Checkpoint 156-215 Exam Dumps, Help To Pass Checkpoint 156-215 Study Guides Is What You Need To Take

Welcome to download the newest Examwind 070-487 dumps:

Do not you know how to choose the Checkpoint 156-215 exam dumps? Being worried about the changed questions? Just try Flydumps new version Checkpoint 156-215 exam dumps. All the new questions and answers were added to the new dumps,visit Flydumps.com to free download Checkpoint 156-215 exam!

QUESTION 146

You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a
manual Static NAT rule as follows:

“web_public_IP” is the node object that represents the new Web server’s public IP address.
“web_private_IP” is the node object that represents the new Web site’s private IP address. You
enable all settings from Global Properties > NAT.
When you try to browse the Web server from the Internet you see the error “page cannot be
displayed”. Which of the following is NOT a possible reason?

A. There is no route defined on the Security Gateway for the public IP address to the Web server’s private IP address.
B. There is no ARP table entry for the protected Web server’s public IP address.
C. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
D. There is no NAT rule translating the source IP address of packets coming from the protected Web server.

Correct Answer: D
QUESTION 147
You are responsible for the configuration of MegaCorp’s Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer.
A. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT).
B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT (bidirectional NAT).
C. Yes, there are always as many active NAT rules as there are connections.
D. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then

the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule. Correct Answer: A QUESTION 148
You have created a Rule Base for firewall, websydney. Now you are going to create a new policy package with security and address translation rules for a second Gateway.

What is TRUE about the new package’s NAT rules?
A. NAT rules will be empty in the new package.
B. Rules 4 and 5 will appear in the new package.
C. Rules 1, 2, 3 will appear in the new package.
D. Only rule 1 will appear in the new package.

Correct Answer: C
QUESTION 149
What is the default setting when you use NAT?
A. Source Translated on Client side
B. Source Translated on both sides
C. Destination Translated on Client side
D. Destination Translated on Server side

Correct Answer: C
QUESTION 150
A marketing firm’s networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Monitor
C. SmartDashboard
D. SmartView Status

Correct Answer: C
QUESTION 151
Which statement below describes the most correct strategy for implementing a Rule Base?
A. Place a network-traffic rule above the administrator access rule.
B. Limit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Add the Stealth Rule before the last rule.
Correct Answer: C
QUESTION 152
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together
Correct Answer: D
QUESTION 153
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules

Correct Answer: B
QUESTION 154
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping IPS rules with dynamic drop rules
B. Grouping reject and drop rules after the Cleanup Rule
C. Placing more restrictive rules before more permissive rules
D. Grouping authentication rules with QOS rules

Correct Answer: C
QUESTION 155
You would use the Hide Rule feature to:
A. View only a few rules without the distraction of others.
B. Hide rules from read-only administrators.
C. Hide rules from a SYN/ACK attack.
D. Make rules invisible to incoming packets.
in the Install On check box. What should you look for?

Correct Answer: A
QUESTION 156
You are a Security Administrator using one Security Management Server managing three different firewalls. One firewall does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?
A. The firewall has failed to sync with the Security Management Server for 60 minutes.
B. The firewall object has been created but SIC has not yet been established.
C. The firewall is not listed in the Policy Installation Targets screen for this policy package.
D. The license for this specific firewall has expired.

Correct Answer: C
QUESTION 157
Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway’s Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this rule. Which of the following would work BEST for your purpose?
A. SmartView Monitor Threshold
B. SNMP trap
C. Logging implied rules
D. User-defined alert script
Correct Answer: D
QUESTION 158
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear

in the Install On check box. What should you look for?
A. Secure Internal Communications (SIC) not configured for the object.
B. A Gateway object created using the Check Point > Security Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.
C. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.
D. Anti-spoofing not configured on the interfaces on the Gateway object.

Correct Answer: C
QUESTION 159
A Security Policy installed by another Security Administrator has blocked all SmartDashboard connections to the stand-alone installation of R76. After running the command fw unloadlocal, you are able to reconnect with SmartDashboard and view all changes. Which of the following change is the most likely cause of the block?
A. A Stealth Rule has been configured for the R76 Gateway.
B. The Gateway Object representing your Gateway was configured as an Externally Managed VPN Gateway.
C. The Security Policy installed to the Gateway had no rules in it.
D. The Allow Control Connections setting in Policy > Global Properties has been unchecked.

