Your worries about CheckPoint 156-215 exam complexity no more exist because Flydumps is here to serves as a guide to help you to pass the exam.All the exam questions and answers is the latest and covering each and every aspect of CheckPoint 156-215 exam.It 100% ensure you pass the CheckPoint 156-215 exam without any doubt.
QUESTION 72
You have locked yourself out of SmartDashboard with the rules you just installed on your stand alone Security Gateway. Now you cannot access the SmartCenter Server or any SmartConsole tools via SmartDashboard. How can you reconnect to SmartDashboard?
A. Run cpstop on the SmartCenter Server.
B. Run fw unlocklocal on the SmartCenter Server.
C. Run fw unloadlocal on the Security Gateway.
D. Delete the $fwdir/database/manage.lock file and run cprestart.
E. Run fw uninstall localhost on the Security Gateway.
Correct Answer: C
QUESTION 73
As a Security Administrator, you must configure anti-spoofing on Security Gateway interfaces, to protect your internal networks. What is the correct anti-spoofing setting on interface ETH1 in this network diagram?
NOTE: In the DMZ, mail server 192.168.16.10 is statically translated to the object “mail_valid”, with IP address 210.210.210.3. The FTP server 192.168.16.15 is statically translated to the object “ftp_valid”, with IP address 210.210.210.5.
A. A group object that includes the 10.10.0.0/16 and 192.168.16.0/24 networks, and mail_valid and ftp_valid host objects
B. A group object that includes the 10.10.20.0/24 and 10.10.10.0/24 networks
C. A group object that includes the 10.10.0.0/16 network object, mail_valid host, and ftp_valid host object
D. A group object that includes the 192.168.16.0/24 and 10.10.0.0/16 networks
E. A group object that includes the 10.10.10.0/24 and 192.168.16.0/24 networks
Correct Answer: B
QUESTION 74
In SmartView Tracker, you see an entry for an outbound connection showing address translation. But when setting SmartView Tracker to show all entries for that connection, only outbound entries show. What is the possible cause for this?
A. The entry is for a Static NAT connection, from a specific host that has been infected by a worm.
B. The entry is for a Hide NAT connection from a specific host.
C. The entry is for an automatic Static NAT connection, where inbound traffic is managed by a separate rule.
D. The entry is for a manual Hide NAT connection, from a specific host infected by a worm.
Correct Answer: B
QUESTION 75
Which encryption scheme provides “In-place” encryption?
A. IKE
B. Manual IPSec
C. DES
D. SKIP
E. AES
Correct Answer: E
QUESTION 76
Phil notices a large amount of traffic from a specific internal IP address. He needs to verify if it is a network attack, or a user’s system infected with a worm. He has enabled Sweep Scan Protection and Host port scan in SmartDefense. Will Phil get all the information he needs from these actions?
A. No. SmartDefense will only block the traffic, but it will not provide a detailed analysis of the traffic.
B. No. SmartDefense will not block the traffic. The logs and alert can provide a further level information, but determining whether the attack is intentional or a worm requires further research by Phil.
C. No. Phil also should set SmartDefense to quarantine the traffic from the suspicious IP address.
D. Yes. SmartDefense will limit the traffic impact from the scans, and identify if the pattern of the traffic matches any known worms.
E. No. To verify if this is a worm or an active attack, Phil should also enable TCP attack defenses.
Correct Answer: B
QUESTION 77
Which of the following is NOT a feature or quality of a hash function?
A. Encrypted with the sender’s RSA private key, the hash function forms the digital signature.
B. It is mathematically infeasible to derive the original message from the message digest.
C. The hash function forms a two-way, secure communication.
D. The hash function is irreversible.
E. It is mathematically infeasible for two different messages to produce the same message digest.
Correct Answer: C
QUESTION 78
With SmartDashboard’s Smart Directory, you can create NGX user definitions on a(n) _________ Server.
A. NT Domain
B. LDAP
C. Provider-1
D. SecureID
E. Radius
Correct Answer: B
QUESTION 79
Andrea has created a new gateway object that she will be managing at a remote location. She attempts to install the Security Policy to the new gateway object, but the object does not appear in the “install on” box. Which of the following is the most likely cause?
A. Andrea has created the object using “New Check Point > VPN-1 Edge Embedded Gateway”.
B. Andrea created the gateway object using the “New Check Point > Externally Managed VPN Gateway” option from the Network Objects dialog box.
