CheckPoint 156-215 New Questions, Up To Date CheckPoint 156-215 Practice Test Is What You Need To Take

Flydumps just published the newest CheckPoint 156-215 dumps with all the new updated exam questions and answers.Flydumps provide the latest version of CheckPoint 156-215 and VCE files with up-to-date questions and answers to ensure your exam 100% pass, on our website you will get the free new newest CheckPoint 156-215 version VCE Player along with your VCE dumps.

QUESTION NO: 1
Which rule is responsible for the installation failure?

A. Rule 3
B. Rule 4
C. Rule 5
D. Rule 6

Answer: B Explanation:
QUESTION NO: 2
Which rule is responsible for the installation failure?

A. Rule 3
B. Rule 4
C. Rule 5
D. Rule 6
Answer: D Explanation:

QUESTION NO: 3
You are troubleshooting NAT entries in SmartView Tracker. Which column do you check to view the new source IP?
A. XlateDst
B. XlateSPort
C. XlateSrc
D. XlateDPort
Answer: C Explanation:

QUESTION NO: 4
You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT’d source port if you are using Source NAT?
A. XlateDPort
B. XlateSrc
C. XlateDst
D. XlateSPort
Answer: D Explanation:
QUESTION NO: 5
You start to use SmartView Monitor to analyze the packet size distribution of your traffic.

Unfortunately, you get the message:
“There are no machines that contain Firewall Blade and SmartView Monitor.”
What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.
A. Enable Monitoring on your Security Management Server.
B. Enable Monitoring on your Security Gateway.
C. Purchase the SmartView Monitor license for your Security Gateway.
D. Purchase the SmartView Monitor license for your Security Management Server.
Answer: B Explanation:

QUESTION NO: 6
Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems?
A. The Security Policy is not correct.
B. You can’t use any port other than the standard port 900 for Client Authentication via HTTP.
C. The service FW_clntauth_http configuration is incorrect.
D. The configuration file $FWDIR/conf/fwauthd.conf is incorrect.
Answer: D Explanation:
QUESTION NO: 7
Charles requests a Website while using a computer not in the net_singapore network.
What is TRUE about his location restriction?
A. As location restrictions add up, he would be allowed from net_singapore and net_sydney.
B. It depends on how the User Auth object is configured; whether User Properties or Source Restriction takes precedence.
C. Source setting in User Properties always takes precedence.
D. Source setting in Source column always takes precedence.
Answer: B Explanation:

QUESTION NO: 8
In the Rule Base displayed, user authentication in Rule 4 is configured as fully automatic.
Eric is a member of the LDAP group, MSD_Group. What happens when Eric tries to connect to a server on the Internet?
A. Eric will be blocked because LDAP is not allowed in the Rule Base.
B. Eric will be authenticated and get access to the requested server. C. Eric will be dropped by the Stealth Rule.
D. None of these things will happen.
Answer: C Explanation:

QUESTION NO: 9
Review the rules. Assume domain UDP is enabled in the impled rules.

What happens when a user from the internal network tries to browse to the internet using HTTP? The user:
A. is prompted three times before connecting to the Internet successfully.
B. can connect to the Internet successfully after being authenticated.
C. can go to the Internet, without being prompted for authentication.
D. can go to the Internet after Telnetting to the client authentication daemon port 259.

Answer: C QUESTION NO: 10
Study the Rule base and Client Authentication Action properties screen –

After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:
A. FTP connection is dropped by Rule 2.
B. user is prompted from that FTP site only, and does not need to enter his username and password for Client Authentication.
C. user is prompted for authentication by the Security Gateway again.
D. FTP data connection is dropped after the user is authenticated successfully.

Answer: B Explanation:
QUESTION NO: 11
You have a mesh VPN Community configured to create a site-to-site VPN.
Given the displayed VPN properties, what can you conclude about this community?
A. Change the data-integrity setting for this VPN Community because MD5 is oncompatible with AES.
B. Changing the setting Perform key exchange encryption with from AES-256 to 3DES will enhance the VPN Community’s security , and reduce encryption overhead.
C. The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R76 supports.
D. Changing the setting Perform IPsec data encryption with from AES-128 to 3Des will increase the encryption overhead.

Answer: D
QUESTION NO: 12
When restoring R76 using the command upgrade_import, which of the following items are NOT restored?
A. Licenses
B. SIC Certificates
C. Global properties
D. Route tables

Answer: D Explanation:

QUESTION NO: 13
Over the weekend, an Administrator without access to SmartDashboard installed a new R76 Security Gateway using GAiA. You want to confirm communication between the Gateway and the Management Server by installing the Security Policy. What might prevent you from installing the Policy?
A. You first need to run the command fw unloadlocal on the new Security Gateway.
B. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on both the Security Gateway and the Management Server.
C. You first need to initialize SIC in SmartUpdate.
D. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server.
Answer: D Explanation:

QUESTION NO: 14
Which utility allows you to configure the DHCP service on SecurePlatform from the command line?
A. cpconfig
B. ifconfig
C. dhcp_cfg
D. sysconfig
Answer: D Explanation:
QUESTION NO: 15
Which of the following methods will provide the most complete backup of an R75 configuration?
A. Execute command upgrade_export
B. Database Revision Control
C. Policy Package Management
D. Copying the directories $FWDIR\conf and $CPDIR\conf to another server
Answer: A Explanation:

CheckPoint 156-215 Interactive Testing Engine is an engine that can be downloaded and installed on your PC.This CheckPoint 156-215 engine is not only advanced and equipped with much more features, it is also not internet dependent, once installed. It enables you to see questions and answers in a simulated CheckPoint 156-215 exam environment. Working with CheckPoint 156-215 Interactive Testing Engine is like passing an actual CheckPoint 156-215 exam.