Correct Answer: D
QUESTION 160
When configuring anti-spoofing on the Security Gateway object interfaces, which of the following is NOT a valid R76 topology configuration?
A. Specific
B. External
C. Not Defined
D. Any

Correct Answer: D
QUESTION 161
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. The POP3 rule is hidden.
C. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R75.
D. POP3 is accepted in Global Properties.
Correct Answer: B
QUESTION 162
Which rule is responsible for the installation failure?
A. Rule 3
B. Rule 5
C. Rule 6
D. Rule 4
Correct Answer: C
QUESTION 163
Which command allows Security Policy name and install date verification on a Security Gateway?
A. fw ver -p
B. fw stat -l
C. fw show policy
D. fw ctl pstat -policy

Correct Answer: B
QUESTION 164
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
A. Restore the entire database, except the user database, and then create the new user and user group.
B. Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.
C. Run fwm dbexport -l filename. Restore the database. Then, run fwm dbimport -l filename to import the users.
D. Restore the entire database, except the user database.

Correct Answer: D
QUESTION 165
Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. upgrade_export/upgrade_import
B. dbexport/dbimport
C. Database Revision Control
D. Policy Package management

Correct Answer: C
QUESTION 166
Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote
Gateway after reboot?
A. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
B. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
C. The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.
D. Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
Correct Answer: C
QUESTION 167
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?
A. Custom scripts cannot be executed through alert scripts.
B. Pop-up alert script
C. SNMP trap alert script
D. User-defined alert script

Correct Answer: D QUESTION 168
Which of the following is NOT useful to verify whether or not a Security Policy is active on a Gateway?
A. fw ctl get string active_secpol
B. cpstat fw -f policy
C. Check the Security Policy name of the appropriate Gateway in SmartView Monitor.
D. fw stat

Correct Answer: A QUESTION 169
Of the following, what parameters will not be preserved when using Database Revision Control?

A. 3, 4, 5, 6, 9, 12, 13
B. 1, 2, 8, 10, 11
C. 5, 6, 9, 12, 13
D. 2, 4, 7, 10, 11

Correct Answer: A
QUESTION 170
You are about to test some rule and object changes suggested in an R76 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?
A. Database Revision Control
B. Manual copies of the directory $FWDIR/conf
C. upgrade_export command
D. SecurePlatform backup utilities

Correct Answer: A
QUESTION 171
You plan to create a backup of the rules, objects, policies, and global properties from an R76 Security Management Server. Which of the following backup and restore solutions can you use?
A. 2, 4, and 5
B. 1, 3, and 4
C. 1, 2, and 3
D. 1, 2, 3, 4, and 5

Correct Answer: C
QUESTION 172
Which R76 feature or command allows Security Administrators to revert to earlier Security Policy versions without changing object configurations?
A. Policy Package management
B. Database Revision Control
C. upgrade_export/upgrade_import
D. fwm dbexport/fwm dbimport

Correct Answer: A
QUESTION 173
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
A. Install the View Implicit Rules package using SmartUpdate.
B. Define two log servers on the R76 Gateway object. Enable Log Implied Rules on the first log server. Enable Log Rule Base on the second log server. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.
C. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.
D. Check the Log Implied Rules Globally box on the R76 Gateway object.

Correct Answer: C
QUESTION 174
You receive a notification that long-lasting Telnet connections to a mainframe are dropped after an hour of inactivity. Reviewing SmartView Tracker shows the packet is dropped with the error:
Unknown established connection
How do you resolve this problem without causing other security issues? Choose the BEST answer.
A. Increase the service-based session timeout of the default Telnet service to 24-hours.
B. Increase the TCP session timeout under Global Properties > Stateful Inspection.
C. Create a new TCP service object on port 23 called Telnet-mainframe. Define a service-based session timeout of 24-hours. Use this new object only in the rule that allows the Telnet connections to the mainframe.