C. Andrea has not configured anti-spoofing on the interfaces on the gateway object.
D. Andrea has not configured Secure Internal Communications (SIC) for the object.
E. Andrea created the Object using “New Check Point > VPN-1 Pro/Express Security Gateway” option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.
Correct Answer: B
QUESTION 80
Your SmartCenter Server fails and does not reboot. One of your remote Security Gateways managed by the SmartCenter Server reboots. What happens to that remote Gateway after reboot?
A. Since the SmartCenter Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
B. Since the SmartCenter Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
C. The remote Gateway fetches the last installed Security Policy locally, and passes traffic normally. The Gateway will log locally, since the SmartCenter Server is not available.
D. Since the SmartCenter Server is not available to the remote Gateway, fetching the Security Policy and logging will both fail.
E. Since the SmartCenter Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
Correct Answer: C
QUESTION 81
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 0
B. Cleanup Rule
C. Rule 1
D. Rule 999
E. Stealth Rule
Correct Answer: A
QUESTION 82
Which type of TCP attack is a bandwidth attack, where a client fools a server into sending large amounts of data, using small packets?
A. SMURF
B. Small PMTU
C. Host System Hogging
D. LAND
E. SYN-Flood
Correct Answer: B
QUESTION 83
Which SmartConsole tool verifies the installed Security Policy name?
A. SmartView Status
B. Eventia Reporter
C. SmartView Server
D. SmartUpdate
E. SmartView Tracker
Correct Answer: E
QUESTION 84
What happens when you select File>Export from the SmartView Tracker menu?
A. It is not possible to export an old log file, only save and switch in SmartView Tracker.
B. Current logs are exported to a new *.log file.
C. Exported log entries are still viewable in SmartView Tracker.
D. Exported log entries are deleted from fw.log.
E. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
Correct Answer: E
QUESTION 85
Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to verify that the Web servers are secure against traffic hijacks. She has activated the Cross-Site Scripting property. What other settings would be appropriate? Ellen:
A. should also enable the Web intelligence > SQL injection setting.
B. must select the “Products > Web Server” box on each of the node objects.
C. should enable all settings in Web Intelligence.
D. needs to configure TCP defenses such as “Small PMTU” size.
E. needs to create resource objects for the web farm servers and configure rules for the web farm.
Correct Answer: B
QUESTION 86
Your NGX enterprise SmartCenter Server is working normally. However, you must reinstall the SmartCenter Server, but keep the SmartCenter Server configuration (for example, all Security Policies, databases, etc.) How would you reinstall the Server and keep its configuration?
A. 1. Run the latest upgrade_export utility to export the configuration.
2.
Keep the exported file in the same location.
3.
Use SmartUpdate to reinstall the SmartCenter Server.
4.
Run upgrade_import to import the configuration.
B. 1. Run the latest upgrade_export utility to export the configuration.
2.
Leave the exported .tgz file in $FWDIR.
3.
Install the primary SmartCenter Server on top of the current installation.
4.
Run upgrade_import to import the configuration.
C. 1. Insert the NGX CD-ROM, and select the option to export the configuration into a .tgz file.
2.
Transfer the .tgz file to another networked machine.
3.
Uninstall all NGX packages, and reboot.
4.
Use the NGX CD-ROM to select the upgrade_import option to import the configuration.
D. 1. Download the latest upgrade_export utility, and run it from $FWDIR\bin to export the configuration into a .tgz file.
2.
Transfer the .tgz file to another network machine.
3.
Uninstall all NGX packages and reboot.
4.
Install a new primary SmartCenter Server.
5.
Run upgrade_import to import the configuration.
Correct Answer: D
QUESTION 87
You are concerned that a message may have been intercepted and retransmitted, thus compromising the security of the communications. You attach a code to the electronically transmitted message that uniquely identifies the sender. This code is known as a:
A. Digital signature
B. Tag
C. Private key
D. AES flag
E. Diffie-Helman verification
Correct Answer: A
QUESTION 88
Your organization’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How would you request and apply the license? Request a central license:
A. using the remote Gateway’s IP address. Apply the license locally with the cplic put command.
B. for the Gateways’ IP addresses. Apply the licenses on the SmartCenter Server with the cprlic put command.
C. using the remote Gateway’s IP address. Attach the license to the remote Gateway via SmartUpdate.
D. using your SmartCenter Server’s IP address. Attach the license to the remote Gateway via SmartUpdate.
E. using the SmartCenter Server’s IP address. Apply the license locally on the remote Gateway with the cplic put command.
