESTION 182
You are the VPN-1/Firewall-1 administrator for a company WAN. You want all users to communicate across WAN securely. You must use an encryption scheme that does not change packet size, to allow for better network performance. You must also be able to define the Certificate Authority from your local VPN-1/Firewall-1 Management Module. Which encryption scheme do you choose?
A. Rgindal
B. FWZ
C. IKE
D. Triple DES.
E. Manual IPSec.
Correct Answer: B
QUESTION 183
SecuRemote operates between the _______and the ______.
A. TCP/IP Protocol, hardware card.
B. Network, hardware card.
C. TCP/IP Protocol, NIC Driver.
D. NIC Driver, Hardware Card.
E. TCP/IP Protocol, network.
Correct Answer: A
QUESTION 184
By default where does VPN-1/Firewall-1 look for a user-defined tracking script?
A. $FWDIR/root directory on the GUI client.
B. $FWDIR/local directory on the firewall.
C. $FWDIR/bin directory on the Management Server.
D. $FWVPN/bin directory on the firewall.
E. $FWDIR/bin/base directory on the Management Server.
Correct Answer: C
QUESTION 185
Which parameter, of TRUE, will automatically initiate an RDP status query with a gateway to check if it is still alive?
A. Keepalive
B. Dns_xplate
C. Active_resolver
D. Resolver_session_interval
Correct Answer: C
Our CheckPoint 156-310 dumps provide you everything you will need to take your test and go beyond the CheckPoint 156-310 exam passing score. The Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, logical and verified answers. Flydumps CheckPoint 156-310 dumps are precise, logical and verified by expert senior certified staff.
Welcome to download the newest Pass4itsure NS0-101 dumps: https://www.pass4itsure.com/ns0-101.html