CheckPoint 156-215.13 Online Practice Questions and Exam Preparation

CheckPoint 156-215.13 Online Questions & Answers

• Question 111:

  Where can you find the Check Point's SNMP MIB file?

  A. $CPDIR/lib/snmp/chkpt.mib
  B. There is no specific MIB file for Check Point products.
  C. $FWDIR/conf/snmp.mib
  D. It is obtained only by request from the TAC.
  A. $CPDIR/lib/snmp/chkpt.mib

• Question 112:

  Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?

  A. Bridge
  B. High Availability
  C. Load Sharing
  D. Fail Open
  A. Bridge

• Question 113:

  John is the Security Administrator in his company. He installs a new R76 Security Management Server and a new R76 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message

  in SmartDashboard "Trust established"

  SIC still does not seem to work because the policy won't install and interface fetching does not work. What might be a reason for this?

  A. It always works when the trust is established
  B. This must be a human error.
  C. SIC does not function over the network.
  D. The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid.
  D. The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid.

• Question 114:

  Users with Identity Awareness Agent installed on their machines login with , so that when the user logs into the domain, that information is also used to meet Identity Awareness credential requests.

  A. ICA Certificates
  B. Key-logging
  C. SecureClient
  D. Single Sign-On
  D. Single Sign-On

• Question 115:

  The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

  A. You can limit the authentication attempts in the User Properties' Authentication tab.
  B. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
  C. You can only use the rule for Telnet, FTP, SMTP, and rlogin services.
  D. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
  D. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.

• Question 116:

  A third-shift Security Administrator configured and installed a new Security Policy early this morning. When you arrive, he tells you that he has been receiving complaints that Internet access is very slow. You suspect the Security Gateway virtual memory might be the problem. Which SmartConsole component would you use to verify this?

  A. SmartView Tracker
  B. This information can only be viewed with the command fw ctl pstat from the CLI.
  C. SmartView Monitor
  D. Eventia Analyzer
  C. SmartView Monitor

• Question 117:

  What statement is true regarding Visitor Mode?

  A. All VPN traffic is tunneled through UDP port 4500.
  B. VPN authentication and encrypted traffic are tunneled through port TCP 443.
  C. Only ESP traffic is tunneled through port TCP 443.
  D. Only Main mode and Quick mode traffic are tunneled on TCP port 443.
  B. VPN authentication and encrypted traffic are tunneled through port TCP 443.

• Question 118:

  You find a suspicious FTP site trying to connect to one of your internal hosts. How do you block it in real time and verify it is successfully blocked? Highlight the suspicious connection in SmartView Tracker:

  A. Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view.
  B. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as "dropped".
  C. Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as "dropped".
  D. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
  D. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.

• Question 119:

  How can you recreate the Security Administrator account, which was created during initial Management Server installation on SecurePlatform?

  A. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.
  B. Launch SmartDashboard in the User Management screen, and delete the cpconfig administrator.
  C. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Administrator Account portion of the file. You will be prompted to create a new account.
  D. Type cpm -a, and provide the existing Administrator's account name. Reset the Security Administrator's password.
  A. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name.

• Question 120:

  You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on SecurePlatform. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on SecurePlatform. Where can you view them? Give the BEST answer.

  A. /etc/conf/route.C
  B. /etc/sysconfig/network-scripts/ifcfg-ethx
  C. /etc/sysconfig/netconf.C
  D. /etc/sysconfig/network
  C. /etc/sysconfig/netconf.C