CheckPoint 156-215 Answers, 100% Real CheckPoint 156-215 Real Demo For Download

Flydumps ensures CheckPoint 156-215 study guide are the newest and valid enough to help you pass the test.Please visit Flydumps.com and get valid CheckPoint 156-215 PDF and VCE exam dumps with free new version.100% valid and success.

QUESTION 1
You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?
A. SmartView Tracker and SmartView Monitor
B. SmartLSM and SmartUpdate
C. SmartDashboard and SmartView Tracker
D. SmartView Monitor and SmartUpdate
Correct Answer: D Explanation
Explanation/Reference:
QUESTION 2
Your bank’s distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?
A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard
Correct Answer: C Explanation
Explanation/Reference:
QUESTION 3
When launching SmartDashboard, what information is required to log into R77?
A. User Name, Management Server IP, certificate fingerprint file
B. User Name, Password, Management Server IP
C. Password, Management Server IP
D. Password, Management Server IP, LDAP Server IP
Correct Answer: B Explanation
Explanation/Reference:
QUESTION 4
Message digests use which of the following?
A. DES and RC4
B. IDEA and RC4
C. SSL and MD4
D. SHA-1 and MD5
Correct Answer: D Explanation Explanation/Reference:
QUESTION 5
Which of the following is a hash algorithm?
A. 3DES
B. IDEA
C. DES
D. MD5 Correct Answer: D
Explanation Explanation/Reference:
QUESTION 6
Which of the following uses the same key to decrypt as it does to encrypt?
A. Asymmetric encryption
B. Dynamic encryption
C. Certificate-based encryption
D. Symmetric encryption Correct Answer: D
Explanation Explanation/Reference:
QUESTION 7
You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm’s business partners. Which SmartConsole application should you use to confirm your suspicions?
A. SmartDashboard
B. SmartUpdate
C. SmartView Status
D. SmartView Tracker Correct Answer: D
Explanation Explanation/Reference:
QUESTION 8
A digital signature:
A. Guarantees the authenticity and integrity of a message.
B. Automatically exchanges shared keys.
C. Decrypts data to its original form.
D. Provides a secure key exchange mechanism over the Internet. Correct Answer: A
Explanation Explanation/Reference: QUESTION 9
Which component functions as the Internal Certificate Authority for R77?
A. Security Gateway
B. Management Server
C. Policy Server
D. SmartLSM
Correct Answer: B Explanation
Explanation/Reference:
QUESTION 10
The customer has a small Check Point installation, which includes one GAiA server working as the SmartConsole, and a second server running Windows 2008 as both Security Management Server and Security Gateway. This is an example of a(n):
A. Distributed Installation
B. Hybrid Installation
C. Unsupported configuration
D. Stand-Alone Installation
Correct Answer: C Explanation
Explanation/Reference:
QUESTION 11
The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running GAiA as both Security Management Server and the Security Gateway. This is an example of a(n):
A. Distributed Installation
B. Unsupported configuration
C. Hybrid Installation
D. Stand-Alone Installation
Correct Answer: D Explanation
Explanation/Reference:
QUESTION 12
The customer has a small Check Point installation which includes one Windows 7 workstation as the SmartConsole, one GAiA device working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):
A. Hybrid Installation
B. Unsupported configuration
C. Stand-Alone Installation
D. Distributed Installation
Correct Answer: D Explanation
Explanation/Reference:
QUESTION 13
The customer has a small Check Point installation which includes one Windows 2008 server as SmartConsole and Security Management Server with a second server running GAiA as Security Gateway. This is an example of a(n):
A. Stand-Alone Installation.
B. Distributed Installation.
C. Unsupported configuration.
D. Hybrid Installation.
Correct Answer: B Explanation
Explanation/Reference:
QUESTION 14
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
A. None, Security Management Server would be installed by itself.
B. SmartConsole
C. SecureClient
D. Security Gateway
Correct Answer: D Explanation
Explanation/Reference:
QUESTION 15
Tom has been tasked to install Check Point R77 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?
A. Three machines
B. One machine
C. Two machines
D. One machine, but it needs to be installed using SecurePlatform for compatibility purposes
Correct Answer: C Explanation
Explanation/Reference:
QUESTION 16
Which command allows Security Policy name and install date verification on a Security Gateway?
A. fw show policy
B. fw stat -l
C. fw ctl pstat -policy
D. fw ver -p
Correct Answer: B Explanation
Explanation/Reference:
QUESTION 17
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
A. Run fwm dbexport -l filename. Restore the database. Then, run fwm dbimport -l filename to import the users.
B. Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.
C. Restore the entire database, except the user database, and then create the new user and user group.
D. Restore the entire database, except the user database.
Correct Answer: D Explanation
Explanation/Reference:
QUESTION 18
Which feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration?
A. Database Revision Control
B. Policy Package management
C. dbexport/dbimport
D. upgrade_export/upgrade_import
Correct Answer: A Explanation
Explanation/Reference:
QUESTION 19
Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote Gateway after reboot?
A. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
B. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
C. The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.
D. Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
Correct Answer: C Explanation
Explanation/Reference: QUESTION 20
How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?
A. SNMP trap alert script
B. Custom scripts cannot be executed through alert scripts.
C. User-defined alert script
D. Pop-up alert script Correct Answer: C
Explanation Explanation/Reference:

CheckPoint 156-215 tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism.The main purpose of CheckPoint 156-215 exam is to provide high quality test that can secure and verify knowledge, give overview of question types and complexity that can be represented on real exam certification.