Checkpoint 156-915 Exam Demo, 100% Pass Checkpoint 156-915 PDF Online Sale


Free Sharing –How to pass the Checkpoint 156-915 exam quickly? How to prepare for the changed exam? Free download Checkpoint 156-915 Exam practice test with all new exam questions.You can also get more new version on

You are using smart update and perform a remote upgrade to a R/1 Security. Gateway which of the following statements is false
A. Smart dashboard is open during package upload and upgrade, the upgrade with fail.
B. Smartupdate can query the Security Management Server und Gateway (or product information)
C. SmartUpdate can query license information running locally on the Gateway

Correct Answer: A QUESTION 103
46 Which is the best configuration option to protect internal users from malicious, java code, without stripping java scripts?
A. Use the URI resource to block Java code
B. Use CVP in the URl resource to black Java code
C. Use the URl resource to strip applet tags
D. Use the URl resource to strip ActiveX tags

Correct Answer: B QUESTION 104
Which of the following is NOT a feature of clusterXL?
A. Enhanced throughput in all clusterXL modes (2 gateway cluster compared with 1 gateway)
B. Transparent failover in case of device failures
C. Zero downtime for mission-critical environments with State Synchronization
D. Transparent upgrades

Correct Answer: D
Which procedure enables the SSL VPN blade on the gateway?
A. Log into small dashboard, create the new rule with the source and destination addresses of the record remote network set the action to encrypt and push the policy to the gateway.
B. Log into a small dashboard, edit the properties of the gateway, and select the SSL, VPN check box.
C. Log into smart dashboard select the VPN communications tab and add the gateway to the appropriate community.
D. Log into Web UI on the gateway and check the SSL VPN blade check box.

Correct Answer: B
Which DLP action would describe the following action: The data transmission event is logged in smart view tracker Administrators with permission view the data that was sent the traffic is passed.
A. Detect
B. Ask User
C. Inform user
D. Prevent

Correct Answer: C
Which of the following statements about SSL VPN is true?
A. Traffic is not encrypted m a LAN department. Where clear text request are forwarded to internal servers
B. All traffic is always encrypted
C. Traffic is encrypted, when it is initiated from a LAN
D. Administration traffic is not encrypted

Correct Answer: A
You have installed secured platform R71 as security gateway operating system as company requirements changed. You need the VII features of R71.what should you do?
A. Only IPSO 3.9 supports VII feature, so you have to replace your security gateway with nokia appliances.
B. B. Type pro enables on your security gateway and reboots it.
C. You have to reinstall your security gateway with secured Platform pro R71, as secured platform R71 does not support VTI<S
D. In smart dashboard click on the OS drop down menu and choose secured platform have to reboot the security gateway in order for the change to take effect
Correct Answer: B
Which tool CANNOT be launched from smart update R71?
A. Snapshot
B. SecurePlatform WebUl
C. Cpinfo
D. IP Appliance Voyager

Correct Answer: A
Which specific R71 GUI would you use to view the length of time a TCP connection was open?
A. SmartReporter
B. Smart View Monitor
C. SmartView Status
D. SmartView Tracker

Correct Answer: D
You have pushed a policy to your firewall and you are not able to access the firewall. What command will allow you to remove the current policy from the machine?
A. Fw purge policy
B. Fw fetch policy
C. Fw purge active 49
D. Fw unload local

Correct Answer: D
In smart workflow, what is not valid possibility?
A. Task Flow without Session and without role segregation.
B. Task Flow without Session but with Role Segregation
C. Task Flow with Session but without Role Segregation
D. Task flow with Session and with Role Segregation
Correct Answer: B
What is the benefit to running Eventia Analyzer in Learning Mode?
A. There is no Eventia Analyzer Learning Mode
B. To run Eventia Analyzer, with a step-by-step online configuration guide for training/setup purpose
C. To run Eventia Analyzer with preloaded sample data in a test environment
D. To generate a report with system Event Policy modification suggestions
Correct Answer: D
What is the maximum number of cores supported by CoreXL?
A. 6
B. 8
C. 4
D. 12

Correct Answer: B QUESTION 115
Which of the following commands will stop acceleration on a Security Gateway running on Secure Platform?
A. splat_accel off
B. fwacceX off
C. perf_pack off
D. fwaceel off

Correct Answer: D QUESTION 116
You want VPN traffic to match packets from internal interfaces- You also want the traffic to exit the Security Gateway bound for all site-to-site VPN Communities, including Remote Access Communities. How should you configure the VPN match rule?
A. Communities > communities
B. Internal_clear > External_Clear
C. Internal_clear > All_GwTogw
D. Internal_clear > All_communities

Correct Answer: D QUESTION 117
The London office just upgraded their DNS Gateway needs with the new settings. What would be the best way for Henry to change the DNS settings for the London’s Gateway?
A. Edit the Canada profile
B. Edit the gateways DNS settings from the edit gateway, then selecting the DNS tab
C. DNS settings for that gateway cannot be changed
D. Edit the Europe profile

Correct Answer: B QUESTION 118
What are the SmartProvisioning Policy Status indicators?
A. OK, Down, Up, Synchronized
B. OK. Waiting, Out of Sync, Not Installed, Not communicating
C. OK, Unknown, Not Installed, May be out of date
D. OK, Waiting, Unknown, Not Installed, Not Updated, May be out of date

Correct Answer: D QUESTION 119
You have selected the event “port scan from internal network in Eventia Analyzer”, to detect an event when 30 ports have occurred when 60 seconds. You want to detect two ports scans from a host within 10 seconds of each other. How would you accomplish this?
A. You cannot set Eventia Analyzer to detect two port scans within 10 seconds of each other.
B. Select the two port-scan detections as a new event.
C. Select the two port-scan detections as a sub event.
D. Select the two port-scan detections as an exception.

