Latest Release CheckPoint 156-515 Practice Answers Easily Free Download

Posted on May 6, 2016By testsectd

Exam A
QUESTION 1
The fw ctl debug command is used primarily to troubleshoot _________ problems.
A. Kernel
B. Secure Internal Communications (SIC)
C. Policy-load
D. Logging
E. OPSEC

Correct Answer: A
QUESTION 2
Which file provides the data for the host_table output and is responsible for keeping a record of all internal IPs passing through the internal interfaces of a restricted hosts licensed Security Gateway?
A. external.if
B. fwconn.h
C. hosts
D. hosts.h
E. fwd.h

Correct Answer: E
QUESTION 3
What does it indicate when a cluster state is “Active Attention”?
A. Traffic is being passed, but a problem has been detected: There are no other active members in the cluster
B. The cluster member is booting: CluserXL is running, but VPN-1/NGX is not yet ready
C. Cluster members are running different versions: The newer version member is in the ready state, which the older version member is in the active state
D. Both cluster members are up and ready

Correct Answer: A
QUESTION 4
Which type of routing relies on a VPN Tunnel interface (VTI) to route traffic?
A. Host-based VPN
B. Subnet-based VPN
C. Route-Based VPN
D. All VPN types
E. Domain-based VPN

Correct Answer: C
QUESTION 5
In some circumstances, adjusting the number of Security Servers spawned may help in troubleshooting performance issues. Which of the following files would you edit to achieve this?
A. fwssd.conf
B. fwx.conf
C. fwauthd.conf
D. fwd.conf
E. fwm.conf

Correct Answer: C
QUESTION 6
You have implemented a Check Point High Availability solution. You have defined a Gateway Cluster and a group of Security Gateways with synchronized state tables. If the active Security Gateway fails, what happens?
A. Clear text connections survive the failure. Encrypted connections must be re-established
B. All connections must be re-established with the security Gateway that assumes control
C. Encrypted and clear text connections fail over to the Security Gateway that assumes control
D. The remaining Security Gateway force an election to determine who takes over
E. The control network is flooded with synchronization packets

Correct Answer: C
QUESTION 7
To Stop the sr_service debug process, you must first stop VPN-1 SecureClient, delete which of the following files and restart SecureClient?
A. sr_users.all
B. sr_service.dll
C. sr_topo.all
D. sr_auth.all
E. sr_tde.all

Correct Answer: E
QUESTION 8
Setting snaplen to 0 will capture host much of the packet data?
A. None of the packet
B. The first octet of the packet header
C. The whole packet
D. The first protocol level of the packet

Correct Answer: C
QUESTION 9
Which of the following types of information should an Administrator use tcpdump to view?
A. VLAN trunking analysis
B. DeCnet traffic analysis
C. AppleTalk Traffic analysis
D. Packet-header analysis
E. NAT traffic analysis
Correct Answer: D
QUESTION 10
When network address translation is used:
A. It is not necessary to add a static route to the Gateway’s routing table
B. It is necessary to add a static route to the Gateway’s routing table
C. VLAN tagging can’t be defined for any hosts protected by the Gateway
D. The Security Gateway’s ARP file must be modified
E. The Gateway’s lmhosts file must be modified

Correct Answer: A

Move to top