Correct Answer: D
QUESTION 89
Sarah is the Security Administrator for a sporting-goods manufacturer.
Sarah has configured SmartDefense to block the CWD and FIND commands. Sarah installs the Security Policy, but the Security Gateway continues to pass the commands. Which of the following could be the cause of the problem?
A. The Rule Base includes a rule accepting FTP to any source, and from any destination.
B. The SmartDefense > Application Intelligence > FTP Security Server screen does not have the radio button set to “Configurations apply to all connections”.
C. The FTP Service Object > Advanced > Blocked FTP Commands list does not include CWD and FIND.
D. The Web Intelligence > Application Layer > FTP Settings list is configured to allow, rather than exclude, CWD and FIND commands.
E. The Global Properties > Security Server > “Control FTP Commands” box is not checked.
Correct Answer: B
QUESTION 90
Your internal Web server in the DMZ has IP address 172.16.10.1/24. A particular network from the Internet tries to access this Web server. You need to set up some type of Network Address Translation (NAT), so that NAT occurs only for the HTTP service, and only from the remote network as the source. The public IP address for the Web server is 200.200.200.1. All properties in the NAT screen of Global Properties are enabled.
Select the correct NAT rules, so NAT happens ONLY between “web_dallas” and the remote network.
A. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules above the automatic Hide NAT rules for the 172.16.10.0 network.
3.
Select “HTTP” in the Service column of both manual NAT rules.
4.
Enter an ARP entry and route on the Security Gateway’s OS.
B. 1. Enable NAT on the web_dallas object, select “static”, and enter “200.200.200.1” in the General Properties screen.
2.
Specify “HTTP” in the automatic Static Address Translation rules.
3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
C. 1. Enable NAT on the web_dallas object, select “hide”, and enter “200.200.200.1” for the Hide NAT IP address.
2.
Specify “HTTP” in the Address Translation rules that are generated automatically.
3.
Create incoming and outgoing rules for the web_dallas server, for the HTTP service only.
D. 1. Create another node object named “web_dallas_valid”, and enter “200.200.200.1” in the General Properties screen.
2.
Create two manual NAT rules below the Automatic Hide NAT rule for network 172.16.10.0 , in the Address Translation Rule Base.
3.
Select “HTTP” in the Service column of both manual NAT rules.
4.
Enter an ARP entry and route on the Security Gateway’s OS.
Correct Answer: A
QUESTION 91
When restoring NGX using the upgrade_import command, which of the following items are NOT restored?
A. Security Policies
B. Global properties
C. Licenses
D. User groups
E. Route tables
Correct Answer: E
QUESTION 92
Your company’s Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow Telnet service to itself from any location. How would you set up the authentication method? With a:
A. Client Authentication rule, using partially automatic sign on
B. Session Authentication rule
C. Client Authentication for fully automatic sign on
D. Client Authentication rule using the manual sign-on method, using HTTP on port 900
E. User Authentication rule
Correct Answer: D
QUESTION 93
How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform?
A. Launch cpconfig and select “Administrators”.
B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password.
C. Type cpm , and provide the existing administration account name. Reset the Security Administrator’s password.
D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the “Password” portion of the file. Then log in to the account without password. You will be prompted to assign a new password.
E. Launch cpconfig and delete the Administrator’s account. Recreate the account with the same name.
Correct Answer: E
QUESTION 94
How can you unlock an administrator’s account, which was been locked due to SmartCenter Access settings in Global Properties?
A. Type fwm lock_admin a from the command line of the SmartCenter Server.
B. Clear the “locked” box of the user’s General Properties in SmartDashboard.
C. Type fwm unlock_admin a from the command line of the SmartCenter Server.
D. Type fwm unlock_admin a from the command line of the Security Gateway.
E. Delete the file admin.lock in the $FWDIR/tmp/ directory of the SmartCenter Server.
Correct Answer: A
CheckPoint 156-215 Exam Certification Guide is part of a recommended study program from CheckPoint 156-215 Exam that includes simulation and hands-on training from authorized CheckPoint 156-215 Exam Learning Partners and self-study products from CheckPoint 156-215 Exam.Find out more about instructor-led, e-learning, and hands-on instruction offered by authorized CheckPoint 156-215 Exam Learning Partners worldwide.