Correct Answer: D
When checkpoint product is used to create and save changes to a Log consolidation policy?
A. Security Management Server
B. Eventia Reporter Client
C. SmartDashboard Log Consolidator
D. Eventia Reporter Server

Correct Answer: D
Reporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT
A. Possible worm/malware activity.
B. Tracking attempted port scans.
C. Analyzing traffic patterns against public resources.
D. Analyzing access attempts via social-engineering.

Correct Answer: D
Laura notices the Microsoft Visual Basic kill Bits protection is sent to inactive. She wants to set the micro soft Visual Basic Kill bits protection and all other low performance impact protection to prevent. She asks her manager for approval and he stated she can turn these on. But he Laura to make sure no high performance impact protections are limited on while changing this setting.
Using the output below, how would Laura change the default-protection on performance impact protections classified as low from inactive to prevent while still meeting her other criteria?
A. Go to profiles > Default_protection and unlock “Do not activate protections with performance impact to medium or above”
B. Go to profiles > Default_protection and select “Do not activate protections with performance impact to low or above”
C. Go to profiles > Default_protection and select “Do not activate protections with performance impact to medium or above”
D. Go to profiles > Default_protection and unlock “Do not activate protections with performance impact to high or above”

Correct Answer: C
John is the MultiCorp Security Administrator. If he suggests a change in the firewall configuration, he must submit his proposal to David, a Security manager. One day David is out of the office and john submits his proposal to peter, surprisingly, Peter is not able to approve the proposal the system does not permit him to do so (See figure below)
Next day David is back and he can carry out this operation.
53 Both the David and peter have accounts as administrators in the Security management Server and both have the read/write all permission. What is the reason for the difference? Choose the best answer.
A. There were some hardware/software issues at the Security management Server on the first day.
B. Peter was not log on to system for a long time.
C. The attribute manage administrators was not assigned to peter.
D. The specific SmartWorkflow read/write permissions were assigned to David only.

Correct Answer: D
Which of the following is a supported deployment for Connectra?
A. IPSO 4.9 build 88
C. Solaris 10
D. Windows server 2007

Correct Answer: B
Which type of routing relies on a VPN Tunnel interface (VT1) to route traffic?
A. Subnet-based VPN
B. Route-based VPN
C. Host-based VPN
D. Domain-based VPN

Correct Answer: B
What is a task of the IPS Event Analysis Server?
A. Assign a severity level to an event.
B. Display the received events.
C. Forward what is known as an event to the IPS Event Analysis server
D. Analyze each IPS log entry as it enters the Log server.

Correct Answer: D
Using IPS, how do you notify the Security Administrator that malware is scanning specific ports? By enabling:
A. Malware Scan protection
B. Sweep Scan protection
C. Host Port Scan
D. Malicious Code Protector
Correct Answer: C
Which Security Servers can perform authentication tasks, but CANNOT perform content security tasks?
C. Telnet
Correct Answer: D QUESTION 129
What is the purpose of the pre-defined exclusions Included with Eventia Analyzer and IPS Event Analysis R7P?
A. To give samples of how to write your own exclusion.
B. As a base for starling and building exclusions 55
C. To allow Eventia Analyzer and IPS Event Analysis R70 to function property with all other R70 release devices
D. To avoid incorrect event generation by the default IPS event definition, a scenario that may occur in deployments that include Security Gateways of versions prior to R70

Correct Answer: D QUESTION 130
You are trying to configure Directional VPN Rule Match in the Rule Base. But the match column does not have the option to see the directional match. You see the following window. What must you enable to see the Directional match?
A. VPN Directional Match on the Gateway object’s VPN tab
B. Advanced Routing on each Security Gateway
C. VPN Directional Match on the VPN advanced Window, m Global Properties
D. Directional_match (True) in the objects_5_0 file on Security management Server

Correct Answer: C QUESTION 131
You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm’s business partners. Which SmartConsole application should you use to confirm your suspicions?
A. SmartDashboard
B. SmartView Tracker
C. SmartUpdate
D. SmartView Status

Correct Answer: B

Flydumps Checkpoint 156-915 exam dumps are audited by our certified subject matter experts and published authors for development. Flydumps Checkpoint 156-915 exam dumps are one of the highest quality Checkpoint 156-915 Q&As in the world. It covers nearly 96% real questions and answers, including the entire testing scope. Flydumps guarantees you pass Checkpoint 156-915 exam at first attempt.