D. Ask the mainframe users to reconnect every time this error occurs.

Correct Answer: C
QUESTION 175
Which SmartConsole tool would you use to see the last policy pushed in the audit log?
A. SmartView Tracker
B. SmartView Status
C. None, SmartConsole applications only communicate with the Security Management Server.
D. SmartView Server

Correct Answer: A
QUESTION 176
SmartView Tracker logs the following Security Administrator activities, EXCEPT:
A. Object creation, deletion, and editing
B. Rule Base changes
C. Administrator login and logout
D. Tracking SLA compliance

Correct Answer: D
QUESTION 177
What happens when you select File > Export from the SmartView Tracker menu?
A. Exported log entries are not viewable in SmartView Tracker.
B. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
C. Exported log entries are deleted from fw.log.
D. Current logs are exported to a new *.log file.

Correct Answer: B
QUESTION 178
By default, when you click File > Switch Active File in SmartView Tracker, the Security Management Server:
A. Purges the current log file, and prompts you for the new log’s mode.
B. Purges the current log file, and starts a new log file.
C. Saves the current log file, names the log file by date and time, and starts a new log file.
D. Prompts you to enter a filename, and then saves the log file.

Correct Answer: C
QUESTION 179
You are working with three other Security Administrators. Which SmartConsole component can be used to monitor changes to rules or object properties made by the other administrators?
A. Eventia Tracker
B. SmartView Monitor
C. Eventia Monitor
D. SmartView Tracker
Correct Answer: D QUESTION 180

Which SmartView Tracker mode allows you to read the SMTP e-mail body sent from the Chief Executive Officer (CEO) of a company?
A. Display Capture Action
B. This is not a SmartView Tracker feature.
C. Display Payload View
D. Network and Endpoint Tab

Correct Answer: B
QUESTION 181
You can include External commands in SmartView Tracker by the menu Tools > Custom Commands.
The Security Management Server is running under SecurePlatform, and the GUI is on a system running Microsoft Windows. How do you run the command traceroute on an IP address?
A. There is no possibility to expand the three pre-defined options Ping, Whois, and Nslookup.
B. Go to the menu Tools > Custom Commands and configure the Windows command tracert.exe
to the list.
C. Use the program GUIdbedit to add the command traceroute to the Security Management Server properties.
D. Go to the menu, Tools > Custom Commands and configure the Linux command traceroute to the list.

Correct Answer: B
QUESTION 182
Where is the easiest and BEST place to find information about connections between two machines?
A. On a Security Gateway Console interface; it gives you detailed access to log files and state table information.
B. On a Security Management Server, using SmartView Tracker.
C. All options are valid.
D. On a Security Gateway using the command fw log.

Correct Answer: B
QUESTION 183
To reduce the information given to you in SmartView Tracker, what can you do to find information about data being sent between pcosaka and pctokyo?
A. Apply a source filter by adding both endpoint IP addresses with the equal option set.
B. Use a regular expression to filter out relevant logging entries.
C. Double-click an entry representing a connection between both endpoints.
D. Press CTRL+F in order to open the find dialog, and then search the corresponding IP addresses.
Correct Answer: A
QUESTION 184
Which of the following can be found in cpinfo from an enforcement point?
A. Policy file information specific to this enforcement point
B. The complete file objects_5_0.c
C. VPN keys for all established connections to all enforcement points
D. Everything NOT contained in the file r2info

Correct Answer: A QUESTION 185
Which R76 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway?
A. SmartView Server
B. SmartView Tracker
C. None, SmartConsole applications only communicate with the Security Management Server.
D. SmartUpdate

Correct Answer: B QUESTION 186
You have detected a possible intruder listed in SmartView Tracker’s active pane. What is the fastest method to block this intruder from accessing your network indefinitely?
A. In SmartView Monitor, select Tools > Suspicious Activity Rules.
B. Modify the Rule Base to drop these connections from the network.
C. In SmartView Tracker, select Tools > Block Intruder.
D. In SmartDashboard, select IPS > Network Security > Denial of Service.

