Welcome to download the newest Pass4itsure 70-470 dumps
We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials.
This Blog provides you everything you will need to take a certification examination and Exam Preparation Material. Like actual certification exams, our Practice Tests are in Flydumps Our Checkpoint 156-215 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the Checkpoint 156-215 Exam:100% Guarantee to Pass Your Checkpoint 156-215 exam and get your EMC certification.
What information is found in the SmartView Tracker Management log?
A. Destination IP address
B. SIC revoke certificate event
C. Number of concurrent IKE negotiations
D. Most accessed Rule Base rule
Correct Answer: B
How do you use SmartView Monitor to compile traffic statistics for your company’s Internet Web activity during production hours?
A. View total packets passed through the Security Gateway.
B. Configure a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway.
C. Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.
D. Select Tunnels view, and generate a report on the statistics.
Correct Answer: C
What happens when you run the commanD. fw sam -J src [Source IP Address]?
A. Connections to and from the specified target are blocked without the need to change the Security Policy.
B. Connections to and from the specified target are blocked with the need to change the Security Policy.
C. Connections from the specified source are blocked without the need to change the Security Policy.
D. Connections to the specified target are blocked without the need to change the Security Policy.
Correct Answer: C
An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R76 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).
Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval.
If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.
Which of the following is the BEST explanation for this behavior?
A. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.
B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the R75 Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non-standard GRE protocol for encapsulation.
C. The setting Log does not capture this level of detail for GRE. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way.
D. The Log Server is failing to log GRE traffic properly because itis VPN traffic. Disable all
VPNconfiguration to the partner site to enable proper logging.
Correct Answer: A
Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly?
Correct Answer: D
You are the Security Administrator for MegaCorp and would like to view network activity using SmartReporter. You select a standard predefined report. As you can see here, you can select the london Gateway.
When you attempt to configure the Express Report, you are unable to select this Gateway.
What is the reason for this behavior? Give the BEST answer.
A. You must enable the Eventia Express Mode on the london Gateway.
B. You must enable Monitoring in the london Gateway object’s General Properties.
C. You have the license for Eventia Reporter in Standard mode only.
D. You must enable the Express Mode inside Eventia Reporter.
Correct Answer: B QUESTION 203
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 0
B. Blank field under Rule Number
C. Cleanup Rule
D. Rule 1
Correct Answer: A QUESTION 204
A third-shift Security Administrator configured and installed a new Security Policy early this morning. When you arrive, he tells you that he has been receiving complaints that Internet access is very slow. You suspect the Security Gateway virtual memory might be the problem. Which SmartConsole component would you use to verify this?
A. SmartView Tracker
B. This information can only be viewed with the command fw ctl pstat from the CLI.
C. SmartView Monitor
D. Eventia Analyzer
Correct Answer: C QUESTION 205
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do
you achieve this?
A. Create a Suspicious Activity Rule in SmartView Monitor.
B. Select Block intruder from the Tools menu in SmartView Tracker.
C. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
D. Add a temporary rule using SmartDashboard and select hide rule.
Correct Answer: A QUESTION 206
In SmartDashboard, you configure 45 MB as the required free hard-disk space to accommodate logs. What can you do to keep old log files, when free space falls below 45 MB?
A. Do nothing. The Security Management Server automatically copies old logs to a backup server before purging.
B. Use the command fwm logexport to export the old log files to another location.
C. Configure a script to run fw logswitch and SCP the output file to a separate file server.
D. Do nothing. Old logs are deleted, until free space is restored.
Correct Answer: C QUESTION 207
How do you configure an alert in SmartView Monitor?
A. By right-clicking on the Gateway, and selecting Properties.
B. By choosing the Gateway, and Configure Thresholds.
C. An alert cannot be configured in SmartView Monitor.
D. By right-clicking on the Gateway, and selecting System Information.
Correct Answer: B QUESTION 208
True or FalsE. SmartView Monitor can be used to create alerts on a specified Gateway.
A. False, alerts can only be set in SmartDashboard Global Properties.
B. True, by choosing the Gateway and selecting System Information.
C. False, an alert cannot be created for a specified Gateway.
D. True, by right-clicking on the Gateway and selecting Configure Thresholds.
Correct Answer: D QUESTION 209
Which R76 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway?
B. SmartView Status
C. SmartView Monitor
D. None, SmartConsole applications only communicate with the Security Management Server.
Correct Answer: C QUESTION 210
Which R76 GUI would you use to see the number of packets accepted since the last policy install?
A. SmartView Monitor
B. SmartView Status
C. SmartView Tracker
Correct Answer: A QUESTION 211
Checkpoint 156-215 study materials is a product you can trust for timely, prompt and successful preparation of IT Certifications. Once you go through the Pass4itSure Microsoft certification exam Checkpoint 156-215 study materials thoroughly, it’s guaranteed that you will pass your Checkpoint 156-215 exam at the first shot. The Pass4itSure Checkpoint 156-215 study materials have designed and prepared the training kit for Checkpoint 156-215 test. It’s designed to be relevant in today’s rapidly changing IT marketplace, Checkpoint 156-215 study materials help you utilize evolving technologies, Checkpoint 156-215 study materials you’re troubleshooting skills, and improve your job satisfaction.
Welcome to download the newest Pass4itsure NSE4 dumps: http://www.pass4itsure.com/NSE4.html