Correct Answer: C QUESTION 187
Which of the following can be found in cpinfo from an enforcement point? Where can an administrator specify the notification action to be taken by the firewall in the event that available disk space drops below 15%?
A. SmartView Tracker > Audit Tab > Gateway Counters
B. SmartView Monitor > Gateway Status > Threshold Settings
C. This can only be monitored by a user-defined script.
D. SmartView Monitor > Gateway Status > System Information > Thresholds

Correct Answer: D QUESTION 188
Where can an administrator configure the notification action in the event of a policy install time change?
A. SmartDashboard > Policy Package Manager
B. SmartView Monitor > Gateway Status > System Information > Thresholds
C. SmartDashboard > Security Gateway Object > Advanced Properties Tab
D. SmartView Monitor > Gateways > Thresholds Settings

Correct Answer: B QUESTION 189
Where are custom queries stored in R76 SmartView Tracker?
A. On the Security Management Server tied to the GUI client IP.
B. On the SmartView Tracker PC local file system shared by all users of that local PC.
C. On the Security Management Server tied to the Administrator User Database login name.
D. On the SmartView Tracker PC local file system under the user’s profile.

Correct Answer: C QUESTION 190
How do you view a Security Administrator’s activities with SmartConsole?
A. SmartView Tracker in the Network and Endpoint tabs
B. Eventia Suite
C. SmartView Tracker in the Management tab
D. SmartView Monitor using the Administrator Activity filter

Correct Answer: C QUESTION 191
Which SmartView Tracker selection would most effectively show who installed a Security Policy blocking all traffic from the corporate network?
A. Network and Endpoint tab
B. Custom filter
C. Management tab
D. Active tab

Correct Answer: C QUESTION 192
You are reviewing the Security Administrator activity for a bank and comparing it to the change log. How do you view Security Administrator activity?
A. SmartView Tracker in Network and Endpoint Mode
B. SmartView Tracker in Management Mode
C. SmartView Tracker cannot display Security Administrator activity; instead, view the system logs on the Security Management Server’s Operating System.
D. SmartView Tracker in Active Mode

Correct Answer: B QUESTION 193
How do you view a Security Administrator’s activities with SmartConsole? Which of the following R76 SmartView Tracker views will display a popup warning about performance implications on the Security Gateway?
A. Audit Tab
B. All Records Query
C. Active Tab
D. Account Query

Correct Answer: C QUESTION 194
While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block?
1) Select Active Mode tab in SmartView Tracker.
2) Select Tools > Block Intruder.
3) Select Log Viewing tab in SmartView Tracker.
4) Set Blocking Timeout value to 60 minutes.
5) Highlight connection that should be blocked.
A. 3, 5, 2, 4
B. 1, 5, 2, 4
C. 1, 2, 5, 4
D. 3, 2, 5, 4

Correct Answer: B
QUESTION 195
SmartView Tracker R76 consists of three different modes. They are:
A. Log, Track, and Management
B. Log, Active, and Management
C. Network and Endpoint, Active, and Management
D. Log, Active, and Audit

Correct Answer: C
QUESTION 196
One of your remote Security Gateway’s suddenly stops sending logs, and you cannot install the Security Policy on the Gateway. All other remote Security Gateways are logging normally to the Security Management Server, and Policy installation is not affected. When you click the Test SIC status button in the problematic Gateway object, you receive an error message. What is the problem?
A. There is no connection between the Security Management Server and the remote Gateway. Rules or routing may block the connection.
B. The time on the Security Management Server’s clock has changed, which invalidates the remote Gateway’s Certificate.
C. The Internal Certificate Authority for the Security Management Server object has been removed from objects_5_0.C.
D. The remote Gateway’s IP address has changed, which invalidates the SIC Certificate.

Correct Answer: A

Checkpoint 156-215 Exam is a milestone in your becoming Microsoft certified professionals. There are hundreds of online sources providing Checkpoint 156-215 exam dumps. You can choose Flydumps Checkpoint 156-215 exam dumps for your Checkpoint 156-215 Certification Exam.Checkpoint 156-215 exam dumps provide you the gateway to success in actual Checkpoint 156-215 Certification Exam.

Welcome to download the newest Examwind 070-487 dumps: http://www.examwind.com/070-487.html

IBM C2040-442 PDF, Help To Pass IBM C2040-442 Dumps Online Store